CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

RedhatCVE•added 2026/03/06 1:34 a.m.•1 views

CVE-2026-26416

An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privileges across role boundaries via crafted requests...

8.8CVSS5.9AI score0.00052EPSS

Exploits0References1

RedhatCVE•added 2026/03/06 1:34 a.m.•3 views

CVE-2026-26418

Missing authentication and authorization in the web API of Tata Consultancy Services Cognix Recon Client v3.0 allows remote attackers to access application functionality without restriction via the network...

7.5CVSS6AI score0.00148EPSS

Exploits0References1

NVD•added 2026/03/05 7:16 p.m.•6 views

CVE-2026-26417

A broken access control vulnerability in the password reset functionality of Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to reset passwords of arbitrary user accounts via crafted requests...

8.1CVSS0.0004EPSS

Exploits0References2

Cvelist•added 2026/03/05 12:0 a.m.•24 views

CVE-2026-26416

An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privileges across role boundaries via crafted requests...

0.00052EPSS

Exploits0References3

CNNVD•added 2026/03/05 12:0 a.m.•3 views

Tata Consultancy Services Cognix Recon Client 安全漏洞

Tata Consultancy Services Cognix Recon Client is a financial reconciliation software developed by Tata Consultancy Services in India. Version 3.0 of Tata Consultancy Services Cognix Recon Client contains a security vulnerability. This vulnerability stems from an access control flaw in the passwor...

8.1CVSS5.8AI score0.0004EPSS

Exploits0References2

Positive Technologies•added 2026/03/05 12:0 a.m.•4 views

PT-2026-23477

Name of the Vulnerable Software and Affected Versions Tata Consultancy Services Cognix Recon Client version 3.0 Description A broken access control issue exists in the password reset functionality. Authenticated users can reset passwords for any user account by sending specially crafted requests...

8.1CVSS5.8AI score0.0004EPSS

Exploits0References7

CVE•added 2026/03/05 12:0 a.m.•4 views

CVE-2026-26418

CVE-2026-26418 affects Tata Consultancy Services Cognix Recon Client v3.0. The issue is missing authentication and authorization in the web API, allowing remote attackers to access application functionality without restriction over the network. The available description does not specify affected ...

7.5CVSS6AI score0.00148EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/03/05 12:0 a.m.•1 views

CVE-2026-26416

An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privileges across role boundaries via crafted requests...

5.8AI score0.00052EPSS

Exploits0References3

ATTACKERKB•added 2026/03/05 12:0 a.m.•1 views

CVE-2026-26417

6AI score0.0004EPSS

Exploits0References3

Positive Technologies•added 2026/03/05 12:0 a.m.•2 views

PT-2026-23478

Name of the Vulnerable Software and Affected Versions Tata Consultancy Services Cognix Recon Client version 3.0 Description A lack of proper authentication and authorization in the web API of Tata Consultancy Services Cognix Recon Client v3.0 enables remote attackers to access application...

7.5CVSS5.8AI score0.00148EPSS

Exploits0References7

Spring Engineering•added 2025/07/17 12:0 a.m.•3 views

A Bootiful Podcast: Spring legends Tasha Isenberg and Jason Konicki

Hi, Spring fans! In this edition, I had the pleasure of chatting with the brilliant Arjen Poutsma, our go-to API oracle. If you’re curious about his fantastic insights, thoughts, and consultancy services, be sure to check out poutsma-principles.com...

7.1AI score

Exploits0

Spring Engineering•added 2025/07/10 12:0 a.m.•5 views

A Bootiful Podcast: API oracle Arjen Poutsma

7.1AI score

Exploits0

CNNVD•added 2025/01/04 12:0 a.m.•1 views

TCS BaNCS 安全漏洞

TCS BaNCS Tata Consultancy Services BaNCS is a core banking software suite from TCS Corporation. A security vulnerability exists in TCS BaNCS version 10, which stems from an incorrect operation of the parameter FilePath can result in file inclusion...

5.5CVSS5.5AI score0.00093EPSS

Exploits0References3

NVD•added 2023/01/24 9:15 a.m.•6 views

CVE-2022-4554

B2B Customer Ordering System developed by ID Software Project and Consultancy Services before version 1.0.0.347 has an authenticated Reflected XSS vulnerability. This has been fixed in the version 1.0.0.347...

5.4CVSS5.2AI score0.00185EPSS

Exploits0References2

Prion•added 2023/01/24 9:15 a.m.•9 views

Cross site scripting

4.9CVSS5.2AI score0.00185EPSS

Exploits0References1Affected Software1

CVE•added 2023/01/24 12:0 a.m.•40 views

CVE-2022-4554

The CVE-2022-4554 entry concerns the B2B Customer Ordering System developed by ID Software Project and Consultancy Services. Affected versions are prior to 1.0.0.347 and the vulnerability is an authenticated Reflected XSS vulnerability. The issue is resolved in version 1.0.0.347. Exploitation det...

5.4CVSS5.5AI score0.00185EPSS

Exploits0References2Affected Software1

Apache Tomcat•added 2017/05/16 12:0 a.m.•72 views

Fixed in Apache Tomcat 7.0.78

Important: Security Constraint Bypass CVE-2017-5664 The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the...

7.5CVSS7.6AI score0.10802EPSS

Exploits1Affected Software1

Apache Tomcat•added 2017/05/16 12:0 a.m.•58 views

Fixed in Apache Tomcat 8.0.44

7.5CVSS7.6AI score0.10802EPSS

Exploits1Affected Software1

Apache Tomcat•added 2017/05/10 12:0 a.m.•62 views

Fixed in Apache Tomcat 8.5.15

7.5CVSS7.6AI score0.10802EPSS

Exploits1Affected Software1

Apache Tomcat•added 2017/05/10 12:0 a.m.•59 views

Fixed in Apache Tomcat 9.0.0.M21