CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

39 matches found

NVD•added 2026/04/14 12:16 a.m.•0 views

CVE-2026-27672

The Material Master application does not enforce authorization checks for authenticated users when executing reports, resulting in the disclosure of sensitive information. This vulnerability has a low impact on confidentiality and does not affect integrity and availability of the system...

4.3CVSS0.00032EPSS

Exploits0References2

Positive Technologies•added 2026/04/14 12:0 a.m.•2 views

PT-2026-32552

4.3CVSS5.8AI score0.00032EPSS

Exploits0References3

RedhatCVE•added 2026/01/09 9:6 a.m.•5 views

CVE-2024-34690

SAP Student Life Cycle Management SLcM fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges. On successful exploitation it could allow an attacker to access and edit non-sensitive report variants that are typically restricted,...

5.4CVSS7.2AI score0.0043EPSS

Exploits0References1

NCSC•added 2025/11/27 1:35 p.m.•3 views

Vulnerabilities fixed in GitLab

GitLab has fixed vulnerabilities in its Community Edition CE and Enterprise Edition EE versions. The vulnerabilities include the ability for unauthenticated users to cause Denial of Service DoS conditions by submitting malicious JSON requests. In addition, unauthenticated users could join arbitra...

7.7CVSS7AI score0.00112EPSS

Exploits0References1

Vulnrichment•added 2025/11/10 8:55 a.m.•1 views

CVE-2025-12397 SQL Injection in Looker Studio

A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute with the report owner's permissions. The vulnerability affected to reports with BigQuery as the data source. This vulnerability was patched on 21 Ju...

7.6CVSS7.5AI score0.00032EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-14313

Malware in sbrugna...

7.5CVSS7.6AI score0.00329EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-19375

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00239EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-52619

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.00274EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-34989

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.0043EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-42727

Malicious code in bioql PyPI...

7.6CVSS6.6AI score0.00165EPSS

Exploits0References1

OSV•added 2025/08/14 5:15 p.m.•1 views

CVE-2025-20302

A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, low-privileged, remote attacker to retrieve a generated report from a different domain. This vulnerability is due to missing authorization checks. An attacker could exploit this...

4.3CVSS5.8AI score0.00063EPSS

Exploits0References1

Positive Technologies•added 2025/08/14 12:0 a.m.•3 views

PT-2025-33338 · Cisco · Cisco Secure Fmc

Name of the Vulnerable Software and Affected Versions: Cisco Secure FMC Software affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, low-privileged, remote attacker to retrieve a generated report from a different domain...

4.3CVSS6.8AI score0.00063EPSS

Exploits0References4

RedhatCVE•added 2025/05/22 4:45 p.m.•5 views

CVE-2020-6212

Egypt localized withholding tax reports Clearing of Liabilities and Remittance Statement and Summary in SAP ERP versions 618, 730, EAPPLGLO 607 and S/4 HANA versions 100, 101, 102, 103, 104 do not perform necessary authorization checks for an authenticated user, allowing reading or modification o...

5.5CVSS6.8AI score0.00126EPSS

Exploits0References1

OSV•added 2025/04/25 3:31 p.m.•2 views

GHSA-34G7-PG9J-PXGP Moodle allows IDOR when accessing the cohorts report

A flaw was discovered in Moodle. Additional checks were required to ensure that users can only access cohort data they are authorized to retrieve...

4.3CVSS8.9AI score0.00096EPSS

Exploits0References6

OSV•added 2025/02/26 8:8 p.m.•9 views

GHSA-8XV7-G2Q3-FQGC Mautic allows Improper Authorization in Reporting API

Summary This advisory addresses an authorization vulnerability in Mautic's HTTP Basic Authentication implementation. This flaw could allow unauthorized access to sensitive report data. Improper Authorization: An authorization flaw exists in Mautic's API Authorization implementation. Any...

7.7CVSS6.4AI score0.00181EPSS

Exploits0References6

NVD•added 2025/02/26 1:15 p.m.•7 views

CVE-2024-47053

This advisory addresses an authorization vulnerability in Mautic's HTTP Basic Authentication implementation. This flaw could allow unauthorized access to sensitive report data. Improper Authorization: An authorization flaw exists in Mautic's API Authorization implementation. Any authenticated use...

7.7CVSS0.00181EPSS

Exploits0References3

Cvelist•added 2025/02/26 11:54 a.m.•32 views

CVE-2024-47053 Improper Authorization in Reporting API

7.7CVSS0.00181EPSS

Exploits0References3

Positive Technologies•added 2025/02/26 12:0 a.m.•3 views

PT-2025-8691 · Mautic · Mautic

Name of the Vulnerable Software and Affected Versions: Mautic affected versions not specified Description: The issue concerns an authorization flaw in Mautic's HTTP Basic Authentication implementation, allowing unauthorized access to sensitive report data. Specifically, an improper authorization...

7.7CVSS6.6AI score0.00181EPSS

Exploits0References9

OSV•added 2025/01/10 10:15 p.m.•0 views

CVE-2024-47520

A user with advanced report application access rights can perform actions for which they are not authorized...

7.6CVSS5.8AI score0.00165EPSS

Exploits0References1

NVD•added 2025/01/10 10:15 p.m.•11 views

CVE-2024-47520

A user with advanced report application access rights can perform actions for which they are not authorized...

7.6CVSS0.00165EPSS

Exploits0References1