Lucene search
+L

6 matches found

Cvelist
Cvelist
added 2026/07/10 7:36 p.m.31 views

CVE-2026-55515 Snipe-IT: Cross-company deletion of pending checkout acceptances via unscoped report endpoint

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, the unaccepted-assets report delete endpoint authorizes only reports.view and deletes CheckoutAcceptance::pending-find$acceptanceId by global ID without checking access to the related checkoutable asset, allowing a reports user in...

5CVSS0.00256EPSS
Exploits1References3
OSV
OSV
added 2026/04/16 10:48 p.m.4 views

GHSA-47WQ-CJ9Q-WPMP Paperclip: Cross-tenant agent API token minting via missing assertCompanyAccess on /api/agents/:id/keys

Isolated paperclip instance running in authenticated mode default config on a clean Docker image matching commit b649bd4 2026.411.0-canary.8, post the 2026.410.0 patch. This advisory was verified on an unmodified build. Summary POST /api/agents/:id/keys, GET /api/agents/:id/keys, and DELETE...

9.9CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2025/10/14 4:35 a.m.4 views

Malicious Package

Overview company-access-pending is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

9.8CVSS6.8AI score
Exploits0References2
EUVD
EUVD
added 2025/10/14 4:35 a.m.5 views

EUVD-2025-34131

Malicious code in company-access-pending npm...

6.6AI score
Exploits0References1
OSV
OSV
added 2022/01/18 8:15 p.m.2 views

CVE-2021-44838

An issue was discovered in Delta RM 1.2. Using the /risque/risque/ajax-details endpoint, with a POST request indicating the risk to access with the id parameter, it is possible for users to access risks of other companies...

4.3CVSS5.8AI score
Exploits0References2
Malwarebytes
Malwarebytes
added 2017/10/19 5:16 p.m.41 views

BYOD, why don’t you?

Bring Your Own Device BYOD is a policy that allows employees to bring their own devices to the workplace and use them there. At one time, this was the latest bonus to attract and keep employees happy—plus save a few bucks. Nowadays the question is more like: Is there anyone who doesn't bring his...

7AI score
Exploits0
Rows per page
Query Builder