Lucene search
K

228 matches found

CVE
CVE
added 2026/06/30 6:28 a.m.26 views

CVE-2026-12819

CVE-2026-12819 affects the Delta Electronics DVP12SE PLC. The issue is exposure of a Modbus TCP service on a specified port without authentication or access control, allowing unauthenticated interaction with security‑sensitive PLC functions. The CVSS metrics indicate high impact on confidentialit...

9.3CVSS5.8AI score0.0031EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/29 5:21 p.m.32 views

CVE-2026-57953 Mythic < 3.4.0.60 - Unauthorized Automation Workflow Modification via eventing_import_automatic_webhook Endpoint

Mythic before 3.4.0.60 contains an authorization bypass vulnerability that allows authenticated spectator-role users to perform unauthorized write operations by accessing the eventingimportautomaticwebhook endpoint registered under spectator-permitted middleware. Attackers with spectator role can...

5.4CVSS0.00249EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 11:21 p.m.3 views

GHSA-4GXV-P5G5-J7W7 gonic has arbitrary file write in createPlaylist: any authenticated user can write playlist M3U content to attacker-controlled path on the host

Summary A logic error in ServeCreateOrUpdatePlaylist allows any authenticated Subsonic user including non-admin to write playlist M3U content to an attacker-controlled absolute filesystem path on the gonic host, and to create intermediate directories with 0o777 permissions. The bug is independent...

8.1CVSS5.8AI score0.00269EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/19 7:38 p.m.23 views

CVE-2026-48089 DevGuard has improper authorization on public assets

DevGuard provides vulnerability management for the full software supply chain. Prior to 1.4.2, on a DevGuard API instance with one or more public assets, any authenticated user — including users from a different organization with no membership or role in the affected org/project — can create,...

7.1CVSS0.00235EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/16 11:40 p.m.4 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the HTTP Basic authentication. An attacker can perform unauthorized write actions, such as modifying user profiles, adding email addresses, creating repositories, and deleting repositories, by submitting an...

8.6CVSS5.9AI score0.00566EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.12 views

CVE-2026-48289

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write...

3.5CVSS5.4AI score0.00299EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.12 views

CVE-2026-48288

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write...

3.5CVSS5.4AI score0.0041EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.13 views

EUVD-2026-35635

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write...

3.5CVSS5.4AI score0.00299EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 5:17 p.m.12 views

CVE-2026-48289

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write...

3.5CVSS0.00299EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.14 views

CVE-2026-48288

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write...

3.5CVSS0.0041EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 4:48 p.m.21 views

CVE-2026-48289

CVE-2026-48289 affects Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, 2026.04 and earlier. The issue is an Improper Input Validation vulnerability that can bypass security features and allow unauthorized write access. Exploitation requires user interaction, with the attacker needing a v...

3.5CVSS5.4AI score0.00299EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/09 4:48 p.m.39 views

CVE-2026-48288 Adobe Experience Manager | Improper Input Validation (CWE-20)

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write...

3.5CVSS0.0041EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 4:48 p.m.21 views

CVE-2026-48288

CVE-2026-48288 affects Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, 2026.04 and earlier. The issue is an Improper Input Validation vulnerability that can result in a security feature bypass . A low-privileged attacker could bypass security controls and gain unauthorized write access. ...

3.5CVSS5.4AI score0.0041EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 4:48 p.m.8 views

CVE-2026-48288 Adobe Experience Manager | Improper Input Validation (CWE-20)

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write...

3.5CVSS5.4AI score0.0041EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Adobe Experience Manager 输入验证错误漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

3.5CVSS5.4AI score0.0041EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-48094

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write...

3.5CVSS5.4AI score0.00299EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.10 views

CVE-2026-34685

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier NEEDS REVIEW: impact mismatch — ticket says 'Arbitrary file system write', CIA triad derives 'Security Feature Bypass'. Verify CVSS vector before publishing. are affected by an Improper Input...

3.4CVSS5.4AI score0.00373EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.10 views

CVE-2026-34656

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

4.3CVSS5.5AI score0.00393EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.9 views

CVE-2026-34646

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.5CVSS5.5AI score0.00411EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 12:31 a.m.11 views

EUVD-2026-33845

Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader...

8.2CVSS5.8AI score0.00071EPSS
Exploits0References2
Rows per page
Query Builder