5549 matches found
EUVD-2025-208477
CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels...
EUVD-2025-208478
CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels...
CVE-2025-13901
CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels...
CVE-2025-13901
CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels...
CVE-2025-13901
CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels...
Schneider Electric多款产品 安全漏洞
Schneider Electric Modicon M241, among others, are programmable logic controllers produced by Schneider Electric, a French company. Several products from Schneider Electric have security vulnerabilities. These vulnerabilities stem from improper resource closure or release procedures, which may...
PT-2026-24625
Impact t.String format: 'url' is vulnerable to redos Repeating a partial url format protocol and hostname multiple times cause regex to slow down significantly js 'http://a'.repeatn Here's a table demonstrating how long it takes to process repeated partial url format | n repeat | elapsed ms | | -...
Google Chrome WebCodecs Heap Overflow Vulnerability
Google Chrome is a free web browser developed by Google Inc. Google Chrome WebCodecs suffers from a heap overflow vulnerability that originates from a partial overwrite of heap memory and can be exploited by remote attackers to execute arbitrary code...
Exploring the Drivers of Information Security Policy Compliance among Contingent Employees: A Social, Deterrent, and Involvement-Based Approach
As institutions increasingly depend on Information Systems ISs, ensuring compliance with Information Systems Security Policies ISSPs is critical, especially among contingent employees, whose engagement differs from that of permanent staff. This study examines how Subjective Norm, Deterrence...
CVE-2026-27898
Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwardenrs. Prior to version 1.35.4, an authenticated regular user can specify another user’s cipherid and call "PUT /api/ciphers/id/partial" Even though the standard retrieval API correctly denies access...
CVE-2026-27898 Vaultwarden: Unauthorized Access via Partial Update API on Another User’s Cipher
Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwardenrs. Prior to version 1.35.4, an authenticated regular user can specify another user’s cipherid and call "PUT /api/ciphers/id/partial" Even though the standard retrieval API correctly denies access...
CVE-2026-27898 Vaultwarden: Unauthorized Access via Partial Update API on Another User’s Cipher
Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwardenrs. Prior to version 1.35.4, an authenticated regular user can specify another user’s cipherid and call "PUT /api/ciphers/id/partial" Even though the standard retrieval API correctly denies access...
CVE-2026-27898
Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwardenrs. Prior to version 1.35.4, an authenticated regular user can specify another user’s cipherid and call "PUT /api/ciphers/id/partial" Even though the standard retrieval API correctly denies access...
CVE-2026-27898 Vaultwarden: Unauthorized Access via Partial Update API on Another User’s Cipher
Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwardenrs. Prior to version 1.35.4, an authenticated regular user can specify another user’s cipherid and call "PUT /api/ciphers/id/partial" Even though the standard retrieval API correctly denies access...
CVE-2026-27898
Vaultwarden (unofficial Bitwarden-compatible server) is affected by CVE-2026-27898 prior to version 1.35.4. An authenticated regular user can specify another user’s cipher_id and call PUT /api/ciphers/{id}/partial; the endpoint returns 200 OK and exposes cipherDetails (name, notes, data, secureNo...
Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to a partial denial of service and a JNI function returning incorrect value length due to multiple vulnerabilities.
Summary IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i are vulnerable to an unauthenticated attacker performing a partial denial of service partial DOS CVE-2024-21208, CVE-2024-21217 and JNI function GetStringUTFLength returning incorrect value length when...
EUVD-2026-9504
Vaultwarden has Unauthorized Access via Partial Update API on Another User’s Cipher...
Vaultwarden has Unauthorized Access via Partial Update API on Another User’s Cipher
Summary In the test environment, it was confirmed that an authenticated regular user can specify another user’s cipherid and call: PUT /api/ciphers/id/partial Even though the standard retrieval API correctly denies access to that cipher, the partial update endpoint returns 200 OK and exposes...
GHSA-W9F8-M526-H7FH Vaultwarden has Unauthorized Access via Partial Update API on Another User’s Cipher
Summary In the test environment, it was confirmed that an authenticated regular user can specify another user’s cipherid and call: PUT /api/ciphers/id/partial Even though the standard retrieval API correctly denies access to that cipher, the partial update endpoint returns 200 OK and exposes...
PT-2026-23073
Name of the Vulnerable Software and Affected Versions Vaultwarden versions prior to 1.35.4 Description Vaultwarden, a Bitwarden compatible server, had a flaw where an authenticated user could access another user’s cipher details by specifying their cipher id in a "PUT" request to the...