4 matches found
PT-2026-55600
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description A flaw allows a user to change the primary email address of another user. Recommendations Update to version 1.25.5 or later...
EUVD-2023-29229
Malicious code in bioql PyPI...
CVE-2023-25267
An issue was discovered in GFI Kerio Connect 9.4.1 patch 1 fixed in 10.0.0. There is a stack-based Buffer Overflow in the webmail component's 2FASetup function via an authenticated request with a long primaryEMailAddress field to the webmail/api/jsonrpc URI...
Insecure Direct Object Reference
github.com/gogs/gogs is vulnerable to insecure direct object reference. A remote attacker is able to configure and set the primary email address of other users on their behalf...