4 matches found
EUVD-2026-28517
Kimai has an arbitrary file read in its invoice PDF renderer admin...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization through the TimesheetVoter::voteOnAttribute process. An attacker can access, modify, or delete timesheet records belonging to users outside their team by sending crafted API requests with sufficient privileges...
CVE-2026-3816
A security vulnerability has been detected in OWASP DefectDojo up to 2.55.4. This vulnerability affects the function inputzip.read of the file parser.py of the component SonarQubeParser/MSDefenderParser. The manipulation leads to denial of service. The attack can be initiated remotely. The exploi...
Amazon Linux 2 : libsoup (ALAS-2024-2705)
The version of libsoup installed on the remote host is prior to 2.56.0-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2705 advisory. GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of...