CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

45 matches found

NVD•added 2026/04/13 4:16 a.m.•1 views

CVE-2026-28553

Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

7.5CVSS0.00005EPSS

Exploits0References1

CNNVD•added 2026/03/11 12:0 a.m.•2 views

Dell Alienware Command Center 安全漏洞

Dell Alienware Command Center is a software package manager developed by the American company Dell. Versions of the Dell Alienware Command Center prior to 6.12.24.0 contained security vulnerabilities. These vulnerabilities were due to improper permission management, and they could allow...

7.8CVSS5.8AI score0.00016EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2021-25524

Malware in sbrugna...

6.5CVSS4.9AI score0.00124EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-5792

Malicious code in bioql PyPI...

7.9CVSS6.5AI score0.00066EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-42185

Malicious code in bioql PyPI...

5.5CVSS8.7AI score0.00024EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-43530

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00291EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 2:21 a.m.•4 views

CVE-2023-38368

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information to a local user to do improper permission controls. IBM X-Force ID: 261195...

5.5CVSS5.7AI score0.00024EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 12:48 a.m.•5 views

CVE-2022-40232

IBM Sterling B2B Integrator Standard Edition 6.1.0.0 through 6.1.1.1, and 6.1.2.0 could allow an authenticated user to perform actions they should not have access to due to improper permission controls. IBM X-Force ID: 235597...

8.8CVSS6.2AI score0.00291EPSS

Exploits0References1

RedhatCVE•added 2025/05/20 11:16 p.m.•3 views

CVE-2025-47948

Cocotais Bot is a QQ official robot framework based on qq-bot-sdk. Starting in version 1.5.0-test2-hotfix and prior to version 1.6.2, command echoing feature in the framework allows users to indirectly trigger privileged behavior by injecting special platform tags. Specifically, an unauthorized...

7.2CVSS6.8AI score0.00322EPSS

Exploits0References1

Veracode•added 2025/04/23 1:44 p.m.•10 views

Privilege Escalation

github.com/argoproj/argo-events is vulnerable to Privilege Escalation. The vulnerability is due to insufficient permission controls due to allowing users with EventSource and Sensor custom resource permissions to escalate privileges and gain access to the host system and cluster...

9.9CVSS7AI score0.00248EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2025/02/06 1:53 a.m.•8 views

CVE-2022-43910

IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls. IBM X-Force ID: 240908...

8.4CVSS6.3AI score0.00024EPSS

Exploits0References1

NVD•added 2024/07/11 4:15 p.m.•17 views

CVE-2024-39905

Red is a fully modular Discord bot. Due to a bug in Red's Core API, 3rd-party cogs using the @commands.canmanagechannel command permission check without additional permission controls may authorize a user to run a command even when that user doesn't have permissions to manage a channel. None of t...

5.3CVSS0.00292EPSS

Exploits0References3

CVE•added 2024/07/11 3:43 p.m.•86 views

CVE-2024-39905

The CVE-2024-39905 issue affects Red-DiscordBot caused by a bug in Red’s Core API: 3rd-party cogs using the can_manage_channel permission check may allow a user to run a command without channel management rights. Core commands/cogs are not affected. The vulnerability was patched in version 3.5.10...

5.3CVSS5.4AI score0.00292EPSS

Exploits0References3

NVD•added 2024/06/27 7:15 p.m.•30 views

CVE-2023-38368

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information to a local user to do improper permission controls. IBM X-Force ID: 261195...

5.5CVSS0.00024EPSS

Exploits1References3

Cvelist•added 2024/06/27 6:25 p.m.•38 views

CVE-2023-38368 IBM Security Access Manager Docker information disclosure

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information to a local user to do improper permission controls. IBM X-Force ID: 261195...

5.5CVSS0.00024EPSS

Exploits1References2

CVE•added 2024/06/27 6:25 p.m.•60 views

CVE-2023-38368

IBM Security Access Manager/Verify Access Docker versions 10.0.0.0–10.0.7.1 are affected by an information-disclosure issue due to improper permission controls that could allow a local user to access sensitive data (CVE-2023-38368). The baseline documents confirm the affected product family and v...

5.5CVSS5.3AI score0.00024EPSS

Exploits1References3Affected Software1

Positive Technologies•added 2024/06/27 12:0 a.m.•2 views

PT-2024-12716 · Ibm · Ibm Security Access Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Access Manager Docker versions 10.0.0.0 through 10.0.7.1 Description: The issue could disclose sensitive information to a local user due to improper permission controls. Recommendations: For versions 10.0.0.0 through 10.0.7.1,...

5.5CVSS8.9AI score0.00024EPSS

Exploits1References4

BDU FSTEC•added 2023/11/11 12:0 a.m.•1 views

The vulnerability of the notification mechanism of the operating system “Avrora”, which allows a perpetrator to increase their privileges

The vulnerability of the “Avora” operating system’s notification mechanism is related to deficiencies in permission control for applications that send notifications. Exploiting this vulnerability allows attackers to execute privileged requests to system components, which can lead to violations of...

6.1CVSS5.6AI score

Exploits0References1Affected Software1

NVD•added 2023/07/19 3:15 a.m.•15 views

CVE-2022-43910

IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls. IBM X-Force ID: 240908...

8.4CVSS8AI score0.00024EPSS

Exploits0References2