352 matches found
MINI-689W-955V-2J3X
Bulletin has no description...
MINI-MWMR-7JXC-VRW8
Bulletin has no description...
MINI-7JPM-FQFW-HCRR
Bulletin has no description...
MINI-3HXV-MQ22-HFGX
Bulletin has no description...
MINI-4X6Q-HG5M-JV27
Bulletin has no description...
PT-2026-45852
Name of the Vulnerable Software and Affected Versions code-projects Student Admission System version 1.0 Description A SQL injection flaw exists in the /index.php file. This issue allows a remote attacker to manipulate the eid and did arguments to execute unauthorized database queries...
CVE-2026-45282 Nextcloud: Logged-in user bypasses share password and download restrictions on Text attachments via documentId leads to unauthorized file access
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, an authenticated attacker can access attachments of link shares when knowing the share token, circumventing password protection or download...
CVE-2026-45282 Nextcloud: Logged-in user bypasses share password and download restrictions on Text attachments via documentId leads to unauthorized file access
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, an authenticated attacker can access attachments of link shares when knowing the share token, circumventing password protection or download...
CVE-2026-45282
This CVE affects Nextcloud Server versions 32.0.0–32.0.8 and 33.0.0–33.0.2, where an authenticated attacker can access attachments of link shares using a valid share token and a known documentId, bypassing password protection or download restrictions. The vulnerability enables access to attachmen...
EUVD-2026-33707
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, an authenticated attacker can access attachments of link shares when knowing the share token, circumventing password protection or download...
ASB-A-500171842
Bulletin has no description...
CGA-3893-P8H8-XVP4
Bulletin has no description...
PT-2026-45007
Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.480 Description The software constructs all or part of a code segment using externally-influenced input from an upstream component without properly neutralizing special elements. This can modify the syntax or behavior...
CVE-2026-43890
Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.7.0, the subscriptions.create API endpoint in server/routes/api/subscriptions/subscriptions.ts exhibits a broken authorization pattern. When both collectionId and documentId are supplied in the request, the route...
EUVD-2026-29334
Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.7.0, the subscriptions.create API endpoint in server/routes/api/subscriptions/subscriptions.ts exhibits a broken authorization pattern. When both collectionId and documentId are supplied in the request, the route...
MINI-V7JV-537M-F8FW
Bulletin has no description...
MINI-3PGP-2XF4-MQQP
Bulletin has no description...
VMware Spring AI 安全漏洞
VMware Spring AI is a development framework from VMware that integrates artificial intelligence and big language modeling capabilities in the Spring ecosystem. A security vulnerability exists in VMware Spring AI versions 1.0.0 through 1.0.7 prior and 1.1.0 through 1.1.6 prior, which stems from...
CVE-2026-40865
Horilla is a free and open source Human Resource Management System HRMS. In 1.5.0, an insecure direct object reference in the employee document viewer allows any authenticated user to access other employees’ uploaded documents by changing the document ID in the request. This exposes sensitive HR...
MINI-M88M-PHM8-J7WF
Bulletin has no description...