Lucene search
+L

4 matches found

Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.22 views

PT-2026-46885

Name of the Vulnerable Software and Affected Versions Shopware versions prior to 6.6.10.18 Shopware versions prior to 6.7.10.1 Description A low-privilege admin user with user recovery:read Access Control List ACL permissions can take over any admin account. The issue occurs because the hash fiel...

6.8CVSS5.4AI score0.00034EPSS
Exploits0References9
EUVD
EUVD
added 2026/05/19 10:52 a.m.14 views

EUVD-2026-30882

A flaw was found in Keycloak. A low-privilege administrator with the 'view-clients' role can exploit this by invoking the 'evaluate-scopes' Admin API endpoints with an arbitrary user ID userId parameter. This vulnerability allows for cross-role personally identifiable information PII leakage,...

4.9CVSS5.9AI score0.00398EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 9:17 p.m.6 views

CVE-2021-32716

Shopware is an open source eCommerce platform. In versions prior to 6.4.1.1 the admin api has exposed some internal hidden fields when an association has been loaded with a to many reference. Users are recommend to update to version 6.4.1.1. You can get the update to 6.4.1.1 regularly via the...

4.9CVSS6.8AI score0.01113EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/04/12 12:0 a.m.7 views

PT-2020-12797 · Kong · Docker-Kong

Name of the Vulnerable Software and Affected Versions: docker-kong versions through 2.0.3 Description: An issue was discovered where the admin API port may be accessible on interfaces other than 127.0.0.1. The vendor argues that this is not a vulnerability because it has an inaccurate bug scope a...

9.8CVSS6.8AI score0.33825EPSS
Exploits1References12
Rows per page
Query Builder