Lucene search
K

210 matches found

ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-27771

Gitea versions up to and including 1.26.1 have insufficient permission checks for Composer package source links, which can expose private or internal package source information...

8.2CVSS7.3AI score0.40738EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from insufficient permission checks, potentially leading to local privilege escalation...

7.8CVSS5.3AI score0.00072EPSS
Exploits0References2
NVD
NVD
added 2026/04/01 11:15 a.m.6 views

CVE-2026-24096

Insufficient permission validation on multiple REST API Quick Setup endpoints in Checkmk 2.5.0 beta before version 2.5.0b2 and 2.4.0 before version 2.4.0p25 allows low-privileged users to perform unauthorized actions or obtain sensitive information...

8.8CVSS0.00236EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.10 views

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a dedicated operating system designed specifically for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s product...

3.3CVSS5.8AI score0.00167EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.10 views

Misskey 授权问题漏洞

Misskey is an open-source, permanently free social media platform developed by Misskey. Versions of Misskey from 8.45.0 until 2026.3.1 had an authorization issue vulnerability. This vulnerability stemmed from insufficient permission checks and input validation, which could lead to severe data...

9.2CVSS5.8AI score0.00249EPSS
Exploits0References1
CVE
CVE
added 2026/03/09 12:23 p.m.15 views

CVE-2026-21736

CVE-2026-21736 is a GPU DDK vulnerability where a non-privileged user can perform improper GPU system calls to gain write access to read-only wrapped user-mode memory. The enrichment notes an insufficient permission check in PhysmemWrapExtMem() when write attribute support is enabled; the root ca...

4.4CVSS5.8AI score0.00124EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/09 1:33 a.m.4 views

CVE-2026-25859

Wekan versions prior to 8.20 allow non-administrative users to access migration functionality due to insufficient permission checks, potentially resulting in unauthorized migration operations...

8.8CVSS5.2AI score0.00343EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/08 12:30 a.m.9 views

EUVD-2026-5703

Wekan versions prior to 8.20 allow non-administrative users to access migration functionality due to insufficient permission checks, potentially resulting in unauthorized migration operations...

8.8CVSS5.3AI score0.00343EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/07 9:59 p.m.3 views

CVE-2026-25859 WeKan < 8.20 Migration Functionality Insufficient Permission Checks

Wekan versions prior to 8.20 allow non-administrative users to access migration functionality due to insufficient permission checks, potentially resulting in unauthorized migration operations...

7.1CVSS5.4AI score0.00343EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/07 12:0 a.m.7 views

WeKan 安全漏洞

WeKan is an open-source dashboard application developed by WeKan. Versions of WeKan prior to version 8.20 contained security vulnerabilities. These vulnerabilities were due to insufficient permission checks, which could allow non-managed users to access migration functions...

8.8CVSS5.8AI score0.00343EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/07 12:0 a.m.11 views

PT-2026-6934

Name of the Vulnerable Software and Affected Versions Wekan versions prior to 8.20 Description Insufficient permission checks in Wekan allow non-administrative users to access migration functionality, potentially leading to unauthorized migration operations. Recommendations Update Wekan to versio...

8.8CVSS5.4AI score0.00343EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/01/24 12:0 a.m.14 views

WordPress plugin All-in-One Video Gallery has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.8AI score0.00161EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 9:6 a.m.6 views

CVE-2024-34617

Improper handling of insufficient permission in Telephony prior to SMR Aug-2024 Release 1 allows local attackers to configure default Message application...

4CVSS6.6AI score0.00126EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/25 3:27 a.m.8 views

EUVD-2025-199549

The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a insufficient capability check on the Base::getrestpermission method in all versions up to, and including, 2.5.7. This makes it possible for authenticated attackers, with Contributor-level access an...

4.3CVSS5.2AI score0.00159EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/18 4:39 a.m.6 views

CVE-2025-62668 Insufficient permission checks in action=growthsetmentor

Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Resource Leak Exposure.This issue affects Mediawiki - GrowthExperiments Extension: from master before 1.39...

6.9CVSS0.0038EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-10147

Malware in sbrugna...

8.8CVSS8.7AI score0.00847EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-30725

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01874EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.17 views

EUVD-2025-13699

Malicious code in bioql PyPI...

4CVSS6.6AI score0.00111EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-13685

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00124EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-3056

Malicious code in bioql PyPI...

5.5CVSS5.9AI score0.01138EPSS
Exploits0References8
Rows per page
Query Builder