Lucene search
K

4 matches found

NVD
NVD
added 2026/06/23 9:16 p.m.7 views

CVE-2026-46549

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the OAuth token strategy attached oauthscope and oauthgrantedresources to the request user, but the ACL middleware never consulted either. An OAuth token issued with a restricted scope e.g. MCP-only therefore inherited...

2CVSS0.00151EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/28 7:47 p.m.43 views

CVE-2023-39348 Improper log output when using GitHub Status Notifications in spinnaker

Spinnaker is an open source, multi-cloud continuous delivery platform. Log output when updating GitHub status is improperly set to FULL always. It's recommended to apply the patch and rotate the GitHub token used for github status notifications. Given that this would output github tokens to a log...

4CVSS5.4AI score0.00324EPSS
Exploits0References2
GoogleProjectZero
GoogleProjectZero
added 2020/04/21 12:0 a.m.51 views

You Won't Believe what this One Line Change Did to the Chrome Sandbox

Posted by James Forshaw, Project Zero The Chromium sandbox on Windows has stood the test of time. It’s considered one of the better sandboxing mechanisms deployed at scale without requiring elevated privileges to function. For all the good, it does have its weaknesses. The main one being the...

8.8CVSS8.5AI score0.01243EPSS
Exploits0
OSV
OSV
added 2018/02/08 7:29 a.m.5 views

CVE-2018-0119

A vulnerability in certain authentication controls in the account services of Cisco Spark could allow an authenticated, remote attacker to interact with and view information on an affected device that would normally be prohibited. The vulnerability is due to the improper display of user-account...

4.7CVSS5.8AI score0.01008EPSS
Exploits0References2
Rows per page
Query Builder