248 matches found
Astra Linux - уязвимость в firefox
Multiple NSS NIST curves were vulnerable to a side-channel attack known as “Minerva”. This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox versions less than 121...
CVE-2026-5779
An insecure direct object reference IDOR vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/user/updateUserProfile' endpoint. This allows an authenticated user to modify the information of other registered users. Successful exploitation of this vulnerability allows an...
CVE-2026-5780
An insecure direct object reference IDOR vulnerability in MphRx's Minerva V3.6.0, specifically in the endpoint '/minerva/moUser/show/'. If this vulnerability is successfully exploited, an authenticated user can access the data of other registered users simply by modifying the ID. This allows an...
EUVD-2026-26040
An authorization vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/moUser/update' endpoint, could allow an authenticated user with user modification privileges to escalate their privileges by sending an HTTP request with a manipulated 'identifier' field. Successful exploitati...
CVE-2026-5781 Multiple vulnerabilities in MphRx's Minerva
An authorization vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/moUser/update' endpoint, could allow an authenticated user with user modification privileges to escalate their privileges by sending an HTTP request with a manipulated 'identifier' field. Successful exploitati...
CVE-2026-5781
An authorization vulnerability in MphRx’s Minerva v3.6.0 affects the /minerva/moUser/update endpoint. An authenticated user with user-modification privileges can escalate to administrator by sending an HTTP request with a manipulated 'identifier' field. The CVSS metrics indicate high impact and p...
CVE-2026-5781
An authorization vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/moUser/update' endpoint, could allow an authenticated user with user modification privileges to escalate their privileges by sending an HTTP request with a manipulated 'identifier' field. Successful exploitati...
CVE-2026-5781 Multiple vulnerabilities in MphRx's Minerva
An authorization vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/moUser/update' endpoint, could allow an authenticated user with user modification privileges to escalate their privileges by sending an HTTP request with a manipulated 'identifier' field. Successful exploitati...
CVE-2026-5780 Multiple vulnerabilities in MphRx's Minerva
An insecure direct object reference IDOR vulnerability in MphRx's Minerva V3.6.0, specifically in the endpoint '/minerva/moUser/show/'. If this vulnerability is successfully exploited, an authenticated user can access the data of other registered users simply by modifying the ID. This allows an...
CVE-2026-5780
CVE-2026-5780 concerns an insecure direct object reference (IDOR) in MphRx’s Minerva v3.6.0, specifically the /minerva/moUser/show/ endpoint. An authenticated user can modify the ID to access data of other registered users, enabling listing of users. The CVSS 4.0 base score is 8.5 (HIGH) with NET...
CVE-2026-5780
An insecure direct object reference IDOR vulnerability in MphRx's Minerva V3.6.0, specifically in the endpoint '/minerva/moUser/show/'. If this vulnerability is successfully exploited, an authenticated user can access the data of other registered users simply by modifying the ID. This allows an...
CVE-2026-5780 Multiple vulnerabilities in MphRx's Minerva
An insecure direct object reference IDOR vulnerability in MphRx's Minerva V3.6.0, specifically in the endpoint '/minerva/moUser/show/'. If this vulnerability is successfully exploited, an authenticated user can access the data of other registered users simply by modifying the ID. This allows an...
EUVD-2026-26038
An insecure direct object reference IDOR vulnerability in MphRx's Minerva V3.6.0, specifically in the endpoint '/minerva/moUser/show/'. If this vulnerability is successfully exploited, an authenticated user can access the data of other registered users simply by modifying the ID. This allows an...
CVE-2026-5779 Multiple vulnerabilities in MphRx's Minerva
An insecure direct object reference IDOR vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/user/updateUserProfile' endpoint. This allows an authenticated user to modify the information of other registered users. Successful exploitation of this vulnerability allows an...
CVE-2026-5779
CVE-2026-5779 affects MphRx Minerva 3.6.0, via insecure direct object reference in the /minerva/user/updateUserProfile endpoint. An authenticated user can modify other registered users’ data (e.g., email) and initiate a password reset through /webconnect/#/forgotPassword, potentially leading to f...
CVE-2026-5779
An insecure direct object reference IDOR vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/user/updateUserProfile' endpoint. This allows an authenticated user to modify the information of other registered users. Successful exploitation of this vulnerability allows an...
EUVD-2026-26037
An insecure direct object reference IDOR vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/user/updateUserProfile' endpoint. This allows an authenticated user to modify the information of other registered users. Successful exploitation of this vulnerability allows an...
CVE-2026-5779 Multiple vulnerabilities in MphRx's Minerva
An insecure direct object reference IDOR vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/user/updateUserProfile' endpoint. This allows an authenticated user to modify the information of other registered users. Successful exploitation of this vulnerability allows an...
MphRx Minerva 访问控制错误漏洞
MphRx Minerva is a medical data integration and interoperability platform developed by MphRx Corporation. Version MphRx Minerva V3.6.0 contains a security vulnerability related to access control. This vulnerability stems from an insecure direct object reference in the /minerva/moUser/show endpoin...
MphRx Minerva 访问控制错误漏洞
MphRx Minerva is a medical data integration and interoperability platform developed by MphRx Corporation. Version MphRx Minerva V3.6.0 contains a security vulnerability related to access control. This vulnerability stems from an insecure direct object reference in the...