94 matches found
EUVD-2026-9393
Files or Directories Accessible to External Parties, Incorrect Permission Assignment for Critical Resource vulnerability in Hallo Welt! GmbH BlueSpice Extension:NSFileRepo modules allows Accessing Functionality Not Properly Constrained by ACLs, Bypassing Electronic Locks and Access Controls.This...
CVE-2026-24732
Files or Directories Accessible to External Parties, Incorrect Permission Assignment for Critical Resource vulnerability in Hallo Welt! GmbH BlueSpice Extension:NSFileRepo modules allows Accessing Functionality Not Properly Constrained by ACLs, Bypassing Electronic Locks and Access Controls.This...
CVE-2026-24732
Files or Directories Accessible to External Parties, Incorrect Permission Assignment for Critical Resource vulnerability in Hallo Welt! GmbH BlueSpice Extension:NSFileRepo modules allows Accessing Functionality Not Properly Constrained by ACLs, Bypassing Electronic Locks and Access Controls.This...
CVE-2026-24732
CVE-2026-24732 affects Hallo Welt! GmbH BlueSpice Extension:NSFileRepo, with vulnerable versions 5.1–5.1.5 and 5.2–5.2.0. The issue is improper permission checks in the extension, allowing access to functionality not properly constrained by ACLs and bypassing electronic locks and access controls....
CVE-2026-24732 Improper permission checks in Extension:NSFileRepo
Files or Directories Accessible to External Parties, Incorrect Permission Assignment for Critical Resource vulnerability in Hallo Welt! GmbH BlueSpice Extension:NSFileRepo modules allows Accessing Functionality Not Properly Constrained by ACLs, Bypassing Electronic Locks and Access Controls.This...
CVE-2026-24732 Improper permission checks in Extension:NSFileRepo
Files or Directories Accessible to External Parties, Incorrect Permission Assignment for Critical Resource vulnerability in Hallo Welt! GmbH BlueSpice Extension:NSFileRepo modules allows Accessing Functionality Not Properly Constrained by ACLs, Bypassing Electronic Locks and Access Controls.This...
PT-2026-22907
Name of the Vulnerable Software and Affected Versions Hallo Welt! GmbH BlueSpice versions 5.1 through 5.1.5 Hallo Welt! GmbH BlueSpice versions 5.2 through 5.2.0 Description An issue exists in the Extension:NSFileRepo modules of BlueSpice that allows access to functionality not properly constrain...
Hallo Welt! BlueSpice 安全漏洞
Hello Welt! BlueSpice is a corporate knowledge base management software developed by the German company Hallo Welt!. There is a security vulnerability in BlueSpice, which stems from improper permission allocation for files and directories that are accessible from outside, as well as critical...
EUVD-2022-34769
Malicious code in bioql PyPI...
EUVD-2022-34768
Malicious code in bioql PyPI...
EUVD-2022-43229
Malicious code in bioql PyPI...
EUVD-2022-45103
Malicious code in bioql PyPI...
EUVD-2022-44958
Malicious code in bioql PyPI...
CVE-2025-58114
Improper Input Validation vulnerability in Hallo Welt! GmbH BlueSpice Extension:CognitiveProcessDesigner allows Cross-Site Scripting XSS.This issue affects BlueSpice: from 5 through 5.1.1...
CVE-2025-57880
Improper Encoding or Escaping of Output vulnerability in Hallo Welt! GmbH BlueSpice Extension:BlueSpiceWhoIsOnline allows Cross-Site Scripting XSS. This issue affects BlueSpice: from 5 through 5.1.1...
CVE-2025-46703
Improper Encoding or Escaping of Output vulnerability in Hallo Welt! GmbH BlueSpice Extension:AtMentions allows Cross-Site Scripting XSS. This issue affects BlueSpice: from 5 through 5.1.1...
CVE-2025-48007
Improper Encoding or Escaping of Output vulnerability in Hallo Welt! GmbH BlueSpice Extension:BlueSpiceAvatars allows Cross-Site Scripting XSS. This issue affects BlueSpice: from 5 through 5.1.1...
CVE-2025-58114
Improper Input Validation vulnerability in Hallo Welt! GmbH BlueSpice Extension:CognitiveProcessDesigner allows Cross-Site Scripting XSS.This issue affects BlueSpice: from 5 through 5.1.1...
CVE-2025-58114
Improper Input Validation vulnerability in Hallo Welt! GmbH BlueSpice Extension:CognitiveProcessDesigner allows Cross-Site Scripting XSS.This issue affects BlueSpice: from 5 through 5.1.1...
CVE-2025-57880
Improper Encoding or Escaping of Output vulnerability in Hallo Welt! GmbH BlueSpice Extension:BlueSpiceWhoIsOnline allows Cross-Site Scripting XSS. This issue affects BlueSpice: from 5 through 5.1.1...