148 matches found
CVE-2026-49376
In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin...
JetBrains TeamCity < 2026.1 Multiple Vulnerabilities
The version of JetBrains TeamCity installed on the remote host is prior to 2026.1. It is, therefore, affected by multiple vulnerabilities: - In JetBrains TeamCity before 2026.1 remote code execution was possible via Perforce connection settings CVE-2026-49373 - In JetBrains TeamCity before 2026.1...
CVE-2026-49376
In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin...
CVE-2026-49376
In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin...
CVE-2026-49376
CVE-2026-49376 affects JetBrains TeamCity prior to 2026.1 via the SAML plugin , where the root cause is insufficient username validation . The vulnerability is exploitable remotely over the network with low complexity and no privileges or user interaction required, and it has a confidentiality/ i...
CVE-2026-49376
In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin...
EUVD-2026-33384
In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin...
CVE-2026-49376
In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin...
JetBrains TeamCity 安全漏洞
JetBrains TeamCity is a set of distributed build management and continuous integration tools developed by the Czech company JetBrains. This tool offers features such as continuous unit testing, code quality analysis, and reporting on build issues. Versions of JetBrains TeamCity prior to 2026.1...
openssh security update
8.7p1-49.0.1 - Upstream references found with /usr/bin/ssh Orabug: 37814929 - upstream: fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand Orabug: 37647064 - Update upstream references Orabug: 36564626 8.7p1-49 - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in...
Revive Adserver: Stored XSS via malicious usernames in audit log details + Username validation bypass in XML‑RPC addUser
Vulnerability description not provided...
PT-2026-33064
Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.2.2 Splunk Enterprise versions prior to 10.0.5 Splunk Enterprise versions prior to 9.4.10 Splunk Enterprise versions prior to 9.3.11 Splunk Cloud Platform versions prior to 10.4.2603.0 Splunk Cloud Platfo...
GHSA-F346-8RP3-4H9H TSPortal's Uncontrolled User Creation via Validation Side Effects Leads to Potential Denial of Service
Summary A flaw in TSPortal allowed attackers to create arbitrary user records in the database by abusing validation logic. While validation correctly rejected invalid usernames, a side effect within a validation rule caused user records to be created regardless of whether the request succeeded...
Wecodex Library CMS SQL注入漏洞
Wecodex Library CMS is a library management system developed by Wecodex Corporation. Version 1.0 of Wecodex Library CMS has a SQL injection vulnerability. This vulnerability stems from insufficient validation of the username parameter input, which may lead to SQL injection attacks...
Wecodex Shipping System CMS SQL注入漏洞
Wecodex Shipping System CMS is a logistics content management system developed by Wecodex Corporation. Version 1.0 of the Wecodex Shipping System CMS has a SQL injection vulnerability. This vulnerability stems from insufficient validation of the username parameter input, which may lead to SQL...
Openbiz PHP Framework SQL注入漏洞
Openbiz PHP Framework is an enterprise-level application development framework developed by jixian2003. Version 3.0.8 of Openbiz PHP Framework contains a SQL injection vulnerability. This vulnerability stems from insufficient input validation for the username parameter, which may lead to SQL...
CVE_choco_3
DESCRIPTION - During the security assessment of "STUDENT WEB...
CVE-2025-70892
Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...
CVE-2023-49069
A vulnerability has been identified in Mendix Runtime V10 All versions V10.17.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.11 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All...
CVE-2025-66296
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a privilege escalation vulnerability exists in Grav’s Admin plugin due to the absence of username uniqueness validation when creating users. A user with the create user permission can create a new account using the same username as an...