Lucene search
K

25 matches found

RedhatCVE
RedhatCVE
added 2026/06/22 1:43 p.m.9 views

CVE-2026-52908

A flaw was found in the Linux kernel. This vulnerability occurs during the re-registration of a Remote Direct Memory Access RDMA memory region. If the memory's access permissions are changed from read-only to read-write, the system may fail to properly update and secure the underlying user memory...

7.8CVSS5.6AI score0.00129EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/27 5:34 p.m.8 views

Improperly Implemented Security Check for Standard

Overview Affected versions of this package are vulnerable to Improperly Implemented Security Check for Standard due to improper enforcement of security rules during concurrent execution of Security Mode Command and N2 handover procedures. An attacker can cause handover failures and disrupt networ...

3.7CVSS5.9AI score0.00134EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/27 5:34 p.m.7 views

Improperly Implemented Security Check for Standard

Overview Affected versions of this package are vulnerable to Improperly Implemented Security Check for Standard due to improper enforcement of security rules during concurrent execution of Security Mode Command and N2 handover procedures. An attacker can cause handover failures and disrupt networ...

3.7CVSS5.9AI score0.00134EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/27 5:34 p.m.8 views

Improperly Implemented Security Check for Standard

Overview Affected versions of this package are vulnerable to Improperly Implemented Security Check for Standard due to improper enforcement of security rules during concurrent execution of Security Mode Command and N2 handover procedures. An attacker can cause handover failures and disrupt networ...

3.7CVSS5.9AI score0.00134EPSS
Exploits0References2
Veracode
Veracode
added 2026/05/16 5:53 a.m.14 views

Improper Authentication

Shopware is vulnerable to Improper Authentication. The vulnerability is due to insufficient validation and binding of shop installations to their original domains during app re-registration, which allows an attacker to hijack app communication and obtain API credentials intended for legitimate...

8.9CVSS5.8AI score0.00267EPSS
Exploits0References3Affected Software2
RedhatCVE
RedhatCVE
added 2026/05/06 2:43 p.m.8 views

CVE-2026-43120

A flaw was found in the Linux kernel's RDMA Remote Direct Memory Access irdma driver. This vulnerability, a double free, occurs during the re-registration of user memory regions. If an internal memory re-registration operation fails, the system attempts to free the same memory twice. This could...

7.8CVSS5.8AI score0.00122EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/11 8:42 p.m.4 views

User Impersonation

Overview shopware/platform is a Shopware e-commerce core. Affected versions of this package are vulnerable to User Impersonation in the app registration process. An attacker can gain unauthorized access to sensitive API credentials by exploiting the ability to update the shop-url during...

8.9CVSS5.8AI score0.00267EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/11 8:42 p.m.3 views

User Impersonation

Overview shopware/core is a Shopware platform is the core for all Shopware ecommerce products. Affected versions of this package are vulnerable to User Impersonation in the app registration process. An attacker can gain unauthorized access to sensitive API credentials by exploiting the ability to...

8.9CVSS5.8AI score0.00267EPSS
Exploits0References2
OSV
OSV
added 2026/03/11 7:24 p.m.14 views

GHSA-C4P7-RWRG-PF6P Shopware vulnerable to a potential take over of app credentials

Summary We identified and fixed a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the communication channel between a shop and an app. By abusing app re‑registration, an attacker could redirect app traffic to an...

8.9CVSS5.8AI score0.00267EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/11 6:56 p.m.2 views

CVE-2026-31889 Shopware has a potential take over of app credentials

Shopware is an open commerce platform. Prior to 6.6.10.15 and 6.7.8.1, a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the communication channel between a shop and an app. The legacy app registration flow used HMAC‑based...

8.9CVSS5.8AI score0.00267EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/11 6:56 p.m.2 views

CVE-2026-31889

Shopware is an open commerce platform. Prior to 6.6.10.15 and 6.7.8.1, a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the communication channel between a shop and an app. The legacy app registration flow used HMAC‑based...

8.9CVSS5.8AI score0.00267EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2026/03/11 6:56 p.m.4 views

CVE-2026-31889 Shopware has a potential take over of app credentials

Shopware is an open commerce platform. Prior to 6.6.10.15 and 6.7.8.1, a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the communication channel between a shop and an app. The legacy app registration flow used HMAC‑based...

8.9CVSS5.8AI score0.00267EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.6 views

PT-2026-24795

Shopware is an open commerce platform. Prior to 6.6.10.15 and 6.7.8.1, a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the communication channel between a shop and an app. The legacy app registration flow used HMAC‑based...

8.9CVSS5.8AI score0.00267EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2026/01/22 12:12 p.m.4 views

Security update for keylime

This update for keylime fixes the following issues: CVE-2025-13609: avoid re-registration of clients with same UUID but with different TPM identity bsc1254199. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

9.1CVSS5.5AI score0.0038EPSS
Exploits0References4
OSV
OSV
added 2026/01/22 12:11 p.m.2 views

SUSE-SU-2026:0217-1 Security update for keylime

This update for keylime fixes the following issues: - CVE-2025-13609: avoid re-registration of clients with same UUID but with different TPM identity bsc1254199...

8.2CVSS5.8AI score0.0038EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2004-2380

Malware in sbrugna...

5CVSS6.4AI score0.01752EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2025/05/14 12:0 a.m.6 views

The vulnerability of Elber Communications Equipment’s software products lies in their ability to bypass the authentication process by using an alternative path or channel. This allows attackers to circumvent the authentication procedures.

The vulnerability of Elber Communications Equipment’ software products relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent the authentication process and re-register user credentials...

10CVSS5.5AI score0.03797EPSS
Exploits1References4Affected Software5
Citrix
Citrix
added 2024/10/04 12:0 a.m.6 views

Migration of Android Devices registered via GCM to FCM

There is no automatic update from Azure Notification Hub or Google Push Notification Service to migrate Android clients from the FCM legacy protocol to the latest FCMv1 protocol. As a result, affected users will need to manually re-register their devices with NetScaler Gateway. Please refer to th...

7.4AI score
Exploits0
Citrix
Citrix
added 2023/10/27 12:0 a.m.6 views

How to re-register device profile on Citrix Cloud ADM for the Citrix cloud hosted Netscalers

How to re-register device profile on Citrix Cloud ADM for the Citrix cloud hosted Netscalers...

7.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/01/12 12:0 a.m.6 views

The vulnerability of the NPM package manager’s library `@npmcli/arborist` allows a attacker to re-record files by manipulating symbolic links.

The vulnerability of the NPM package manager’s library @npmcli/arborist is related to errors that occur when running the npm install --ignore-scripts command. Exploiting this vulnerability could allow an attacker to re-register files by manipulating symbolic links...

8.6CVSS7AI score0.00553EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder