Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-4182

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00352EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/14 2:50 p.m.6 views

CVE-2025-26370

A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated low-privileged attacker to remove privileges from user groups via crafted HTTP requests...

7.1CVSS6.7AI score0.00352EPSS
Exploits0References1
OSV
OSV
added 2025/02/12 2:15 p.m.7 views

CVE-2025-26369

A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated low-privileged attacker to add privileges to user groups via crafted HTTP requests...

8.8CVSS5.8AI score0.0053EPSS
Exploits0References1
CVE
CVE
added 2025/02/12 1:29 p.m.72 views

CVE-2025-26369

CVE-2025-26369 affects Q-Free MaxTime (MaxTime 2.11.0 and earlier). The issue is a CWE-862 Missing Authorization in maxprofile/user-groups/routes.lua, enabling an authenticated (low-privileged) attacker to add privileges to user groups via crafted HTTP requests. The underlying root cause is missi...

8.8CVSS8.6AI score0.0053EPSS
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2003/08/05 12:0 a.m.36 views

IBM DB2 - Shared Library Injection

source: https://www.securityfocus.com/bid/8346/info IBM DB2 ships with a number of shared libraries, stored in a directory owned by the user and group 'bin'. As setuid root utilities are linked to these libraries, their ownership by a user and group of a lower privilege level constitutes a...

7.4AI score
Exploits0
Rows per page
Query Builder