Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.14 views

PT-2026-38663

Name of the Vulnerable Software and Affected Versions solidtime version 0.12.0 Description An issue exists where the 'PUT /api/v1/organizations/organization/time-entries/timeEntry' API accepts a route-bound timeEntry from a different organization. This occurs when the caller possesses the...

5.8CVSS5.8AI score0.00266EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.6 views

ELADMIN 安全漏洞

ELADMIN is a backend management system developed by elunez’s individual developer. Versions of ELADMIN 2.7 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a vulnerability allowing arbitrary user password resets, which could lead to password resets at any user...

8.1CVSS5.9AI score0.00187EPSS
Exploits1References3
OSV
OSV
added 2026/01/26 2:49 p.m.3 views

BIT-SOLR-2026-22022 Apache Solr: Unauthorized bypass of certain "predefined permission" rules in the RuleBasedAuthorizationPlugin

Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components. Only deployments that meet all of the following criteria ar...

8.2CVSS5.9AI score0.00491EPSS
Exploits0References3
Snyk
Snyk
added 2026/01/21 3:31 p.m.2 views

Missing Authorization

Overview org.apache.solr:solr-core is an open source enterprise search platform built on Apache Lucene Affected versions of this package are vulnerable to Missing Authorization in the Rule Based Authorization Plugin, by which the getPermissionName function can be forced to return null. An attacke...

8.3CVSS5.7AI score0.00491EPSS
Exploits0References2
OSV
OSV
added 2026/01/21 3:31 p.m.1 views

GHSA-QR3P-2XJ2-Q7HQ Apache Solr: Unauthorized bypass of certain "predefined permission" rules in the RuleBasedAuthorizationPlugin

Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components. Only deployments that meet all of the following criteria ar...

8.2CVSS6AI score0.00491EPSS
Exploits0References6
OSV
OSV
added 2026/01/21 2:16 p.m.2 views

UBUNTU-CVE-2026-22022

Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components. Only deployments that meet all of the following criteria ar...

8.2CVSS5.9AI score0.00491EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/21 1:41 p.m.2 views

CVE-2026-22022

Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components. Only deployments that meet all of the following criteria ar...

8.2CVSS5.5AI score0.00491EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2014/03/31 4:58 p.m.6 views

6: JSM policy not respected by deployed applications

It was found that Java Security Manager permissions configured via a policy file were not properly applied, causing all deployed applications to be granted the java.security.AllPermission permission. In certain cases, an attacker could use this flaw to circumvent expected security measures to...

5.8CVSS5.7AI score0.02095EPSS
Exploits0References4
Rows per page
Query Builder