Lucene search
K

24 matches found

RedhatCVE
RedhatCVE
added 2026/04/25 7:22 a.m.6 views

CVE-2026-1726

IBM Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1 enables privilege escalation, allowing unauthorized users to perform administrative operations after being demoted. Attackers could access sensitive data, modify system configurations, or change permissions for other users. T...

4.8CVSS5.5AI score0.00194EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.15 views

PT-2026-34578

Name of the Vulnerable Software and Affected Versions IBM Guardium Key Lifecycle Manager versions 4.1 through 5.1 Description An issue exists in IBM Guardium Key Lifecycle Manager that may lead to a security compromise. Recommendations At the moment, there is no information about a newer version...

4.8CVSS5.2AI score0.00194EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/02/18 10:38 p.m.10 views

02strich-markdown (>=1.0.0 <=1.0.2), @0xintuition/slang-cli (>=0.0.1 <=0.0.8) +1940 more potentially affected by CVE-2026-26996 via minimatch (>=4.1.1 <=4.2.3)

minimatch NPM version =4.1.1, =1.0.0, =0.0.1, =0.5.2, =5.0.2, =2.2.0, =1.1.4, =1.3.1, =1.0.0, =0.0.2-alpha-20220914223128-d706aab, =0.0.2-alpha-20220915073207-1bb0680, =0.0.2-alpha-20220914223128-d706aab, =1.1.8, =1.0.0, =1.5.0 and more Source cves: CVE-2026-26996 Source advisory:...

8.7CVSS6.6AI score0.00519EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2026/01/17 12:51 a.m.8 views

SUSE CVE-2017-18897

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. It mishandles a deny action for a redirection...

6.1CVSS7AI score0.00685EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/16 12:0 a.m.6 views

PT-2025-33541 · WordPress · Betterdocs

Name of the Vulnerable Software and Affected Versions: BetterDocs – Advanced AI-Driven Documentation, FAQ & Knowledge Base Tool for Elementor & Gutenberg with Encyclopedia, AI Support, Instant Answers plugin for WordPress versions up to and including 4.1.1 Description: The BetterDocs plugin for...

5.3CVSS6.4AI score0.00275EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/12/07 12:0 a.m.3 views

PT-2024-16913 · WordPress · Comfino Payment Gateway

Name of the Vulnerable Software and Affected Versions: Comfino Payment Gateway plugin for WordPress versions up to, and including, 4.1.1 Description: The Comfino Payment Gateway plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add query arg and remove query a...

6.1CVSS6.7AI score0.00348EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/12/07 12:0 a.m.4 views

WordPress plugin Comfino Payment Gateway 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Comfino Payment Gateway...

6.1CVSS7.6AI score0.00348EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/03 12:0 a.m.4 views

OpenHarmony 安全漏洞

OpenHarmony is an open source project of a kind of Hongmeng operating system from the China OpenAtom OpenAtom Foundation. A security vulnerability exists in OpenHarmony version v4.1.1 and earlier versions, which originates from memory reuse after release. An attacker can exploit the vulnerability...

8.8CVSS6.7AI score0.00158EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/13 12:0 a.m.6 views

PT-2024-13385 · Nordic Semiconductor · Nrf Sniffer For Bluetooth Le

Name of the Vulnerable Software and Affected Versions: Nordic Semiconductor nRF Sniffer for Bluetooth LE versions 3.0.0 through 4.1.1 Description: The issue is related to incorrect file permissions set for certain scripts in the Nordic Semiconductor nRF Sniffer for Bluetooth LE. This allows...

7.3CVSS7.3AI score0.00361EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/02/28 12:0 a.m.4 views

PT-2024-12080 · Ibm · Ibm Security Guardium Key Lifecycle Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Key Lifecycle Manager versions 3.0 through 4.1.1 Description: The issue allows a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. Recommendations: For...

8.8CVSS7.7AI score0.01351EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/10/31 12:0 a.m.4 views

Cybozu Remote Service security vulnerability

Cybozu Remote Service is a remote service management software from Cybozu Japan. It is used to access the Cybozu internal system. A security vulnerability exists in Cybozu Remote Service versions 4.1.0 through 4.1.1, which is caused due to uncontrolled resource consumption. A remote attacker coul...

6.5CVSS6.8AI score0.00616EPSS
Exploits0References5
OSV
OSV
added 2023/03/22 6:15 a.m.7 views

CVE-2023-25924

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow an authenticated user to perform actions that they should not have access to due to improper authorization. IBM X-Force ID: 247630...

8.8CVSS7.3AI score0.00398EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/03/21 12:0 a.m.5 views

IBM Security Guardium 安全漏洞

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A security vulnerability exists in IBM Security Guardium Ke...

7.5CVSS7.3AI score0.00672EPSS
Exploits0References3
OSV
OSV
added 2023/01/31 5:15 a.m.8 views

AZL-44958 CVE-2022-25881 affecting package nodejs-nodemon 2.0.3-5

This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library...

7.5CVSS7.2AI score0.01613EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/09/09 12:0 a.m.4 views

PT-2022-24177 · WordPress · Wp Shamsi

Name of the Vulnerable Software and Affected Versions: WP Shamsi plugin versions = 4.1.1 Description: The issue is related to an authenticated plugin setting change vulnerability. This means that an attacker with subscriber or higher privileges can change plugin settings. The estimated number of...

4.3CVSS4.4AI score0.00517EPSS
Exploits0References5
OSV
OSV
added 2022/05/24 3:15 p.m.2 views

UBUNTU-CVE-2022-29221

Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious block name or include file name. Sites that cannot fully trust template authors shou...

8.8CVSS6.7AI score0.0454EPSS
Exploits1References10
vulnersOsv
vulnersOsv
added 2022/05/17 5:35 a.m.7 views

cloud.altemista.fwk.framework:cloud-altemistafwk-documentation (=3.1.0.RELEASE), cloud.altemista.fwk.message:cloud-altemistafwk-core-message-active-conf (>=3.0.0.RELEASE <=3.1.0.RELEASE) +367 more potentially affected by CVE-2011-4905 via org.apache.activemq:activemq-core (>=4.1.1 <=5.5.1)

org.apache.activemq:activemq-core MAVEN version =4.1.1, =3.0.0.RELEASE, =1.0.0.1, =1.2.29, =1.3, =1.0.0, =1.0.0, =1.0.1, =1.4.1, =25.0.10, =28.0.0 - com.ning:metrics.realtime-core =1.1.0 - com.tacitknowledge:simulator-core =1.1 and more Source cves: CVE-2011-4905 Source advisory:...

5CVSS6.9AI score0.08984EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/21 11:25 p.m.7 views

cloud.piranha.session:piranha-session-hazelcast (>=21.1.0 <=21.4.0), com.buession.cas:buession-cas-session (>=2.3.0 <=2.3.2) +93 more potentially affected by unknown CVE via com.hazelcast:hazelcast (>=4.1.1 <=4.1.7)

com.hazelcast:hazelcast MAVEN version =4.1.1, =21.1.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =3.1.22, =3.1.22, =5.1.6 - com.hazelcast.jet:hazelcast-jet-core =4.4 - com.hazelcast.jet:hazelcast-jet-hadoop-core =4.4 - com.hazelcast.jet:hazelcast-jet-sql =4.4 -...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2022/01/21 6:55 p.m.4 views

aiida-core (=1.0.0), biocommons-seqrepo (>=0.3.5 <=0.4.5) +15 more potentially affected by CVE-2022-21699 via ipython (>=4.1.1 <=5.10.0)

ipython PYPI version =4.1.1, =0.3.5, =0.2.0, =2.0.0, =1.0.0b1, =1.0.0.post2, =0.0.7, =0.1.0, =0.1.6, =1.3.1, =0.4.0, =0.1.0, =0.10.0 - sklearn-plus =0.0.5 and more Source cves: CVE-2022-21699 Source advisory: OSV:GHSA-PQ7M-3GW7-GQ5X...

8.8CVSS7.2AI score0.00657EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2021/05/12 12:0 a.m.5 views

PT-2021-19804 · Unknown · Smartstore

Name of the Vulnerable Software and Affected Versions: Smartstore aka SmartStoreNET versions through 4.1.1 Description: An issue was discovered where Views/PrivateMessages/View.cshtml does not call HtmlUtils.SanitizeHtml on a private message, potentially leading to issues with private message...

9.8CVSS9.4AI score0.33442EPSS
Exploits1References6
Rows per page
Query Builder