Lucene search
K

364 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-1181

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00519EPSS
Exploits0References3
CVE
CVE
added 2025/08/08 6:12 p.m.17 views

CVE-2012-10042

CVE-2012-10042 affects Sflog! CMS 1.0 via an authenticated file-upload vulnerability in the blog management interface (manage.php). With default credentials (admin:secret), authenticated users can upload files to blogs/download/uploads/, where the upload validation is insufficient, enabling a PHP...

8.7CVSS7.4AI score0.00971EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/07/04 4:24 p.m.8 views

CVE-2025-6943

Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables...

3.8CVSS7AI score0.00137EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/04 4:24 p.m.11 views

CVE-2025-6942

The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine...

3.8CVSS6.4AI score0.00126EPSS
Exploits0References1
NVD
NVD
added 2025/07/02 4:15 p.m.13 views

CVE-2025-6943

Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables...

4CVSS0.00137EPSS
Exploits0References4
OSV
OSV
added 2025/07/02 4:15 p.m.5 views

CVE-2025-6943

Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables...

4CVSS5.8AI score0.00137EPSS
Exploits0References4
NVD
NVD
added 2025/07/02 4:15 p.m.29 views

CVE-2025-6942

The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine...

3.8CVSS0.00126EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/02 3:49 p.m.28 views

CVE-2025-6942

The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine...

3.8CVSS0.00126EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/07/02 3:49 p.m.3 views

CVE-2025-6942

The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine...

3.8CVSS6.5AI score0.00126EPSS
Exploits0References4
CVE
CVE
added 2025/07/02 3:49 p.m.24 views

CVE-2025-6942

Affected product: Delinea Secret Server distributed engine. Versions 8.4.39.0 and earlier (within Secret Server 11.7.49 and earlier) are vulnerable. Root cause: insufficient validation during the initial authorization event, enabling impersonation of another distributed engine. Impact: attacker c...

3.8CVSS6.5AI score0.00126EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/02 3:45 p.m.20 views

CVE-2025-6943

Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables...

3.8CVSS0.00137EPSS
Exploits0References4
CVE
CVE
added 2025/07/02 3:45 p.m.21 views

CVE-2025-6943

The CVE-2025-6943 entry relates to Delinea Secret Server (Thycotic Secret Server) versions 11.7 and earlier. A SQL report creation vulnerability arises from insufficient validation of SQL report creation, enabling an administrator to access restricted tables. The impact is limited to local/admin ...

4CVSS7.2AI score0.00137EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/02 12:0 a.m.9 views

PT-2025-27646 · Thycotic · Thycotic Secret Server

Name of the Vulnerable Software and Affected Versions: Thycotic Secret Server versions 11.7 and earlier Description: The issue allows an administrator to gain access to restricted tables through a SQL report creation vulnerability. Recommendations: For Thycotic Secret Server versions 11.7 and...

3.8CVSS7AI score0.00137EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/07/02 12:0 a.m.6 views

Delinea Secret Server 安全漏洞

Delinea Secret Server is a powerful PAM in the cloud or locally from Delinea USA. A security vulnerability exists in Delinea Secret Server version 11.7 and earlier, which stems from insufficient validation of SQL report creation and could lead to administrator access to restricted tables...

4CVSS7.1AI score0.00137EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/07/02 12:0 a.m.6 views

PT-2025-27658 · Unknown · Secret Server

Name of the Vulnerable Software and Affected Versions: Secret Server versions 11.7.49 and earlier Description: The distributed engine of Secret Server can be exploited during an initial authorization event, allowing an attacker to impersonate another distributed engine. Recommendations: For Secre...

3.8CVSS6.1AI score0.00126EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/07/02 12:0 a.m.5 views

Delinea Secret Server 安全漏洞

Delinea Secret Server is a powerful PAM in the cloud or locally from Delinea USA. A security vulnerability exists in Delinea Secret Server version 11.7.49 and earlier, which stems from insufficient validation in the initial authorization event and could lead to distributed engine impersonation...

3.8CVSS6.6AI score0.00126EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 10:49 a.m.17 views

CVE-2024-25651

User enumeration can occur in the Authentication REST API in Delinea PAM Secret Server 11.4. This allows a remote attacker to determine whether a user is valid because of a difference in responses from the /oauth2/token endpoint...

5.3CVSS6.9AI score0.00476EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:1 a.m.9 views

CVE-2024-25653

Broken Access Control in the Report functionality of Delinea PAM Secret Server 11.4 allows unprivileged users, when Unlimited Admin Mode is enabled, to view system reports and modify custom reports via the Report functionality in the Web UI...

4.3CVSS6.8AI score0.00395EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:1 a.m.11 views

CVE-2024-25649

In Delinea PAM Secret Server 11.4, it is possible for an attacker with Administrator access to the Secret Server machine to read the following data from a memory dump: the decrypted master key, database credentials when SQL Server Authentication is enabled, the encryption key of RabbitMQ queue...

6.7CVSS7.4AI score0.00076EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:27 a.m.6 views

CVE-2024-12908

Delinea addressed a reported case on Secret Server v11.7.31 protocol handler version 6.0.3.26 where, within the protocol handler function, URI's were compared before normalization and canonicalization, potentially leading to over matching against the approved list. If this attack were successfull...

6.9CVSS7.8AI score0.00715EPSS
Exploits1References1
Rows per page
Query Builder