3 matches found
CVE-2026-59946
CVE-2026-59946 affects Composer (PHP dependency manager). A bin entry containing trailing .. path segments could resolve outside the package install directory, enabling the binary installation flow to chmod an existing host file to world-readable/world-executable during composer install, update, ...
com.adobe.ride:ride-core (>=1.0.3 <=2.0.0), com.adobe.ride:ride-fuzzer-lib (=2.0.0) +72 more potentially affected by CVE-2023-34610 via com.cedarsoftware:json-io (>=2.2.29 <=4.14.0)
com.cedarsoftware:json-io MAVEN version =2.2.29, =1.0.3, =1.0.3, =1.2.0, =1.0.0, =4.101.0, =4.101.0, =2.0.0, =0.0.1, =2.0.602, =1.4.0-60, =1.2.0-43, =1.0.0-4, =1.0.0-4, =1.1.0-94, =1.2.0-165 and more Source cves: CVE-2023-34610 Source advisory: OSV:GHSA-779H-3R69-4F5P...
BigBlueButton Email Authentication Bypass Vulnerability
BigBlueButton is BigBlueButton community of a set of open source Web conferencing system . An email authentication bypass vulnerability exists in BigBlueButton 2.2.29 and earlier versions. An attacker who can view accountactivations/edit?token= URI can exploit this vulnerability to create approve...