Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/03/05 1:57 a.m.6 views

CVE-2026-27012

OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling...

9.8CVSS5.9AI score0.00537EPSS
Exploits1References1
NVD
NVD
added 2026/03/03 10:16 p.m.22 views

CVE-2026-27012

OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling...

9.8CVSS0.00537EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/03 9:53 p.m.20 views

CVE-2026-27012 Unauthenticated privilege escalation in OpenSTAManager via modules/utenti/actions.php

OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling...

9.8CVSS0.00537EPSS
Exploits1References1
CVE
CVE
added 2026/03/03 9:53 p.m.118 views

CVE-2026-27012

OpenSTAManager CVE-2026-27012 affects 2.9.8 and earlier, enabling unauthenticated privilege escalation via modules/utenti/actions.php. An attacker can call the PHP endpoint to arbitrarily change a user’s group (idgruppo), promoting a normal account (e.g., agent) to Amministratori or demoting admi...

9.8CVSS6AI score0.00537EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/03/03 5:43 p.m.4 views

GHSA-247V-7CW6-Q57V OpenSTAManager affected by unauthenticated privilege escalation via modules/utenti/actions.php

Summary A privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling modules/utenti/actions.php. This can promote an existing account e.g. agent into the Amministratori group as well as demot...

9.8CVSS6AI score0.00537EPSS
Exploits1References2
OSV
OSV
added 2025/02/26 6:37 a.m.4 views

UBUNTU-CVE-2021-47646

In the Linux kernel, the following vulnerability has been resolved: Revert "Revert "block, bfq: honor already-setup queue merges"" A crash 1 happened to be triggered in conjunction with commit 2d52c58b9c9b "block, bfq: honor already-setup queue merges". The latter was then reverted by commit...

7.8CVSS6AI score0.00254EPSS
Exploits0References10
OSV
OSV
added 2020/01/24 10:15 a.m.2 views

CVE-2019-3693

A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. Additionally arbitrary files could be changed to group mailman. This...

7.8CVSS7.1AI score0.00365EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2007/11/20 12:0 a.m.26 views

Fedora 7 : emacs-22.1-5.fc7 (2007-3056)

Tue Nov 6 2007 Chip Coldwell - 22.1-5 - fix insufficient safe-mode checks Resolves: bz367581 - Update rpm-spec-mode to the current upstream, drop compat patch bz306841 - Wed Sep 12 2007 Chip Coldwell - 22.1-4 - require xorg-x11-fonts-ISO8859-1-100dpi instead of 75dpi Resolves: bz281861 - drop...

6.3CVSS8.2AI score0.00724EPSS
Exploits0References5
Rows per page
Query Builder