99 matches found
CVE-2026-26416
An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privileges across role boundaries via crafted requests...
CVE-2026-26418
Missing authentication and authorization in the web API of Tata Consultancy Services Cognix Recon Client v3.0 allows remote attackers to access application functionality without restriction via the network...
CVE-2026-26417
A broken access control vulnerability in the password reset functionality of Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to reset passwords of arbitrary user accounts via crafted requests...
PT-2026-23477
Name of the Vulnerable Software and Affected Versions Tata Consultancy Services Cognix Recon Client version 3.0 Description A broken access control issue exists in the password reset functionality. Authenticated users can reset passwords for any user account by sending specially crafted requests...
CVE-2026-26417
A broken access control vulnerability in the password reset functionality of Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to reset passwords of arbitrary user accounts via crafted requests...
PT-2026-23476
Name of the Vulnerable Software and Affected Versions Tata Consultancy Services Cognix Recon Client version 3.0 Description An authorization bypass exists in Tata Consultancy Services Cognix Recon Client version 3.0. Authenticated users can escalate privileges across role boundaries by sending...
CVE-2026-26416
An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privileges across role boundaries via crafted requests...
Tata Consultancy Services Cognix Recon Client 安全漏洞
Tata Consultancy Services Cognix Recon Client is a financial reconciliation software developed by Tata Consultancy Services in India. Version 3.0 of Tata Consultancy Services Cognix Recon Client contains a security vulnerability. This vulnerability stems from an access control flaw in the passwor...
PT-2026-23478
Name of the Vulnerable Software and Affected Versions Tata Consultancy Services Cognix Recon Client version 3.0 Description A lack of proper authentication and authorization in the web API of Tata Consultancy Services Cognix Recon Client v3.0 enables remote attackers to access application...
CVE-2026-26418
The CVE-2026-26418 entry affects Tata Consultancy Services Cognix Recon Client v3.0. The vulnerability is a missing authentication and authorization flaw in the web API, enabling remote attackers to access application functionality over the network without restriction. According to the provided m...
CVE-2026-26416
An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privileges across role boundaries via crafted requests...
CVE-2025-14018
CVE-2025-14018 describes an Unquoted Search Path or Element vulnerability in NetBT Consulting Services Inc. E-Fatura prior to version 1.2.15. The root cause is unquoted configuration/file search paths that can be manipulated to redirect access to libraries. Impact per the sources is high confiden...
CVE-2025-14018 Unquoted Service Path in NetBT Consultancy's e-Fatura
Unquoted Search Path or Element vulnerability in NetBT Consulting Services Inc. E-Fatura allows Leveraging/Manipulating Configuration File Search Paths, Redirect Access to Libraries. This issue affects e-Fatura: before 1.2.15...
CVE-2025-49946
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cynob IT Consultancy Auto Login After Registration auto-login-after-registration allows Reflected XSS.This issue affects Auto Login After Registration: from n/a through = 1.0.0...
EUVD-2025-35515
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cynob IT Consultancy Auto Login After Registration auto-login-after-registration allows Reflected XSS.This issue affects Auto Login After Registration: from n/a through = 1.0.0...
CVE-2025-49946
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cynob IT Consultancy Auto Login After Registration auto-login-after-registration allows Reflected XSS.This issue affects Auto Login After Registration: from n/a through = 1.0.0...
PT-2025-43207
Name of the Vulnerable Software and Affected Versions Cynob IT Consultancy Auto Login After Registration versions through 1.0.0 Description The Auto Login After Registration component contains a flaw related to improper input handling during web page generation, which allows for Reflected...
EUVD-2025-4050
Malicious code in bioql PyPI...
EUVD-2022-30279
Malicious code in bioql PyPI...
EUVD-2024-44213
Malicious code in bioql PyPI...