Lucene search
K

96 matches found

NVD
NVD
added 5 days ago10 views

CVE-2026-49394

Frappe is a full-stack web application framework. Prior to 16.19.0, authorization bypass was possible via the updatepage endpoint in Workspace because public workspaces did not receive the required Workspace Manager edit check. This issue is fixed in version 16.19.0...

7.1CVSS0.00307EPSS
Exploits0References6
CVE
CVE
added 5 days ago13 views

CVE-2026-49394

Frappe CVE-2026-49394: Before version 16.19.0, authorization bypass was possible via the update_page endpoint in Workspace because the Workspace Manager edit check was not enforced for public workspaces. The issue is fixed in 16.19.0. The CVSS metrics indicate a NETWORK attack vector, LOW access ...

7.1CVSS6.1AI score0.00307EPSS
Exploits0References6
OSV
OSV
added 5 days ago4 views

CVE-2026-49394 Frappe: Auth. bypass via update_page

Frappe is a full-stack web application framework. Prior to 16.19.0, authorization bypass was possible via the updatepage endpoint in Workspace because public workspaces did not receive the required Workspace Manager edit check. This issue is fixed in version 16.19.0...

7.1CVSS6.1AI score0.00307EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.31 views

CVE-2026-57296

Jenkins External Workspace Manager Plugin 1.3.2 and earlier does not reject path traversal sequences in the custom workspace path provided to the exwsAllocate Pipeline step, allowing attackers with Item/Configure permission to read arbitrary files on the Jenkins controller file system, which can...

0.00595EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:20 p.m.6 views

CVE-2026-57296

Jenkins External Workspace Manager Plugin 1.3.2 and earlier does not reject path traversal sequences in the custom workspace path provided to the exwsAllocate Pipeline step, allowing attackers with Item/Configure permission to read arbitrary files on the Jenkins controller file system, which can...

8.8CVSS6.3AI score0.00595EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 1:20 p.m.19 views

CVE-2026-57296

CVE-2026-57296 - Jenkins External Workspace Manager Plugin : Affected: Jenkins External Workspace Manager Plugin 1.3.2 and earlier. Description: the exwsAllocate pipeline step accepts a custom workspace path without rejecting path traversal sequences, enabling attackers with Item/Configure permis...

8.8CVSS6.3AI score0.00595EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 1:20 p.m.13 views

EUVD-2026-38777

Jenkins External Workspace Manager Plugin 1.3.2 and earlier does not reject path traversal sequences in the custom workspace path provided to the exwsAllocate Pipeline step, allowing attackers with Item/Configure permission to read arbitrary files on the Jenkins controller file system, which can...

8.8CVSS6.3AI score0.00595EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-4942

Malware in sbrugna...

6.5CVSS7.5AI score0.01652EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-6457

Malware in sbrugna...

6.5CVSS5.4AI score0.01896EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-0969

Malware in sbrugna...

6.5CVSS6.3AI score0.01442EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-1019

Malware in sbrugna...

5.5CVSS6.2AI score0.02219EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-0972

Malware in sbrugna...

5.5CVSS6.1AI score0.01744EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-1959

Malware in sbrugna...

5.5CVSS6.3AI score0.02219EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2009-0983

Malware in sbrugna...

5.4CVSS6.3AI score0.01377EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2009-0973

Malware in sbrugna...

5.5CVSS6.3AI score0.01444EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-5485

Malware in sbrugna...

6.5CVSS6.2AI score0.02032EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:16 a.m.5 views

SUSE CVE-2015-4925

Unspecified vulnerability in the Workspace Manager component in Oracle Database Server 11.2.0.4 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

6.5CVSS7AI score0.01652EPSS
Exploits0References3
0day.today
0day.today
added 2020/03/19 12:0 a.m.300 views

Ivanti Workspace Manager Security Bypass Vulnerability

Ivanti Workspace Manager Security Bypass Vulnerability Rem Remarks CVE-2019-10885 - 0day Rem An issue was discovered in Ivanti Workspace Control before 10.3.90.0. Local authenticated Rem users with low privileges in a Workspace Control managed session can bypass Workspace Control Rem security...

7.8CVSS0.3AI score0.01043EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/03/18 12:0 a.m.276 views

Ivanti Workspace Manager Security Bypass

Rem Remarks CVE-2019-10885 - 0day Rem An issue was discovered in Ivanti Workspace Control before 10.3.90.0. Local authenticated Rem users with low privileges in a Workspace Control managed session can bypass Workspace Control Rem security features configured for this session by resetting the...

4.6CVSS0.2AI score0.01043EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2016/01/26 12:0 a.m.6 views

The vulnerability of the Oracle Database database management system allows a hacker to execute arbitrary code.

The vulnerability of the Workspace Manager component of the Oracle Database management system is related to errors in the code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely through network packets...

6.5CVSS7.6AI score0.01652EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder