Lucene search
+L

117 matches found

euvd
euvd
added 2026/07/07 11:15 a.m.5 views

EUVD-2026-42035

Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in HAVELSAN Inc. Liman MYS allows LDAP Injection. This issue affects Liman MYS: before release.Master.1107...

8.8CVSS5.9AI score0.00355EPSS
Exploits0References1
cve
cve
added 2026/07/07 11:15 a.m.11 views

CVE-2026-13696

HAVELSAN Inc. Liman MYS is affected by CVE-2026-13696 due to improper neutralization of special elements in LDAP queries (LDAP injection) in versions prior to release.Master.1107. The issue enables network-based LDAP injection with high impact on confidentiality, integrity, and availability (CVSS...

8.8CVSS5.9AI score0.00355EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/07/07 11:1 a.m.9 views

CVE-2026-11340

Missing Authorization vulnerability in HAVELSAN Inc. Liman MYS allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Liman MYS: before release.Master.1107...

8.3CVSS5.9AI score0.00195EPSS
Exploits0References2
cve
cve
added 2026/07/07 11:1 a.m.25 views

CVE-2026-11340

CVE-2026-11340 describes a Missing Authorization vulnerability in HAVELSAN’s Liman MYS prior to release.Master.1107, where functionality is accessible without proper ACL constraints. Core issue: access to certain features is not properly constrained by ACLs, enabling unauthorized access. Accordin...

8.3CVSS5.9AI score0.00195EPSS
Exploits0References1
openvas
openvas
added 2026/03/30 12:0 a.m.6 views

openSUSE Security Advisory (SUSE-SU-2026:1107-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.01525EPSS
Exploits0References13
circl
circl
added 2025/09/12 7:38 a.m.6 views

CVE-2024-1107

creationtimestamp| type| source ---|---|--- 2025-09-12 07:38:49+00:00| seen| Telegram/qW1aw0ly-HgPITfppY54Gb49rKUhnsfEaGwVyiOmPFFZrPw...

9.8CVSS4.8AI score0.00468EPSS
Exploits0
redhatcve
redhatcve
added 2025/05/22 10:9 p.m.9 views

CVE-2022-1107

During an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovered in some ThinkPad models could be exploited by an attacker with elevated privileges that could allow for execution of code...

7.2CVSS7AI score0.00253EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 5:41 p.m.8 views

CVE-2020-1107

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1104, CVE-2020-1105...

5.4CVSS6.5AI score0.01582EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 6:5 a.m.8 views

CVE-2013-1107

The search function in Cisco Webex Social formerly Cisco Quad allows remote authenticated users to read files via unspecified parameters, aka Bug ID CSCud40235...

4CVSS6.8AI score0.00947EPSS
Exploits0References1
cvelist
cvelist
added 2025/02/07 1:38 p.m.12 views

CVE-2025-1107 Unverified password change vulnerability in Janto

Unverified password change vulnerability in Janto, versions prior to r12. This could allow an unauthenticated attacker to change another user's password without knowing their current password. To exploit the vulnerability, the attacker must create a specific POST request and send it to the endpoi...

9.9CVSS0.00399EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/02/07 1:38 p.m.9 views

CVE-2025-1107 Unverified password change vulnerability in Janto

Unverified password change vulnerability in Janto, versions prior to r12. This could allow an unauthenticated attacker to change another user's password without knowing their current password. To exploit the vulnerability, the attacker must create a specific POST request and send it to the endpoi...

9.9CVSS9.5AI score0.00399EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/02/05 5:28 a.m.7 views

CVE-2024-1107

Authorization Bypass Through User-Controlled Key vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Travel APPS: before v17.0.68...

9.8CVSS5.8AI score0.00468EPSS
Exploits0References1
nvd
nvd
added 2024/06/27 1:15 p.m.27 views

CVE-2024-1107

Authorization Bypass Through User-Controlled Key vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Travel APPS: before v17.0.68...

9.8CVSS0.00468EPSS
Exploits0References2
cve
cve
added 2024/06/27 1:1 p.m.67 views

CVE-2024-1107

CVE-2024-1107 affects Talya Informatics Travel APPS prior to v17.0.68. The root cause is an Authorization Bypass Through User-Controlled Key due to misconfigured access control levels, leading to a high-impact breach (CVE base score 9.8). Public sources (NVD/Red Hat/CNNVD/PT-Security/CVE lists) c...

9.8CVSS5.8AI score0.00468EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2024/06/27 1:1 p.m.35 views

CVE-2024-1107 IDOR in Talya Informatics' Travel APPS

Authorization Bypass Through User-Controlled Key vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Travel APPS: before v17.0.68...

9.8CVSS0.00468EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/06/27 1:1 p.m.23 views

CVE-2024-1107 IDOR in Talya Informatics' Travel APPS

Authorization Bypass Through User-Controlled Key vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Travel APPS: before v17.0.68...

9.8CVSS5.8AI score0.00468EPSS
Exploits0References2
nessus
nessus
added 2024/05/02 12:0 a.m.56 views

Splunk Universal Forwarder 9.0.0 < 9.0.7, 9.1.0 < 9.1.2 (SVD-2023-1107)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-1107 advisory. - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the...

5.3CVSS6.5AI score0.05533EPSS
Exploits0References3
redhat
redhat
added 2024/03/13 9:11 a.m.49 views

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. 'Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

10CVSS7.2AI score0.03882EPSS
Exploits3References23
nessus
nessus
added 2024/03/05 12:0 a.m.36 views

RHEL 8 : sqlite (RHSA-2024:1107)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1107 advisory. SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk...

7.3CVSS6.5AI score0.01249EPSS
Exploits1References5
osv
osv
added 2024/01/24 8:23 p.m.10 views

MAL-2024-276 Malicious code in wlwz-2312-1107 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 36735efc1a7ffa4b710d37b348dbecd9ded94fa99499db3fdfb5e838407061fa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder