Lucene search
K

27 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/04 3:36 a.m.7 views

CVE-2026-49186

The local MQTT broker does not enforce topic-level Access Control Lists ACLs. This allows any client to subscribe using wildcard characters or + to enumerate hidden network devices or publish rogue control commands...

8.6CVSS5.8AI score0.0032EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 11:13 a.m.4 views

CVE-2016-10852

cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem SEC-85...

6.5CVSS7AI score0.00959EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-5546

Malware in sbrugna...

6.8CVSS6.4AI score0.01764EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-1846

Malware in sbrugna...

6.5CVSS6.6AI score0.00959EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-1487

Malware in sbrugna...

5.3CVSS6.4AI score0.01412EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-0009

Malware in sbrugna...

6.8CVSS6.1AI score0.01637EPSS
Exploits1References16
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2005-1348

Malware in sbrugna...

7.5CVSS6.1AI score0.01727EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2024-1140

Malicious code in bioql PyPI...

7.4CVSS7AI score0.01115EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-4378

Malicious code in bioql PyPI...

5CVSS6.3AI score0.02005EPSS
Exploits0References16
Vulnrichment
Vulnrichment
added 2025/03/18 6:59 p.m.10 views

CVE-2025-25040 Failure to Properly Enforce Port ACLs on CPU generated packets in CX 9300 Switches

A vulnerability has been identified in the port ACL functionality of AOS-CX software running on the HPE Aruba Networking CX 9300 Switch Series only and affects: - AOS-CX 10.14.xxxx : All patches - AOS-CX 10.15.xxxx : 10.15.1000 and below The vulnerability is specific to traffic originated by the ...

3.3CVSS7.1AI score0.00136EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/01 12:0 a.m.3 views

PT-2024-30818 · Unknown · Memberpress

Name of the Vulnerable Software and Affected Versions: Memberpress versions 1.11.34 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For versions 1.11.34 and earlier,...

9.8CVSS6.5AI score0.00427EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/08/19 12:0 a.m.6 views

PT-2024-30493 · Unknown · Plugin Notes Plus

Name of the Vulnerable Software and Affected Versions: Plugin Notes Plus versions 1.2.7 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For Plugin Notes Plus versions...

5.4CVSS6.4AI score0.00314EPSS
Exploits0References5
OSV
OSV
added 2024/04/16 7:20 a.m.38 views

BIT-KAFKA-2024-27309

While an Apache Kafka cluster is being migrated from ZooKeeper mode to KRaft mode, in some cases ACLs will not be correctly enforced.Two preconditions are needed to trigger the bug:1. The administrator decides to remove an ACL2. The resource associated with the removed ACL continues to have two o...

7.4CVSS6.9AI score0.01115EPSS
Exploits0References2
CNVD
CNVD
added 2024/04/16 12:0 a.m.11 views

Apache Kafka Denial of Denial Vulnerability

Apache Kafka is an open source distributed streaming platform from the Apache Foundation in the United States. The platform is capable of acquiring real-time data for building applications that react in real time to changes in the data stream. Apache Kafka suffers from a denial-of-acceptance...

7.4CVSS6.4AI score0.01115EPSS
Exploits0References1
OSV
OSV
added 2024/04/12 7:15 a.m.6 views

CVE-2024-27309

While an Apache Kafka cluster is being migrated from ZooKeeper mode to KRaft mode, in some cases ACLs will not be correctly enforced. Two preconditions are needed to trigger the bug: 1. The administrator decides to remove an ACL 2. The resource associated with the removed ACL continues to have tw...

7.4CVSS9.6AI score
Exploits0References3
OSV
OSV
added 2022/05/17 2:10 a.m.13 views

GHSA-WC8W-GH5M-62FV MoinMoin Access Restrictions Bypassed due to improper ACL enforcement

MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when aclhierarchic is set to True, which might allow remote attackers to bypass intended access restrictions, a different vulnerability than CVE-2008-1937...

8.7CVSS6.2AI score0.01637EPSS
Exploits1References15
Github Security Blog
Github Security Blog
added 2022/05/01 11:36 p.m.14 views

MoinMoin Improper Access Control

macroGetval in wikimacro.py in MoinMoin 1.5.8 and earlier does not properly enforce ACLs, which allows remote attackers to read protected pages. The issue has been fixed on 4a7de0173734...

5CVSS7.1AI score0.02005EPSS
Exploits0References15Affected Software1
OSV
OSV
added 2020/07/01 6:15 p.m.21 views

CVE-2020-14196

In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced...

5.3CVSS6.6AI score
Exploits0References7
Prion
Prion
added 2019/08/01 3:15 p.m.22 views

Design/Logic Flaw

cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem SEC-85...

4CVSS7.1AI score0.00959EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/08/01 2:47 p.m.51 views

CVE-2016-10852

cPanel versions prior to 11.54.0.4 are affected by a lack of ACL enforcement in the AppConfig subsystem (SEC-85). Red Hat and NVD references confirm the issue, affecting cPanel’s AppConfig handling; no explicit exploit details or fix version are provided in the connected documents. The reports de...

6.5CVSS6.5AI score0.00959EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder