Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.9 views

CVE-2026-4913

Improper protection of an alternate path in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to retain access when their account has been disabled...

5.7CVSS5.4AI score0.00586EPSS
Exploits0References1
NVD
NVD
added 2026/04/14 3:16 p.m.5 views

CVE-2026-4913

Improper protection of an alternate path in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to retain access when their account has been disabled...

5.7CVSS0.00586EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/14 2:10 p.m.23 views

CVE-2026-4913

Improper protection of an alternate path in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to retain access when their account has been disabled...

5.7CVSS0.00586EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.3 views

CVE-2026-4270

Improper Protection of Alternate Path exists in the no-access and workdir feature of the AWS API MCP Server versions = 0.2.14 and 1.3.9 on all platforms may allow the bypass of intended file access restriction and expose arbitrary local file contents in the MCP client application context. To...

6.8CVSS5.9AI score0.00131EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/16 6:55 p.m.4 views

Improper Protection of Alternate Path

Overview awslabs.aws-api-mcp-server is a Model Context Protocol MCP server for interacting with AWS Affected versions of this package are vulnerable to Improper Protection of Alternate Path through the AWS CLI shorthand parser in awsapimcpserver/core/aws/services.py. An attacker can read arbitrar...

6.8CVSS5.9AI score0.00131EPSS
Exploits0References2
Redos
Redos
added 2026/02/24 12:0 a.m.5 views

ROS-20260224-73-0036

Vulnerability in gitea related to improper alternate path protection. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.2CVSS6.2AI score0.00295EPSS
Exploits0
Snyk
Snyk
added 2025/12/26 3:30 a.m.1 views

Improper Protection of Alternate Path

Overview Affected versions of this package are vulnerable to Improper Protection of Alternate Path due to insufficient validation in attachment editing APIs. An attacker can upload files with restricted extensions by modifying the attachment name, leading to unauthorized file uploads and further...

8.5CVSS6.9AI score0.00295EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/16 10:3 a.m.4 views

EUVD-2025-34745

Improper Protection of Alternate Path CWE-424 in the AppSuite of desknet's NEO V4.0R1.0 to V9.0R2.0 allows an attacker to create malicious AppSuite applications...

5.3CVSS6.3AI score0.00265EPSS
Exploits0References3
CISA KEV Catalog
CISA KEV Catalog
added 2025/05/02 12:0 a.m.77 views

Yiiframework Yii Improper Protection of Alternate Path Vulnerability

Yii Framework contains an improper protection of alternate path vulnerability that may allow a remote attacker to execute arbitrary code. This vulnerability could affect other products that implement Yii, including—but not limited to—Craft CMS, as represented by CVE-2025-32432...

10CVSS7.6AI score0.99803EPSS
In wildExploits15
VulnCheck KEV
VulnCheck KEV
added 2025/04/09 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-58136

Yii Framework contains an improper protection of alternate path vulnerability that may allow a remote attacker to execute arbitrary code. This vulnerability could affect other products that implement Yii, including—but not limited to—Craft CMS, as represented by CVE-2025-32432...

10CVSS7.5AI score0.99803EPSS
Exploits15References1
ATTACKERKB
ATTACKERKB
added 2024/11/18 2:15 p.m.7 views

CVE-2024-8781

Execution with Unnecessary Privileges, : Improper Protection of Alternate Path vulnerability in TR7 Application Security Platform ASP allows Privilege Escalation, -Privilege Abuse. This issue affects Application Security Platform ASP: v1.4.25.188...

8.7CVSS5.8AI score0.0019EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder