Lucene search
+L

9 matches found

NVD
NVD
added yesterday7 views

CVE-2026-15783

A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with write access to any repository to read metadata from private repositories they did not have access to, including private repository owners and names, branch names, commit SHAs,...

5.3CVSS
Exploits0References5
CVE
CVE
added yesterday9 views

CVE-2026-15783

CVE-2026-15783 (GitHub Enterprise Server) describes a missing authorization flaw where an authenticated user with write access to any repository could read metadata from private repositories they should not access. The attack path involves a delegated bypass endpoint that resolves a rule suite fr...

5.3CVSS5.5AI score
Exploits0References5
EUVD
EUVD
added yesterday6 views

EUVD-2026-45191

A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with write access to any repository to read metadata from private repositories they did not have access to, including private repository owners and names, branch names, commit SHAs,...

5.3CVSS5.5AI score
Exploits0References5
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-60783

A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with write access to any repository to read metadata from private repositories they did not have access to, including private repository owners and names, branch names, commit SHAs,...

5.3CVSS5.4AI score
Exploits0References6
VulnCheck KEV
VulnCheck KEV
added 2025/02/09 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-9644

The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an authentication bypass vulnerability in the administrative web server. Authentication is not enforced on some administrative functionality when using the "bapply.cgi" endpoint instead of the normal "apply.cgi" endpoint. A remote...

9.8CVSS5.8AI score0.00649EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/08 12:0 a.m.4 views

F5 BIG-IP APM 安全漏洞

F5 BIG-IP APM is a suite of access and security solutions from F5 USA. The product provides unified access to business-critical applications and networks. A source validation error vulnerability exists in the F5 BIG-IP APM Browser Web Access VPN Client, which can be exploited by an attacker to...

7.4CVSS6.7AI score0.00205EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/08/30 5:4 p.m.70 views

Hackers Can Exploit Windows Container Isolation Framework to Bypass Endpoint Security

New findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint security solutions by manipulating the Windows Container Isolation Framework. The findings were presented by Deep Instinct security researcher Daniel Avinoam at the DEF CON...

6.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/12/09 12:0 a.m.9 views

PT-2022-16041 · Cube-Js · Cube-Js

Name of the Vulnerable Software and Affected Versions: cube-js version 0.31.23 Description: The issue concerns a headless business intelligence platform where all authenticated clients could bypass SQL row-level security and run arbitrary SQL via the /v1/sql-runner endpoint. This was resolved in...

9.6CVSS9AI score0.00898EPSS
Exploits0References8
Zero Day Initiative
Zero Day Initiative
added 2020/03/17 12:0 a.m.26 views

Trend Micro Worry-Free Business Security Directory Traversal Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Trend Micro Worry-Free Business Security. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the TempFileName parameter provided to the...

8.6CVSS2AI score0.04179EPSS
Exploits0References1
Rows per page
Query Builder