Lucene search
K

66 matches found

Nuclei
Nuclei
added 2026/06/16 7:13 a.m.50 views

Cacti 1.2.24 - SQL Injection

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graphview.php. Since guest users can access graphview.php without authentication by default, if guest users are being utilized in an enabled state, there...

9.8CVSS9.1AI score0.87575EPSS
Exploits2References5
Vulnrichment
Vulnrichment
added 2026/05/29 6:15 p.m.11 views

CVE-2026-49367

In JetBrains IntelliJ IDEA before 2026.1.1 command execution was possible via the guest user account...

8CVSS5.9AI score0.00332EPSS
Exploits0References1
OSV
OSV
added 2026/03/24 5:28 p.m.5 views

CVE-2026-33159 Craft CMS: Unauthenticated users could execute project configuration sync operations that should be restricted trusted users

Craft CMS is a content management system CMS. From version 4.0.0-RC1 to before version 4.17.8 and from version 5.0.0-RC1 to before version 5.9.14, guest users can access Config Sync updater index, obtain signed data, and execute state-changing Config Sync actions regenerate-yaml, apply-yaml-chang...

6.9CVSS5.8AI score0.00308EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/02/10 5:27 p.m.9 views

CVE-2026-0653 Insecure Access Control on TP-Link Tapo D235 and C260

On TP-Link Tapo C260 v1 and D235 v1, a guest‑level authenticated user can bypass intended access restrictions by sending crafted requests to a synchronization endpoint. This allows modification of protected device settings despite limited privileges. An attacker may change sensitive configuration...

7.2CVSS5.8AI score0.00386EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002451)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002451 advisory. The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by...

10CVSS6.3AI score0.02501EPSS
Exploits0References46
RedhatCVE
RedhatCVE
added 2026/01/09 11:25 a.m.9 views

CVE-2021-28150

Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf with the administrator password and other sensitive data via /backup2.cgi...

5.5CVSS6.9AI score0.02584EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:17 a.m.8 views

CVE-2021-0602

In onCreateOptionsMenu of WifiNetworkDetailsFragment.java, there is a possible way for guest users to view and modify Wi-Fi settings for all configured APs due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interactio...

7.8CVSS7AI score0.00141EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:35 a.m.11 views

CVE-2019-7176

An issue was discovered in GitLab Community and Enterprise Edition 8.x starting in 8.9, 9.x, 10.x, and 11.x before 11.5.9, 11.6.x before 11.6.7, and 11.7.x before 11.7.2. It has Incorrect Access Control. Guest users are able to add reaction emojis on comments to which they have no visibility...

4.3CVSS6.5AI score0.00923EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/01/02 3:42 p.m.21 views

CVE-2025-69284 In plane.io, a Guest User to a Workspace can still be able to see list of members

Plane is an an open-source project management tool. In plane.io, a guest user doesn't have a permission to access https://app.plane.so/:slug/settings. Prior to Plane version 1.2.0, a problem occurs when the /api/workspaces/:slug/members/ is accessible by guest and able to list of users on a...

4.3CVSS0.00162EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/02 12:0 a.m.4 views

Plane 访问控制错误漏洞

Plane is an open source, self-hosted project planning tool from Plane Open Source. An access control error vulnerability exists in versions of Plane prior to 1.2.0, which stems from a guest user being able to access a list of members of a specific workspace and recognize an administrator's email...

4.3CVSS6.4AI score0.00162EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-12613

Malware in sbrugna...

7.2CVSS6.6AI score0.00262EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-7062

Malware in sbrugna...

6.5CVSS6.6AI score0.006EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-7817

Malware in sbrugna...

8.8CVSS8.7AI score0.00866EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-13654

Malware in sbrugna...

4.3CVSS4.8AI score0.01497EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-11270

Malware in sbrugna...

7.5CVSS7.7AI score0.01106EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-15620

Malware in sbrugna...

6.5CVSS6.6AI score0.00815EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-16348

Malware in sbrugna...

4.3CVSS4.9AI score0.00839EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-1179

Malware in sbrugna...

6.4CVSS6.4AI score0.01047EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-5531

Malware in sbrugna...

8.8CVSS8.5AI score0.01412EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-5606

Malware in sbrugna...

6.5CVSS6.4AI score0.01319EPSS
Exploits0References4
Rows per page
Query Builder