6 matches found
CVE-2026-55478 Snipe-IT: Missing object-level authorization in Kits API
Snipe-IT is an IT asset/license management system. Prior to 8.6.2, POST /api/v1/kits/kitid/licenses checks whether the caller can edit kits but does not authorize access to the referenced license object, allowing a low-privilege user with predefined-kit permissions to bind a license they should n...
CVE-2026-57028 Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause license exhaustion. Due to an incorrect initialization, a process which should only be able to communicate internall...
Insufficiently Protected Credentials
Overview org.jenkins-ci.plugins:soapui-pro-functional-testing is a plugin used to run SoapUI Pro tests from Jenkins builds. Affected versions of this package are vulnerable to Insufficiently Protected Credentials in the job configuration form, where SLM License Access Keys, client secrets, and...
CVE-2025-53657
Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier does not mask SLM License Access Keys, client secrets, and passwords displayed on the job configuration form, increasing the potential for attackers to observe and capture them...
Intel Quartus Prime Pro 权限许可和访问控制问题漏洞
Intel Quartus Prime Pro is a set of multi-platform design environments from the U.S. company Intel Intel. The product is primarily used for programming programmable logic devices. Intel Quartus Prime Pro Edition is vulnerable to a privilege licensing and access control issue vulnerability that...
winamp and wma Song Licenses
When opening a wma file with winamp 2.77, 2.78 tested that requires a license to be installed, winamp opens the webpage where it obtains this license through some vb script code calling an active x object, witch it passes the url to itself in order for this page to provide a click-here-to-play ty...