Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25417

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00358EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/08/23 12:23 a.m.5 views

CVE-2025-55367

Incorrect access control in the component \controller\SupplierController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account...

5.3CVSS7.2AI score0.00294EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/08/23 12:23 a.m.5 views

CVE-2025-55368

Incorrect access control in the component \controller\RoleController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account...

8.8CVSS7.2AI score0.00358EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/08/23 12:23 a.m.6 views

CVE-2025-55371

Incorrect access control in the component /controller/PersonController.java of jshERP v3.5 allows unauthorized attackers to obtain all the information of the handler by executing the getAllList method...

5.3CVSS6.8AI score0.00294EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/08/21 12:0 a.m.4 views

CVE-2025-55368

Incorrect access control in the component \controller\RoleController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account...

7.1AI score0.00358EPSS
Exploits1References2
CVE
CVE
added 2025/08/21 12:0 a.m.25 views

CVE-2025-55366

CVE-2025-55366 affects jshERP v3.5; improper access control in the UserController.java component (controller\UserController.java) allows attackers to arbitrarily reset user passwords and perform horizontal privilege escalation. Affected software/version is jshERP 3.5; underlying cause is access c...

5.3CVSS7.6AI score0.00294EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/08/21 12:0 a.m.29 views

CVE-2025-55370

CVE-2025-55370 affects jshERP v3.5. The vulnerability arises from incorrect access control in the ResourceController.java component, allowing unauthorized attackers to modify an ID value to retrieve all related ID data. Root cause is improper access control in the controller code, with high sever...

8.8CVSS7AI score0.00358EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/08/21 12:0 a.m.11 views

CVE-2025-55371

Incorrect access control in the component /controller/PersonController.java of jshERP v3.5 allows unauthorized attackers to obtain all the information of the handler by executing the getAllList method...

0.00294EPSS
Exploits1References2
Rows per page
Query Builder