Lucene search
K

54 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/11 2:19 a.m.4 views

CVE-2026-21289

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.5CVSS5.8AI score0.00603EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/11 2:19 a.m.6 views

EUVD-2026-11058

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures an...

4.3CVSS5.8AI score0.00339EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/11 2:19 a.m.7 views

CVE-2026-21296

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures an...

4.3CVSS5.8AI score0.00339EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/11 2:19 a.m.37 views

CVE-2026-21296 Adobe Commerce | Incorrect Authorization (CWE-863)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures an...

4.3CVSS0.00339EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.8 views

PT-2026-24562

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.5CVSS5.8AI score0.0056EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.5 views

PT-2026-24552

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited...

5.3CVSS5.8AI score0.00295EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/03 12:0 a.m.7 views

IBM Engineering Requirements Management DOORS Next 安全漏洞

IBM Engineering Requirements Management DOORS Next is a scalable solution provided by the American company International Business Machines IBM. This solution can help you capture, track, analyze, and manage systems as well as advanced IT application development. Versions 7.1 and 7.2 of IBM...

5.4CVSS5.8AI score0.00144EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 6:15 a.m.10 views

CVE-2025-12757

An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to...

4.6CVSS0.00266EPSS
Exploits0References1
CVE
CVE
added 2025/11/19 7:45 p.m.21 views

CVE-2025-36371

Summary: CVE-2025-36371 affects IBM i versions 7.2–7.6. The vulnerability is an information disclosure in the database plan cache implementation that could allow a user with database plan cache access to see information they are not authorized to view. Affected products/versions: IBM i 7.2, 7.3, ...

6.5CVSS6.1AI score0.00232EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-4464

Malware in sbrugna...

4.3CVSS6.4AI score0.01214EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/19 6:44 a.m.11 views

CVE-2025-4571 GiveWP – Donation Plugin and Fundraising Platform <= 4.3.0 - Missing Authorization To Authenticated (Contributor+) Campaign Data View And Modification

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized view and modification of data due to an insufficient capability check on the permissionsCheck functions in all versions up to, and including, 4.3.0. This makes it possible for authenticated...

5.4CVSS0.00253EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/05/22 4:55 a.m.9 views

CVE-2013-4608

Cross-site scripting XSS vulnerability in REDCap before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors involving the Graphical Data View & Descriptive Stats page...

4.3CVSS5.8AI score0.01214EPSS
Exploits0References1
OSV
OSV
added 2025/04/01 11:15 a.m.4 views

CVE-2025-3082

A user authorized to access a view may be able to alter the intended collation, allowing them to access to a different or unintended view of underlying data. This issue affects MongoDB Server v5.0 version prior to 5.0.31, MongoDB Server v6.0 version prior to 6.0.20, MongoDB Server v7.0 version...

5.4CVSS6.8AI score
Exploits0References1
OSV
OSV
added 2023/10/19 10:15 p.m.5 views

PYSEC-2023-213

Inadequate encryption strength in mycli 1.27.0 allows attackers to view sensitive information via /mycli/config.py...

7.5CVSS7.1AI score0.0022EPSS
Exploits1References3
OSV
OSV
added 2023/08/27 11:15 p.m.3 views

CVE-2023-33852

IBM Security Guardium 11.4 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 257614...

5.4CVSS5.9AI score0.00429EPSS
Exploits0References2
Prion
Prion
added 2023/05/11 6:15 p.m.16 views

Cross site scripting

A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product A cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a...

6CVSS6.3AI score0.0062EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/12/02 12:0 a.m.2 views

thisAAY Lazy Mouse 安全漏洞

thisAAY Lazy Mouse is a mouse application from thisAAY. A security vulnerability exists in thisAAY Lazy Mouse that stems from the fact that it allows an attacker to view all data via a man-in-the-middle attack...

5.9CVSS7.3AI score0.00372EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/12 12:0 a.m.3 views

Moddable SDK 缓冲区错误漏洞

Moddable SDK is a software development kit SDK for IoT embedded software development from Moddable, Inc. in the United States. A security vulnerability exists in the Moddable SDK that originates from an out-of-bounds read security issue in the fxUint8Getter function in...

7.1CVSS7.1AI score0.00857EPSS
Exploits1References3
OSV
OSV
added 2022/04/12 5:15 p.m.4 views

CVE-2022-26105

SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the user inputs while interacting on the Network. On successful exploitation, an attacker can view or modif...

6.1CVSS7.4AI score0.00855EPSS
Exploits0References2
OSV
OSV
added 2022/02/04 11:15 p.m.3 views

CVE-2022-22727

A CWE-20: Improper Input Validation vulnerability exists that could allow an unauthenticated attacker to view data, change settings, impact availability of the software, or potentially impact a user�s local machine when the user clicks a specially crafted link. Affected Product: EcoStruxure Power...

8.8CVSS7.3AI score
Exploits0References1
Rows per page
Query Builder