Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/06/12 2:43 p.m.25 views

CVE-2026-50026 Frappe: Lack of permissions checks in 'relink' and 'set_email_password' endpoints

Frappe is a full-stack web application framework. Prior to versions 15.107.0 and 16.17.0, a lack of permission checks in these endpoints allowed unauthorized access to resources. This issue has been patched in versions 15.107.0 and 16.17.0...

6.9CVSS0.0026EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.8 views

Decidim 安全漏洞

Decidim is an open-source participatory democracy framework developed using Ruby on Rails. Versions of Decidim from 0.0.1 to 0.30.5 and 0.31.1 contained security vulnerabilities. These vulnerabilities stemmed from the lack of permission checks for the commentable fields in the API, which could...

7.5CVSS5.8AI score0.00287EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/11 6:34 p.m.3 views

EUVD-2026-11292

Frappe is a full-stack web application framework. Prior to 14.100.2, 15.101.0, and 16.10.0, due to a lack of validation and improper permission checks, users could modify other user's private workspaces. Specially crafted requests could lead to stored XSS here. This vulnerability is fixed in...

5.1CVSS5.8AI score0.00136EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/23 1:2 p.m.11 views

CVE-2025-10184 OnePlus OxygenOS Telephony provider permission bypass

The vulnerability allows any application installed on the device to read SMS/MMS data and metadata from the system-provided Telephony provider without permission, user interaction, or consent. The user is also not notified that SMS data is being accessed. This could lead to sensitive information...

8.2CVSS0.0367EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/01 12:0 a.m.7 views

PT-2024-30349 · Unknown · Masteriyo - Lms

Name of the Vulnerable Software and Affected Versions: Masteriyo - LMS versions 1.11.4 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For Masteriyo - LMS versions 1.11....

7.5CVSS6.5AI score0.00515EPSS
Exploits0References4
Rows per page
Query Builder