Lucene search
K

7944 matches found

Cvelist
Cvelist
added 4 days ago28 views

CVE-2026-50530 DataEase: Token with Overly Broad Privileges in Share Mode: Access to Unshared Datasets

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, a share mode chart data interface only validates that sceneId matches the resourceId in the link token and fails to validate whether tableId and field IDs in the request body belong to the shared resource, allowing...

7.1CVSS0.00238EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-50529 DataEase: Link Token Leakage Prior to Share Password/Ticket Validation

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the /de2api/share/proxyInfo share interface generates and returns X-DE-LINK-TOKEN before validating the share password or ticket, allowing unauthenticated attackers who know a protected share UUID to obtain a valid...

8.7CVSS0.00285EPSS
Exploits0References3
OSV
OSV
added 4 days ago7 views

GO-2026-5869 Rancher has over-inclusive team membership expansion in GitHub App authentication provider in github.com/rancher/rancher

Rancher has over-inclusive team membership expansion in GitHub App authentication provider in github.com/rancher/rancher. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive...

8.8CVSS5.9AI score0.0037EPSS
Exploits0References6
NVD
NVD
added 4 days ago10 views

CVE-2026-8377

Missing Authorization vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Collect Data from Common Resource Locations. This issue affects Access Control System GKS: before Version 2...

8.2CVSS0.00198EPSS
Exploits0References1
NVD
NVD
added 4 days ago11 views

CVE-2026-8306

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Stored XSS. This issue affects Access Control System GKS: before Version 2...

6.1CVSS0.00149EPSS
Exploits0References1
NVD
NVD
added 4 days ago11 views

CVE-2026-7380

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows XSS Targeting HTML Attributes. This issue affects Access Control System GKS: before Version 2...

6.1CVSS0.00149EPSS
Exploits0References1
CVE
CVE
added 4 days ago14 views

CVE-2026-8377

CVE-2026-8377 affects Armiya Information Technologies Ltd. Co. Access Control System (GKS) prior to version 2. The vulnerability is described as Missing/Improper Authorization allowing data collection from common resource locations. According to the connected records, the issue enables network-ba...

8.2CVSS5.9AI score0.00198EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42019

Missing Authorization vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Collect Data from Common Resource Locations. This issue affects Access Control System GKS: before Version 2...

8.2CVSS5.9AI score0.00198EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago34 views

CVE-2026-8377 Improper Authorization in Armiya Technologies' Access Control System

Missing Authorization vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Collect Data from Common Resource Locations. This issue affects Access Control System GKS: before Version 2...

8.2CVSS0.00198EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-8377

Missing Authorization vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Collect Data from Common Resource Locations. This issue affects Access Control System GKS: before Version 2...

8.2CVSS5.9AI score0.00198EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-42018

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Reflected XSS. This issue affects Access Control System GKS: before Version 2...

5.4CVSS5.9AI score0.00133EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago5 views

CVE-2026-8309

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Reflected XSS. This issue affects Access Control System GKS: before Version 2...

5.4CVSS5.9AI score0.00133EPSS
Exploits0References2
Cvelist
Cvelist
added 4 days ago34 views

CVE-2026-8309 Reflected XSS in Armiya Technologies' Access Control System

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Reflected XSS. This issue affects Access Control System GKS: before Version 2...

5.4CVSS0.00133EPSS
Exploits0References1
CVE
CVE
added 4 days ago13 views

CVE-2026-8306

CVE-2026-8306 describes a Stored XSS in Armiya Information Technologies Ltd. Co. Access Control System (GKS) prior to version 2, caused by improper neutralization of input during web page generation. The vulnerability allows stored cross-site scripting in the GKS web interface. CVSS3.1 base score...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42017

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Stored XSS. This issue affects Access Control System GKS: before Version 2...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago5 views

CVE-2026-8306

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Stored XSS. This issue affects Access Control System GKS: before Version 2...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References2
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-8306 Stored XSS in Armiya Technologies' Access Control System

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Stored XSS. This issue affects Access Control System GKS: before Version 2...

6.1CVSS0.00149EPSS
Exploits0References1
CVE
CVE
added 4 days ago13 views

CVE-2026-7380

The CVE-2026-7380 entry concerns Armiya Information Technologies Ltd. Co. Access Control System (GKS). It describes an improper neutralization of Script-Related HTML tags in a web page, enabling basic HTML attribute-based XSS. Affected: GKS Access Control System before version 2. The vulnerabilit...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-42016

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows XSS Targeting HTML Attributes. This issue affects Access Control System GKS: before Version 2...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-7380

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows XSS Targeting HTML Attributes. This issue affects Access Control System GKS: before Version 2...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References2
Rows per page
Query Builder