Lucene search
+L

13 matches found

EUVD
EUVD
added 2026/07/01 4:32 p.m.10 views

EUVD-2026-41087

Incorrect Authorization CWE-863 in Elastic Defend can lead to unauthorized information disclosure via Accessing Functionality Not Properly Constrained by ACLs CAPEC-1. Under certain conditions, a low-privileged authenticated user can access response action data that they are not authorized to vie...

5.3CVSS5.8AI score0.00199EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/01 4:32 p.m.8 views

CVE-2026-56152

Incorrect Authorization CWE-863 in Elastic Defend can lead to unauthorized information disclosure via Accessing Functionality Not Properly Constrained by ACLs CAPEC-1. Under certain conditions, a low-privileged authenticated user can access response action data that they are not authorized to vie...

5.3CVSS5.8AI score0.00199EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/07/01 4:32 p.m.34 views

CVE-2026-56152 Incorrect Authorization in Elastic Defend Leading to Information Disclosure

Incorrect Authorization CWE-863 in Elastic Defend can lead to unauthorized information disclosure via Accessing Functionality Not Properly Constrained by ACLs CAPEC-1. Under certain conditions, a low-privileged authenticated user can access response action data that they are not authorized to vie...

5.3CVSS0.00199EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.14 views

PT-2026-54867

Name of the Vulnerable Software and Affected Versions Elastic Defend affected versions not specified Description Incorrect authorization allows a low-privileged authenticated user to access response action data they are not authorized to view. This occurs because functionality is not properly...

5.3CVSS5.8AI score0.00199EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.11 views

CVE-2026-10510

Cross-Site Scripting XSS in GeniexWebView component in Transsion AI Assistant Lifestyle application com.transsion.aiassistantlifestyle all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted webactiondata URL parameter...

6.1CVSS5.9AI score0.00155EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 3:16 a.m.16 views

CVE-2026-10510

Cross-Site Scripting XSS in GeniexWebView component in Transsion AI Assistant Lifestyle application com.transsion.aiassistantlifestyle all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted webactiondata URL parameter...

6.1CVSS0.00155EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 1:56 a.m.15 views

EUVD-2026-33874

Cross-Site Scripting XSS in GeniexWebView component in Transsion AI Assistant Lifestyle application com.transsion.aiassistantlifestyle all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted webactiondata URL parameter...

6.1CVSS6.1AI score0.00155EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 1:56 a.m.25 views

CVE-2026-10510

CVE-2026-10510 describes a Cross-Site Scripting (XSS) vulnerability in the GeniexWebView component of the Transsion AI Assistant Lifestyle app (package: com.transsion.aiassistantlifestyle) on Android. All versions appear affected. The underlying issue allows a remote attacker to execute arbitrary...

6.1CVSS6.1AI score0.00155EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/02 1:56 a.m.45 views

CVE-2026-10510 GeniexWebView XSS in com.transsion.aiassistantlifestyle

Cross-Site Scripting XSS in GeniexWebView component in Transsion AI Assistant Lifestyle application com.transsion.aiassistantlifestyle all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted webactiondata URL parameter...

0.00155EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/02 1:56 a.m.12 views

CVE-2026-10510 GeniexWebView XSS in com.transsion.aiassistantlifestyle

Cross-Site Scripting XSS in GeniexWebView component in Transsion AI Assistant Lifestyle application com.transsion.aiassistantlifestyle all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted webactiondata URL parameter...

6.1AI score0.00155EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.12 views

Transsion AI Assistant Lifestyle 安全漏洞

Transsion AI Assistant Lifestyle is a mobile AI assistant application developed by Transsion Corporation. It integrates intelligent question answering, content generation, lifestyle service recommendations, and personal assistant functions. There is a security vulnerability in Transsion AI...

6.1CVSS5.5AI score0.00155EPSS
Exploits0References1
OSV
OSV
added 2025/10/07 4:15 p.m.1 views

UBUNTU-CVE-2022-50553

In the Linux kernel, the following vulnerability has been resolved: tracing/hist: Fix out-of-bound write on 'actiondata.varrefidx' When generate a synthetic event with many params and then create a trace action for it 1, kernel panic happened 2. It is because that in traceactioncreate...

5.5CVSS5.8AI score0.00192EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2025/10/07 3:21 p.m.6 views

CVE-2022-50553

In the Linux kernel, the following vulnerability has been resolved: tracing/hist: Fix out-of-bound write on 'actiondata.varrefidx' When generate a synthetic event with many params and then create a trace action for it 1, kernel panic happened 2. It is because that in traceactioncreate...

5.5CVSS5.2AI score0.00192EPSS
Exploits0
Rows per page
Query Builder