Lucene search
+L

4 matches found

vulnrichment
vulnrichment
added 2026/05/08 2:30 p.m.8 views

CVE-2026-41308 Password Pusher: JSON API `/p.json` file upload alias bypasses file-push authentication

Password Pusher is an open source application to communicate sensitive information over the web. Prior to versions 1.69.3 and 2.4.2, a security issue in OSS PasswordPusher allowed unauthenticated creation of file-type pushes through a generic JSON API create path under certain configurations. Thi...

6.5CVSS5.7AI score0.00289EPSS
Exploits0References3
cve
cve
added 2026/05/08 2:30 p.m.39 views

CVE-2026-41308

Password Pusher exposes a vulnerability (CVE-2026-41308) where unauthenticated creation of file-type pushes is possible via a generic JSON API create path, bypassing the authentication boundary under certain configurations. Affected versions prior to 1.69.3 and 2.4.2 are fixed in 1.69.3 and 2.4.2...

6.5CVSS5.7AI score0.00289EPSS
Exploits0References3Affected Software1
osv
osv
added 2026/05/08 2:30 p.m.3 views

CVE-2026-41308 Password Pusher: JSON API `/p.json` file upload alias bypasses file-push authentication

Password Pusher is an open source application to communicate sensitive information over the web. Prior to versions 1.69.3 and 2.4.2, a security issue in OSS PasswordPusher allowed unauthenticated creation of file-type pushes through a generic JSON API create path under certain configurations. Thi...

6.5CVSS5.9AI score0.00289EPSS
Exploits0References5
prion
prion
added 2007/01/26 1:28 a.m.18 views

Code injection

The Nokia N70 phone allows remote attackers to cause a denial of service continual modal dialogs and UI unavailability by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push...

3.3CVSS7.2AI score0.0065EPSS
Exploits0References3
Rows per page
Query Builder