CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

350 matches found

CVE-2026-48189

An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and CustomerGroupSupport has to be used to be affected. This issue affects OTRS: 7.0.X 8.0.X 2023.X...

5.7CVSS0.00031EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в samba, heimdal

A null pointer de-reference was detected in the way the Samba Kerberos server handled the absence of the sname in the TGS-REQ Ticket Granting Server – Request. A authenticated user could exploit this flaw to crash the Samba server...

6.5CVSS6.4AI score0.05139EPSS

Exploits0References2

EUVD•added 2026/03/23 9:30 p.m.•1 views

EUVD-2025-208946

A Cross-Site Scripting XSS vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter...

5.8AI score0.00013EPSS

Exploits1References4

RedhatCVE•added 2026/01/09 10:27 a.m.•8 views

CVE-2008-7277

Open Ticket Request System OTRS before 2.3.0-beta4 checks for the rw permission, instead of the configured merge permission, during authorization of merge operations, which might allow remote authenticated users to bypass intended access restrictions by merging two tickets...

6.5CVSS6.7AI score0.00196EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:27 a.m.•4 views

CVE-2008-7283

Open Ticket Request System OTRS before 2.2.6, when customer group support is enabled, allows remote authenticated users to bypass intended access restrictions and perform web-interface updates to tickets by leveraging queue read permissions...

6CVSS6.5AI score0.00135EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:18 a.m.•3 views

CVE-2019-18179

An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker doesn'...

4.3CVSS6.6AI score0.00403EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:30 a.m.•6 views

CVE-2019-16375

An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.11, and Community Edition 5.0.x through 5.0.37 and 6.0.x through 6.0.22. An attacker who is logged in as an agent or customer user with appropriate permissions can create a carefully crafted string containing malicious...

5.4CVSS6.8AI score0.00647EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:29 a.m.•4 views

CVE-2019-12497

An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. In the customer or external frontend, personal information of agents e.g., Name and mail address can be disclosed in external notes...

5.3CVSS6.6AI score0.00586EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-19114

Malware in sbrugna...

4.8CVSS4.9AI score0.00403EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-2126

Malware in sbrugna...

4.3CVSS4.6AI score0.00197EPSS

Exploits0References3