Lucene search
+L

31 matches found

RedhatCVE
RedhatCVE
added 2026/06/08 2:58 a.m.16 views

CVE-2026-11439

A vulnerability was found in theonedev onedev up to 15.0.5. Affected by this issue is some unknown functionality of the file /projects/ of the component Parent Project Handler. The manipulation of the argument project.parentId results in improper authorization. The attack may be performed from...

6.5CVSS6.1AI score0.00214EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/08 2:58 a.m.13 views

CVE-2026-11438

A vulnerability has been found in theonedev onedev up to 15.0.5. Affected by this vulnerability is an unknown functionality of the file /projects. The manipulation of the argument project.forkedFromId leads to improper authorization. The attack is possible to be carried out remotely. Upgrading to...

6.5CVSS6.1AI score0.00214EPSS
Exploits0References1
NVD
NVD
added 2026/06/06 6:16 p.m.18 views

CVE-2026-11439

A vulnerability was found in theonedev onedev up to 15.0.5. Affected by this issue is some unknown functionality of the file /projects/ of the component Parent Project Handler. The manipulation of the argument project.parentId results in improper authorization. The attack may be performed from...

6.5CVSS0.00214EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/06 5:45 p.m.11 views

CVE-2026-11441 theonedev Pull Request issues canAccessIssue improper authorization

A vulnerability was identified in theonedev onedev up to 15.0.5. This vulnerability affects the function canAccessIssue of the file /issues/ of the component Pull Request Handler. Such manipulation of the argument issue leads to improper authorization. It is possible to launch the attack remotely...

6.5CVSS6.3AI score0.00214EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/06 5:45 p.m.35 views

CVE-2026-11441 theonedev Pull Request issues canAccessIssue improper authorization

A vulnerability was identified in theonedev onedev up to 15.0.5. This vulnerability affects the function canAccessIssue of the file /issues/ of the component Pull Request Handler. Such manipulation of the argument issue leads to improper authorization. It is possible to launch the attack remotely...

6.5CVSS0.00214EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/06 5:45 p.m.8 views

CVE-2026-11441

A vulnerability was identified in theonedev onedev up to 15.0.5. This vulnerability affects the function canAccessIssue of the file /issues/ of the component Pull Request Handler. Such manipulation of the argument issue leads to improper authorization. It is possible to launch the attack remotely...

6.5CVSS5.2AI score0.00214EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/06/06 5:45 p.m.39 views

CVE-2026-11441

The CVE-2026-11441 affects Theonedev Onedev (up to 15.0.5) specifically the Pull Request Handler’s canAccessIssue function in the /issues/ path. The issue arises from manipulation of the issue argument, causing improper authorization. Exploitation is possible remotely. A fix is available in versi...

6.5CVSS5.2AI score0.00214EPSS
Exploits0References6
OSV
OSV
added 2026/06/06 5:45 p.m.4 views

CVE-2026-11441 theonedev Pull Request issues canAccessIssue improper authorization

A vulnerability was identified in theonedev onedev up to 15.0.5. This vulnerability affects the function canAccessIssue of the file /issues/ of the component Pull Request Handler. Such manipulation of the argument issue leads to improper authorization. It is possible to launch the attack remotely...

5.3CVSS6.2AI score0.00214EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/06 5:30 p.m.31 views

CVE-2026-11440 theonedev REST API default-branch improper authorization

A vulnerability was determined in theonedev onedev up to 15.0.5. This affects an unknown part of the file /repositories/projectId/default-branch of the component REST API. This manipulation of the argument project.defaultBranch causes improper authorization. It is possible to initiate the attack...

6.5CVSS0.00214EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/06 5:30 p.m.11 views

CVE-2026-11440 theonedev REST API default-branch improper authorization

A vulnerability was determined in theonedev onedev up to 15.0.5. This affects an unknown part of the file /repositories/projectId/default-branch of the component REST API. This manipulation of the argument project.defaultBranch causes improper authorization. It is possible to initiate the attack...

6.5CVSS6.3AI score0.00214EPSS
Exploits0References6
CVE
CVE
added 2026/06/06 5:30 p.m.31 views

CVE-2026-11440

The CVE-2026-11440 entry pertained to The Onedev onedev up to version 15.0.5. It involves the REST API path /repositories/{projectId}/default-branch where manipulating the project.defaultBranch argument leads to improper authorization. The issue could be exploited remotely. A fix is available in ...

6.5CVSS6.3AI score0.00214EPSS
Exploits0References6
OSV
OSV
added 2026/06/06 5:30 p.m.4 views

CVE-2026-11440 theonedev REST API default-branch improper authorization

A vulnerability was determined in theonedev onedev up to 15.0.5. This affects an unknown part of the file /repositories/projectId/default-branch of the component REST API. This manipulation of the argument project.defaultBranch causes improper authorization. It is possible to initiate the attack...

5.3CVSS5.6AI score0.00214EPSS
Exploits0References8
NVD
NVD
added 2026/06/06 5:16 p.m.16 views

CVE-2026-11438

A vulnerability has been found in theonedev onedev up to 15.0.5. Affected by this vulnerability is an unknown functionality of the file /projects. The manipulation of the argument project.forkedFromId leads to improper authorization. The attack is possible to be carried out remotely. Upgrading to...

6.5CVSS0.00214EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/06 5:15 p.m.32 views

CVE-2026-11439 theonedev Parent Project projects improper authorization

A vulnerability was found in theonedev onedev up to 15.0.5. Affected by this issue is some unknown functionality of the file /projects/ of the component Parent Project Handler. The manipulation of the argument project.parentId results in improper authorization. The attack may be performed from...

6.5CVSS0.00214EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/06 5:15 p.m.9 views

CVE-2026-11439 theonedev Parent Project projects improper authorization

A vulnerability was found in theonedev onedev up to 15.0.5. Affected by this issue is some unknown functionality of the file /projects/ of the component Parent Project Handler. The manipulation of the argument project.parentId results in improper authorization. The attack may be performed from...

6.5CVSS6.1AI score0.00214EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/06 5:15 p.m.8 views

CVE-2026-11439

A vulnerability was found in theonedev onedev up to 15.0.5. Affected by this issue is some unknown functionality of the file /projects/ of the component Parent Project Handler. The manipulation of the argument project.parentId results in improper authorization. The attack may be performed from...

6.5CVSS5AI score0.00214EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/06/06 5:15 p.m.3 views

CVE-2026-11439 theonedev Parent Project projects improper authorization

A vulnerability was found in theonedev onedev up to 15.0.5. Affected by this issue is some unknown functionality of the file /projects/ of the component Parent Project Handler. The manipulation of the argument project.parentId results in improper authorization. The attack may be performed from...

5.3CVSS5.5AI score0.00214EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/06 5:0 p.m.44 views

CVE-2026-11438 theonedev projects improper authorization

A vulnerability has been found in theonedev onedev up to 15.0.5. Affected by this vulnerability is an unknown functionality of the file /projects. The manipulation of the argument project.forkedFromId leads to improper authorization. The attack is possible to be carried out remotely. Upgrading to...

6.5CVSS0.00214EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/06 5:0 p.m.8 views

CVE-2026-11438

A vulnerability has been found in theonedev onedev up to 15.0.5. Affected by this vulnerability is an unknown functionality of the file /projects. The manipulation of the argument project.forkedFromId leads to improper authorization. The attack is possible to be carried out remotely. Upgrading to...

6.5CVSS5.1AI score0.00214EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/06 5:0 p.m.11 views

CVE-2026-11438 theonedev projects improper authorization

A vulnerability has been found in theonedev onedev up to 15.0.5. Affected by this vulnerability is an unknown functionality of the file /projects. The manipulation of the argument project.forkedFromId leads to improper authorization. The attack is possible to be carried out remotely. Upgrading to...

6.5CVSS6.1AI score0.00214EPSS
Exploits0References6
Rows per page
Query Builder