CVE-2025-8839 jshERP Endpoint addUser improper authorization

A vulnerability was found in jshERP up to 3.5. This issue affects some unknown processing of the file /jshERP-boot/user/addUser of the component Endpoint. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may b...

PT-2024-26969 · Kanboard +1 · Kanboard +1

Name of the Vulnerable Software and Affected Versions: Kanboard versions prior to 1.2.37 Description: The issue is related to the Kanban methodology-based project management software, Kanboard. It involves a vulnerability in the addUser function within the ProjectPermissionController.php file...

The vulnerability of the adduser utility in the Astra Linux operating system, which allows a hacker to trigger a service failure.

The vulnerability of the adduser utility in the Astra Linux operating system is related to an error in assigning mandatory integrity attributes, which prevents access to the user’s home directory. When creating a user, a level of integrity other than 0 was set for their home directory. Exploiting...