Lucene search
K

498 matches found

OSV
OSV
added 2026/01/08 2:58 p.m.5 views

CVE-2026-22042 RustFS has IAM Incorrect Authorization in ImportIam that Allows Privilege Escalation

RustFS is a distributed object storage system built in Rust. Prior to version 1.0.0-alpha.79, he ImportIam admin API validates permissions using ExportIAMAction instead of ImportIAMAction, allowing a principal with export-only IAM permissions to perform import operations. Since importing IAM data...

7.1CVSS6.8AI score0.00392EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/12/13 10:0 p.m.13 views

CVE-2025-43473

This issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data...

5.5CVSS6AI score0.00166EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/13 10:0 p.m.9 views

CVE-2025-43471

The issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data...

5.5CVSS6AI score0.00166EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/12 8:56 p.m.3 views

CVE-2025-43517

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3. An app may be able to access protected user data...

5.3AI score0.00173EPSS
Exploits0References3
OSV
OSV
added 2025/11/26 12:0 a.m.6 views

CVE-2025-65681

An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...

3.3CVSS6.5AI score0.00199EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/11/07 12:0 a.m.5 views

PT-2025-45431

Name of the Vulnerable Software and Affected Versions Notification Center versions prior to 2.1.0.3443 Notification Center versions prior to 1.9.2.3163 Notification Center versions prior to 3.0.0.3466 Description A cross-site scripting XSS issue exists in Notification Center. An attacker who...

9.2CVSS5.8AI score0.00487EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.5 views

SUSE SLES15: java-1_8_0-ibm / java-1_8_0-ibm-32bit / java-1_8_0-ibm-alsa / etc (SUSE-SU-2025:3965-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3965-1 advisory. - CVE-2025-53057: Fixed an issue where an unauthenticated attacker can achieve unauthorized creation, deletion or...

7.5CVSS6.8AI score0.00633EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2025/11/04 1:16 p.m.5 views

CVE-2025-41337 Missing Authorization vulnerability in CanalDenuncia.app

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarSSOParametros.php'...

8.7CVSS6.3AI score0.00293EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/04 1:16 p.m.2 views

CVE-2025-41336 Missing Authorization vulnerability in CanalDenuncia.app

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarConfiguracionParametros.php'...

8.7CVSS6.3AI score0.00293EPSS
Exploits0References1
NVD
NVD
added 2025/11/04 2:15 a.m.2 views

CVE-2025-43469

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data...

5.5CVSS0.00171EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/03 12:0 a.m.4 views

PHPGurukul News Portal 安全漏洞

News Portal is a news portal. News Portal has a hard-coded vulnerability that stems from the use of a fixed encryption key for the handling of the SECRETKEY parameter in the file /onps/settings.py. An attacker could exploit this vulnerability to obtain sensitive system information...

8.1CVSS5.1AI score0.00379EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/11/03 12:0 a.m.5 views

PT-2025-44811

Name of the Vulnerable Software and Affected Versions macOS versions prior to Sonoma 14.8.2 macOS versions prior to Sequoia 15.7.2 Description A logic issue existed due to insufficient checks, potentially allowing an application to access user-sensitive data. Recommendations Update to macOS Sonom...

5.5CVSS6.6AI score0.00194EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/10/22 8:18 p.m.5 views

CVE-2025-62592

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

6CVSS5.7AI score0.00183EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/15 8:0 p.m.5 views

CVE-2025-43313

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access sensitive user data...

5.8AI score0.00143EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/15 8:0 p.m.13 views

CVE-2025-43313

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access sensitive user data...

0.00143EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.11 views

PT-2025-41511

Name of the Vulnerable Software and Affected Versions Contacts versions prior to SMR Oct-2025 Release 1 Description An improper input validation issue exists in Contacts prior to the SMR Oct-2025 Release 1. This allows local attackers to access data across multiple user profiles. The vulnerabilit...

7.1CVSS6.2AI score0.0012EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-17930

Malware in sbrugna...

8.8CVSS8.7AI score0.00864EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2017-2540

Malware in sbrugna...

9.8CVSS9.5AI score0.01425EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-26173

Malware in sbrugna...

9.1CVSS6.2AI score0.00649EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-6414

Malware in sbrugna...

4.7CVSS4.9AI score0.00994EPSS
Exploits1References4
Rows per page
Query Builder