Lucene search
K

3626 matches found

CNNVD
CNNVD
added 2026/06/05 12:0 a.m.12 views

joomlacontenteditor.net Joomla Content Editor (JCE) extension for Joomla 权限许可和访问控制问题漏洞

JCE Joomla Component is an editor component used within the Joomla content management system. The JCE Joomla Component has a security vulnerability related to access control. This vulnerability stems from allowing unauthenticated users to create new editor profiles, ultimately leading to the uplo...

10CVSS7.7AI score0.80425EPSS
Exploits18References3
Cvelist
Cvelist
added 2026/06/02 1:51 p.m.36 views

CVE-2025-68886 WordPress Cookiteer theme <= 1.4.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in androThemes Cookiteer allows PHP Local File Inclusion. This issue affects Cookiteer: from n/a through 1.4.8...

8.1CVSS0.00337EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/02 9:53 a.m.12 views

CVE-2025-53440 WordPress Confidant theme <= 1.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Confidant allows PHP Local File Inclusion. This issue affects Confidant: from n/a through 1.4...

8.1CVSS5.8AI score0.00415EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

goclaw 访问控制错误漏洞

Goclaw is an open-source multi-tenant AI smart agent platform developed by Next Level Builder. Versions of GoClaw 3.11.3 and earlier contain a security vulnerability related to access control. This vulnerability stems from a lack of authentication in the resolveAuth function within the Webhook...

7.5CVSS5.4AI score0.00399EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

Ivanti Neurons for ITSM 访问控制错误漏洞

Ivanti Neurons for ITSM is a reliable and powerful IT service management solution from the American company Ivanti. Ivanti Neurons for ITSM has a vulnerability related to access control. This vulnerability stems from improper access control practices, which may allow remote authentication attacke...

8.8CVSS5.5AI score0.0144EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Code-Projects Smart Parking System 访问控制错误漏洞

Code-Projects Smart Parking System is an open-source intelligent parking system developed by Code-Projects. Version 1.0 of the Code-Projects Smart Parking System contains a vulnerability related to access control. This vulnerability stems from the lack of authentication in the Admin Endpoint...

7.5CVSS7.4AI score0.00629EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Qualcomm Chipsets 访问控制错误漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. Qualcomm Chipsets contain an access control vulnerability, which stems from encryption issues during the processing of partition table entries. This vulnerability may allow unauthorized modification...

7.1CVSS5.3AI score0.00062EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Nextcloud 访问控制错误漏洞

Nextcloud is an open-source, self-hosted communication platform for file synchronization and sharing developed by the German company Nextcloud. Vulnerabilities existed in versions of Nextcloud prior to 21.1.10, 22.0.11, and 23.0.3 due to access control flaws. These vulnerabilities stemmed from...

3.5CVSS5.3AI score0.00203EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.20 views

RHEL 8 : kernel (RHSA-2026:21706)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:21706 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: MGMT: Fix possible...

9.4CVSS6.5AI score0.00514EPSS
Exploits0References38
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.9 views

n8n-MCP 访问控制错误漏洞

n8n-MCP is a model context protocol server developed by Romuald Członkowski, an individual developer. Versions of n8n-MCP prior to 2.51.2 contained an access control vulnerability. This vulnerability arises when multi-tenant mode is enabled, and headers are omitted or only partially provided duri...

8.1CVSS5.9AI score0.00235EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/27 2:28 p.m.13 views

EUVD-2026-32526

Missing Authorization vulnerability in Benbodhi SVG Support allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SVG Support: from n/a through 2.5.14...

4.3CVSS5.8AI score0.002EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Tassos Framework Plugin 访问控制错误漏洞

The Tassos Framework Plugin is a Joomla extension and functionality enhancement framework developed by Tassos Marinos. The Tassos Framework Plugin has a security vulnerability related to access control, which allows users to delete any file on the affected site...

9.3CVSS5.8AI score0.00267EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Synology Assistant 访问控制错误漏洞

Synology Assistant is a network storage device discovery and management tool provided by the Chinese company Synology. Versions of Synology Assistant prior to 7.0.6-50085 contained a access control vulnerability caused by a source verification error. This vulnerability could allow local users to...

6.1CVSS5.8AI score0.00086EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Synology ActiveProtect Agent 访问控制错误漏洞

Synology ActiveProtect Agent is a terminal data backup and recovery agent provided by the Chinese company Synology. Versions of Synology ActiveProtect Agent prior to 1.1.0-0439 contained a access control vulnerability caused by a source validation error. This vulnerability could allow local users...

6.1CVSS5.8AI score0.00086EPSS
Exploits0References1
CVE
CVE
added 2026/05/26 7:30 p.m.16 views

CVE-2026-25444

CVE-2026-25444 concerns the WordPress plugin WordPress WpBookingly (Magepeople Inc.), affected versions:

4.3CVSS5.8AI score0.00155EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.8 views

Student-Management-System 访问控制错误漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. The STUDENT-MANAGEMENT-SYSTEM contains a security vulnerability related to access control. This vulnerability stems from improper access control measures in the Dashboard component, which may...

7.5CVSS7.2AI score0.00288EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

Student Management System 访问控制错误漏洞

Student Management System is a student management system developed by Krishanmurariji as an individual project. The Student Management System has a security access control vulnerability, which stems from an unknown function in the file/index.php/students/addStudentView, leading to improper access...

7.5CVSS7.1AI score0.0039EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

kavita 访问控制错误漏洞

Kavita is a fast and feature-rich cross-platform reading server developed by Kavita OpenSource. Versions of Kavita prior to 0.9.0 contained an access control vulnerability. This vulnerability stemmed from the ReaderController.GetImage endpoint, which allowed completely unauthenticated access,...

6.9CVSS5.8AI score0.00281EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

Hitachi Energy RTU500 安全漏洞

Hitachi Energy RTU500 is a series of industrial control components developed by Hitachi, Ltd. Hitachi Energy RTU500 contains a security vulnerability; this vulnerability stems from a null pointer dereferencing when using the IEC 60870-5-104 standard in bidirectional mode, which may lead to...

6.9CVSS5.8AI score0.0017EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

JeecgBoot 访问控制错误漏洞

JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. Versions of JeecgBoot 3.9.1 and earlier contained a security vulnerability related to access control. This vulnerability stemmed from incorrect operations with the parameter...

5.3CVSS5.8AI score0.00222EPSS
Exploits0References7
Rows per page
Query Builder