Lucene search
K

5 matches found

NVD
NVD
added 2026/05/27 9:16 a.m.20 views

CVE-2026-49002

Access control failure means that an application does not effectively check user access permissions, so that unauthorized users can access system data beyond their permissions, such as viewing and modifying configuration information...

9.1CVSS0.00293EPSS
Exploits0References1
NVD
NVD
added 2026/02/25 2:16 a.m.7 views

CVE-2026-25127

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the server does not properly validate user permission. Unauthorized users can view the information of authorized users. Version 8.0.0 fixes the issue...

7CVSS0.00264EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.10 views

PT-2025-44281

Name of the Vulnerable Software and Affected Versions Jenkins MCP Server Plugin versions 0.84.v50ca 24ef83f2 and earlier Description The Jenkins MCP Server Plugin does not properly enforce permission checks in several MCP tools. This allows attackers to initiate builds and access sensitive job an...

5.4CVSS6.3AI score0.00239EPSS
Exploits0References11
CNNVD
CNNVD
added 2021/12/06 12:0 a.m.8 views

Invenio-Drafts-Resources 安全漏洞

Invenio-Drafts-Resources is a submission/deposit module for Invenio. It is used for research data management. A security vulnerability exists in Invenio-Drafts-Resources versions prior to 0.13.7 and 0.14.6, which stems from a failure to properly check permissions in the affected product. The...

6.4CVSS5.7AI score0.00662EPSS
Exploits1References3
OSV
OSV
added 2017/06/22 6:29 p.m.4 views

CVE-2017-1326

IBM Sterling File Gateway does not properly restrict user requests based on permission level. This allows for users to update data related to other users, by manipulating the parameters passed in the POST request. IBM X-Force ID: 126060...

4.3CVSS5.8AI score0.00796EPSS
Exploits0References3
Rows per page
Query Builder