Lucene search
K

535 matches found

Vulnrichment
Vulnrichment
added 2026/01/09 12:0 a.m.2 views

CVE-2025-67282

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerabilities exists which allow a low privileged user to download password hashes of other user, access work items of other user, modify restricted content in workflows, modify the applications logo and manipulate the profi...

6.6AI score0.00195EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/20 12:0 a.m.9 views

PT-2025-52548

Name of the Vulnerable Software and Affected Versions Ultimate Member plugin for WordPress versions prior to 2.11.1 Description The Ultimate Member plugin for WordPress is affected by a sensitive information exposure issue. Insufficient authorization checks on an unauthenticated AJAX endpoint,...

5.3CVSS6.3AI score0.00437EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2025/12/17 10:44 p.m.2 views

CVE-2023-53905 ProjectSend r1605 CSV Injection via User Account Export Functionality

ProjectSend r1605 contains a CSV injection vulnerability that allows authenticated users to inject malicious formulas into user profile names. Attackers can craft payloads like =calc|a!z| in the name field to trigger code execution when administrators export action logs as CSV files...

8CVSS7.3AI score0.00412EPSS
Exploits1References3
NVD
NVD
added 2025/12/17 7:16 p.m.6 views

CVE-2025-13217

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the YouTube Video 'value' field in all versions up to, and including, 2.11.0. This is due to insufficient input...

6.4CVSS0.00255EPSS
Exploits0References3
CVE
CVE
added 2025/12/09 4:41 p.m.22 views

CVE-2022-47425

ARMember for WordPress

8.8CVSS6.6AI score0.00255EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/09 4:41 p.m.24 views

CVE-2022-47425 WordPress ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin <= 3.4.10 - Broken Access Control

Missing Authorization vulnerability in Repute Infosystems ARMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember: from n/a through 3.4.10...

4.3CVSS0.00255EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.5 views

Socomec Easy Config System 安全漏洞

Socomec Easy Config System is a free software tool developed by Socomec for fast, reliable and flexible configuration of its power monitoring and measurement equipment. An authentication bypass vulnerability exists in Socomec Easy Config System, which stems from an authentication bypass in the us...

7.3CVSS6.7AI score0.00147EPSS
Exploits0References3
Talos
Talos
added 2025/12/01 12:0 a.m.6 views

Socomec Easy Config System User profile management authentication bypass vulnerability

Talos Vulnerability Report TALOS-2024-2117 Socomec Easy Config System User profile management authentication bypass vulnerability December 1, 2025 CVE Number CVE-2024-45370 SUMMARY An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config...

7.3CVSS6.7AI score0.00147EPSS
Exploits0
OSV
OSV
added 2025/12/01 12:0 a.m.6 views

ASB-A-337775777

In multiple locations, there is a possible way to leak audio files across user profiles due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS6.8AI score0.00074EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/26 12:42 a.m.7 views

CVE-2025-64067

Primakon Pi Portal 1.0.18 API endpoints responsible for retrieving object-specific or filtered data e.g., user profiles, project records fail to implement sufficient server-side validation to confirm that the requesting user is authorized to access the requested object or dataset. This...

5.3CVSS6.5AI score0.00202EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/25 9:32 p.m.6 views

EUVD-2025-199636

Primakon Pi Portal 1.0.18 API endpoints responsible for retrieving object-specific or filtered data e.g., user profiles, project records fail to implement sufficient server-side validation to confirm that the requesting user is authorized to access the requested object or dataset. This...

5.3CVSS6AI score0.00202EPSS
Exploits0References3
OSV
OSV
added 2025/11/25 7:15 p.m.7 views

CVE-2025-64067

Primakon Pi Portal 1.0.18 API endpoints responsible for retrieving object-specific or filtered data e.g., user profiles, project records fail to implement sufficient server-side validation to confirm that the requesting user is authorized to access the requested object or dataset. This...

5.3CVSS5.7AI score0.00202EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.9 views

Reolink desktop application 安全漏洞

Reolink desktop application is a security camera monitoring software from Reolink USA. A security vulnerability exists in the Reolink desktop application that stems from the use of hard-coded and predictable AES encryption keys to encrypt user profiles, which could lead to a local attacker...

5.1CVSS6.3AI score0.00122EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.9 views

PT-2025-41511

Name of the Vulnerable Software and Affected Versions Contacts versions prior to SMR Oct-2025 Release 1 Description An improper input validation issue exists in Contacts prior to the SMR Oct-2025 Release 1. This allows local attackers to access data across multiple user profiles. The vulnerabilit...

7.1CVSS6.2AI score0.0012EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-0112

Malware in sbrugna...

6CVSS6.4AI score0.01181EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-14143

Malware in sbrugna...

6.7CVSS6.5AI score0.00275EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2008-6873

Malware in sbrugna...

6.5CVSS6.4AI score0.03289EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-1171

Malware in sbrugna...

4.3CVSS6.4AI score0.01659EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-6463

Malware in sbrugna...

7.5CVSS6.4AI score0.02962EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-1729

Malware in sbrugna...

5.8CVSS6.4AI score0.02404EPSS
Exploits0References7
Rows per page
Query Builder