Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tryton trytond vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2012-0215
model/modelstorage.py in the Tryton application framework (trytond) prior to 2.4.0 for Python does not properly restrict access to the Many2Many field in the relation model, which allows remote authenticated users to modify the privileges of arbitrary users via a (1) create, (2) ...
Tryton Trytond 2.0.5
Tryton Trytond 1.8.7
Tryton Trytond 1.4.13
Tryton Trytond 1.6.8
Tryton Trytond
5
CVSSv2
CVE-2012-2238
trytond 2.4: ModelView.button fails to validate authorization
Tryton Trytond
4
CVSSv2
CVE-2019-10868
In trytond/model/modelstorage.py in Tryton 4.2 prior to 4.2.21, 4.4 prior to 4.4.19, 4.6 prior to 4.6.14, 4.8 prior to 4.8.10, and 5.0 prior to 5.0.6, an authenticated user can order records based on a field for which he has no access right. This may allow the user to guess value...
Tryton Trytond
Debian Debian Linux 9.0
4
CVSSv2
CVE-2015-0861
model/modelstorage.py in trytond 3.2.x prior to 3.2.10, 3.4.x prior to 3.4.8, 3.6.x prior to 3.6.5, and 3.8.x prior to 3.8.1 allows remote authenticated users to bypass intended access restrictions and write to arbitrary fields via a sequence of records.
Tryton Trytond
Debian Debian Linux 8.0
5
CVSSv2
CVE-2022-26662
An XML Entity Expansion (XEE) issue exists in Tryton Application Platform (Server) 5.x up to and including 5.0.45, 6.x up to and including 6.0.15, and 6.1.x and 6.2.x up to and including 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x up to and includin...
Tryton Proteus
Tryton Trytond
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4
CVSSv2
CVE-2022-26661
An XXE issue exists in Tryton Application Platform (Server) 5.x up to and including 5.0.45, 6.x up to and including 6.0.15, and 6.1.x and 6.2.x up to and including 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x up to and including 5.0.11, 6.x up to and...
Tryton Proteus
Tryton Trytond
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
9
CVSSv2
CVE-2014-6633
The safe_eval function in trytond in Tryton prior to 2.4.15, 2.6.x prior to 2.6.14, 2.8.x prior to 2.8.11, 3.0.x prior to 3.0.7, and 3.2.x prior to 3.2.3 allows remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the collection.domain in the w...
Tryton Tryton
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started