Lucene search
+L

5 matches found

Vulnrichment
Vulnrichment
added 2025/11/14 12:0 a.m.5 views

CVE-2025-63291

When processing API requests, the Alteryx server 2022.1.1.42654 and 2024.1 used MongoDB object IDs to uniquely identify the data being requested by the caller. The Alteryx server did not check whether the authenticated user had permission to access the specified MongoDB object ID. By specifying...

6.2AI score0.00233EPSS
Exploits1References3
CVE
CVE
added 2025/11/14 12:0 a.m.16 views

CVE-2025-63291

Summary: CVE-2025-63291 affects Alteryx Server versions 2022.1.1.42654 and 2024.1. Issue: When processing API requests, the server uses MongoDB object IDs to identify data but does not verify that the authenticated user has permission to access the specified object ID, enabling access to records ...

5.4CVSS6.2AI score0.00233EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/10 1:31 a.m.6 views

CVE-2025-44823

Nagios Log Server before 2024R1.3.2 allows authenticated users to retrieve cleartext administrative API keys via a /nagioslogserver/index.php/api/system/getusers call. This is GL:NLS475...

9.9CVSS6.7AI score0.15568EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/10/07 12:0 a.m.18 views

CVE-2025-44823

Nagios Log Server before 2024R1.3.2 allows authenticated users to retrieve cleartext administrative API keys via a /nagioslogserver/index.php/api/system/getusers call. This is GL:NLS475...

9.9CVSS0.15568EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.10 views

PT-2025-41174

Name of the Vulnerable Software and Affected Versions Nagios Log Server versions prior to 2024R1.3.2 Description Nagios Log Server before version 2024R1.3.2 contains a flaw that allows authenticated users to retrieve cleartext administrative API keys. This is achieved by making a call to the...

9.9CVSS6.3AI score0.15568EPSS
Exploits2References19
Rows per page
Query Builder