CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Positive Technologies•added 4 days ago•6 views

PT-2026-47578

internal/api/audit.go:12 — handleGetAuditLog does no admin check. The route is bearer-auth gated only; any operator API key returns the full audit log via store.ListAuditEntries up to limit=1000. This includes cross-tenant actor names, host/CA/operator IDs, action timestamps, and masked-IP entrie...

7.1CVSS5.5AI score

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2007-5488

Malware in sbrugna...

5CVSS6.4AI score0.01632EPSS

Exploits0References14

OSV•added 2023/11/22 5:15 p.m.•2 views

CVE-2023-47312

Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential Leakage via Audit Entries...

6.5CVSS5.8AI score0.0004EPSS

Exploits1References1

NVD•added 2023/11/22 5:15 p.m.•13 views

CVE-2023-47312

Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential Leakage via Audit Entries...

6.5CVSS0.0004EPSS

Exploits1References1

ATTACKERKB•added 2023/11/22 5:15 p.m.•2 views

CVE-2023-47312

Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential Leakage via Audit Entries...

6.5CVSS6.6AI score0.0004EPSS

Exploits1References2

Prion•added 2023/11/22 5:15 p.m.•15 views

Improper access control

Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential Leakage via Audit Entries...

4CVSS7.2AI score0.0004EPSS

Exploits1References1Affected Software1

CVE•added 2023/11/22 12:0 a.m.•60 views

CVE-2023-47312

CVE-2023-47312 affects Headwind MDM Web panel 5.22.1. The issue is incorrect access control arising from login credential leakage via audit entries, enabling potential elevation of access or disclosure. Root cause details in connected sources indicate credential leakage within audit records as th...

6.5CVSS6.5AI score0.0004EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/11/22 12:0 a.m.•16 views

CVE-2023-47312

Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential Leakage via Audit Entries...

6.7AI score0.0004EPSS

Exploits1References1

Tenable Nessus•added 2011/05/02 12:0 a.m.•40 views

IBM Tivoli Directory Server Vulnerabilities (credentialed check)

According to its version, the installation of IBM Tivoli Directory Server on the remote host is prior to 6.0.0.67, 6.1.0.40, 6.2.0.16, or 6.3.0.3. It is, therefore, affected by one or more of the following vulnerabilities : - A malicious LDAP request can cause a buffer overrun in the server,...

10CVSS6.4AI score0.33754EPSS

Exploits5References5

Prion•added 2007/10/17 11:17 p.m.•15 views

Design/Logic Flaw

The XML DB XMLDB component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 generates incorrect audit entries in the USERID column in which 1 long usernames are trimmed to 5 characters, or 2 short entries contain any extra characters from usernames in previous entries, aka DB23...

5CVSS6.3AI score0.01632EPSS

Exploits0References12Affected Software1

NVD•added 2007/10/17 11:17 p.m.•14 views

CVE-2007-5513

5CVSS6.2AI score0.01632EPSS

Exploits0References12

Cvelist•added 2007/10/17 11:0 p.m.•20 views

CVE-2007-5513

6.2AI score0.01632EPSS

Exploits0References12

CVE•added 2007/10/17 11:0 p.m.•54 views

CVE-2007-5513

The CVE-2007-5513 entry concerns Oracle Database XML DB (XMLDB) component in versions 9.2.0.8, 9.2.0.8DV, and 10.1.0.5. The issue is in audit trail entries for USERID: long usernames get trimmed to five characters, and shorter entries may contain extra characters from previous usernames (DB23). T...

5CVSS6.2AI score0.01632EPSS

Exploits0References12Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by