Lucene search
+L

11 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.12 views

CVE-2026-42098

Sparx Enterprise Architect software has a security feature that limits user's actions to those specified in the role. An authenticated attacker can modify the Enterprise Architect client behavior e.g. using a debugger and log in as any other user or administrator - then it is possible to do every...

8.7CVSS5.5AI score0.00401EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/19 12:59 p.m.43 views

CVE-2026-42098 Authorization Bypass in Sparx Enterprise Architect

Sparx Enterprise Architect software has a security feature that limits user's actions to those specified in the role. An authenticated attacker can modify the Enterprise Architect client behavior e.g. using a debugger and log in as any other user or administrator - then it is possible to do every...

8.7CVSS0.00401EPSS
Exploits0References4
NVD
NVD
added 2026/02/26 10:20 p.m.10 views

CVE-2026-27449

Umbraco Engage is a business intelligence platform. A vulnerability has been identified in Umbraco Engage prior to versions 16.2.1 and 17.1.1 where certain API endpoints are exposed without enforcing authentication or authorization checks. The affected endpoints can be accessed directly over the...

7.5CVSS0.00359EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.9 views

GitLab 17.1 < 18.6.6 / 18.7 < 18.7.4 / 18.8 < 18.8.4 (CVE-2025-14560)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an...

7.3CVSS6.1AI score0.00217EPSS
Exploits0References5
OSV
OSV
added 2025/07/11 12:0 a.m.3 views

CVE-2023-38329

An issue was discovered in eGroupWare 17.1.20190111. A cross-site scripting Reflected XSS vulnerability exists in calendar/freebusy.php, which allows unauthenticated remote attackers to inject arbitrary web script or HTML into the "user" HTTP/GET parameter, which reflects its input without...

6.1CVSS6AI score0.00238EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/21 12:0 a.m.5 views

Apple iOS and iPadOS Security Vulnerabilities

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 17.1 and iPadOS version 17.1, which stems from an application that ma...

5.5CVSS6.4AI score0.00168EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/02/21 12:0 a.m.3 views

Apple iOS and iPadOS Security Vulnerabilities

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 17.1 and iPadOS version 17.1, which stems from an application that ma...

7.5CVSS6.3AI score0.00439EPSS
Exploits0References6
OSV
OSV
added 2023/09/11 2:15 p.m.5 views

CVE-2022-28834

Adobe InCopy versions 17.1 and earlier and 16.4.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00402EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/05/10 12:0 a.m.5 views

PT-2022-2622 · Adobe · Incopy

Name of the Vulnerable Software and Affected Versions: Adobe InCopy versions 17.1 and earlier Adobe InCopy versions 16.4.1 and earlier Description: The issue is related to an out-of-bounds write vulnerability in Adobe InCopy, which could result in arbitrary code execution in the context of the...

7.8CVSS7.8AI score0.00402EPSS
Exploits0References6
OSV
OSV
added 2020/10/21 9:15 p.m.4 views

CVE-2020-24418

Adobe After Effects version 17.1.1 and earlier is affected by an out-of-bounds read vulnerability when parsing a crafted .aepx file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the...

7.8CVSS7.2AI score0.031EPSS
Exploits0References1
OSV
OSV
added 2018/07/12 4:29 p.m.6 views

CVE-2018-12463

An XML external entity XXE vulnerability in Fortify Software Security Center SSC, version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery SSRF attacks via a crafted DTD in an XML request...

9.8CVSS5.9AI score0.13849EPSS
Exploits4References3
Rows per page
Query Builder