Lucene search
K

52 matches found

NVD
NVD
added 2026/06/24 9:16 p.m.9 views

CVE-2026-52808

Gogs is an open source self-hosted Git service. Prior to 0.14.3, three API endpoints — PATCH /api/v1/repos/:owner/:repo/issue-tracker, PATCH /api/v1/repos/:owner/:repo/wiki, and POST /api/v1/repos/:owner/:repo/mirror-sync — are gated by reqRepoWriter rather than reqRepoAdmin. The equivalent...

7.1CVSS0.00478EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/24 8:20 p.m.5 views

CVE-2026-52804

Gogs is an open source self-hosted Git service. Prior to 0.14.3, a repository admin collaborator can escalate their privileges to owner-level access by exploiting an off-by-one error in the ChangeCollaborationAccessMode function. This vulnerability is fixed in 0.14.3...

7CVSS5.9AI score0.00499EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/24 8:20 p.m.11 views

CVE-2026-52804

Summary (concrete details from provided sources): CVE-2026-52804 affects Gogs prior to 0.14.3, enabling a repository admin collaborator to escalate to owner-level access through an off-by-one error in ChangeCollaborationAccessMode. The vulnerability is triggered via mode=4 (Owner) being accepted ...

7CVSS5.9AI score0.00499EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 8:20 p.m.31 views

CVE-2026-52804 Gogs: Privilege Escalation via Collaboration Access Mode Validation

Gogs is an open source self-hosted Git service. Prior to 0.14.3, a repository admin collaborator can escalate their privileges to owner-level access by exploiting an off-by-one error in the ChangeCollaborationAccessMode function. This vulnerability is fixed in 0.14.3...

7CVSS0.00499EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/23 4:52 p.m.7 views

Gogs Vulnerable to Privilege Escalation via Collaboration Access Mode Validation

Summary A repository admin collaborator can escalate their privileges to owner-level access by exploiting an off-by-one error in the ChangeCollaborationAccessMode function. Vulnerable Code In internal/database/repocollaboration.go, line 129: go func r Repository ChangeCollaborationAccessModeuserI...

7CVSS5.9AI score0.00499EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/23 4:52 p.m.5 views

GHSA-4565-R4X7-HG8J Gogs Vulnerable to Privilege Escalation via Collaboration Access Mode Validation

Summary A repository admin collaborator can escalate their privileges to owner-level access by exploiting an off-by-one error in the ChangeCollaborationAccessMode function. Vulnerable Code In internal/database/repocollaboration.go, line 129: go func r Repository ChangeCollaborationAccessModeuserI...

7CVSS5.9AI score0.00499EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.9 views

PT-2026-51622

Name of the Vulnerable Software and Affected Versions Gogs affected versions not specified Description A repository admin collaborator can escalate their privileges to owner-level access due to an off-by-one error in the ChangeCollaborationAccessMode function. This occurs because the validation...

7CVSS5.9AI score0.00499EPSS
Exploits0References12
OSV
OSV
added 2026/06/09 2:16 p.m.10 views

UBUNTU-CVE-2026-52906

In the Linux kernel, the following vulnerability has been resolved: 9p: fix access mode flags being ORed instead of replaced Since commit 1f3e4142c0eb "9p: convert to the new mount API", v9fsapplyoptions applies parsed mount flags with |= onto flags already set by v9fssessioninit. For 9P2000.L,...

7.7CVSS5.3AI score0.00121EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/09 12:36 p.m.11 views

EUVD-2026-35415

In the Linux kernel, the following vulnerability has been resolved: 9p: fix access mode flags being ORed instead of replaced Since commit 1f3e4142c0eb "9p: convert to the new mount API", v9fsapplyoptions applies parsed mount flags with |= onto flags already set by v9fssessioninit. For 9P2000.L,...

5.4AI score0.00121EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 12:36 p.m.30 views

CVE-2026-52906 9p: fix access mode flags being ORed instead of replaced

In the Linux kernel, the following vulnerability has been resolved: 9p: fix access mode flags being ORed instead of replaced Since commit 1f3e4142c0eb "9p: convert to the new mount API", v9fsapplyoptions applies parsed mount flags with |= onto flags already set by v9fssessioninit. For 9P2000.L,...

7.7CVSS0.00121EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/09 12:36 p.m.10 views

CVE-2026-52906

In the Linux kernel, the following vulnerability has been resolved: 9p: fix access mode flags being ORed instead of replaced Since commit 1f3e4142c0eb "9p: convert to the new mount API", v9fsapplyoptions applies parsed mount flags with |= onto flags already set by v9fssessioninit. For 9P2000.L,...

7.7CVSS5.3AI score0.00121EPSS
Exploits0
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, where the access mode flag is set using an OR operation instead of a replacement. This vulnerability may prevent...

7.7CVSS5.3AI score0.00121EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-47792

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the 9p filesystem implementation, the v9fs apply options function incorrectly applies parsed mount flags using a bitwise OR operation instead of replacing existing flags. For 9P2000.L...

9.8CVSS5.3AI score0.00525EPSS
Exploits0References330
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect setting of a special inode in hfsplus as of the SIFREG type, potentially leading to...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/01/15 8:14 p.m.10 views

Pepr Has Overly Permissive RBAC ClusterRole in Admin Mode

Severity: LOW Target: /workspace/pepr/src/lib/assets/rbac.ts Endpoint: Kubernetes RBAC configuration Method: Deployment Response / Rationale Pepr defaults to rbacMode: "admin" because the initial experience is designed to be frictionless for new users. This mode ensures that users can deploy and...

4.3CVSS6.6AI score0.00227EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2025/12/08 3:31 a.m.6 views

EUVD-2025-201643

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...

6.2AI score0.00161EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-5864

Malware in sbrugna...

6.6CVSS6.6AI score0.00323EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 a.m.9 views

CVE-2019-14716

Verifone VerixV Pinpad Payment Terminals with QT000530 have an undocumented physical access mode aka VerixV shell.out...

6.6CVSS6.8AI score0.00323EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:6 a.m.10 views

CVE-2019-13945

A vulnerability has been identified in SIMATIC S7-1200 CPU family incl. SIPLUS variants All versions, SIMATIC S7-1200 CPU family V4.x incl. SIPLUS variants All versions, SIMATIC S7-1200 CPU family V4.x incl. SIPLUS variants All versions with Function State FS 11, SIMATIC S7-200 SMART CPU CR20s 6E...

6.8CVSS6.5AI score0.00532EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 6:15 p.m.3 views

UBUNTU-CVE-2024-49937

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Set correct chandef when starting CAC When starting CAC in a mode other than AP mode, it return a "WARNING: CPU: 0 PID: 63 at cfg80211chandefdfsusable+0x20/0xaf cfg80211" caused by the chandef.chan being null at t...

5.5CVSS6.2AI score0.00234EPSS
Exploits0References23
Rows per page
Query Builder