Lucene search
+L

9 matches found

Cvelist
Cvelist
added 2026/07/08 1:36 p.m.31 views

CVE-2026-60125 importModule function in MISP ignores per-organisation import module restrictions

MISP’s importModule path used getEnabledModule to resolve a single import module by name, but this lookup did not enforce the per-organisation module restriction checked by getEnabledModules. As a result, an authenticated user from an organisation that was not allowed to use a module restricted v...

5.3CVSS0.00207EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2014-9455

Malware in sbrugna...

5.5CVSS5.7AI score0.00635EPSS
Exploits2References15
Positive Technologies
Positive Technologies
added 2025/04/23 12:0 a.m.16 views

PT-2025-20353

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.15.0-rc1-syzkaller-00246-g900241a5cc15 Description A NULL pointer dereference issue has been identified in the Linux kernel, specifically in the tipc mon reinit self function. This issue arises due to a racing...

5.5CVSS6.6AI score0.00169EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/27 12:0 a.m.6 views

PT-2025-2648 · Otrs · Otrs

Name of the Vulnerable Software and Affected Versions: OTRS versions 6.0.x through 8.0.x OTRS versions 2023.x through 2024.x Description: An improper privilege management issue in the OTRS Generic Interface module allows users with read-only permissions to change the ticket status. This issue may...

3.5CVSS7.2AI score0.00208EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/10/04 12:0 a.m.21 views

PT-2024-34020

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel's drm/vc4 code has been resolved. The issue occurred when a file descriptor was closed, and the active performance monitor was not stopped. Although...

5.5CVSS5.5AI score0.00221EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2024/09/30 5:14 p.m.18 views

RestrictedPython information leakage via `AttributeError.obj` and the `string` module

Impact A user can gain access to protected and potentially sensible information indirectly via AttributeError.obj and the string module. Patches The problem will be fixed in version 7.3. Workarounds If the application does not require access to the module string, it can remove it from...

8.7CVSS6.8AI score0.0071EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2024/06/19 12:0 a.m.5 views

PT-2024-27120 · Weblir · Weblir Login As Customer Pro

Name of the Vulnerable Software and Affected Versions: Weblir Login as customer PRO module versions prior to 1.2.7 Description: The issue allows a guest to access a direct link to connect to each customer account of the shop if the module is not installed or if a secret accessible to the...

7.5CVSS7.2AI score0.00379EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/07/01 12:0 a.m.6 views

PT-2021-10857 · Phplist · Phplist

Name of the Vulnerable Software and Affected Versions: phplist version 3.5.3 Description: A stored cross site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Edit Values field under the Configure Attributes module...

5.4CVSS5.4AI score0.00538EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2009/09/15 12:0 a.m.7 views

PT-2009-5257 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.4.x through 2.4.37.6 Linux kernel versions 2.6.x through 2.6.31 Description: A memory leak issue exists in the appletalk subsystem of the Linux kernel. This occurs when the appletalk and ipddp modules are loaded, but t...

7.1CVSS6AI score0.03848EPSS
Exploits2References16
Rows per page
Query Builder