Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2026/04/07 5:12 a.m.3 views

CVE-2026-31066

UTT Aggressive HiPER 810G v3v1.7.7-171114 was discovered to contain a buffer overflow in the selDateType parameter of the formTaskEdit function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

4.5CVSS6.2AI score0.00235EPSS
Exploits1References1
Circl
Circl
added 2026/04/06 4:45 p.m.2 views

CVE-2026-31066

creationtimestamp| type| source ---|---|--- 2026-04-06 16:45:05+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116358768533650350...

4.5CVSS5.9AI score0.00235EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:48 a.m.5 views

CVE-2023-31066

Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Different users in InLong could delete, edit, stop, and start others' sources! Users are advised to upgrade to Apache InLong's...

9.1CVSS6.8AI score0.01355EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:48 a.m.5 views

CVE-2010-2504

Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allows remote authenticated users to obtain sensitive information via HTTP header injection, aka SPL-31066...

6CVSS6.4AI score0.00867EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/18 4:3 p.m.15 views

CVE-2025-31066

Missing Authorization vulnerability in themeton Acerola acerola allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Acerola: from n/a through = 1.6.5...

5.3CVSS6.8AI score0.00348EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/16 3:45 p.m.9 views

CVE-2025-31066 WordPress Acerola theme <= 1.6.5 - Broken Access Control Vulnerability

Missing Authorization vulnerability in themeton Acerola acerola allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Acerola: from n/a through = 1.6.5...

5.3CVSS6.8AI score0.00348EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/16 3:45 p.m.14 views

CVE-2025-31066 WordPress Acerola theme <= 1.6.5 - Broken Access Control Vulnerability

Missing Authorization vulnerability in themeton Acerola acerola allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Acerola: from n/a through = 1.6.5...

5.3CVSS0.00348EPSS
Exploits0References1
CVE
CVE
added 2025/05/16 3:45 p.m.18 views

CVE-2025-31066

CVE-2025-31066 relates to a Missing Authorization vulnerability in the Themeton Acerola WordPress theme (versions &lt;= 1.6.5). The issue stems from incorrectly configured access control levels, enabling unauthorized access (Broken Access Control). Public sources (Patchstack, CVE listings) consis...

5.3CVSS6.8AI score0.00348EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/16 12:0 a.m.6 views

WordPress Acerola Theme <= 1.6.5 is vulnerable to Broken Access Control

Software Acerola Type Theme Vulnerable versions = 1.6.5 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2025-31066 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 095f29f718c8 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber...

5.3CVSS6.6AI score0.00348EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2023/05/22 8:25 p.m.3 views

CVE-2023-31066

creationtimestamp| type| source ---|---|--- 2023-05-22 20:25:29+00:00| published-proof-of-concept| https://t.me/cibsecurity/64545...

9.1CVSS8.6AI score0.01355EPSS
Exploits0References1
OSV
OSV
added 2023/05/22 4:15 p.m.12 views

CVE-2023-31066

Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Different users in InLong could delete, edit, stop, and start others' sources! Users are advised to upgrade to Apache InLong's...

9.1CVSS7.1AI score0.01355EPSS
Exploits0References1
CVE
CVE
added 2023/05/22 3:35 p.m.61 views

CVE-2023-31066

CVE-2023-31066 affects Apache InLong versions 1.4.0–1.6.0. It enables different users to delete, edit, stop, and start others’ sources due to files/directories accessible to external parties. Remediation: upgrade to InLong 1.7.0 or cherry-pick PR #7775 (as referenced). If exploitation details are...

9.1CVSS9.2AI score0.01355EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/22 3:35 p.m.12 views

CVE-2023-31066 Apache InLong: Insecure direct object references for inlong sources

Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Different users in InLong could delete, edit, stop, and start others' sources! Users are advised to upgrade to Apache InLong's...

9.4AI score0.01355EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/06/14 9:55 p.m.7 views

CVE-2022-31066 Configuration API in EdgeXFoundry exposes message bus credentials to local unauthenticated users

EdgeX Foundry is an open source project for building a common open framework for Internet of Things edge computing. Prior to version 2.1.1, the /api/v2/config endpoint exposes message bus credentials to local unauthenticated users. In security-enabled mode, message bus credentials are supposed to...

5.9CVSS5.7AI score0.00308EPSS
Exploits0References3
CVE
CVE
added 2022/06/14 9:55 p.m.465 views

CVE-2022-31066

CVE-2022-31066 affects EdgeXFoundry up to version 2.1.1, where the /api/v2/config endpoint exposes message bus credentials to local unauthenticated users. In security-enabled mode, credentials should be stored in the secret store, but access controls are bypassed, allowing interception or injecti...

5.9CVSS4.8AI score0.00308EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/06/14 9:55 p.m.55 views

CVE-2022-31066 Configuration API in EdgeXFoundry exposes message bus credentials to local unauthenticated users

EdgeX Foundry is an open source project for building a common open framework for Internet of Things edge computing. Prior to version 2.1.1, the /api/v2/config endpoint exposes message bus credentials to local unauthenticated users. In security-enabled mode, message bus credentials are supposed to...

5.9CVSS6AI score0.00308EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/08/24 6:52 p.m.10 views

CVE-2021-31066

...

Exploits0
CVE
CVE
added 2021/08/24 6:52 p.m.26 views

CVE-2021-31066

This CVE-2021-31066 entry is rejected and not used; it does not represent an active vulnerability.

7.4AI score
Exploits0
CVE
CVE
added 2010/06/28 6:6 p.m.49 views

CVE-2010-2504

CVE-2010-2504 affects Splunk 4.0–4.0.10 and 4.1–4.1.1. The issue is HTTP header injection that allows remote authenticated users to obtain sensitive information (SPL-31066). Root cause details beyond “HTTP header injection” are not provided in the connected documents. Impact is noted as exposure ...

6CVSS6AI score0.00867EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder