Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/02/24 7:41 a.m.8 views

CVE-2025-40541 SolarWinds Serv-U Insecure Direct Object Reference (IDOR) Remote Code Execution Vulnerability

An Insecure Direct Object Reference IDOR vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because...

9.1CVSS5.7AI score0.0057EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 11:42 p.m.5 views

CVE-2022-41929

org.xwiki.platform:xwiki-platform-oldcore is missing authorization in UsersetDisabledStatus, which may allow an incorrectly authorized user with only Script rights to enable or disable a user. This operation is meant to only be available for users with admin rights. This problem has been patched ...

4.9CVSS5.3AI score0.00713EPSS
Exploits1References1
NCSC
NCSC
added 2024/11/13 12:38 p.m.6 views

Vulnerabilities fixed in Ivanti Connect Secure and Policy Secure

Ivanti has fixed vulnerabilities in Connect Secure and Policy Secure. A malicious party could exploit the vulnerabilities to launch attacks that could result in the following categories of damage: Denial-of-Service DoS Cross-Site Scripting XSS. Increased user privileges Remote code execution User...

9.1CVSS7.5AI score0.02014EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/06 12:0 a.m.4 views

PT-2023-20110 · WordPress · Jch Optimize

Name of the Vulnerable Software and Affected Versions: JCH Optimize plugin versions 3.2.2 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that affects the JCH Optimize plugin. This vulnerability requires authentication with admin+ privileges...

5.9CVSS5.2AI score0.00369EPSS
Exploits0References4
Rows per page
Query Builder