Lucene search
K

462 matches found

OSV
OSV
added 2026/07/06 10:30 p.m.5 views

CVE-2026-53640 FOSSBilling missing authorization checks on read-only admin API endpoints expose sensitive staff, client, and redirect data

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, low-privileged staff accounts may read sensitive data via admin API endpoints that lack permission checks. While sibling write endpoints correctly enforce fine-grained permissions, the corresponding...

2.3CVSS6AI score0.00226EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.9 views

PT-2026-56035

Name of the Vulnerable Software and Affected Versions FOSSBilling versions 0.5.6 through 0.7.2 Description When the Require Email Confirmation setting is enabled, a logged-in client with an unverified email address, indicated by the variable email approved = 0, can bypass page-side enforcement...

5.3CVSS5.9AI score0.00226EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/02 4:6 p.m.36 views

CVE-2026-54891 Plaintext APPLICATION_DATA injected during TLS handshake delivered to client application post-handshake in ssl

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...

6.3CVSS0.00135EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/07/02 4:6 p.m.12 views

CVE-2026-54891 Plaintext APPLICATION_DATA injected during TLS handshake delivered to client application post-handshake in ssl

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...

6.3CVSS5.8AI score0.00135EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/28 1:8 a.m.11 views

SUSE CVE-2026-53305

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ps883x: Fix Oops at unbind When trying to unbind a device in order to bind to it vfio-platform as: echo bc0000.geniqup /sys/bus/platform/devices/bc0000.geniqup/driver/unbind I get the following Oops: 436.478639 Unable...

5.8AI score0.00121EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 7:41 p.m.7 views

EUVD-2026-39840

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ps883x: Fix Oops at unbind When trying to unbind a device in order to bind to it vfio-platform as: echo bc0000.geniqup /sys/bus/platform/devices/bc0000.geniqup/driver/unbind I get the following Oops: 436.478639 Unable...

5.8AI score0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 8:16 p.m.6 views

CVE-2026-27708

FOSSBilling is a free, open-source billing and client management system. In versions 0.7.2 and prior, the Servicecustom Client API's call method accepts an orderid parameter and fetches the associated order without verifying the authenticated client owns it, potentially exposing cross-client data...

7.1CVSS0.00265EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 7:24 p.m.11 views

CVE-2026-27708

FOSSBilling, before 0.8.0, is vulnerable to an IDOR in the Servicecustom Client API: the __call method accepts an order_id and fetches the order without ensuring the authenticated client owns it, enabling cross-client access to other clients’ orders and exposing PII and service configuration data...

7.1CVSS5.8AI score0.00265EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 7:24 p.m.18 views

CVE-2026-27708 FOSSBilling: IDOR in Servicecustom Client API allows cross-client data access

FOSSBilling is a free, open-source billing and client management system. In versions 0.7.2 and prior, the Servicecustom Client API's call method accepts an orderid parameter and fetches the associated order without verifying the authenticated client owns it, potentially exposing cross-client data...

7.1CVSS0.00265EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.15 views

PT-2026-52076

Name of the Vulnerable Software and Affected Versions FOSSBilling versions prior to 0.8.0 Description The Servicecustom Client API's call method accepts an order id parameter and retrieves the associated order without verifying if the authenticated client owns it. This allows an authenticated...

7.1CVSS5.8AI score0.00265EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.8 views

PT-2026-51591

Name of the Vulnerable Software and Affected Versions FOSSBilling versions prior to 0.8.0 Description A query-construction flaw in client list endpoints allows authenticated clients to bypass tenant scoping and retrieve data from other clients. The issue occurs in the getSearchQuery functions of...

7.1CVSS5.8AI score0.00282EPSS
Exploits0References8
CVE
CVE
added 2026/06/09 12:20 a.m.41 views

CVE-2026-44746

An XSS vulnerability (reflected) in SAP NetWeaver Java (JDBC Test Servlet) allows an unauthenticated attacker to craft a URL containing malicious script. If a victim clicks the link, the injected input is processed during web page generation, causing the attacker’s code to run in the victim’s bro...

6.1CVSS5.4AI score0.00199EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/08 1:44 a.m.21 views

tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments

A flaw was found in Tornado. A remote attacker could exploit this vulnerability by injecting specially crafted characters into the domain, path, and samesite arguments when setting cookies. This could lead to cookie attribute injection, potentially allowing for information disclosure or...

7.2CVSS7AI score0.00237EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/05 6:44 p.m.32 views

CVE-2026-46396 HAX CMS has a stored XSS via <iframe> that allows access to sensitive client-side data and account takeover

HAX CMS helps manage microsite universe with PHP or NodeJs backends. A stored cross-site scripting XSS vulnerability exists in versions prior to 26.0.0 due to improper sanitization of elements. The application allows javascript: URIs in the src attribute, which are executed when a malicious page ...

9.3CVSS0.0023EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/05 6:44 p.m.17 views

CVE-2026-46396 HAX CMS has a stored XSS via <iframe> that allows access to sensitive client-side data and account takeover

HAX CMS helps manage microsite universe with PHP or NodeJs backends. A stored cross-site scripting XSS vulnerability exists in versions prior to 26.0.0 due to improper sanitization of elements. The application allows javascript: URIs in the src attribute, which are executed when a malicious page ...

9.3CVSS5.5AI score0.0023EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/26 11:20 a.m.14 views

tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments

A flaw was found in Tornado. A remote attacker could exploit this vulnerability by injecting specially crafted characters into the domain, path, and samesite arguments when setting cookies. This could lead to cookie attribute injection, potentially allowing for information disclosure or...

7.2CVSS6.9AI score0.00237EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/26 4:0 a.m.15 views

tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments

A flaw was found in Tornado. A remote attacker could exploit this vulnerability by injecting specially crafted characters into the domain, path, and samesite arguments when setting cookies. This could lead to cookie attribute injection, potentially allowing for information disclosure or...

7.2CVSS6.9AI score0.00237EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/20 11:23 a.m.12 views

keycloak: Keycloak: Access token disclosure and implicit flow bypass via forged client data

A flaw was found in Keycloak. A low-privilege user, with knowledge of user credentials and client ID, can bypass a security control intended to disable the implicit flow in OpenID Connect OIDC clients. By manipulating client data during a session restart, an attacker can obtain an access token th...

7.1CVSS5.7AI score0.00344EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Squid

A issue was discovered in Squid 4.9 through 4.17, and also in versions 5.0.6 through 5.6. Due to inconsistent handling of internal URIs, sensitive information about clients using the proxy may be exposed through an HTTPS request to an internal cache manager URL. This issue has been fixed in versi...

6.5CVSS6.7AI score0.0169EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Input: adp5589-keys – fixed the NULL pointer dereferencing issue. We have registered a devm action to call adp5589clearconfig, and then passed the i2c client as an argument. This allows us to call i2cgetclientdata in order to...

5.5CVSS6.4AI score0.00235EPSS
Exploits0References2
Rows per page
Query Builder