Lucene search
K

323 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/01/08 4:34 p.m.7 views

Security Bulletin: IBM Storage Ceph is vulnerable to an Origin Validation Error in Grafana (CVE-2024-57965)

Summary Axios is a dependency of Grafana, and Grafana is used by IBM Storage Ceph as a metrics dashboard. This bulletin identifies the steps to take to address the vulnerability in Grafana. CVE-2024-57965 Vulnerability Details CVEID:CVE-2024-57965 DESCRIPTION: In axios before 1.7.8,...

9.8CVSS6.9AI score0.00356EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/08 3:41 a.m.7 views

CVE-2026-20893

Origin validation error issue exists in Fujitsu Security Solution AuthConductor Client Basic V2 2.0.25.0 and earlier. If this vulnerability is exploited, an attacker who can log in to the Windows system where the affected product is installed may execute arbitrary code with SYSTEM privilege and/o...

8.5CVSS7.8AI score0.00123EPSS
Exploits0References1
NVD
NVD
added 2026/01/07 12:17 p.m.12 views

CVE-2026-20893

Origin validation error issue exists in Fujitsu Security Solution AuthConductor Client Basic V2 2.0.25.0 and earlier. If this vulnerability is exploited, an attacker who can log in to the Windows system where the affected product is installed may execute arbitrary code with SYSTEM privilege and/o...

8.5CVSS0.00123EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:18 a.m.7 views

CVE-2025-1102

A CWE-346 "Origin Validation Error" in the CORS configuration in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to affect the device confidentiality, integrity, or availability via crafted URLs or HTTP requests...

7.1CVSS7AI score0.00138EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/01/07 5:19 a.m.5 views

Origin validation error vulnerability in Fujitsu Security Solution AuthConductor Client Basic V2

Overview Fujitsu Security Solution AuthConductor Client Basic V2 provided by Fujitsu Client Computing Limited contains the following vulnerability. Origin validation error CWE-346 - CVE-2026-20893 MASAHIRO IIDA of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

8.5CVSS7.8AI score0.00123EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/01/07 3:16 a.m.24 views

CVE-2026-20893

Origin validation error issue exists in Fujitsu Security Solution AuthConductor Client Basic V2 2.0.25.0 and earlier. If this vulnerability is exploited, an attacker who can log in to the Windows system where the affected product is installed may execute arbitrary code with SYSTEM privilege and/o...

8.5CVSS0.00123EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/07 3:16 a.m.4 views

CVE-2026-20893

Origin validation error issue exists in Fujitsu Security Solution AuthConductor Client Basic V2 2.0.25.0 and earlier. If this vulnerability is exploited, an attacker who can log in to the Windows system where the affected product is installed may execute arbitrary code with SYSTEM privilege and/o...

8.5CVSS7.4AI score0.00123EPSS
Exploits0References2
CVE
CVE
added 2026/01/07 3:16 a.m.18 views

CVE-2026-20893

Summary: CVE-2026-20893 is an origin validation error in Fujitsu Security Solution AuthConductor Client Basic V2 up to and including 2.0.25.0. The issue allows a user who can log in to the Windows system hosting the affected product to execute arbitrary code with SYSTEM privileges and/or modify r...

8.5CVSS7.4AI score0.00123EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.6 views

PT-2026-1555

Name of the Vulnerable Software and Affected Versions Fujitsu Security Solution AuthConductor Client Basic V2 versions 2.0.25.0 and earlier Description An origin validation error exists in the software. Successful exploitation could allow an attacker who has access to the Windows system where the...

8.5CVSS7.4AI score0.00123EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/22 2:32 p.m.25 views

CVE-2025-61740 Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG Origin Validation Error

Authentication issue that does not verify the source of a packet which could allow an attacker to create a denial-of-service condition or modify the configuration of the device...

7.2CVSS0.00123EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/22 2:32 p.m.5 views

CVE-2025-61740 Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG Origin Validation Error

Authentication issue that does not verify the source of a packet which could allow an attacker to create a denial-of-service condition or modify the configuration of the device...

7.2CVSS6.4AI score0.00123EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/17 10:46 a.m.7 views

Security Bulletin: IBM watsonx Orchestrate Developer Edition is vulnerable to Exposed Dangerous Method or Function, Origin Validation Error due to webpack-dev-server

Summary webpack-dev-server is used by IBM watsonx Orchestrate Developer Edition as part of wxo-chat Vulnerability Details CVEID:CVE-2025-30359 DESCRIPTION: webpack-dev-server allows users to use webpack with a development server that provides live reloading. Prior to version 5.2.1,...

6.5CVSS6.7AI score0.00427EPSS
Exploits2Affected Software1
Snyk
Snyk
added 2025/12/05 10:43 p.m.3 views

Origin Validation Error

Overview Affected versions of this package are vulnerable to Origin Validation Error via an overly permissive CORS configuration in the refresh endpoint. An attacker can gain unauthorized access to authentication tokens and execute arbitrary code by enticing a victim to visit a malicious webpage...

9.6CVSS7.7AI score0.7889EPSS
Exploits3References2
RedhatCVE
RedhatCVE
added 2025/12/05 3:27 p.m.5 views

CVE-2025-8074

Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors...

5.6CVSS6.5AI score0.00084EPSS
Exploits0References1
NVD
NVD
added 2025/12/04 4:16 p.m.10 views

CVE-2025-8074

Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors...

5.6CVSS0.00084EPSS
Exploits0References1
OSV
OSV
added 2025/12/04 4:16 p.m.6 views

CVE-2025-8074

Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors...

5.6CVSS5.9AI score0.00084EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/04 3:17 p.m.22 views

CVE-2025-8074

Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors...

5.6CVSS0.00084EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/04 3:17 p.m.5 views

EUVD-2025-201163

Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors...

5.6CVSS6AI score0.00084EPSS
Exploits0References2
CVE
CVE
added 2025/12/04 3:17 p.m.11 views

CVE-2025-8074

CVE-2025-8074 describes an origin validation error in Synology BeeDrive for desktop up to version 1.4.3-13973 . The flaw allows local users to write arbitrary files containing non-sensitive information via unspecified vectors, indicating a local-privilege/unauthorized-write possibility as stated ...

5.6CVSS6.1AI score0.00084EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/04 3:17 p.m.4 views

CVE-2025-8074

Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors...

5.6CVSS6.1AI score0.00084EPSS
Exploits0References1
Rows per page
Query Builder