Lucene search
K

74 matches found

Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.8 views

PT-2026-26545

Anchorr is a Discord bot for requesting movies and TV shows and receiving notifications when items are added to a media server. In versions 1.4.1 and below, a stored Cross-site Scripting XSS vulnerability in the web dashboard's User Mapping dropdown allows any unprivileged Discord user in the...

9.6CVSS6AI score0.00427EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.8 views

Anchorr 安全漏洞

Anchorr is an open-source Discord bot developed by openVESSL that integrates media search and notifications. Versions of Anchorr 1.4.1 and earlier contain security vulnerabilities. These vulnerabilities stem from a storage cross-site scripting vulnerability in the Web dashboard user mapping...

9.6CVSS5.7AI score0.00427EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/24 9:15 a.m.8 views

CVE-2025-15522

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the automatordiscordusermapping shortcode in all versions up to, and including, 6.10.0.2 due to insufficient input sanitization and output...

6.4CVSS5.8AI score0.00259EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

SAP NetWeaver AS Java Sensitive Information Vulnerability (January 2026)

The version of SAP NetWeaver Application Server for Java detected on the remote host is affected by an Sensitive Information vulnerability as disclosed in the SAP Security Patch Day January 2026: - The User Management Engine UME in NetWeaver Application Server for Java NW AS Java utilizes an...

3CVSS5.6AI score0.00122EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/14 1:22 a.m.6 views

CVE-2026-0510

The User Management Engine UME in NetWeaver Application Server for Java NW AS Java utilizes an obsolete cryptographic algorithm for encrypting User Mapping data. This weakness could allow an attacker with high-privileged access to exploit the vulnerability under specific conditions potentially...

3CVSS6.4AI score0.00122EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 2:15 a.m.6 views

CVE-2026-0510

The User Management Engine UME in NetWeaver Application Server for Java NW AS Java utilizes an obsolete cryptographic algorithm for encrypting User Mapping data. This weakness could allow an attacker with high-privileged access to exploit the vulnerability under specific conditions potentially...

3CVSS0.00122EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/13 1:15 a.m.28 views

CVE-2026-0510 Obsolete Encryption Algorithm Used in NW AS Java UME User Mapping

The User Management Engine UME in NetWeaver Application Server for Java NW AS Java utilizes an obsolete cryptographic algorithm for encrypting User Mapping data. This weakness could allow an attacker with high-privileged access to exploit the vulnerability under specific conditions potentially...

3CVSS0.00122EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/13 1:15 a.m.3 views

CVE-2026-0510 Obsolete Encryption Algorithm Used in NW AS Java UME User Mapping

The User Management Engine UME in NetWeaver Application Server for Java NW AS Java utilizes an obsolete cryptographic algorithm for encrypting User Mapping data. This weakness could allow an attacker with high-privileged access to exploit the vulnerability under specific conditions potentially...

3CVSS6.1AI score0.00122EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.9 views

PT-2026-2342

Name of the Vulnerable Software and Affected Versions NetWeaver Application Server for Java NW AS Java affected versions not specified Description The User Management Engine UME within the software uses an outdated cryptographic algorithm to encrypt User Mapping data. This could allow an attacker...

3CVSS6.3AI score0.00122EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.12 views

EUVD-2019-10124

Malware in sbrugna...

5.4CVSS5.5AI score0.00622EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/17 12:0 a.m.1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly cleaning up user mapping information, which could lead to a memory leak...

5.5CVSS5.8AI score0.00156EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 10:29 a.m.17 views

CVE-2019-1567

The Expedition Migration tool 1.1.6 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings...

5.4CVSS6.5AI score0.00622EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/03/10 9:9 p.m.13 views

Improper Authorization in Keycloak Organization Mapper Allows Unauthorized Organization Claims

This vulnerability is caused by the improper mapping of users to organizations based solely on email/username patterns. The issue is limited to the token claim level, meaning the user is not truly added to the organization but may appear as such in applications relying on these claims. The risk...

5.4CVSS6.9AI score0.00378EPSS
Exploits0References7Affected Software1
UbuntuCve
UbuntuCve
added 2024/09/04 7:15 p.m.21 views

CVE-2024-44965

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...

5.5CVSS6.4AI score0.00223EPSS
Exploits0References26
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.3 views

kernel: iommufd: Check for uptr overflow

A flaw was found in the iommufd subsystem of the Linux kernel. When setting up a mapping with a user virtual address that wraps past zero or otherwise triggers a pointer/size overflow, the kernel may fail to properly validate and constrain the user-provided values. This can result in a buffer...

6AI score0.00155EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:53 a.m.2 views

SUSE CVE-2020-25717

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation...

8.1CVSS6.3AI score0.01612EPSS
Exploits0References50
Code423n4
Code423n4
added 2022/09/23 12:0 a.m.13 views

createClaim can be circumvented

Lines of code Vulnerability details Impact VTVLVesting.sol has createClaim function for the admins to create claims. However, a malicious admin vector exists inside. The project gives some powerfull access to the admins for some reason as stated on the contest page. And a good intention is to emi...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2022/05/07 2:0 p.m.94 views

CVE-2020-25717

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation. Mitigation Setting "gensec:requirepac=true" in the smb.conf makes, due to a cache prime in winbind, the DOMAIN\user lookup succeed, provided...

8.5CVSS7.9AI score0.01612EPSS
Exploits0References4
OSV
OSV
added 2022/03/23 8:38 p.m.7 views

CLSA-2022-1648067939 Fix of CVE: CVE-2021-23192, CVE-2020-25717, CVE-2016-2124

CVE-2016-2124: Fix privilege escalation in Samba SMB1 authentication rhbz2021163 - CVE-2021-23192: Fix DCE/RPC fragment injection vulnerability rhbz2021167 - CVE-2020-25717: Fix privilege escalation in the way Samba maps domain users to local users rhbz2021171...

8.5CVSS6.8AI score0.01953EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/02/26 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-1258)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS7.9AI score0.02025EPSS
Exploits0References2
Rows per page
Query Builder