CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

353 matches found

RedhatCVE•added 2026/06/05 7:13 p.m.•6 views

CVE-2026-48188

An improper Input Validation vulnerability in OTRS or OTRS Community Edition database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if the MySQL/MariaDB server is configured with the NOBACKSLASHESCAPES SQL mode...

9.1CVSS5.6AI score0.00299EPSS

Exploits1References1

NVD•added 2026/06/01 4:16 a.m.•10 views

CVE-2026-48189

An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and CustomerGroupSupport has to be used to be affected. This issue affects OTRS: 7.0.X 8.0.X 2023.X...

5.7CVSS0.00198EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в samba, heimdal

A null pointer de-reference was detected in the way the Samba Kerberos server handled the absence of the sname in the TGS-REQ Ticket Granting Server – Request. A authenticated user could exploit this flaw to crash the Samba server...

6.5CVSS6.4AI score0.02025EPSS

Exploits0References2

EUVD•added 2026/03/23 9:30 p.m.•3 views

EUVD-2025-208946

A Cross-Site Scripting XSS vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter...

5.8AI score0.00292EPSS

Exploits1References4

RedhatCVE•added 2026/01/09 10:27 a.m.•8 views

CVE-2008-7277

Open Ticket Request System OTRS before 2.3.0-beta4 checks for the rw permission, instead of the configured merge permission, during authorization of merge operations, which might allow remote authenticated users to bypass intended access restrictions by merging two tickets...

6.5CVSS6.7AI score0.01508EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:27 a.m.•6 views

CVE-2008-7283

Open Ticket Request System OTRS before 2.2.6, when customer group support is enabled, allows remote authenticated users to bypass intended access restrictions and perform web-interface updates to tickets by leveraging queue read permissions...

6CVSS6.5AI score0.00898EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:18 a.m.•6 views

CVE-2019-18179

An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker doesn'...

4.3CVSS6.6AI score0.01313EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:30 a.m.•7 views

CVE-2019-16375

An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.11, and Community Edition 5.0.x through 5.0.37 and 6.0.x through 6.0.22. An attacker who is logged in as an agent or customer user with appropriate permissions can create a carefully crafted string containing malicious...

5.4CVSS6.8AI score0.01123EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:29 a.m.•6 views

CVE-2019-12497

An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. In the customer or external frontend, personal information of agents e.g., Name and mail address can be disclosed in external notes...

5.3CVSS6.6AI score0.02008EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2010-4731

Malware in sbrugna...

4.3CVSS6.2AI score0.01092EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2018-9624

Malware in sbrugna...

6.1CVSS6.1AI score0.00443EPSS

Exploits0References3