Lucene search
K

10 matches found

CVE
CVE
added 2026/06/24 11:53 a.m.22 views

CVE-2026-56270

Flowise (FlowiseAI) before 3.1.0, including 3.0.13 and earlier, exposes a missing authentication vulnerability at /api/v1/loginmethod that allows unauthenticated retrieval of an organization’s complete SSO configuration, including OAuth client secrets in cleartext, by passing an organizationId. T...

8.7CVSS5.9AI score0.00383EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2026/03/26 9:17 p.m.3 views

CVE-2026-3527

Missing Authentication for Critical Function vulnerability in Drupal AJAX Dashboard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AJAX Dashboard: from 0.0.0 before 3.1.0...

6.5CVSS0.00243EPSS
Exploits0References1
CVE
CVE
added 2026/03/26 8:3 p.m.26 views

CVE-2026-3527

CVE-2026-3527 affects Drupal AJAX Dashboard prior to 3.1.0. The Red Hat and EU/ENISA reports corroborate a missing authentication for a critical function in the AJAX Dashboard module, enabling exploitation due to incorrectly configured access control. The vulnerability stems from inadequate acces...

6.5CVSS5.8AI score0.00243EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/03/11 8:16 p.m.11 views

CVE-2026-31979

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Prior to 3.1.0 and 2.3.8, the himmelblaud-tasks daemon, running as root, writes Kerberos cache files under /tmp/krb5cc without symlink protections. Since commit 87a51ee, PrivateTmp is explicitly removed from the task...

8.8CVSS0.00196EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.5 views

WordPress plugin Education WordPress Theme | HiStudy SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Educati...

9.3CVSS7.6AI score0.00331EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.4 views

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI CCM versions prior to 3.1.0 and Nagios XI version 5.8.0, which...

5.4CVSS5.9AI score0.00401EPSS
Exploits0References2
CNVD
CNVD
added 2020/08/06 12:0 a.m.1 views

Cisco Cyber Vision Center Software Access Control Error Vulnerability

Cisco Cyber Vision Center Software is a set of industrial control system ICS monitoring solution from the U.S. company Cisco Cisco. The product supports dynamic asset inventory, real-time network monitoring and other functions. An access control error vulnerability exists in the access control...

5.8CVSS6.7AI score0.0111EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/22 12:0 a.m.3 views

Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-35461)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 3.1.0. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

6.1CVSS6.3AI score0.00685EPSS
Exploits0References1
CNVD
CNVD
added 2019/05/14 12:0 a.m.3 views

Gemalto Ezio Server Access Control Error Vulnerability

Gemalto Ezio Server is an authentication server from Gemalto USA. An access control error vulnerability exists in Gemalto Ezio Server versions prior to 3.1.0, which can be exploited by an attacker to access unauthorized resources...

5.7CVSS7AI score0.01011EPSS
Exploits2References1
CNVD
CNVD
added 2018/06/07 12:0 a.m.7 views

CloudBees Jenkins Black Duck Hub Plugin Denial of Service Vulnerability

CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Black Duck Hub Plugin is used in one...

6.5CVSS6.9AI score0.00954EPSS
Exploits0References1
Rows per page
Query Builder