Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

OSV
OSVadded last week5 views

GHSA-R9G5-7Q8J-958C FUXA provides guest and invalid-token access to protected read APIs in secure mode

Summary When secureEnabled=true, FUXA 1.3.0-2773 still allows guest and invalid-token requests to read project, alarms, and scheduler APIs. Details In secure mode, requests with no token or an explicitly invalid token were still able to access protected read endpoints. Confirmed behavior: - guest...

6.9CVSS5.9AI score
Exploits0References3
Github Security Blog
Github Security Blogadded last week7 views

FUXA provides guest and invalid-token access to protected read APIs in secure mode

Summary When secureEnabled=true, FUXA 1.3.0-2773 still allows guest and invalid-token requests to read project, alarms, and scheduler APIs. Details In secure mode, requests with no token or an explicitly invalid token were still able to access protected read endpoints. Confirmed behavior: - guest...

5.9AI score
Exploits0References3Affected Software1
Positive Technologies
Positive Technologiesadded 2026/05/28 12:0 a.m.6 views

PT-2026-44733

Name of the Vulnerable Software and Affected Versions FUXA version 1.3.0-2773 Description When secureEnabled is set to true, the software fails to properly restrict access to protected read endpoints. Requests made without a token or with an invalid token are treated as guest contexts rather than...

6.9CVSS5.8AI score
Exploits0References6
RedhatCVE
RedhatCVEadded 2025/05/23 8:48 a.m.1 views

CVE-2024-31404

Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0, which may allow a user who can log in to the product to view the data of Scheduler...

4.3CVSS5.2AI score0.00494EPSS
Exploits0References1
OSV
OSVadded 2024/06/11 5:15 a.m.0 views

CVE-2024-31404

Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0, which may allow a user who can log in to the product to view the data of Scheduler...

4.3CVSS5.8AI score0.00494EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/06/11 4:27 a.m.14 views

CVE-2024-31404

Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0, which may allow a user who can log in to the product to view the data of Scheduler...

6.6AI score0.00494EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2022/08/18 8:15 a.m.1 views

CVE-2022-32583

Operation restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to alter the data of Scheduler via unspecified vectors...

4.3CVSS5.9AI score0.00203EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2022/08/18 8:15 a.m.0 views

CVE-2022-25986

Browse restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Scheduler...

4.3CVSS6AI score0.00177EPSS
Exploits0References3Affected Software1
CNNVD
CNNVDadded 2022/07/20 12:0 a.m.2 views

Cybozu Office 安全漏洞

Cybozu Office is a web-based, cross-platform collaborative office solution from Cybozu. A security vulnerability exists in Cybozu Office that originates from an improperly restricted operation in the scheduler and can be exploited by a remote attacker to alter data in the scheduler...

4.3CVSS5.4AI score0.00203EPSS
Exploits0References5
Rows per page
Query Builder