CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/06/09 12:0 a.m.•5 views

EulerOS 2.0 SP11 : firewalld (EulerOS-SA-2026-2202)

According to the versions of the firewalld packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setter...

5.5CVSS5.5AI score0.00118EPSS

OSV•added 2026/06/08 3:27 p.m.•3 views

SUSE-SU-2026:2302-1 Security update for firewalld

This update for firewalld fixes the following issue: - CVE-2026-4948: local unprivileged users can modify the runtime firewall state without proper authentication due to D-Bus setter mis-authorizations bsc1260903...

5.5CVSS5.5AI score0.00118EPSS

OSV•added 2026/06/04 8:27 a.m.•2 views

SUSE-SU-2026:22060-1 Security update for firewalld

This update for firewalld fixes the following issue - CVE-2026-4948: local unprivileged users can modify firewall state due to D-Bus setter mis-authorizations bsc1260903...

ATTACKERKB•added 2026/06/01 1:15 a.m.•7 views

CVE-2026-10211

A vulnerability was determined in AstrBotDevs AstrBot 4.23.6. Affected by this issue is the function normalizerwpath of the file astrbot/core/tools/computertools/fs.py. This manipulation causes incorrect authorization. It is possible to initiate the attack remotely. The exploit has been publicly...

6.5CVSS6.3AI score0.00201EPSS

Exploits0References5Affected Software1

Tenable Nessus•added 2026/05/16 12:0 a.m.•8 views

SUSE SLED15 / SLES15 Security Update : firewalld (SUSE-SU-2026:1872-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1872-1 advisory. This update for firewalld fixes the following issue: - CVE-2026-4948: local unprivileged users can modify the runtime...

5.5CVSS5.8AI score0.00118EPSS

Exploits0References4

OSV•added 2026/05/15 3:22 p.m.•4 views

SUSE-SU-2026:1872-1 Security update for firewalld

5.5CVSS5.8AI score0.00118EPSS

OSV•added 2026/04/29 11:25 a.m.•1 views

SUSE-SU-2026:21418-1 Security update for firewalld

This update for firewalld fixes the following issues: - CVE-2026-4948: local unprivileged users can modify the runtime firewall state without proper authentication due to D-Bus setter mis-authorizations bsc1260903...

5.5CVSS5.8AI score0.00118EPSS

OSV•added 2026/04/11 2:3 p.m.•4 views

OESA-2026-1856 firewalld security update

firewalld is a firewall service daemon that provides a dynamic customizable firewall with a D-Bus interface. Security Fixes: A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and...

5.5CVSS5.7AI score0.00118EPSS

NVD•added 2026/03/27 6:16 a.m.•3 views

CVE-2026-4948

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication,...

5.5CVSS0.00118EPSS

OSV•added 2026/03/27 6:16 a.m.•3 views

DEBIAN-CVE-2026-4948

Cvelist•added 2026/03/27 5:30 a.m.•28 views

CVE-2026-4948 Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization

5.5CVSS0.00118EPSS

ATTACKERKB•added 2026/03/27 5:30 a.m.•1 views

CVE-2026-4948

5.5CVSS5.7AI score0.00118EPSS

AlpineLinux•added 2026/03/27 5:30 a.m.•2 views

CVE-2026-4948

Debian CVE•added 2026/03/27 5:30 a.m.•3 views

CVE-2026-4948

Positive Technologies•added 2026/03/27 12:0 a.m.•3 views

Exploits0

PT-2026-28678

Name of the Vulnerable Software and Affected Versions firewalld affected versions not specified Description A flaw exists in firewalld that allows a local unprivileged user to modify the runtime firewall state without proper authentication. This is possible due to mis-authorization of two runtime...

5.5CVSS5.9AI score0.00118EPSS

Exploits0References26

CNVD•added 2025/09/11 12:0 a.m.•3 views

Adobe Experience Manager misauthorization vulnerability (CNVD-2025-21153)

Adobe Experience Manager is a content management solution from Adobe designed to help organizations efficiently create, manage and deliver cross-channel content while integrating business solutions to enhance the customer experience. A misauthorization vulnerability exists in Adobe Experience...

6.5CVSS6.6AI score0.00379EPSS

CNNVD•added 2025/09/09 12:0 a.m.•1 views

Adobe Experience Manager 安全漏洞

6.5CVSS6.8AI score0.00379EPSS

CNNVD•added 2025/06/10 12:0 a.m.•2 views

Dell Wyse Management Suite WMS 安全漏洞

Wyse Management Suite WMS is a combined cloud and local management platform from Dell. A misauthorization vulnerability exists in Wyse Management Suite WMS, which can be exploited by an attacker to cause unauthorized access...

6.8CVSS6.5AI score0.00253EPSS