446731 matches found
CVE-2026-54105 U.S. GAO EPDS and CBCA EDS user information disclosure
The U.S. Government Accountability Office GAO Electronic Protest Docketing System EPDS and Civilian Board of Contract Appeals CBCA Electronic Docketing System EDS expose sensitive account information through the 'update-profile/' API endpoint. A remote, unauthenticated attacker can submit a reque...
CVE-2026-54105
The CVE concerns CVE-2026-54105 affecting the GAO EPDS and CBCA EDS systems. The vulnerability arises from the update-profile/ API endpoint, where a remote, unauthenticated attacker can supply an arbitrary user_id and receive a JSON response containing account-specific information, including the ...
EUVD-2026-37912
The U.S. Government Accountability Office GAO Electronic Protest Docketing System EPDS and Civilian Board of Contract Appeals CBCA Electronic Docketing System EDS expose sensitive account information through the 'update-profile/' API endpoint. A remote, unauthenticated attacker can submit a reque...
CVE-2026-54103
CVE-2026-54103 affects GAO EPDS and CBCA EDS, where the /update-profile/N endpoint does not require authentication for password changes. The vulnerability allows a remote attacker to change an arbitrary user’s password without credentials. This result is supported by the CVSS data indicating high...
EUVD-2026-37910
The U.S. Government Accountability Office GAO Electronic Protest Docketing System EPDS and Civilian Board of Contract Appeals CBCA Electronic Docketing System EDS does not authenticate password change requests to the '/update-profile/N' API endpoint. A remote, unauthenticated attacker could chang...
CVE-2026-54103
The U.S. Government Accountability Office GAO Electronic Protest Docketing System EPDS and Civilian Board of Contract Appeals CBCA Electronic Docketing System EDS does not authenticate password change requests to the '/update-profile/N' API endpoint. A remote, unauthenticated attacker could chang...
CVE-2026-54103 U.S. GAO EPDS and CBCA EDS unauthenticated password change
The U.S. Government Accountability Office GAO Electronic Protest Docketing System EPDS and Civilian Board of Contract Appeals CBCA Electronic Docketing System EDS does not authenticate password change requests to the '/update-profile/N' API endpoint. A remote, unauthenticated attacker could chang...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.64 bug fix and security update
Red Hat OpenShift Container Platform release 4.16.64 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...
SUSE-SU-2026:2458-1 Security update for dnsmasq
This update for dnsmasq fixes the following issues - CVE-2026-2291: VU471747: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect bsc1258251. - CVE-2026-4890: DoS vulnerability in the DNSSEC validation bsc1265001. - CVE-2026-4891: heap-based out-of-bounds read...
SUSE-SU-2026:22160-1 Security update for unbound
This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. - CVE-2026-40622: "Ghost domain name" variant bsc1265581. - CVE-2026-41292: Parsing a long list of...
ROOT-APP-MAVEN-CVE-2024-38821 CVE-2024-38821 in io.root.org.springframework.security:spring-security-web - Patched by Root
Root has patched CVE-2024-38821 in the io.root.org.springframework.security:spring-security-web package for Root:Maven. Multiple fixed versions available...
RHSA-2026:26994 Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
Bulletin has no description...
RHSA-2026:26709 Red Hat Security Advisory: xorg-x11-server security, bug fix, and enhancement update
Bulletin has no description...
RHSA-2026:26639 Red Hat Security Advisory: redhat-ds:12 security update
Bulletin has no description...
RHSA-2026:26638 Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
Bulletin has no description...
RHSA-2026:26630 Red Hat Security Advisory: firefox security update
Bulletin has no description...
RHSA-2026:26629 Red Hat Security Advisory: firefox security update
Bulletin has no description...
RHSA-2026:26610 Red Hat Security Advisory: xorg-x11-server security, bug fix, and enhancement update
Bulletin has no description...
RHSA-2026:26599 Red Hat Security Advisory: redhat-ds:12 security update
Bulletin has no description...
RHSA-2026:26606 Red Hat Security Advisory: firefox security update
Bulletin has no description...