CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

RedhatCVE•added 2025/05/22 3:45 p.m.•5 views

CVE-2020-15511

HashiCorp Terraform Enterprise up to v202006-1 contained a default signup page that allowed user registration even when disabled, bypassing SAML enforcement. Fixed in v202007-1...

5.3CVSS6.8AI score0.00241EPSS

Exploits0

Circl•added 2024/02/26 9:41 a.m.•0 views

CVE-2019-15511

creationtimestamp| type| source ---|---|--- 2024-02-26 09:41:29+00:00| seen| https://t.me/ctinow/193193...

7.8CVSS7.5AI score0.00534EPSS

Exploits1References1

Prion•added 2022/02/18 8:15 p.m.•10 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

6.8CVSS7.8AI score0.00621EPSS

Exploits0References2Affected Software3

CVE•added 2022/02/18 7:46 p.m.•96 views

CVE-2021-46639

CVE-2021-46639 affects Bentley MicroStation CONNECT 10.16.0.80. Connected sources (ZDI-22-226 and related notices) describe an out-of-bounds write in DGN file parsing that can allow remote code execution; exploitation requires user interaction (visiting malicious page or opening a malicious file)...

7.8CVSS7.8AI score0.00621EPSS

Exploits0References2Affected Software3

OSV•added 2020/07/30 2:15 p.m.•1 views

CVE-2020-15511

HashiCorp Terraform Enterprise up to v202006-1 contained a default signup page that allowed user registration even when disabled, bypassing SAML enforcement. Fixed in v202007-1...

5.3CVSS5.7AI score

Exploits0References2

NVD•added 2020/07/30 2:15 p.m.•9 views

CVE-2020-15511

HashiCorp Terraform Enterprise up to v202006-1 contained a default signup page that allowed user registration even when disabled, bypassing SAML enforcement. Fixed in v202007-1...

5.3CVSS5.2AI score0.00241EPSS

Exploits0References2

Cvelist•added 2020/07/30 1:15 p.m.•15 views

CVE-2020-15511

HashiCorp Terraform Enterprise up to v202006-1 contained a default signup page that allowed user registration even when disabled, bypassing SAML enforcement. Fixed in v202007-1...

5.2AI score0.00241EPSS

Exploits0References2

CVE•added 2020/07/30 1:15 p.m.•39 views

CVE-2020-15511

CVE-2020-15511 affects HashiCorp Terraform Enterprise up to v202006-1. The vulnerability is a default signup page that allowed user registration even when disabled, bypassing SAML enforcement. Root cause: signup flow could be used to create accounts without proper SAML gating. Impact stated in so...

5.3CVSS5.2AI score0.00241EPSS

Exploits0References2Affected Software1

NVD•added 2019/11/21 6:15 p.m.•12 views

CVE-2019-15511

An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. Due to Improper Access Control, an attacker can send unauthenticated local TCP packets to the service to gain SYSTEM privileges in Windows system where GOG Galaxy software is...

7.8CVSS8AI score0.00534EPSS

Exploits1References2

CVE•added 2019/11/21 5:47 p.m.•189 views

CVE-2019-15511

CVE-2019-15511 affects the GalaxyClientService in GOG Galaxy. Root cause: faulty/improper access control enabling unauthenticated local TCP packets to be processed, allowing local privilege escalation to SYSTEM on Windows. Affected products/versions: GOG Galaxy and GalaxyClientService before 1.2....

7.8CVSS7.9AI score0.00534EPSS

Exploits1References2Affected Software1

CVE•added 2019/08/29 9:31 p.m.•35 views

CVE-2018-15511

CVE-2018-15511 – totemomail 6.0.0 build 570 suffers a cross-site scripting (XSS) vulnerability in the Notification template feature. The description confirms an attacker can inject arbitrary web script or HTML via this feature. Connected sources (NVD/NVD-derived records, PRION/CVE lists, and EUVD...

6.1CVSS6AI score0.00223EPSS

Exploits0References1Affected Software1