Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.4 views

PT-2026-31966

OpenClaw before 2026.3.22 contains an identity spoofing vulnerability in ACP permission resolution that trusts conflicting tool identity hints from rawInput and metadata. Attackers can spoof tool identities through rawInput parameters to suppress dangerous-tool prompting and bypass security...

6.9CVSS5.8AI score0.00228EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/06/05 1:41 p.m.7 views

CVE-2025-0691

Improper access control in permissions component in Devolutions Server 2025.1.10.0 and earlier allows an authenticated user to bypass the "Edit permission" permission by bypassing the client side validation...

6.7AI score0.00268EPSS
Exploits0References1
CVE
CVE
added 2025/01/30 2:30 p.m.134 views

CVE-2025-23367

The CVE-2025-23367 issue affects WildFly’s Server RBAC provider: Suspend and Resume handlers fail to perform authorization checks, allowing a user with Monitor/Auditor roles to suspend or resume the server. The vulnerability is tied to WildFly core/WildFly-server components and is acknowledged in...

6.5CVSS6.2AI score0.00648EPSS
Exploits0References8Affected Software2
Tenable Nessus
Tenable Nessus
added 2021/11/19 12:0 a.m.28 views

Jenkins Enterprise and Operations Center < 2.277.43.0.2 / 2.303.3.3 Multiple Vulnerabilities (CloudBees Security Advisory 2021-11-04)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.277.x prior to 2.277.43.0.2, or 2.x prior to 2.303.3.3. It is, therefore, affected by multiple vulnerabilities, including the following: - Agent processes are able to completely bypass file path...

9.8CVSS8AI score0.02451EPSS
Exploits0References15
Rows per page
Query Builder