Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.8 views

CVE-2026-42320

GLPI is a free asset and IT management software package. Starting in version 0.50 and prior to versions 10.0.25 and 11.0.7, a technician can read arbitrary files inside the GLPIDOCDIR. Upgrade to 10.0.25 or 11.0.7 to receive a patch...

5.9CVSS5.6AI score0.00239EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-42317

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, a technician can delete arbitrary...

7CVSS5.7AI score0.00346EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/03 3:17 p.m.42 views

CVE-2026-42318 GLPI Vulnerable to Arbitrary Item Deletion via Planning Endpoint

GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 10.0.25 and 11.0.7, low privilege users with access to planning can delete any object in GLPI. Upgrade to 11.0.7 or 10.0.25 to receive a patch. As a workaround, disable delete rights for User'...

7CVSS0.00291EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 3:16 p.m.17 views

CVE-2026-42317

Product: GLPIVulnerability: Arbitrary files deletion by a technicianAffected versions: from 0.78 up to, but not including, 10.0.25 and 11.0.7Root cause/condition: Webserver must have write rights on the target files; a logged-in technician can delete arbitrary files from the filesystemImpact (as ...

7CVSS5.9AI score0.00346EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 7:7 p.m.3 views

CVE-2025-5115 MadeYouReset HTTP/2 vulnerability

In Eclipse Jetty, versions =9.4.57, =10.0.25, =11.0.25, =12.0.21, =12.1.0.alpha2, an HTTP/2 client may trigger the server to send RSTSTREAM frames, for example by sending frames that are malformed or that should not be sent in a particular stream state, therefore forcing the server to consume...

7.7CVSS7AI score0.01567EPSS
Exploits0References7
Rows per page
Query Builder