96 matches found
CVE-2026-49394
Frappe is a full-stack web application framework. Prior to 16.19.0, authorization bypass was possible via the updatepage endpoint in Workspace because public workspaces did not receive the required Workspace Manager edit check. This issue is fixed in version 16.19.0...
CVE-2026-49394
Frappe CVE-2026-49394: Before version 16.19.0, authorization bypass was possible via the update_page endpoint in Workspace because the Workspace Manager edit check was not enforced for public workspaces. The issue is fixed in 16.19.0. The CVSS metrics indicate a NETWORK attack vector, LOW access ...
CVE-2026-49394 Frappe: Auth. bypass via update_page
Frappe is a full-stack web application framework. Prior to 16.19.0, authorization bypass was possible via the updatepage endpoint in Workspace because public workspaces did not receive the required Workspace Manager edit check. This issue is fixed in version 16.19.0...
CVE-2026-57296
Jenkins External Workspace Manager Plugin 1.3.2 and earlier does not reject path traversal sequences in the custom workspace path provided to the exwsAllocate Pipeline step, allowing attackers with Item/Configure permission to read arbitrary files on the Jenkins controller file system, which can...
CVE-2026-57296
Jenkins External Workspace Manager Plugin 1.3.2 and earlier does not reject path traversal sequences in the custom workspace path provided to the exwsAllocate Pipeline step, allowing attackers with Item/Configure permission to read arbitrary files on the Jenkins controller file system, which can...
CVE-2026-57296
CVE-2026-57296 - Jenkins External Workspace Manager Plugin : Affected: Jenkins External Workspace Manager Plugin 1.3.2 and earlier. Description: the exwsAllocate pipeline step accepts a custom workspace path without rejecting path traversal sequences, enabling attackers with Item/Configure permis...
EUVD-2026-38777
Jenkins External Workspace Manager Plugin 1.3.2 and earlier does not reject path traversal sequences in the custom workspace path provided to the exwsAllocate Pipeline step, allowing attackers with Item/Configure permission to read arbitrary files on the Jenkins controller file system, which can...
EUVD-2015-4942
Malware in sbrugna...
EUVD-2014-6457
Malware in sbrugna...
EUVD-2009-0969
Malware in sbrugna...
EUVD-2009-1019
Malware in sbrugna...
EUVD-2009-0972
Malware in sbrugna...
EUVD-2009-1959
Malware in sbrugna...
EUVD-2009-0983
Malware in sbrugna...
EUVD-2009-0973
Malware in sbrugna...
EUVD-2007-5485
Malware in sbrugna...
SUSE CVE-2015-4925
Unspecified vulnerability in the Workspace Manager component in Oracle Database Server 11.2.0.4 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...
Ivanti Workspace Manager Security Bypass Vulnerability
Ivanti Workspace Manager Security Bypass Vulnerability Rem Remarks CVE-2019-10885 - 0day Rem An issue was discovered in Ivanti Workspace Control before 10.3.90.0. Local authenticated Rem users with low privileges in a Workspace Control managed session can bypass Workspace Control Rem security...
Ivanti Workspace Manager Security Bypass
Rem Remarks CVE-2019-10885 - 0day Rem An issue was discovered in Ivanti Workspace Control before 10.3.90.0. Local authenticated Rem users with low privileges in a Workspace Control managed session can bypass Workspace Control Rem security features configured for this session by resetting the...
The vulnerability of the Oracle Database database management system allows a hacker to execute arbitrary code.
The vulnerability of the Workspace Manager component of the Oracle Database management system is related to errors in the code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely through network packets...