Lucene search
K

8 matches found

CVE
CVE
added yesterday7 views

CVE-2026-53444

Wekan (open-source Kanban, Meteor-based) prior to v9.32 had missing authorization on OIDC-related Meteor methods (e.g., setCreateOrgFromOidc, setOrgAllFieldsFromOidc, setCreateTeamFromOidc, setTeamAllFieldsFromOidc, boardRoutineOnLogin, groupRoutineOnLogin) in packages/wekan-oidc/oidc_server.js a...

7.6CVSS6.1AI score0.00022EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-60322

Name of the Vulnerable Software and Affected Versions Wekan versions prior to 9.32 Description A Server-Side Request Forgery SSRF exists where webhook integration URLs in models/integrations.js are stored from user input and subsequently fetched by server/notifications/outgoing.js. The process...

6.2CVSS6.1AI score0.00018EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/04/25 12:0 a.m.9 views

PT-2023-13792 · Laravel · Laravel

Name of the Vulnerable Software and Affected Versions: Laravel versions 8.x through 9.x before 9.32.0 Description: The authentication method was discovered to be vulnerable to user enumeration via timeless timing attacks with HTTP/2 multiplexing. This issue is caused by the early return inside th...

5.3CVSS7.5AI score0.00881EPSS
Exploits1References7
OSV
OSV
added 2020/09/09 7:15 p.m.8 views

CVE-2018-17772

Ingenico Telium 2 POS terminals allow arbitrary code execution via the TRACE protocol. This is fixed in Telium 2 SDK v9.32.03 patch N...

6.8CVSS6.2AI score0.00669EPSS
Exploits1References4
OSV
OSV
added 2020/09/09 7:15 p.m.6 views

CVE-2018-17771

Ingenico Telium 2 POS terminals have hardcoded FTP credentials. This is fixed in Telium 2 SDK v9.32.03 patch N...

6.6CVSS5.8AI score0.00477EPSS
Exploits1References4
CNVD
CNVD
added 2017/12/15 12:0 a.m.6 views

Micro Focus Project and Portfolio Management Center Cross-Site Request Forgery Vulnerability

Micro Focus Project and Portfolio Management Center is a suite of project portfolio management software from Micro Focus UK. The software manages hybrid projects by integrating agile tools such as ALM Octane, Agile Manager and CA Rally. A cross-site request forgery vulnerability exists in Micro...

7.3CVSS6.9AI score0.00497EPSS
Exploits0References1
OSV
OSV
added 2017/12/13 1:29 a.m.3 views

CVE-2017-14361

Man-In-The-Middle vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability could be exploited to allow a Man-in-the-middle attack...

7.4CVSS5.8AI score0.01036EPSS
Exploits0References2
CNVD
CNVD
added 2016/06/13 12:0 a.m.6 views

Multiple Vulnerabilities in HPE Project and Portfolio Management Center

HPE Project and Portfolio Management Center PPM is a suite of solutions from Hewlett Packard Enterprise HPE that provides project executives with the visibility and strategic operational needs to make decisions based on real-time visibility into the project lifecycle of the project portfolio. An...

8.8CVSS7.3AI score0.02326EPSS
Exploits0References1
Rows per page
Query Builder