Lucene search
K

148 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.11 views

CVE-2025-54511

Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...

5.3CVSS5.5AI score0.00207EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/05 10:14 a.m.8 views

CVE-2026-21017

Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files...

4.6CVSS5.4AI score0.00093EPSS
Exploits0References1
NVD
NVD
added 2026/05/15 3:16 a.m.11 views

CVE-2025-54511

Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...

5.3CVSS0.00207EPSS
Exploits0References1
CVE
CVE
added 2026/05/15 2:45 a.m.15 views

CVE-2025-54511

CVE-2025-54511 affects the AMD Secure Processor (ASP). The AMD bulletin and NVD entry state that improper handling of insufficient privileges could allow an attacker to provide an input value to a function without sufficient privileges and write data, potentially impacting integrity and availabil...

5.3CVSS5.8AI score0.00207EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/15 2:45 a.m.13 views

CVE-2025-54511

Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...

5.3CVSS5.8AI score0.00207EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 2:45 a.m.7 views

CVE-2025-54511

Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...

5.3CVSS5.8AI score0.00207EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/15 2:45 a.m.15 views

EUVD-2025-209878

Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...

5.3CVSS5.8AI score0.00207EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 2:45 a.m.40 views

CVE-2025-54511

Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...

5.3CVSS0.00207EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.17 views

PT-2026-41254

Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...

5.3CVSS5.8AI score0.00207EPSS
Exploits0References2
CVE
CVE
added 2026/05/09 4:58 a.m.22 views

CVE-2025-15633

The CVE describes an improper authorization flaw in HCL BigFix WebUI. An authenticated user lacking Master Operator privileges can access internal data (site names, versions, configuration variables) via unprotected endpoints that do not enforce security headers. This indicates a privilege check ...

6.5CVSS5.8AI score0.00225EPSS
Exploits0References1Affected Software21
OSV
OSV
added 2026/04/09 6:31 p.m.4 views

GHSA-78CG-FC6C-W44W Apache OpenMeetings has an Improper Handling of Insufficient Privileges vulnerability

Sny registered user can query web service with their credentials and get files/sub-folders of any folder by ID metadata only NOT contents. Metadata includes id, type, name and some other field. Full list of fields get be checked at FileItemDTO object. This issue affects Apache OpenMeetings: from...

5.3CVSS5.8AI score0.00418EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/09 6:31 p.m.6 views

Apache OpenMeetings has an Improper Handling of Insufficient Privileges vulnerability

Sny registered user can query web service with their credentials and get files/sub-folders of any folder by ID metadata only NOT contents. Metadata includes id, type, name and some other field. Full list of fields get be checked at FileItemDTO object. This issue affects Apache OpenMeetings: from...

4.3CVSS5.8AI score0.00418EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/04/09 6:31 p.m.6 views

EUVD-2026-20934

Improper Handling of Insufficient Privileges vulnerability in Apache OpenMeetings. Any registered user can query web service with their credentials and get files/sub-folders of any folder by ID metadata only NOT contents. Metadata includes id, type, name and some other field. Full list of fields...

5.8AI score0.00418EPSS
Exploits0References4
NVD
NVD
added 2026/04/09 4:16 p.m.10 views

CVE-2026-33005

Improper Handling of Insufficient Privileges vulnerability in Apache OpenMeetings. Any registered user can query web service with their credentials and get files/sub-folders of any folder by ID metadata only NOT contents. Metadata includes id, type, name and some other field. Full list of fields...

4.3CVSS0.00418EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/09 3:52 p.m.3 views

CVE-2026-33005 Apache OpenMeetings: Insufficient checks in FileWebService

Improper Handling of Insufficient Privileges vulnerability in Apache OpenMeetings. Any registered user can query web service with their credentials and get files/sub-folders of any folder by ID metadata only NOT contents. Metadata includes id, type, name and some other field. Full list of fields...

5.8AI score0.00418EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/09 3:52 p.m.7 views

CVE-2026-33005

Improper Handling of Insufficient Privileges vulnerability in Apache OpenMeetings. Any registered user can query web service with their credentials and get files/sub-folders of any folder by ID metadata only NOT contents. Metadata includes id, type, name and some other field. Full list of fields...

5.8AI score0.00418EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/04/09 3:52 p.m.15 views

CVE-2026-33005

Apache OpenMeetings is affected by an Improper Handling of Insufficient Privileges vulnerability. A registered user can query the web service with their credentials and retrieve metadata (e.g., id, type, name, and other FileItemDTO fields) for files and sub-folders of any folder by ID, with no co...

4.3CVSS5.8AI score0.00418EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.7 views

PT-2026-31639

Name of the Vulnerable Software and Affected Versions Apache OpenMeetings versions prior to 9.0.0 Description A registered user can query a web service with their credentials and retrieve metadata id, type, name, and other fields from the FileItemDTO object for files and sub-folders of any folder...

5.8AI score0.00418EPSS
Exploits0References7
OSV
OSV
added 2026/03/02 9:8 a.m.4 views

BIT-GITLAB-2026-1747 Authentication Bypass Using an Alternate Path or Channel in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 17.11 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that, under certain conditions, could have allowed Developer-role users with insufficient privileges to make unauthorized modifications to protected Conan packag...

4.3CVSS6AI score0.00229EPSS
Exploits0References4
EUVD
EUVD
added 2026/02/25 9:31 p.m.5 views

EUVD-2026-8724

GitLab has remediated an issue in GitLab EE affecting all versions from 17.11 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that, under certain conditions, could have allowed Developer-role users with insufficient privileges to make unauthorized modifications to protected Conan packag...

4.3CVSS5.4AI score0.00229EPSS
Exploits0References4
Rows per page
Query Builder