9 matches found
CVE-2026-13602
We found a chain of combining multiple weaknesses in the product that could allow an attacker to become any user in the backend and access any data: The payment integration plugins Stripe included in the core system, pretix-mollie, pretix-oppwa, pretix-bitpay, pretix-payone, pretix-secuconnect,...
PT-2026-54631
Name of the Vulnerable Software and Affected Versions pretix versions prior to 2026.5.3 Description A chain of weaknesses allows an attacker to impersonate any user in the backend and access any data. The issue stems from payment integration plugins Stripe, pretix-mollie, pretix-oppwa,...
CVE-2026-9072
IBM WebSphere Application Server and IBM WebSphere Application Server Liberty - when using Intelligent Management with the WebSphere WebServer Plug-in component - are vulnerable to remote code execution and denial of service. This vulnerability can be exploited when an attacker impersonates backe...
CVE-2026-9072
IBM WebSphere Application Server and IBM WebSphere Application Server Liberty - when using Intelligent Management with the WebSphere WebServer Plug-in component - are vulnerable to remote code execution and denial of service. This vulnerability can be exploited when an attacker impersonates backe...
PT-2026-51350
Name of the Vulnerable Software and Affected Versions IBM i versions 7.3 through 7.6 IBM WebSphere Application Server affected versions not specified IBM WebSphere Application Server Liberty affected versions not specified Description Remote code execution and denial of service are possible when...
CVE-2025-32057
The Infotainment ECU manufactured by Bosch which is installed in Nissan Leaf ZE1 – 2020 uses a Redbend service for over-the-air provisioning and updates. HTTPS is used for communication with the back-end server. Due to usage of the default configuration for the underlying SSL engine, the server...
CVE-2025-32057 Misconfigured SSL/TLS communication of Redbend service for Infotainment ECU
The Infotainment ECU manufactured by Bosch which is installed in Nissan Leaf ZE1 – 2020 uses a Redbend service for over-the-air provisioning and updates. HTTPS is used for communication with the back-end server. Due to usage of the default configuration for the underlying SSL engine, the server...
Bosch Infotainment ECU security vulnerabilities
The Bosch Infotainment ECU is an in-car entertainment system developed by the German company Bosch. There is a security vulnerability in the Bosch Infotainment ECU. This vulnerability stems from the SSL engine using a default configuration, which results in the server root certificates not being...
CVE-2024-28120 API key leak in codeium-chrome
codeium-chrome is an open source code completion plugin for the chrome web browser. The service worker of the codeium-chrome extension doesn't check the sender when receiving an external message. This allows an attacker to host a website that will steal the user's Codeium api-key, and thus...