Lucene search
K

23 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-10286

Malware in sbrugna...

6.5CVSS7.3AI score0.00781EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-1172

Malware in sbrugna...

6.5CVSS6.5AI score0.00882EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 9:19 p.m.4 views

CVE-2021-23176

Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...

6.5CVSS6.2AI score0.00781EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:4 a.m.7 views

CVE-2019-0399

SAP Portfolio and Project Management, before versions S4CORE 102, 103, EPPM 100 and CPRXRPM 500702, 600740, 610740; unintentionally allows a user to discover accounting information of the Projects in Project dashboard, leading to Information Disclosure...

6.5CVSS6.6AI score0.00882EPSS
Exploits0References1
OSV
OSV
added 2024/03/06 11:1 a.m.12 views

BIT-ODOO-2021-23176

Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...

6.5CVSS6.3AI score0.00781EPSS
Exploits0References3
Fedora
Fedora
added 2023/10/09 10:27 p.m.48 views

[SECURITY] Fedora 39 Update: tacacs-F4.0.4.28.7fb~20231005g4fdf178-1.fc39

Tacacs+ tacplus is a C daemon that authenticates requests via the Tacacs+ Protocol and logs accounting information. This is a fork of Cisco + Shruberry's Tacacs+ daemons http://www.shrubbery.net/tacplus/...

9.8CVSS9.5AI score0.01813EPSS
Exploits1
Veracode
Veracode
added 2023/07/22 9:44 a.m.19 views

Improper Access Control

odoo is vulnerable to Improper Access Control. The vulnerability exists in reporting engine of l10nfrfec module, which allows an attacker to extract accounting information via crafted RPC packets...

6.5CVSS6.6AI score0.00781EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2023/04/25 7:15 p.m.34 views

CVE-2021-23176

Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...

6.5CVSS6.4AI score0.00781EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/04/25 7:15 p.m.25 views

CVE-2021-23176

Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...

6.5CVSS6.9AI score0.00781EPSS
Exploits0References2
Prion
Prion
added 2023/04/25 7:15 p.m.15 views

Improper access control

Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...

4CVSS6.3AI score0.00781EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/25 6:32 p.m.18 views

CVE-2021-23176

Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...

6.5CVSS6.1AI score0.00781EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/04/25 6:32 p.m.28 views

CVE-2021-23176

Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...

6.5CVSS6.6AI score0.00781EPSS
Exploits0References2
CVE
CVE
added 2023/04/25 6:32 p.m.49 views

CVE-2021-23176

CVE-2021-23176 affects Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier. The vulnerability is due to improper access control in the l10n_fr_fec reporting engine, allowing remote authenticated users to extract accounting information via crafted RPC packets. Affected products an...

6.5CVSS6.2AI score0.00781EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2023/04/25 6:32 p.m.26 views

CVE-2021-23176

Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...

6.5CVSS6.5AI score0.00781EPSS
Exploits0
NVD
NVD
added 2022/11/01 1:15 p.m.27 views

CVE-2022-42325

Xenstore: Guests can create arbitrary number of nodes via transactions This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. In case a node has been created in a transaction and it is later deleted in the same transaction, t...

5.5CVSS0.00277EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2022/11/01 1:15 p.m.45 views

CVE-2022-42325

Xenstore: Guests can create arbitrary number of nodes via transactions This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. In case a node has been created in a transaction and it is later deleted in the same transaction, t...

5.5CVSS6.1AI score0.00277EPSS
Exploits0References5
Prion
Prion
added 2022/11/01 1:15 p.m.18 views

Design/Logic Flaw

Xenstore: Guests can create arbitrary number of nodes via transactions This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. In case a node has been created in a transaction and it is later deleted in the same transaction, t...

1.7CVSS5.7AI score0.00277EPSS
Exploits0References8Affected Software3
Prion
Prion
added 2022/11/01 1:15 p.m.25 views

Design/Logic Flaw

Xenstore: Guests can create arbitrary number of nodes via transactions This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. In case a node has been created in a transaction and it is later deleted in the same transaction, t...

1.7CVSS5.7AI score0.00277EPSS
Exploits0References8Affected Software3
CVE
CVE
added 2022/11/01 12:0 a.m.87 views

CVE-2022-42325

CVE-2022-42325 concerns Xenstore in the Xen hypervisor. A vulnerability allows a malicious guest to create an arbitrary number of Xenstore nodes when a node is created in a transaction and later deleted in the same transaction; if the transaction is finalized with an error, it completes partially...

5.5CVSS6.8AI score0.00277EPSS
Exploits0References8Affected Software1
Prion
Prion
added 2019/12/11 10:15 p.m.14 views

Information disclosure

SAP Portfolio and Project Management, before versions S4CORE 102, 103, EPPM 100 and CPRXRPM 500702, 600740, 610740; unintentionally allows a user to discover accounting information of the Projects in Project dashboard, leading to Information Disclosure...

4CVSS6.3AI score0.00882EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder