Lucene search
K

11 matches found

CVE
CVE
added yesterday8 views

CVE-2026-53445

CVE-2026-53445 (Wekan) : Affected component is Wekan’s copyBoard DDP publication (server/publications/boards.js). Before version 9.32, the copy operation copied a board by caller-supplied boardId without validating this.userId, membership, or admin access, enabling any authenticated user to copy ...

7.1CVSS6.1AI score0.00041EPSS
Exploits0References3
CVE
CVE
added yesterday5 views

CVE-2026-52892

Summary: CVE-2026-52892 affects Wekan, an open‑source Kanban app built on Meteor. Before version 9.32, REST handlers in server/models/customFields.js checked read‑level access (Authentication.checkBoardAccess) for mutating custom-field routes, instead of write‑level access (Authentication.checkBo...

6.5CVSS6.1AI score0.00049EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-5864

Malware in sbrugna...

7.4CVSS7.5AI score0.01036EPSS
Exploits0References3
OSV
OSV
added 2018/02/22 10:29 p.m.5 views

CVE-2018-6489

XML External Entity XXE vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability can be exploited to allow XML External Entity XXE...

9.8CVSS5.8AI score0.01262EPSS
Exploits0References1
Prion
Prion
added 2018/02/22 10:29 p.m.13 views

Xxe

XML External Entity XXE vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability can be exploited to allow XML External Entity XXE...

7.5CVSS9.3AI score0.01262EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/02/22 10:0 p.m.17 views

CVE-2018-6489

XML External Entity XXE vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability can be exploited to allow XML External Entity XXE...

9.4AI score0.01262EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/02/15 10:0 p.m.17 views

CVE-2017-8993

A Remote Cross-Site Scripting vulnerability in HPE Project and Portfolio Management PPM version v9.30, v9.31, v9.32, v9.40 was found...

5.5AI score0.00792EPSS
Exploits0References3
Prion
Prion
added 2017/12/13 1:29 a.m.15 views

Design/Logic Flaw

Man-In-The-Middle vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability could be exploited to allow a Man-in-the-middle attack...

5.8CVSS7.3AI score0.01036EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/12/13 1:29 a.m.17 views

Cross site request forgery (csrf)

Cross-Site Request Forgery vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability could be exploited to allow a Cross-Site Forgery attack...

6.8CVSS7AI score0.00497EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/12/13 1:0 a.m.19 views

CVE-2017-14362 MFSBGN03793 rev.1 - Project and Portfolio Management Center, Multiple vulnerabilities

Cross-Site Request Forgery vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability could be exploited to allow a Cross-Site Forgery attack...

7.3CVSS7.2AI score0.00497EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2016/12/13 10:59 p.m.47 views

CVE-2016-2334

Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image...

9.3CVSS7.4AI score0.14742EPSS
Exploits3References3
Rows per page
Query Builder