Lucene search
K

4 matches found

NVD
NVD
added 2026/05/27 8:16 p.m.12 views

CVE-2026-45108

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Authorization Grant DAG flow that allowed a user within the same Entra ID domain to obtain a local Unix...

8.4CVSS0.00246EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/06 7:51 p.m.5 views

Security Bulletin: IBM Planning Analytics Advanced Certified Containers is vulnerable to a sensitive information disclosure vulnerability

Summary A vulnerability was addressed in IBM Planning Analytics Advanced Certified Containers. Vulnerability Details CVEID:CVE-2025-36105 DESCRIPTION: IBM Planning Analytics Advanced Certified Containers could allow a local privileged user to obtain sensitive information from environment variable...

4.4CVSS5.8AI score0.00082EPSS
Exploits0Affected Software1
Microsoft CVE
Microsoft CVE
added 2024/05/14 7:0 a.m.4 views

An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler it is possible to extract arbitrary heap data relative to the start of the text including pointers and sensitive strings. The fixed versions are 3.0.7 3.1.5 3.2.4 and 3.3.1.

...

6.6CVSS7.4AI score0.00629EPSS
Exploits0
Patchstack
Patchstack
added 2024/03/07 12:0 a.m.8 views

WordPress User Registration Plugin <= 3.1.4 is vulnerable to Cross Site Scripting (XSS)

Software User Registration Type Plugin Vulnerable versions = 3.1.4 Fixed in 3.1.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1720 Patch priority Low CVSS severity Low 7.1 Developer Masteriyo PSID f3574c07a0a6 Credits stealthcopter Required...

6.1CVSS5.7AI score0.00547EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder