Lucene search
K

6 matches found

CVE
CVE
added 8 hours ago12 views

CVE-2026-55429

Coder's CVE-2026-55429 describes a cross-workspace agent rebinding vulnerability in UpsertWorkspaceApp and insertAgentApp where a provisioner payload can bind a victim app to an attacker-controlled agent due to lack of workspace verification. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, ...

8.7CVSS6AI score
Exploits0References6
OSV
OSV
added 2 days ago3 views

GHSA-9RJW-3GWP-F59V Coder's workspace app upsert allows cross-workspace agent rebinding via user-controlled app ID

Summary UpsertWorkspaceApp overwrites an existing app's agentid on a primary-key conflict and insertAgentApp accepts the app ID from the provisioner's CompleteJob payload without verifying it belongs to the workspace being built. CompleteJob runs under dbauthz.AsProvisionerd so the authorization...

8.7CVSS5.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago9 views

PT-2026-56073

Name of the Vulnerable Software and Affected Versions Coder versions prior to 2.34.2 Coder versions prior to 2.33.8 Coder versions prior to 2.32.7 Coder versions prior to 2.29.17 Description An issue exists where the UpsertWorkspaceApp function overwrites an existing application's agent id during...

8.7CVSS5.9AI score
Exploits0References10
OSV
OSV
added 2024/01/17 6:15 p.m.2 views

CVE-2022-41786

Missing Authorization vulnerability in WP Job Portal WP Job Portal – A Complete Job Board.This issue affects WP Job Portal – A Complete Job Board: from n/a through 2.0.1...

9.8CVSS5.8AI score0.00481EPSS
Exploits0References1
OSV
OSV
added 2024/01/05 8:15 a.m.1 views

CVE-2023-52184

Cross-Site Request Forgery CSRF vulnerability in WP Job Portal WP Job Portal – A Complete Job Board.This issue affects WP Job Portal – A Complete Job Board: from n/a through 2.0.6...

8.8CVSS7.3AI score
Exploits0References1
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.4 views

Complete Online Job Search System SQL注入漏洞

Complete Online Job Search System is an online job search system. SQL injection vulnerability exists in Complete Online Job Search System, which originates from /eris/index.php?q=result&searchfor=bytitle page missing validation of external input SQL statements. An attacker could use this...

7.2CVSS6AI score0.00946EPSS
Exploits1References3
Rows per page
Query Builder