4 matches found
DEBIAN-CVE-2026-48990
joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In versions 1.3.4 through 1.6.5, joserfc accepts oversized RFC7797 b64=false JWS payloads without applying JWSRegistry.maxpayloadlength, which can lead to resource exhaustion...
CVE-2026-42096
Sparx Pro Cloud Server is vulnerable to Broken Access Control within communication with the database. Due to lack of permission checks, any low privileged user can run arbitrary SQL queries within database user context. The vendor was notified early about this vulnerability, but didn't respond wi...
CVE-2026-25432
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in omnipressteam Omnipress omnipress allows Stored XSS.This issue affects Omnipress: from n/a through = 1.6.7...
CVE-2023-24028
In MISP 2.4.167, app/Controller/Component/ACLComponent.php has incorrect access control for the decaying import function...