Lucene search
K

6 matches found

CVE
CVE
added 2025/11/10 8:43 p.m.13 views

CVE-2025-48878

CVE-2025-48878 affects Combodo iTop (3.x) prior to 3.2.2. The vulnerability is an insecure direct object reference that allows a user (e.g., with a Service desk agent profile) to create a ModuleInstallation object when they should not be able to. The issue is resolved in 3.2.2. Impact details are...

4.3CVSS6.3AI score0.00192EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/04 12:0 a.m.8 views

PT-2024-10232 · Drupal · Drupal Oauth & Openid Connect Single Sign On – Sso

Name of the Vulnerable Software and Affected Versions: Drupal OAuth & OpenID Connect Single Sign On – SSO OAuth/OIDC Client versions 3.0.0 through 3.43.0 Drupal OAuth & OpenID Connect Single Sign On – SSO OAuth/OIDC Client versions 4.0.0 through 4.0.18 Description: The issue is related to imprope...

6.4CVSS6.1AI score0.00238EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/03/11 12:0 a.m.4 views

Sonatype Nexus Repository Manager 跨站脚本漏洞

Sonatype Nexus Repository Manager NXRM is a repository manager from Sonatype, Inc. that is used to manage, store, and distribute software, among other things. A cross-site scripting vulnerability exists in Sonatype Nexus Repository Manager 3.x through 3.37.0. A remote attacker sending a specially...

4.3CVSS4.9AI score0.00699EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/06/04 12:0 a.m.7 views

PT-2021-4286

Name of the Vulnerable Software and Affected Versions SOGo versions 2.0.5a through 2.4.1 SOGo versions 3.x through 5.x before 5.1.1 Description The issue is related to the incorrect validation of cryptographic signatures in SAML assertions, which could allow a remote attacker to impersonate users...

7.5CVSS6.8AI score0.00987EPSS
Exploits1References41
CNVD
CNVD
added 2018/01/24 12:0 a.m.4 views

Rubrik CDM Certificate Validation Vulnerability

Rubrik CDM is a cloud data management system from Rubrik USA. The system integrates backup, instant recovery, replication, search, analytics, archiving and replication data management into one secure architecture in the data center and in the cloud. A certificate validation vulnerability exists i...

8.1CVSS6.7AI score0.00534EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2004/03/23 12:0 a.m.8 views

PT-2004-2751 · Solarwinds · Dameware Mini Remote Control

Name of the Vulnerable Software and Affected Versions: DameWare Mini Remote Control versions 3.x through 3.73 DameWare Mini Remote Control versions 4.x through 4.1 Description: The issue allows remote attackers to gain sensitive information because the Blowfish encryption key is transmitted in...

5CVSS6.8AI score0.00839EPSS
Exploits0References9
Rows per page
Query Builder