Lucene search
K

128 matches found

Vulnrichment
Vulnrichment
added 2026/02/20 3:47 p.m.4 views

CVE-2026-24950 WordPress Authorsy plugin <= 1.0.6 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in themeplugs Authorsy authorsy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Authorsy: from n/a through = 1.0.6...

7.5CVSS5.5AI score0.0025EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 7:53 p.m.3 views

CVE-2022-50686 Kentico Xperience <= 12.0 Portal Engine Form Control Information Disclosure

An information disclosure vulnerability in Kentico Xperience allows attackers to view sensitive stack trace details via Portal Engine form control error messages. Detailed error messages can expose internal system information and potentially reveal implementation details to unauthorized users...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.6 views

PT-2025-52308

Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description An information disclosure issue exists in Kentico Xperience. Attackers can view sensitive stack trace details through Portal Engine form control error messages. This disclosure of...

7.5CVSS6AI score0.00259EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986378)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986378 advisory. In the Linux kernel, the following vulnerability has been resolved: dccp: fix dccpv4err/dccpv6err again dh-dccphx is the 9th byte offset 8 in struct dccphdr, not in...

5.5CVSS6.4AI score0.00229EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-24560

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.04604EPSS
Exploits3References11
NVD
NVD
added 2025/08/13 1:15 p.m.10 views

CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

7.5CVSS0.04604EPSS
Exploits3References17
OSV
OSV
added 2025/08/13 1:15 p.m.8 views

CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

7.5CVSS7AI score
Exploits0References17
OSV
OSV
added 2025/08/13 1:15 p.m.2 views

UBUNTU-CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

7.5CVSS5.8AI score0.04604EPSS
Exploits3References13
Snyk
Snyk
added 2025/08/13 12:46 p.m.10 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to incorrect stream accounting in the handling of server-sent stream resets. An attacker can cause excessive server resource consumption by rapidly opening streams and triggering resets using malformed frames o...

8.7CVSS6AI score0.04604EPSS
Exploits3References2
Cvelist
Cvelist
added 2025/08/13 12:3 p.m.13 views

CVE-2025-8671 CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

0.04604EPSS
Exploits3References9
AlpineLinux
AlpineLinux
added 2025/08/13 12:3 p.m.10 views

CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

7.5CVSS6.6AI score0.04604EPSS
Exploits3
Vulnrichment
Vulnrichment
added 2025/08/13 12:3 p.m.10 views

CVE-2025-8671 CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

7AI score0.04604EPSS
Exploits3References9
Debian CVE
Debian CVE
added 2025/08/13 12:3 p.m.24 views

CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

7.5CVSS5.9AI score0.04604EPSS
Exploits3
Redos
Redos
added 2025/07/29 12:0 a.m.6 views

ROS-20250729-04

A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with access control errors. JDK and Oracle GraalVM Enterprise Edition virtual machines is related to access control errors...

7.4CVSS7.2AI score0.00688EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/07/23 12:0 a.m.10 views

The vulnerability of the LeAudioService service in Android operating systems allows a hacker to gain access to read and modify data.

The vulnerability of the LeAudioService service on Android operating systems is related to access control errors. Exploiting this vulnerability can allow an attacker to gain access to read and modify data...

6.2CVSS5.5AI score0.00108EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/23 12:0 a.m.6 views

The vulnerability of Android operating systems’ isemtelephony services allows attackers to gain unauthorized access to protected information.

The vulnerability of IsemTelephony operating systems for Android is related to access control errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.5CVSS5.5AI score0.00117EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.8 views

The vulnerability of the user interface of Juniper Networks Junos OS allows a attacker to trigger a service failure.

The vulnerability of the user interface of Juniper Networks Junos OS is related to access control errors. Exploiting this vulnerability can allow a perpetrator to cause service interruptions...

5.5CVSS5.5AI score0.00136EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.7 views

The vulnerability of the JDBC component of the Oracle Database Server database management system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the JDBC component of the Oracle Database Server management database system is related to access control errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.3CVSS7.2AI score0.00118EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/17 12:0 a.m.7 views

The vulnerability of the Windows Microsoft PC Manager software for maintenance, cleaning, and security operations is related to access control errors, which allow attackers to escalate their privileges.

The vulnerability of the Windows Microsoft PC Manager software for maintenance, cleaning, and security operations is related to access control errors. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS7.2AI score0.00331EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/15 12:0 a.m.5 views

The vulnerability of the “Tekon” SCADA system, related to errors in access control, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the “Tekon” SCADA system, related to access control errors. Exploiting this vulnerability could allow an intruder operating remotely to gain unauthorized access to protected information...

5.3CVSS5.5AI score
Exploits0References1Affected Software1
Rows per page
Query Builder