Lucene search
+L

1284 matches found

Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.11 views

PT-2026-6093

Name of the Vulnerable Software and Affected Versions Samsung Dialer versions prior to SMR Feb-2026 Release 1 Description A flaw exists due to the improper export of Android application components in Samsung Dialer. This allows a local attacker to launch arbitrary activity with Samsung Dialer...

8.4CVSS5.6AI score0.00129EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.10 views

SAMSUNG Dialer 安全漏洞

Samsung Dialer is a dialer application developed by South Korea’s Samsung Corporation. Versions of the Samsung Dialer prior to SMR Feb-2026 Release 1 contained security vulnerabilities. These vulnerabilities stemmed from improper export of Android application components, potentially allowing loca...

8.4CVSS5.9AI score0.00129EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/03 4:58 p.m.4 views

CVE-2026-24774 Open eClass Business Logic Flaw Allows Students to Mark Attendance in Expired Activities

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a business logic vulnerability allows authenticated students to improperly mark themselves as present in attendance activities, including activities that have already expired, by...

4.3CVSS5.4AI score0.00201EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/02/03 4:58 p.m.43 views

CVE-2026-24774 Open eClass Business Logic Flaw Allows Students to Mark Attendance in Expired Activities

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a business logic vulnerability allows authenticated students to improperly mark themselves as present in attendance activities, including activities that have already expired, by...

4.3CVSS0.00201EPSS
Exploits1References1
CVE
CVE
added 2026/02/03 4:58 p.m.63 views

CVE-2026-24774

Open eClass (formerly GUnet eClass) before version 4.2 is affected by a business‑logic flaw that lets authenticated students mark themselves present in attendance for activities, including those that have expired, by directly accessing a crafted URL. The issue has been patched in version 4.2. Rem...

4.3CVSS5.4AI score0.00201EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/02/03 4:58 p.m.8 views

CVE-2026-24774 Open eClass Business Logic Flaw Allows Students to Mark Attendance in Expired Activities

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a business logic vulnerability allows authenticated students to improperly mark themselves as present in attendance activities, including activities that have already expired, by...

4.3CVSS5.4AI score0.00201EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/23 9:17 p.m.4 views

CVE-2025-67953

Incorrect Privilege Assignment vulnerability in Booking Activities Team Booking Activities booking-activities allows Privilege Escalation.This issue affects Booking Activities: from n/a through = 1.16.44...

8.1CVSS5.4AI score0.00338EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 5:16 p.m.5 views

CVE-2025-67953

Incorrect Privilege Assignment vulnerability in Booking Activities Team Booking Activities booking-activities allows Privilege Escalation.This issue affects Booking Activities: from n/a through = 1.16.44...

8.1CVSS0.00338EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:51 p.m.21 views

CVE-2025-67953

CVE-2025-67953 describes an Incorrect Privilege Assignment vulnerability in the WordPress plugin Booking Activities (booking-activities) affecting versions up to and including 1.16.44. The issue enables Privilege Escalation, effectively allowing an attacker to gain higher privileges within the af...

8.1CVSS5.4AI score0.00338EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:51 p.m.2 views

CVE-2025-67953

Incorrect Privilege Assignment vulnerability in Booking Activities Team Booking Activities booking-activities allows Privilege Escalation.This issue affects Booking Activities: from n/a through = 1.16.44...

8.1CVSS5.3AI score0.00338EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/22 4:51 p.m.21 views

CVE-2025-67953 WordPress Booking Activities plugin <= 1.16.44 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Booking Activities Team Booking Activities booking-activities allows Privilege Escalation.This issue affects Booking Activities: from n/a through = 1.16.44...

8.1CVSS0.00338EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:51 p.m.2 views

CVE-2025-67953 WordPress Booking Activities plugin <= 1.16.44 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Booking Activities Team Booking Activities booking-activities allows Privilege Escalation.This issue affects Booking Activities: from n/a through = 1.16.44...

8.1CVSS5.9AI score0.00338EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.6 views

PT-2026-4033

Name of the Vulnerable Software and Affected Versions Booking Activities versions n/a through 1.16.44 Description A flaw exists in Booking Activities that allows for privilege escalation due to incorrect privilege assignment. The issue impacts the booking-activities component. Recommendations...

5.3AI score0.00338EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.6 views

WordPress Plugin Booking Activities has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.1CVSS5.8AI score0.00338EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/20 11:54 a.m.5 views

WordPress Booking Activities plugin <= 1.16.44 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by daroo in WordPress Plugin Booking Activities versions = 1.16.44...

8.1CVSS5.4AI score0.00338EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 11:26 a.m.14 views

CVE-2021-33205

Western Digital EdgeRover before 0.25 has an escalation of privileges vulnerability where a low privileged user could load malicious content into directories with higher privileges, because of how Node.js is used. An attacker can gain admin privileges and carry out malicious activities such as...

8.8CVSS7.3AI score0.00967EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:24 a.m.9 views

CVE-2008-6993

Siemens Gigaset WLAN Camera 1.27 has an insecure default password, which allows remote attackers to conduct unauthorized activities. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

10CVSS6.8AI score0.01902EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:5 a.m.9 views

CVE-2024-34601

Improper verification of intent by broadcast receiver vulnerability in GalaxyStore prior to version 4.5.81.0 allows local attackers to launch unexported activities of GalaxyStore...

5.9CVSS6.7AI score0.00128EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:34 a.m.18 views

CVE-2024-34585

Improper access control in launchApp of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities...

7.8CVSS6.5AI score0.00138EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:34 a.m.17 views

CVE-2024-34595

Improper access control in clickAdapterItem of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities...

7.8CVSS6.5AI score0.00164EPSS
Exploits0References1
Rows per page
Query Builder