Lucene search
+L

120 matches found

OSV
OSV
added 4 days ago3 views

CVE-2026-55651 Easy!Appointments Vulnerable to Appointments Takeover via Excessive Data Exposure

Easy!Appointments is a self hosted appointment scheduler. In version 1.5.2, an Excessive Data Exposure vulnerability in the customers search endpoint allows an authenticated user to obtain appointment hashes belonging to other users. Using these hashes, an attacker can modify or delete appointmen...

7.1CVSS6.1AI score0.00185EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/26 2:9 a.m.7 views

SUSE CVE-2026-53218

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftexthdr: fix register tracking for FPRESENT flag nftexthdrinit passes user-controlled priv-len to nftparseregisterstore, which marks that many bytes in the register bitmap as initialized. However, when...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/04 8:54 p.m.8 views

CVE-2026-42539 IRIS has an Excessive Data Exposure issue

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 return sensitive data to the user which are not required for the client’s operation. Version 2.4.28 contains a patch...

6.5CVSS5.5AI score0.00232EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 8:54 p.m.25 views

CVE-2026-42539

CVE-2026-42539 affects the IRIS web collaborative platform. Versions prior to 2.4.28 expose sensitive data to users that is not required for operation. The root cause is an excessive data exposure in these older builds. Version 2.4.28 includes a patch to fix this. CVSS 3.1 metrics indicate a Medi...

6.5CVSS5.8AI score0.00232EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 8:54 p.m.34 views

CVE-2026-42539 IRIS has an Excessive Data Exposure issue

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 return sensitive data to the user which are not required for the client’s operation. Version 2.4.28 contains a patch...

6.5CVSS0.00232EPSS
Exploits0References1
OSV
OSV
added 2026/06/04 8:54 p.m.4 views

CVE-2026-42539 IRIS has an Excessive Data Exposure issue

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 return sensitive data to the user which are not required for the client’s operation. Version 2.4.28 contains a patch...

6.5CVSS6AI score0.00232EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/04/15 12:0 a.m.5 views

AndroScanner: Automated Backend Vulnerability Detection for Android Applications

Mobile applications rely on complex backends that introduce significant security risks, yet developers often lack the tools to assess these risks effectively. This paper presents AndroScanner, an automated pipeline for detecting vulnerabilities in Android application backends through combined...

5.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/19 5:14 p.m.5 views

CVE-2026-26940

Improper Validation of Specified Quantity in Input CWE-1284 in the Timelion visualization plugin in Kibana can lead Denial of Service via Excessive Allocation CAPEC-130. The vulnerability allows an authenticated user to send a specially crafted Timelion expression that overwrites internal series...

6.5CVSS5.8AI score0.0027EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/03/19 5:14 p.m.3 views

CVE-2026-26940 Improper Validation of Specified Quantity in Input in Kibana Leading to Denial of Service

Improper Validation of Specified Quantity in Input CWE-1284 in the Timelion visualization plugin in Kibana can lead Denial of Service via Excessive Allocation CAPEC-130. The vulnerability allows an authenticated user to send a specially crafted Timelion expression that overwrites internal series...

6.5CVSS6AI score0.0027EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an arithmetic underflow, potentially leading to excessive data queues...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.11 views

PT-2025-50758

Name of the Vulnerable Software and Affected Versions minaliC version 2.0.0 Description minaliC version 2.0.0 contains a denial of service issue. Remote attackers can disrupt service by sending oversized GET requests. Specifically, crafted HTTP requests with excessive data can overwhelm the serve...

8.7CVSS6.5AI score0.00442EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-2380

Malware in sbrugna...

2.1CVSS6.4AI score0.00346EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-30419

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00517EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-37723

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00398EPSS
Exploits0References1
Redos
Redos
added 2025/09/12 12:0 a.m.7 views

ROS-20250912-09

Vulnerability in the implementation of the CORS mechanism of the Python PyPi language software product repository is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information. remotely to disclose protected...

7.5CVSS5.3AI score0.00677EPSS
Exploits5
RedhatCVE
RedhatCVE
added 2025/08/20 2:28 p.m.5 views

CVE-2024-49827

IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to excessive data exposure, allowing attackers to access sensitive information without proper filtering...

7.5CVSS7.2AI score0.00221EPSS
Exploits0References1
NVD
NVD
added 2025/08/18 2:15 p.m.7 views

CVE-2024-49827

IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to excessive data exposure, allowing attackers to access sensitive information without proper filtering...

7.5CVSS0.00221EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/18 1:43 p.m.5 views

CVE-2024-49827 IBM Concert Software information disclosure

IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to excessive data exposure, allowing attackers to access sensitive information without proper filtering...

3.7CVSS6.5AI score0.00221EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/18 1:43 p.m.10 views

CVE-2024-49827 IBM Concert Software information disclosure

IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to excessive data exposure, allowing attackers to access sensitive information without proper filtering...

3.7CVSS0.00221EPSS
Exploits0References1
CVE
CVE
added 2025/08/18 1:43 p.m.26 views

CVE-2024-49827

CVE-2024-49827 affects IBM Concert Software version 1.0.0 through 1.1.0. The vulnerability is an excessive data exposure vulnerability that allows attackers to access sensitive information due to insufficient filtering. Public sources in the provided documents consistently describe the impact as ...

7.5CVSS6AI score0.00221EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder