6 matches found
CVE-2026-23480 Blinko: Low Privilege User Privilege Escalation - upsertUser Endpoint
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is a privilege escalation vulnerability. The upsertUser endpoint has 3 issues: it is missing superAdminAuthMiddleware, any logged-in user can call it; the originalPassword is an optional parameter and if not provided...
Axtion ODISSAAS ODIS 安全漏洞
Axtion ODISSAAS ODIS is a vehicle diagnostic software from the Dutch company Axtion. A security vulnerability exists in Axtion ODISSAAS ODIS version 1.8.4, which originates in a specially crafted DLL file and could lead to the execution of arbitrary code...
CVE-2022-41847
creationtimestamp| type| source ---|---|--- 2025-05-20 19:42:46+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17054...
Unspecified vulnerability in MyBB (CNVD-2015-02067)
MyBB aka MyBulletinBoard is a free and web-based forum software developed by MyBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. A security vulnerability exists in MyBB versions prior to 1.8.4. There is no detailed description ...
krb5: KDC denial of service vulnerabilities (MITKRB5-SA-2011-006)
The krb5ldaplockoutaudit function in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service assertion failure and daemon exit via unspecified vectors, related to the...
CVE-2025-61849
...