CVE-2026-35083 Stack buffer overflow in method bac-deviceobject

A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root...

CVE-2026-35083 Stack buffer overflow in method bac-deviceobject

A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root...

EUVD-2026-34072

The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

CVE-2026-35076

The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

CVE-2026-35076 Arbitrary file delete vulnerability in method bac-scanresult

The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

CVE-2026-35076 Arbitrary file delete vulnerability in method bac-scanresult

The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

CVE-2026-35076

CVE-2026-35076 describes an arbitrary local file delete vulnerability in the bac-scanresult method caused by insufficient validation of user-controlled input. The issue allows a remote attacker with user privileges to delete arbitrary local files. The provided metrics indicate a high-severity imp...

PT-2026-45917

The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

EUVD-2016-5482

Malware in sbrugna...

MAL-2025-9805 Malicious code in @zalastax/nolb-_bac (npm)

The package @zalastax/nolb-bac was found to contain malicious code...

recherche-collection-search.bac-lac.gc.ca Cross Site Scripting vulnerability OBB-3178473

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploit for Improper Access Control in Webmin

golang-webmin-CVE-2022-0824-revshell RCE in Webmin target ur...

WooCommerce < 6.6.0 - Admin+ Stored HTML Injection

The plugin is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles PoC Go to WooCommerce - Settings - Payments tab, enable BAC Bank Account Transfers and edit the title in the setup dialog. HTML can be injected there, and will be rendered both f...

WooCommerce < 6.6.0 - Admin+ Stored HTML Injection

The plugin is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles Go to WooCommerce - Settings - Payments tab, enable BAC Bank Account Transfers and edit the title in the setup dialog. HTML can be injected there, and will be rendered both for...

CVE-2021-43393

STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed...

Atlassian Jira Access Control Error Vulnerability (CNVD-2021-103654)

Atlassian Jira is a defect tracking management system from Atlassian Australia. Atlassian Jira is vulnerable to an access control error that occurs when a network system or product does not properly restrict access to resources from unauthorized roles. A remote attacker could exploit this...

CVE-2021-39127

Vulnerability: Atlassian Jira Server/Data Center exposes a Broken Access Control (BAC) vulnerability in the JQL query endpoint. Affected versions:

CVE-2021-39127

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to the query component JQL endpoint via a Broken Access Control vulnerability BAC vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1...

All Vulnerabilities for songoaivu.bacninh.gov.vn Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| songoaivu.bacninh.gov.vn ---|--- Open B...

bac-jussieu.com Cross Site Scripting vulnerability OBB-1265325

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...