Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/06/08 2:58 a.m.14 views

CVE-2026-11439

A vulnerability was found in theonedev onedev up to 15.0.5. Affected by this issue is some unknown functionality of the file /projects/ of the component Parent Project Handler. The manipulation of the argument project.parentId results in improper authorization. The attack may be performed from...

6.5CVSS6.1AI score0.00214EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/06 5:15 p.m.28 views

CVE-2026-11439 theonedev Parent Project projects improper authorization

A vulnerability was found in theonedev onedev up to 15.0.5. Affected by this issue is some unknown functionality of the file /projects/ of the component Parent Project Handler. The manipulation of the argument project.parentId results in improper authorization. The attack may be performed from...

6.5CVSS0.00214EPSS
Exploits0References6
CVE
CVE
added 2026/06/06 5:15 p.m.24 views

CVE-2026-11439

The vulnerability CVE-2026-11439 affects Theonedev Onedev up to version 15.0.5 in the Parent Project Handler, specifically the /projects/ function where manipulating the argument project.parentId leads to improper authorization. The attack may be executed remotely. A fix is available in version 1...

6.5CVSS6.1AI score0.00214EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.8 views

OneDev 授权问题漏洞

OneDev is a JAVA-based multi-functional DevOps platform developed by Theonedev team. This platform supports container building, orchestration, CI, Git management, and team collaboration, helping developers create a simple yet powerful development platform. Versions of OneDev prior to 15.0.5 have...

6.5CVSS6.5AI score0.00214EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/06 12:0 a.m.15 views

PT-2026-47163

Name of the Vulnerable Software and Affected Versions onedev versions prior to 15.0.6 Description Improper authorization exists in the Parent Project Handler component within the '/projects/' file. A remote attacker can manipulate the project.parentId argument to bypass authorization controls...

6.5CVSS6.6AI score0.00214EPSS
Exploits0References9
Snyk
Snyk
added 2026/04/10 3:33 p.m.5 views

Improper Privilege Management

Overview Affected versions of this package are vulnerable to Improper Privilege Management in the parentprojectid update process. An attacker can gain unauthorized administrative privileges by moving a project under a project they own, allowing them to delete the project, manage sharing settings,...

8.7CVSS5.8AI score0.0029EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.6 views

Vikunja 安全漏洞

Vikunja is an open-source to-do application developed by Vikunja developers. Versions of Vikunja prior to 2.3.0 contained security vulnerabilities. These vulnerabilities stemmed from the permission checking logic when changing the parent project ID, which was inconsistent with the recursive...

8.3CVSS5.8AI score0.0029EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/03/26 3:17 p.m.4 views

CVE-2026-32735

openapi-to-java-records-mustache-templates allows users to generate Java Records from OpenAPI specifications. Starting in version 5.1.1 and prior to version 5.5.1, the parent POM file of this project openapi-to-java-records-mustache-templates-parent, which is used to centralize plugin...

2.3CVSS5.9AI score0.00321EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/18 12:0 a.m.11 views

Openapi to Java Records Mustache Templates 输入验证错误漏洞

Openapi to Java Records Mustache Templates is a record-generation tool developed by Christopher Molin. Versions of Openapi to Java Records Mustache Templates prior to 5.5.1 had a vulnerability related to input validation errors. This vulnerability stemmed from the possibility of the parent POM fi...

2.3CVSS6AI score0.00321EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.21 views

Fedora: Security Advisory for mojo-parent (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02557EPSS
Exploits3References2
Fedora
Fedora
added 2024/03/07 10:33 p.m.21 views

[SECURITY] Fedora 40 Update: mojo-parent-78-3.fc40

Codehaus MOJO parent project pom file...

8.8CVSS6.9AI score0.02557EPSS
Exploits3
Rows per page
Query Builder