Lucene search
K

64 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-58036

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files...

7.5CVSS6.1AI score0.00243EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 4:16 p.m.10 views

CVE-2026-58036

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryAllUsers.Php, includes/Api/ApiQueryUsers.Php, includes/Permissions/PermissionManager.Php,...

7.5CVSS0.00243EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/01 2:48 p.m.7 views

CVE-2026-58036

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryAllUsers.Php, includes/Api/ApiQueryUsers.Php, includes/Permissions/PermissionManager.Php,...

2.1CVSS5.8AI score0.00243EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 2:48 p.m.16 views

CVE-2026-58036

CVE-2026-58036 affects Wikimedia Foundation MediaWiki. The issue concerns leakage of sensitive information via the Users APIs, specifically in ApiQueryAllUsers.php, ApiQueryUsers.php, PermissionManager.php, and UserGroupManager.php. The vulnerability allows an unauthorized actor to access user-re...

7.5CVSS5.8AI score0.00243EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/12/23 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-58052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Galette is a membership management web application for non profit organizations. Starting in version 0.9.6 and prior to version 1.2.0, attackers with group...

8.1CVSS5.6AI score0.00271EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/12/20 5:12 p.m.14 views

CVE-2025-58052

Galette is a membership management web application for non profit organizations. Starting in version 0.9.6 and prior to version 1.2.0, attackers with group manager role can bypass intended restrictions allowing unauthorized access and changes despite role-based controls. Since it requires...

8.1CVSS6.7AI score0.00271EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2025/12/19 5:15 p.m.5 views

CVE-2025-58052

Galette is a membership management web application for non profit organizations. Starting in version 0.9.6 and prior to version 1.2.0, attackers with group manager role can bypass intended restrictions allowing unauthorized access and changes despite role-based controls. Since it requires...

8.1CVSS5.9AI score0.00271EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/12/19 4:24 p.m.1 views

CVE-2025-58052 Galette has groups managers access control bypass on Members

Galette is a membership management web application for non profit organizations. Starting in version 0.9.6 and prior to version 1.2.0, attackers with group manager role can bypass intended restrictions allowing unauthorized access and changes despite role-based controls. Since it requires...

5.3CVSS6.3AI score0.00271EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2025/12/19 4:15 p.m.4 views

CVE-2025-53922

Galette is a membership management web application for non profit organizations. Starting in version 1.1.4 and prior to version 1.2.0, a user who is logged in as group manager may bypass intended restrictions on Contributions and Transactions. Version 1.2.0 fixes the issue...

5.3CVSS5.8AI score0.00202EPSS
Exploits0References2
OSV
OSV
added 2025/12/19 4:15 p.m.5 views

UBUNTU-CVE-2025-53922

Galette is a membership management web application for non profit organizations. Starting in version 1.1.4 and prior to version 1.2.0, a user who is logged in as group manager may bypass intended restrictions on Contributions and Transactions. Version 1.2.0 fixes the issue...

5.3CVSS5.8AI score0.00202EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/19 3:10 p.m.28 views

CVE-2025-53922 Galette has access control bypass

Galette is a membership management web application for non profit organizations. Starting in version 1.1.4 and prior to version 1.2.0, a user who is logged in as group manager may bypass intended restrictions on Contributions and Transactions. Version 1.2.0 fixes the issue...

5.3CVSS0.00202EPSS
Exploits0References1
CVE
CVE
added 2025/12/19 3:10 p.m.10 views

CVE-2025-53922

CVE-2025-53922 affects Galette, a membership management web app. From version 1.1.4 up to (but not including) 1.2.0, a user logged in as a group manager may bypass intended restrictions on the Contributions and Transactions features (an access-control bypass). The issue is fixed in version 1.2.0....

5.3CVSS6.3AI score0.00202EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/12/19 3:10 p.m.4 views

CVE-2025-53922 Galette has access control bypass

Galette is a membership management web application for non profit organizations. Starting in version 1.1.4 and prior to version 1.2.0, a user who is logged in as group manager may bypass intended restrictions on Contributions and Transactions. Version 1.2.0 fixes the issue...

5.3CVSS6.7AI score0.00202EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/19 12:0 a.m.4 views

PT-2025-52454

Galette is a membership management web application for non profit organizations. Starting in version 1.1.4 and prior to version 1.2.0, a user who is logged in as group manager may bypass intended restrictions on Contributions and Transactions. Version 1.2.0 fixes the issue...

5.3CVSS6.7AI score0.00202EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/19 12:0 a.m.6 views

PT-2025-52485

Name of the Vulnerable Software and Affected Versions Galette versions 0.9.6 through 1.1.9 Description Galette is a membership management web application designed for non-profit organizations. Individuals with the 'group manager' role can circumvent intended restrictions, enabling unauthorized...

8.1CVSS6.4AI score0.00271EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-26039

Malware in sbrugna...

7.8CVSS7.7AI score0.00122EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-0500

Malware in sbrugna...

4.9CVSS7.5AI score0.00371EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-6515

Malware in sbrugna...

6.9CVSS6AI score0.0039EPSS
Exploits0References30
NVD
NVD
added 2025/01/09 8:15 p.m.33 views

CVE-2024-13263

Improper Neutralization of Directives in Statically Saved Code 'Static Code Injection' vulnerability in Drupal Opigno group manager allows PHP Local File Inclusion.This issue affects Opigno group manager: from 0.0.0 before 3.1.1...

5.5CVSS0.00254EPSS
Exploits0References1
CVE
CVE
added 2025/01/09 7:15 p.m.53 views

CVE-2024-13263

CVE-2024-13263 affects Opigno group manager (versions 0.0.0 up to 3.1.1). The root cause is improper neutralization of directives in statically saved code (static code injection), which can lead to PHP Local File Inclusion. Several connected sources corroborate that this vulnerability enables arb...

5.5CVSS6.9AI score0.00254EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder