Lucene search
K

1012 matches found

Cvelist
Cvelist
added 2026/06/21 1:26 p.m.28 views

CVE-2026-56239 Capgo - Privilege Escalation via SECURITY DEFINER Function apply_usage_overage

Capgo before 12.128.2 contains a potential privilege escalation vulnerability in the public.applyusageoverage SECURITY DEFINER function, which performs sensitive billing operations without enforcing internal authorization checks no validation of auth.uid, org membership, or checkminrights. Becaus...

7.6CVSS0.00199EPSS
Exploits0References2
CVE
CVE
added 2026/06/21 1:26 p.m.12 views

CVE-2026-56239

Capgo CVE-2026-56239 affects Capgo before 12.128.2. The vulnerability lies in the public.apply_usage_overage SECURITY DEFINER function, which performs billing operations without validating authorization (no auth.uid(), org membership, or check_min_rights). Because the function runs with the owner...

7.6CVSS6AI score0.00199EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/21 12:0 a.m.13 views

PT-2026-51222

Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description A broken row level security RLS policy in the org users table allows authenticated users to elevate their privileges from admin to super admin. This insufficient RLS enforcement enables attackers to...

7CVSS5.9AI score0.00246EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in htmldoc

A flaw was discovered in htmldoc version 1.9.12. A heap buffer overflow in the rendertablerow function, located in ps-pdf.cxx, may lead to arbitrary code execution and denial of service...

7.8CVSS8.2AI score0.01138EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in PostgresSQL 11

Row security policies ignore changes to user IDs after inline operations. PostgreSQL may allow incorrect policies to be applied in certain cases where role-specific policies are used, and where a given query is planned to be executed under one role and then executed under another role. This...

5.4CVSS6.6AI score0.00694EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in libpng1.6

LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.26 to 1.6.53, there was an integer truncation in the libpng simplified write API functions pngwriteimage16bit and pngwriteimage8bit, which caused...

7.8CVSS6.8AI score0.00114EPSS
Exploits0References2
RustSec
RustSec
added 2026/06/12 12:0 p.m.11 views

Panic on a `DataRow` with fewer fields than columns allows denial of service

A malicious or compromised server can send a row containing fewer fields than its row description declares columns. Reading one of the missing columns then panics with an out-of-bounds index, aborting the calling task. This affects even the otherwise non-panicking tryget, and both Row and...

5.3AI score
Exploits0Affected Software1
OSV
OSV
added 2026/06/12 12:0 p.m.23 views

RUSTSEC-2026-0178 Panic on a `DataRow` with fewer fields than columns allows denial of service

A malicious or compromised server can send a row containing fewer fields than its row description declares columns. Reading one of the missing columns then panics with an out-of-bounds index, aborting the calling task. This affects even the otherwise non-panicking tryget, and both Row and...

6.9CVSS5.4AI score
Exploits0References3
Cvelist
Cvelist
added 2026/06/08 7:13 p.m.35 views

CVE-2026-49141 WACRM Authorization Bypass via Automation Engine Endpoint

WACRM prior to commit 73041bf contain an authorization bypass vulnerability in the automation engine that allows authenticated attackers to access and modify contacts belonging to other tenants by supplying an arbitrary caller-controlled contactid in the POST request body without tenant ownership...

7.1CVSS0.00216EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/08 7:13 p.m.10 views

EUVD-2026-35194

WACRM prior to commit 73041bf contain an authorization bypass vulnerability in the automation engine that allows authenticated attackers to access and modify contacts belonging to other tenants by supplying an arbitrary caller-controlled contactid in the POST request body without tenant ownership...

7.1CVSS5.6AI score0.00216EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/08 3:31 p.m.10 views

CVE-2026-46478 Flowise: DatasetRow create+update mass-assignment allows cross-workspace row takeover

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, DatasetRow create and update mass-assignment allows cross-workspace row takeover. This issue has been patched in version 3.1.2...

7.7CVSS5.4AI score0.00342EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:31 p.m.7 views

CVE-2026-46478

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, DatasetRow create and update mass-assignment allows cross-workspace row takeover. This issue has been patched in version 3.1.2...

7.7CVSS5.4AI score0.00342EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.18 views

PT-2026-47450

Name of the Vulnerable Software and Affected Versions WACRM versions prior to commit 73041bf Description An authorization bypass exists in the automation engine that allows authenticated attackers to access and modify contacts belonging to other tenants. By providing an arbitrary contact id in th...

7.1CVSS5.6AI score0.00216EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.8 views

CVE-2026-34312

Vulnerability in the RDBMS component of Oracle Database Server. Supported versions that are affected are 19.3-19.30. Easily exploitable vulnerability allows high privileged attacker having Row Access Method privilege with network access via multiple protocols to compromise RDBMS. Successful attac...

2.4CVSS7.2AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.10 views

CVE-2026-0085

In applySimpleFieldMaxSize of DataRowHandler.java, there is a possible way to insert a large contact name due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.6AI score0.00071EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.12 views

CVE-2026-8669

Imager versions through 1.030 for Perl allow a heap out of bounds OOB write on crafted multi-frame GIF files. Imager::File::GIF's ireadgifmultilow allocates a single per-row buffer GifRow sized for the GIF's global screen width 'SWidth' and reuses it across every image in the file. The page-match...

6.5CVSS5.7AI score0.00321EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.10 views

CVE-2026-40902

PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0, the XLSX reader's ColumnAndRowAttributes::readRowAttributes method reads row numbers from XML attributes without validating them against the spreadsheet maximum row...

7.5CVSS5.5AI score0.00395EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/06/05 4:19 p.m.17 views

NocoDB: Stored Cross-Site Scripting via Row Comments

Summary An authenticated commenter could store HTML in row comments that executed as script when other users hovered over the comment in the expanded form view. Details The comment write paths persisted the raw comment body with no server-side sanitisation; the expanded-form sidebar then rendered...

7.4CVSS5.5AI score0.00288EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/05 4:19 p.m.7 views

GHSA-JF3G-4GWG-4H66 NocoDB: Stored Cross-Site Scripting via Row Comments

Summary An authenticated commenter could store HTML in row comments that executed as script when other users hovered over the comment in the expanded form view. Details The comment write paths persisted the raw comment body with no server-side sanitisation; the expanded-form sidebar then rendered...

7.4CVSS5.5AI score0.00288EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.16 views

PT-2026-47081

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.05.1 Description An authenticated commenter can store HTML in row comments that executes as a script when other users hover over the comment in the expanded form view. This occurs because comment write paths persi...

7.4CVSS5.9AI score0.00288EPSS
Exploits0References8
Rows per page
Query Builder