Lucene search
K

178 matches found

Vulnrichment
Vulnrichment
added 2025/12/11 3:2 p.m.5 views

CVE-2025-14518 PowerJob Network Request PingPongUtils.java checkConnectivity server-side request forgery

A vulnerability was identified in PowerJob up to 5.1.2. This vulnerability affects the function checkConnectivity of the file src/main/java/tech/powerjob/common/utils/net/PingPongUtils.java of the component Network Request Handler. The manipulation of the argument targetIp/targetPort leads to...

6.5CVSS6.5AI score0.00311EPSS
Exploits1References6
CVE
CVE
added 2025/12/11 3:2 p.m.18 views

CVE-2025-14518

PowerJob

9.8CVSS6.5AI score0.00311EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.6 views

PT-2025-50612

A vulnerability was identified in PowerJob up to 5.1.2. This vulnerability affects the function checkConnectivity of the file src/main/java/tech/powerjob/common/utils/net/PingPongUtils.java of the component Network Request Handler. The manipulation of the argument targetIp/targetPort leads to...

6.5CVSS6.7AI score0.00311EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.4 views

PowerJob 安全漏洞

PowerJob is an open source distributed computing and job scheduling framework from PowerJob Open Source that allows developers to easily schedule tasks in their applications. A security vulnerability exists in PowerJob 5.1.2 and earlier versions, which originates in the function in the file...

9.8CVSS6.3AI score0.00311EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/10/11 7:20 p.m.13 views

CVE-2025-11581

A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicl...

7.5CVSS6.7AI score0.00416EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/11 6:27 p.m.4 views

CVE-2025-11580

A weakness has been identified in PowerJob up to 5.1.2. This affects the function list of the file /user/list. This manipulation causes missing authorization. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks...

6.9CVSS5.3AI score0.01028EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/10 9:31 p.m.6 views

EUVD-2025-33770

A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicl...

6.9CVSS6.4AI score0.00416EPSS
Exploits0References5
OSV
OSV
added 2025/10/10 9:31 p.m.3 views

GHSA-9WQ6-87HW-6MHC PowerJob OpenAPIController is missing authorization

A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicl...

6.9CVSS6.9AI score0.00416EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/10/10 9:31 p.m.8 views

PowerJob OpenAPIController is missing authorization

A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicl...

7.5CVSS5.5AI score0.00416EPSS
Exploits0References6Affected Software1
Snyk
Snyk
added 2025/10/10 7:41 p.m.15 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via multiple APIs in OpenAPIController. An attacker can gain unauthorized access to sensitive information by sending crafted requests to the endpoints. Remediation There is no fixed version for...

7.5CVSS6.8AI score0.00416EPSS
Exploits0References2
NVD
NVD
added 2025/10/10 7:15 p.m.4 views

CVE-2025-11581

A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicl...

7.5CVSS0.00416EPSS
Exploits0References5
OSV
OSV
added 2025/10/10 7:15 p.m.5 views

CVE-2025-11581

A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicl...

7.5CVSS5.3AI score
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/10/10 7:2 p.m.2 views

CVE-2025-11581 PowerJob OpenAPIController runJob authorization

A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicl...

6.9CVSS6.6AI score0.00416EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/10/10 7:2 p.m.8 views

CVE-2025-11581 PowerJob OpenAPIController runJob authorization

A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicl...

6.9CVSS0.00416EPSS
Exploits0References5
CVE
CVE
added 2025/10/10 7:2 p.m.14 views

CVE-2025-11581

PowerJob (up to version 5.1.2) contains a security vulnerability in the OpenAPIController’s /openApi/runJob endpoint. The issue is due to missing authorization in that code path, allowing a remote attacker to manipulate the request without authentication. Multiple connected sources (NVD, Red Hat ...

7.5CVSS6.6AI score0.00416EPSS
Exploits0References5Affected Software1
Snyk
Snyk
added 2025/10/10 6:43 p.m.2 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the list function in UserInfoController.java. An attacker can access sensitive user information by sending unauthorized requests remotely. Remediation There is no fixed version for...

6.9CVSS5.7AI score0.01028EPSS
Exploits0References2
OSV
OSV
added 2025/10/10 6:31 p.m.5 views

GHSA-87XJ-GHMC-C3XQ PowerJob has Missing Authorization in its /user/list file

A weakness has been identified in PowerJob up to 5.1.2. This affects the function list of the file /user/list. This manipulation causes missing authorization. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited...

6.9CVSS5.3AI score0.01028EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/10/10 6:31 p.m.7 views

PowerJob has Missing Authorization in its /user/list file

A weakness has been identified in PowerJob up to 5.1.2. This affects the function list of the file /user/list. This manipulation causes missing authorization. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited...

6.9CVSS5.3AI score0.01028EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2025/10/10 6:15 p.m.4 views

CVE-2025-11580

A weakness has been identified in PowerJob up to 5.1.2. This affects the function list of the file /user/list. This manipulation causes missing authorization. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks...

6.9CVSS0.01028EPSS
Exploits0References5
OSV
OSV
added 2025/10/10 6:15 p.m.4 views

CVE-2025-11580

A weakness has been identified in PowerJob up to 5.1.2. This affects the function list of the file /user/list. This manipulation causes missing authorization. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks...

6.9CVSS5.3AI score
Exploits0References5
Rows per page
Query Builder