9 matches found
DEBIAN-CVE-2025-66423
Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...
EUVD-2019-0144
Malware in sbrugna...
EUVD-2006-7181
Malware in sbrugna...
EUVD-2023-2510
Malicious code in bioql PyPI...
CVE-2025-48474 FreeScout Vulnerable to Insufficient Authorization
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application incorrectly checks user access rights for conversations. Users with showonlyassignedconversations enabled can assign themselves to an arbitrary conversation from the mailbox to which they have...
PT-2025-23178 · Freescout · Freescout
Name of the Vulnerable Software and Affected Versions: FreeScout versions prior to 1.8.180 Description: The application incorrectly checks user access rights for conversations. Users with show only assigned conversations enabled can assign themselves to an arbitrary conversation from the mailbox ...
TeamPass does not properly check whether a folder is in a user's allowed folders list
TeamPass before 3.1.3.1, when retrieving information about access rights for a folder, does not properly check whether a folder is in a user's allowed folders list that has been defined by an admin...
PT-2023-25395 · Tuleap · Tuleap
Name of the Vulnerable Software and Affected Versions: Tuleap versions prior to 14.9.99.63 Description: The issue occurs when switching from a project visibility that allows restricted users to Private without restricted, where restricted users that are project administrators retain their access...
CVE-2008-0807
CVE-2008-0807 affects Turba 2 (turba2) Contact Manager H3 2.1.x before 2.1.7 and 2.2.x before 2.2-RC3, deployed in Horde Groupware before 1.0.4 and Horde Groupware Webmail Edition before 1.0.5. The flaw in lib/Driver/sql.php fails to properly check access rights, allowing remote authenticated use...