Lucene search
K

17 matches found

Vulnrichment
Vulnrichment
added 2026/04/24 12:36 p.m.2 views

CVE-2026-38743 Apache Airflow: Dags endpoint might provide access to otherwise inaccessible entities

The authenticated /ui/dags endpoint did not enforce per-DAG access control on embedded Human-in-the-Loop HITL and TaskInstance records: a logged-in Airflow user with read access to at least one DAG could retrieve HITL prompts including their request parameters and full TaskInstance details for DA...

5.3AI score0.00352EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.6 views

WordPress plugin WP Bannerize Pro 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00187EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/23 2:28 p.m.27 views

CVE-2026-24529 WordPress Quick Restaurant Reservations plugin <= 1.6.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Alejandro Quick Restaurant Reservations quick-restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Restaurant Reservations: from n/a through = 1.6.7...

5.3CVSS0.00264EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-0415

Malware in sbrugna...

5CVSS6.4AI score0.01259EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-5256

Malware in sbrugna...

2.1CVSS6.1AI score0.02206EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-2018

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00746EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/08/13 7:25 a.m.14 views

CVE-2025-8660

Privilege escalation occurs when a user gets access to more resources or functionality than they are normally allowed...

9.8CVSS7.5AI score0.00285EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/18 5:58 p.m.6 views

CVE-2025-20285

A vulnerability in the IP Access Restriction feature of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to bypass configured IP access restrictions and log in to the device from a disallowed IP address. This vulnerability is due to improper enforcement of access controls...

4.1CVSS6.7AI score0.0034EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/01/31 12:0 a.m.95 views

WebWasher Classic Server Mode Arbitrary Proxy CONNECT Request

There is a flaw in the remote WebWasher Proxy. The Proxy, when issued a CONNECT command for 127.0.0.1 or localhost/loopback, will comply with the request and initiate a connection to the local machine. This bypasses any sort of firewalling as well as gives access to local applications which are...

7.5CVSS5.5AI score0.08075EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2003/05/06 12:0 a.m.18 views

smallftpd Multiple Vulnerabilities (Traversal, DoS)

The remote FTP server is vulnerable to a flaw that allows users to access files that are outside the FTP server root. An attacker may break out of his FTP jail by issuing the command : CWD .... In addition, it has been reported that a user can crash the service by supplying malformed input to the...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2003/03/27 12:0 a.m.51 views

WebLogic Servlets Multiple Vulnerabilities

The remote web server is WebLogic. An internal management servlet that does not properly check user credentials can be accessed from outside, allowing an attacker to change user passwords, and even upload or download any file on the remote server. In addition to this, there is a flaw in WebLogic...

7.5CVSS5.6AI score0.03948EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2003/03/12 12:0 a.m.23 views

NFS Predictable Filehandles Filesystem Access

The remote NFS server might allow an attacker to guess the NFS filehandles, and therefore allow them to mount the remote filesystems without the proper authorizations. C Tenable Network Security, Inc. This is a very old flaw include"compat.inc"; if description scriptid11353; scriptversion"1.18";...

4.6CVSS5.5AI score0.00391EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2002/08/22 12:0 a.m.234 views

PHP-Nuke Network Tools Add-On Arbitrary Command Execution

It is possible to make the remote host execute arbitrary commands through the use of the PHPNuke addon called 'Network Tools'. An attacker may use this flaw to gain a shell on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ...

7.5CVSS5.7AI score0.08908EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2000/10/04 12:0 a.m.32 views

Cisco PIX Firewall Mailguard Feature SMTP Content Filter Bypass

The remote SMTP server seems to be protected by a content filtering firewall probably Cisco's PIX. However, an attacker may bypass this content filtering by issuing a DATA command before a MAIL command, that allows him to directly communicate with the real SMTP daemon. C Tenable Network Security,...

7.5CVSS5.6AI score0.07102EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2000/03/08 12:0 a.m.39 views

MySQL Short Check String Authentication Bypass

The remote version of MySQL is older than or as old as version 3.22.30 or 3.23.10. Thus, it may allow attacker who knows a valid username to access database tables without a valid password. C Tenable Network Security, Inc. include 'compat.inc' ; if description scriptid10343; scriptversion"1.31";...

7.5CVSS5.4AI score0.04735EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 1999/08/18 12:0 a.m.51 views

Multiple MTA HELO Command Remote Overflow

The remote SMTP server seems to allow remote users to send mail anonymously by providing arguments that are too long to the HELO command more than 1024 chars. This problem may allow malicious users to send unsolicited mail i.e., SPAM or threatening mail using the server, and keep their anonymity....

10CVSS5.5AI score0.0594EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 1999/06/22 12:0 a.m.32 views

WinGate Passwordless Default Installation

Wingate is a program that allows a Windows98 computer to act as a proxy. Unfortunately, the default configuration is too permissive and allows anyone to use this computer to connect anywhere, thus hiding the real IP address. This WinGate server does not ask for any passwords, and thus can be used...

7.5CVSS5.5AI score0.02134EPSS
Exploits0References2
Rows per page
Query Builder