CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-1369

Malware in sbrugna...

4.9CVSS4.9AI score0.00185EPSS

Exploits0References4

RedhatCVE•added 2025/02/16 12:24 a.m.•6 views

CVE-2024-57969

app/Model/Attribute.php in MISP before 2.4.198 ignores an ACL during a GUI attribute search...

4.3CVSS6.8AI score0.00124EPSS

Exploits0References1

OSV•added 2025/02/14 7:15 a.m.•6 views

CVE-2024-57969

app/Model/Attribute.php in MISP before 2.4.198 ignores an ACL during a GUI attribute search...

4.3CVSS6.8AI score

Exploits0References2

Veracode•added 2023/11/29 6:20 a.m.•12 views

Improper Access Control

oro/calendar-bundle is vulnerable to Improper Access Control. The vulnerability exists due to the lack of permission checks in the checkPermissions function of SystemCalendarEventController.php. This allows back-office users to access information from any system calendar event, bypassing ACL...

5CVSS6.8AI score0.00195EPSS

Exploits0References4Affected Software1

NVD•added 2023/11/28 4:15 a.m.•12 views

CVE-2023-32063

OroCalendarBundle enables a Calendar feature and related functionality in Oro applications. Back-office users can access information from any call event, bypassing ACL security restrictions due to insufficient security checks. This issue has been patched in version 5.0.4 and 5.1.1...

5CVSS0.00195EPSS

Exploits0References3

CVE•added 2023/11/28 3:30 a.m.•48 views

CVE-2023-32063

The CVE-2023-32063 issue affects OroCalendarBundle (used with Oro CRM/Oro applications) where back-office users can access information from any call event due to insufficient ACL checks. Root cause: security checks in the ACL layer were not properly enforced, enabling information disclosure. Impa...

5CVSS4.9AI score0.00195EPSS

Exploits0References3Affected Software1

Github Security Blog•added 2023/11/27 11:29 p.m.•15 views

OroCRMCallBundle has incorrect call view page visibility

Back-office users can access information from any call event, bypassing ACL security restrictions due to insufficient security checks...

5CVSS6.9AI score0.00195EPSS

Exploits0References5Affected Software1

Github Security Blog•added 2023/11/27 11:29 p.m.•13 views

OroCalendarBundle has incorrect system calendar events visibility

OroPlatform is a package that assist system and user calendar management. Back-office users can access information from any system calendar event, bypassing ACL security restrictions due to insufficient security checks...

5CVSS6.9AI score0.00195EPSS

Exploits0References5Affected Software1

RedHat Linux•added 2021/02/16 8:47 a.m.•135 views

Moderate: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.1CVSS6.6AI score0.00081EPSS

Exploits0References3

OpenVAS•added 2018/02/12 12:0 a.m.•29 views

MoinMoin 1.9 < 1.9.5 ACL Security Vulnerability - Linux

MoinMoin does not properly handle group names that contain virtual group names such as SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6CVSS6.3AI score0.0099EPSS

Exploits0References2

Tenable Nessus•added 2015/08/31 12:0 a.m.•29 views

IBM Storwize V7000 Unified ACL Security Bypass

The remote IBM Storwize device is affected by an ACL security bypass vulnerability due to a race condition in the Active Cloud Engine ACE component caused by an error in NFS packet retransmission in response to noisy or slow responding networks. An authenticated, remote attacker can exploit this ...

3.5CVSS5.6AI score0.0014EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by