Lucene search
K

183 matches found

EUVD
EUVD
added 2026/02/04 10:41 a.m.7 views

EUVD-2026-5384

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 1.7.1. An unauthenticated API endpoint incorrectly exposes full revision history for deleted content. This allows unauthorized user to retrieve restricted or...

7.5CVSS5.3AI score0.00619EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/04 10:41 a.m.6 views

CVE-2026-24735

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 1.7.1. An unauthenticated API endpoint incorrectly exposes full revision history for deleted content. This allows unauthorized user to retrieve restricted or...

5.3AI score0.00619EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/04 10:41 a.m.4 views

CVE-2026-24735 Apache Answer: Revision API Improper Access Control leads to Information Disclosure

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 1.7.1. An unauthenticated API endpoint incorrectly exposes full revision history for deleted content. This allows unauthorized user to retrieve restricted or...

5.3AI score0.00619EPSS
Exploits0References1
CVE
CVE
added 2026/02/04 10:41 a.m.27 views

CVE-2026-24735

CVE-2026-24735 affects Apache Answer up to version 1.7.1. An unauthenticated API endpoint exposes the full revision history for deleted content, enabling unauthorized retrieval of restricted or sensitive information. Remediation: upgrade to version 2.0.0 (or later) where the issue is fixed. The a...

7.5CVSS5.3AI score0.00619EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/02/04 10:41 a.m.29 views

CVE-2026-24735 Apache Answer: Revision API Improper Access Control leads to Information Disclosure

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 1.7.1. An unauthenticated API endpoint incorrectly exposes full revision history for deleted content. This allows unauthorized user to retrieve restricted or...

0.00619EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.9 views

Apache Answer 安全漏洞

Apache Answer is a community platform of the Apache Foundation in the United States. Versions of Apache Answer prior to 1.7.1 contained security vulnerabilities. These vulnerabilities stemmed from unvalidated API endpoints that exposed the complete revision history of deleted content, potentially...

7.5CVSS5.8AI score0.00619EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.12 views

PT-2026-6373

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 1.7.1. An unauthenticated API endpoint incorrectly exposes full revision history for deleted content. This allows unauthorized users to retrieve restricted o...

7.5CVSS5.5AI score0.00619EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 9:35 a.m.7 views

CVE-2024-41888

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. The password reset link remains valid within its expiration period even after it has been used. This could potentially lead to the link being misused or hijacked...

5.3CVSS7AI score0.01222EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:34 a.m.13 views

CVE-2024-41890

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link. Within the link's validity period, this could potentially lead to the link being misused o...

5.3CVSS6.9AI score0.01149EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-1190

Malicious code in bioql PyPI...

4.6CVSS4.9AI score0.00966EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-0580

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.01073EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-0598

Malicious code in bioql PyPI...

5.9CVSS5.8AI score0.00895EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-2587

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.01149EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-2656

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.01222EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-0343

Malicious code in bioql PyPI...

3.1CVSS4AI score0.00891EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-9320

Malicious code in bioql PyPI...

6.5CVSS7.5AI score0.00872EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2025/06/25 12:0 a.m.12 views

The vulnerability of the Apache Answer Q&A platform, related to the return of references to protected data from a public method, allows a violator to execute arbitrary code.

The vulnerability of the Apache Answer Q&A platform relates to the return of references to protected data from a public method. Exploiting this vulnerability could allow an attacker operating remotely to execute arbitrary code...

6.5CVSS7.5AI score0.00872EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 10:35 a.m.10 views

CVE-2024-40761

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. Using the MD5 value of a user's email to access Gravatar is insecure and can lead to the leakage of user email. The official recommendation is to use SHA256 instead. Users are recommend...

5.3CVSS6.8AI score0.00749EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 8:42 a.m.6 views

CVE-2024-23349

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. XSS attack when user enters summary. A logged-in user, when modifying their own submitted question, can input malicious code in the...

5.4CVSS6.1AI score0.01073EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:41 a.m.9 views

CVE-2024-45719

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...

2.6CVSS6.7AI score0.00229EPSS
Exploits0
Rows per page
Query Builder