Lucene search
K

370 matches found

Positive Technologies
Positive Technologies
added 2025/06/10 12:0 a.m.6 views

PT-2025-24666 · Solarwinds · Solarwinds Observability Self-Hosted

Name of the Vulnerable Software and Affected Versions: SolarWinds Observability Self-Hosted affected versions not specified Description: The issue concerns an open redirection vulnerability where the URL is not properly sanitized. This could allow an attacker to manipulate the string and redirect...

4.8CVSS6.2AI score0.00174EPSS
Exploits0References5
NVD
NVD
added 2025/06/06 4:15 a.m.13 views

CVE-2025-5715

A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch the attack on the...

6.4CVSS0.00257EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/06/06 3:0 a.m.15 views

CVE-2025-5715 Signal App Biometric Authentication missing critical step in authentication

A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch the attack on the...

3.8CVSS0.00257EPSS
Exploits1References4
OSV
OSV
added 2025/06/05 9:0 a.m.8 views

CVE-2025-5648 Radare2 radiff2 pal.c r_cons_pal_init memory corruption

A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity...

2CVSS3.9AI score0.00206EPSS
Exploits1References9
Cvelist
Cvelist
added 2025/06/05 8:31 a.m.29 views

CVE-2025-5647 Radare2 radiff2 cons.c r_cons_context_break_pop memory corruption

A vulnerability was found in Radare2 5.9.9 and classified as problematic. This issue affects the function rconscontextbreakpop in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. The attack needs to be approached locally. The...

2.5CVSS0.00198EPSS
Exploits1References7
OSV
OSV
added 2025/06/05 7:31 a.m.8 views

CVE-2025-5645 Radare2 radiff2 pal.c r_cons_pal_init memory corruption

A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. Attacking locally is a requirement. The complexity of ...

2CVSS4.1AI score0.00185EPSS
Exploits1References9
Vulnrichment
Vulnrichment
added 2025/06/05 7:0 a.m.7 views

CVE-2025-5644 Radare2 radiff2 cons.c r_cons_flush use after free

A vulnerability, which was classified as problematic, has been found in Radare2 5.9.9. Affected by this issue is the function rconsflush in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to use after free. Local access is required to approach thi...

2.5CVSS3.5AI score0.00191EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/06/05 12:0 a.m.6 views

PT-2025-23902 · Radare2 · Radare2

Name of the Vulnerable Software and Affected Versions: Radare2 version 5.9.9 Description: A vulnerability has been found in the function r cons flush in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to use after free. Local access is required to...

2.5CVSS7.2AI score0.00191EPSS
Exploits1References16
RedhatCVE
RedhatCVE
added 2025/05/30 9:44 p.m.21 views

CVE-2025-27706

CVE-2025-27706 is a cross-site scripting vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with system administrator permissions can interfere with another system administrator’s use of the management console when the second administrator visits t...

4.6CVSS6.2AI score0.00205EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/30 9:44 p.m.15 views

CVE-2025-27703

CVE-2025-27703 is a privilege escalation vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with administrative access to a specific subset of privileged features in the console can elevate their permissions to access additional features in the...

7CVSS7AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/30 8:53 p.m.14 views

CVE-2025-27702

CVE-2025-27702 is a vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with administrative access to the console and who have been assigned a certain set of permissions can bypass those permissions to improperly modify settings. The attack complexi...

6.9CVSS7AI score0.00258EPSS
Exploits0References1
CVE
CVE
added 2025/05/29 6:0 p.m.59 views

CVE-2025-5323

CVE-2025-5323 affects fossasia open-event-server 1.19.1, specifically the Mail Verification Handler’s function send_email_change_user_email . The issue is described as relying on obfuscation or encryption of security-relevant inputs without integrity checks, with possible remote activation and hi...

6.3CVSS7AI score0.00118EPSS
Exploits0References5
NVD
NVD
added 2025/05/28 9:15 p.m.15 views

CVE-2025-27703

CVE-2025-27703 is a privilege escalation vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with administrative access to a specific subset of privileged features in the console can elevate their permissions to access additional features in the...

7CVSS0.00254EPSS
Exploits0References1
OSV
OSV
added 2025/05/28 9:15 p.m.4 views

CVE-2025-27702

CVE-2025-27702 is a vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with administrative access to the console and who have been assigned a certain set of permissions can bypass those permissions to improperly modify settings. The attack complexi...

4.9CVSS5.7AI score0.00258EPSS
Exploits0References1
NVD
NVD
added 2025/05/28 9:15 p.m.19 views

CVE-2025-27706

CVE-2025-27706 is a cross-site scripting vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with system administrator permissions can interfere with another system administrator’s use of the management console when the second administrator visits t...

4.6CVSS0.00205EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/28 9:1 p.m.15 views

CVE-2025-27706 Cross-site scripting vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.54

CVE-2025-27706 is a cross-site scripting vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with system administrator permissions can interfere with another system administrator’s use of the management console when the second administrator visits t...

4.6CVSS5.9AI score0.00205EPSS
Exploits0References1
CVE
CVE
added 2025/05/28 8:56 p.m.70 views

CVE-2025-27703

CVE-2025-27703 affects Absolute Secure Access prior to version 13.54, with a privilege-escalation in the management console. Attackers with administrative access to a subset of privileged features can elevate permissions to access additional console features. Reported impacts: confidentiality low...

7CVSS6.6AI score0.00254EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/05/28 8:42 p.m.15 views

CVE-2025-27702 Permissions bypass in the management console of Absolute Secure Access prior to version 13.54

CVE-2025-27702 is a vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with administrative access to the console and who have been assigned a certain set of permissions can bypass those permissions to improperly modify settings. The attack complexi...

6.9CVSS0.00258EPSS
Exploits0References1
CVE
CVE
added 2025/05/28 8:42 p.m.64 views

CVE-2025-27702

CVE-2025-27702 affects Absolute Secure Access prior to 13.54. The vulnerability is a permissions bypass in the management console that allows attackers with administrative access (and a specific permission set) to bypass restrictions and improperly modify settings. It has low attack complexity, r...

6.9CVSS6.7AI score0.00258EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/28 8:42 p.m.14 views

CVE-2025-27702 Permissions bypass in the management console of Absolute Secure Access prior to version 13.54

CVE-2025-27702 is a vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with administrative access to the console and who have been assigned a certain set of permissions can bypass those permissions to improperly modify settings. The attack complexi...

6.9CVSS6.7AI score0.00258EPSS
Exploits0References1
Rows per page
Query Builder