Export limit exceeded: 362460 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (3187 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-53642 | 1 Fossbilling | 1 Fossbilling | 2026-07-07 | N/A |
| FOSSBilling is a free, open-source billing and client management system. In versions 0.5.6 through 0.7.2, when the "Require Email Confirmation" setting is enabled, a logged-in client with an unverified email address (`email_approved = 0`) can access all client-area pages (e.g. `/client/balance`, `/client/order/list`, `/client/invoice`) and read real account data, including wallet balances and transaction history. The API-side enforcement correctly restricts unverified clients to only profile-related endpoints, but the page-side enforcement is overly permissive, allowing any request whose path starts with `/client`. Version 0.8.0 contains a fix. No known workarounds that don't involve modifying the source code are available. | ||||
| CVE-2026-54765 | 1 Traefik | 1 Traefik | 2026-07-07 | N/A |
| Traefik is an open source HTTP reverse proxy and load balancer. From v3.7.0 prior to v3.7.6, Traefik's Kubernetes Gateway API provider may resolve two accepted HTTPRoutes that target the same backend Service:port but configure different backendRef filters to the same child service and apply only one route's filter set to all requests reaching that backend. In Gateway deployments where backendRef filters set security-sensitive headers, such as tenant identity, authorization context, or values the backend trusts, an attacker who can create an accepted HTTPRoute sharing the same backend Service:port may cause their route's filter context to be applied to another route's requests, potentially crossing namespace boundaries when a ReferenceGrant permits cross-namespace targeting. This issue is fixed in version v3.7.6. | ||||
| CVE-2026-56842 | 1 Ubiquiti | 1 Unifi Network Application | 2026-07-06 | 7.5 High |
| A malicious actor with access to the network and under certain conditions could exploit an Incorrect Authorization vulnerability found in UniFi Network Application to persist privileges within UniFi Network Application after such access had been removed. | ||||
| CVE-2026-42331 | 1 Fossbilling | 1 Fossbilling | 2026-07-06 | N/A |
| FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the Guest API invoice/update endpoint is missing an authorization check present in other invoice-related endpoints, allowing an unauthenticated user with knowledge of an invoice hash to modify the payment gateway associated with an unpaid invoice. An attacker who obtains an invoice hash, which may leak through shared URLs, referrer headers, or email links, can change the `gateway_id` on an unpaid invoice to any payment gateway configured in the system. This does not allow redirecting payments to an arbitrary external endpoint, as the gateway must already be installed and configured by an administrator. The practical impact is further limited by the `invoice_accessible_from_hash` system setting. Version 0.8.0 contains a patch. No known workarounds are available. | ||||
| CVE-2026-32718 | 1 Coollabsio | 1 Coolify | 2026-07-06 | 6.5 Medium |
| Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.466, mutating API validation endpoints are guarded by read ability, allowing read-scoped API tokens to perform state-changing operations such as validating cloud tokens and servers. This issue is fixed in version 4.0.0-beta.466. | ||||
| CVE-2026-53902 | 1 Mycomplianceoffice | 1 Mco | 2026-07-06 | N/A |
| MCO does not properly enforce authorization checks in the /customer/servlet/mco/webapi/profile-sections/group-membership endpoint. An authenticated user can modify their group membership without proper authorization checks, allowing privilege escalation. An attacker can add themselves to arbitrary groups by supplying a valid group ID, which can be obtained via other application functionalities (e.g. /customer/servlet/mco/webapi/group/picker/groups), provided he has necessary permissions, or potentially inferred through brute-force techniques. Because vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 25.3.3.1 but may also affect other versions. | ||||
| CVE-2026-53905 | 1 Mycomplianceoffice | 1 Mco | 2026-07-06 | N/A |
| MCO does not properly enforce authorization checks in the /customer/servlet/mco/webapi/admin-view-hierarchy/get-acl-tree-structure endpoint. An authenticated, low-privileged user can retrieve administrator access control structures without proper authorization checks. This may expose sensitive permission mappings and internal configuration details. Because vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 25.3.3.1 but may also affect other versions. | ||||
| CVE-2026-26231 | 1 Gitea | 1 Gitea Open Source Git Server | 2026-07-06 | 8.5 High |
| Gitea versions up to and including 1.26.1 allow the Allow edits from maintainers permission path to authorize commits to repositories that the user can read but should not be able to write. | ||||
| CVE-2026-27761 | 1 Gitea | 1 Gitea Open Source Git Server | 2026-07-06 | 4.3 Medium |
| Gitea versions up to and including 1.26.2 allow repository RSS and Atom feed endpoints to bypass API access token scope checks, exposing private repository commit data to tokens without the required repository scope. | ||||
| CVE-2026-27775 | 1 Gitea | 1 Gitea Open Source Git Server | 2026-07-06 | 8.8 High |
| Gitea 1.25.5 caches a branch-specific write-permission result across multiple refs in one pre-receive hook session, allowing a per-branch maintainer-edit grant to be reused for other refs and escalate to full repository write access. | ||||
| CVE-2026-27780 | 1 Gitea | 1 Gitea Open Source Git Server | 2026-07-06 | 9.8 Critical |
| Gitea versions before 1.26.0 do not fail closed on bufio.Scanner errors while processing pre-receive hook input, allowing oversized input to bypass branch-protection checks. | ||||
| CVE-2026-28699 | 1 Gitea | 1 Gitea Open Source Git Server | 2026-07-06 | 8.1 High |
| Gitea versions up to and including 1.26.1 allow OAuth2 access token scope enforcement to be bypassed through HTTP Basic authentication. | ||||
| CVE-2026-28740 | 1 Gitea | 1 Gitea Open Source Git Server | 2026-07-06 | 7.1 High |
| Gitea versions up to and including 1.26.2 allow Git LFS object reuse to authorize private source objects for users who have repository access but lack Code-unit access. | ||||
| CVE-2026-28744 | 1 Gitea | 1 Gitea Open Source Git Server | 2026-07-06 | 8.1 High |
| Gitea versions up to and including 1.26.1 allow Git smart HTTP requests authenticated with bearer tokens to bypass repository token scope checks. | ||||
| CVE-2026-58424 | 1 Gitea | 1 Gitea Open Source Git Server | 2026-07-06 | 8.9 High |
| Permanent Fork PR Workflow Approval Gate Bypass | ||||
| CVE-2026-46730 | 1 Dell | 1 Powerprotect Data Domain | 2026-07-06 | 4.2 Medium |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect authorization vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized command execution. | ||||
| CVE-2026-54998 | 1 Microsoft | 1 Exchange Online | 2026-07-06 | 8.8 High |
| Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-30689 | 1 Anjoy8 | 1 Blog.admin | 2026-07-06 | 4.3 Medium |
| In Blog.Core through bcb4d17, the getinfobytoken API interface contains improper access control that leads to sensitive data exposure. Unauthorized parties can obtain sensitive administrator account information via a valid token, threatening system security. NOTE: Blog.Admin is related front-end code that does not offer an API service. | ||||
| CVE-2026-14716 | 1 Nextlevelbuilder | 1 Goclaw | 2026-07-05 | 6.3 Medium |
| A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.13.0-beta.2. Impacted is the function MethodRouter.Handle of the file internal/gateway/router.go of the component WebSocket RPC Handler. Such manipulation leads to incorrect authorization. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report. | ||||
| CVE-2024-44667 | 1 Shenzhen Haichangxing Technology | 1 Hcx H822 Firmware | 2026-07-05 | 8 High |
| Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2_v1.0.1557.15.35_P0 is vulnerable to Incorrect Access Control. Unauthenticated factory mode reset and command injection leads to information exposure and root shell access. | ||||