Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

CVE
CVEadded 2025/07/24 6:5 a.m.15 views

CVE-2025-7001

GitLab CE/EE is affected by CVE-2025-7001: versions 15.0–before 18.0.5, 18.1–before 18.1.3, and 18.2–before 18.2.1 expose a vulnerability where privileged users can access certain resource_group information via the API that should be unavailable. Root cause: insufficient access control granularit...

4.3CVSS5.7AI score0.00065EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVEadded 2025/05/22 3:28 p.m.5 views

CVE-2020-29538

Archer before 6.9 P1 6.9.0.1 contains an improper access control vulnerability in an API. A remote authenticated malicious administrative user can potentially exploit this vulnerability to gather information about the system, and may use this information in subsequent attacks...

4.9CVSS6.4AI score0.00222EPSS
Exploits0
NVD
NVDadded 2025/02/05 12:15 p.m.13 views

CVE-2024-49348

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows restricting access to organizational data to valid contexts. The fact that tasks of type comment can be reassigned via API implicitly...

6.5CVSS0.00069EPSS
Exploits0References1
Veracode
Veracodeadded 2024/10/14 9:14 a.m.5 views

Improper Access Control

github.com/rancher/rancher is vulnerable to Improper Access Control. The vulnerability is due to authenticated users being able to disable access control via an API call...

8.8CVSS6.5AI score0.01029EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blogadded 2023/06/20 6:50 p.m.15 views

When setting EntityOptions.apiPrefilter to a function, the filter is not applied to API requests for a resource by Id

Impact If you used the apiPrefilter option of the @Entity decorator, by setting it to a function that returns a filter that prevents unauthorized access to data, an attacker who knows the id of an entity instance she is not authorized to access, can gain read, update and delete access to it...

6.3CVSS10AI score0.00073EPSS
Exploits0References5Affected Software1
CNNVD
CNNVDadded 2022/06/20 12:0 a.m.1 views

ASUS Control Center 安全漏洞

ASUS Control Center is a new centralized IT management software from ASUS China. The software can monitor and control ASUS servers, workstations. A security vulnerability exists in ASUS Control Center v1.4.2.5, which stems from a corrupted access control issue in the API. An unauthenticated remot...

7.3CVSS6.7AI score0.00648EPSS
Exploits0References2
CNNVD
CNNVDadded 2021/06/22 12:0 a.m.3 views

ORY Oathkeeper 安全漏洞

ORY Oathkeeper is an open source an Identity Access Proxy IAP and Access Control Decision API that authorizes HTTP requests based on a set of access rules. A security vulnerability exists in ORY Oathkeeper, which stems from an Identity Access Proxy IAP and Access Control Decision API that...

7.5CVSS7.2AI score0.00308EPSS
Exploits0References3
OSV
OSVadded 2017/01/12 8:59 p.m.1 views

CVE-2016-8437

Improper input validation in Access Control APIs. Access control API may return memory range checking incorrectly. Product: Android. Versions: Kernel 3.18. Android ID: A-31623057. References: QC-CR1009695...

9.8CVSS5.8AI score
Exploits0References2
Cvelist
Cvelistadded 2017/01/12 8:0 p.m.20 views

CVE-2016-8437

Improper input validation in Access Control APIs. Access control API may return memory range checking incorrectly. Product: Android. Versions: Kernel 3.18. Android ID: A-31623057. References: QC-CR1009695...

9.2AI score0.00551EPSS
Exploits0References2
Rows per page
Query Builder