Lucene search
+L

7 matches found

CVE
CVE
added 17 hours ago9 views

CVE-2026-62233

CVE-2026-62233 affects grav-plugin-api prior to 1.0.6. The issue: createApiKey, generate2fa, and disable2fa endpoints fail to validate super-admin status, allowing non-super api.users.write managers to escalate to super-admin. As described, attackers can mint API keys bound to super-admin account...

8.8CVSS6.1AI score
Exploits0References2
NVD
NVD
added 2026/07/07 9:17 p.m.6 views

CVE-2026-50007

Actual is an open-source personal finance application. Prior to 26.7.0, a missing authorization issue allows a shared user with useraccess on a budget file to perform owner-only file management actions. A non-owner shared user can call file-management endpoints intended for higher-privilege users...

7.2CVSS0.00246EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/07 8:53 p.m.33 views

CVE-2026-50007 Actual: Shared users can perform owner-only file management actions

Actual is an open-source personal finance application. Prior to 26.7.0, a missing authorization issue allows a shared user with useraccess on a budget file to perform owner-only file management actions. A non-owner shared user can call file-management endpoints intended for higher-privilege users...

7.2CVSS0.00246EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.6 views

PT-2026-56243

Name of the Vulnerable Software and Affected Versions Actual versions prior to 26.7.0 Description A missing authorization issue allows a shared user with user access on a budget file to perform file management actions reserved for the owner or an administrator. This occurs because the...

7.2CVSS6.1AI score0.00246EPSS
Exploits0References10
OSV
OSV
added 2026/05/19 12:29 a.m.9 views

CLSA-2026-1779101894 opensc: Fix of CVE-2023-40661

CVE-2023-40661: fix multiple smartcard pkcs15init buffer overflows, underflows and out-of-bounds writes scpkcs15initrmdir, setcoscreatekey, cosmnewfile, cosmcreatekey, scpkcs15getlastupdate, iasecc-sdo, entersafe, epass2003 keygen...

6.4CVSS6.7AI score0.01174EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/11/15 12:0 a.m.3 views

PT-2023-35586 · Git +1 · Opensc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. The crash state involves several function calls, including sc file clear acl entries, sc...

6.9AI score
Exploits0References2
CNVD
CNVD
added 2018/05/22 12:0 a.m.3 views

Linux kernel denial of service vulnerability (CNVD-2018-09997)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in Linux kernel versions prior to 4.13.5. A local attacker can exploit this vulnerability with the help of the keyctl command to create...

7.1CVSS6.4AI score0.00421EPSS
Exploits0References1
Rows per page
Query Builder