Lucene search
K

7 matches found

EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-42639

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.8.12 before 0.10.0, an authenticated non-admin user with read access to an arena wrapper model can reach a restricted underlying model through task endpoints such as /api/v1/tasks/moa/completions. The...

5.4CVSS6AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-24095

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p21, 2.3.0 before 2.3.0p43, and 2.2.0 EOL allows users with the Use WATO permission to...

5.3CVSS5.7AI score0.0023EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/11 6:56 p.m.3 views

CVE-2025-44001 Unauthorized Channel Subscription Read in Mattermost Confluence Plugin

Mattermost Confluence Plugin version 1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without proper access to the channel via API call to the Get Channel Subscriptions details endpoint...

4CVSS7.1AI score0.00192EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/02/14 7:7 a.m.9 views

SUSE CVE-2023-0459

Copyfromuser on 64-bit versions of the Linux kernel does not implement the uaccessbeginnospec allowing a user to bypass the "accessok" check and pass a kernel pointer to copyfromuser. This would allow an attacker to leak information. We recommend upgrading beyond commit...

4.7CVSS6.5AI score0.00635EPSS
Exploits0References26
OSV
OSV
added 2023/05/25 2:15 p.m.6 views

CVE-2023-0459

Copyfromuser on 64-bit versions of the Linux kernel does not implement the uaccessbeginnospec allowing a user to bypass the "accessok" check and pass a kernel pointer to copyfromuser. This would allow an attacker to leak information. We recommend upgrading beyond...

5.5CVSS7.3AI score
Exploits0References2
OSV
OSV
added 2020/08/27 10:46 a.m.8 views

USN-4446-2 squid3 regression

USN-4446-1 fixed vulnerabilities in Squid. The update introduced a regression when using Squid with the icap or ecap protocols. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jeriko One discovered that Squid incorrectly handled caching certain...

5.8AI score
Exploits0References2
Exploit DB
Exploit DB
added 2018/05/16 12:0 a.m.40 views

Microsoft Windows - Token Process Trust SID Access Check Bypass Privilege Escalation

Windows: Token Trust SID Access Check Bypass EOP Platform: Windows 10 1709 also tested current build of RS4 Class: Elevation of Privilege Summary: A token’s trust SID isn’t reset when setting a token after process creation allowing a user process to bypass access checks for trust labels...

7.4AI score
Exploits0
Rows per page
Query Builder