CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

51 matches found

RedhatCVE•added 2026/06/05 7:47 p.m.•5 views

CVE-2026-9590

Improper access control in the permission validation component in Devolutions Server 2026.1.19 and earlier allows an authenticated user with entry edit privileges to modify asset information without the required permission...

5.3CVSS5.4AI score0.00184EPSS

Exploits0References1

NVD•added 2026/06/02 4:16 p.m.•16 views

CVE-2026-9590

5.3CVSS0.00184EPSS

Exploits0References1

ATTACKERKB•added 2026/06/02 2:7 p.m.•5 views

CVE-2026-9590

5.3CVSS5.8AI score0.00184EPSS

Exploits0References2

Vulnrichment•added 2026/06/02 2:7 p.m.•7 views

CVE-2026-9590

5.8AI score0.00184EPSS

Exploits0References1

Cvelist•added 2026/06/02 2:7 p.m.•34 views

CVE-2026-9590

0.00184EPSS

Exploits0References1

EUVD•added 2026/06/02 2:7 p.m.•10 views

EUVD-2026-33935

5.3CVSS5.8AI score0.00184EPSS

Exploits0References1

CVE•added 2026/05/12 8:19 p.m.•12 views

CVE-2026-44012

Craft CMS vulnerability CVE-2026-44012: AssetsController::actionShowInFolder() allows information disclosure by returning asset filenames and full folder hierarchies without validating volume permissions. Affected: 5.0.0-RC1 up to before 5.9.18. Any authenticated CP user with only accessCp can en...

7.1CVSS6AI score0.00324EPSS

Exploits0References2

EUVD•added 2026/04/07 3:30 p.m.•5 views

EUVD-2026-19635

An issue that allowed MCP agents to access remediation and asset information from outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N 5.8 Medium. Th...

5.8CVSS5.8AI score0.00208EPSS

Exploits0References3

Positive Technologies•added 2026/04/07 12:0 a.m.•4 views

PT-2026-30837

5.8CVSS5.8AI score0.00208EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-13304

Malicious code in bioql PyPI...

5CVSS5.3AI score0.01142EPSS

Exploits4References5

Veracode•added 2025/05/09 12:34 p.m.•16 views

Incorrect Authorization

snipe/snipe-it is vulnerable to Improper Authorization. The vulnerability is due to insufficient access control due to incorrect authorization logic allowing unauthorized access to asset information...

5CVSS6.6AI score0.01142EPSS

Exploits4References6Affected Software1

RedhatCVE•added 2025/05/04 12:6 a.m.•16 views

CVE-2025-47226

A flaw was found in the Snipe-IT component. The affected versions contain incorrect authorization protocols for accessing asset information. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising...

5CVSS4.9AI score0.01142EPSS

Exploits4References6

Github Security Blog•added 2025/05/02 9:30 p.m.•28 views

Grokability Snipe-IT has incorrect authorization for accessing asset information

Grokability Snipe-IT before 8.1.0 has incorrect authorization for accessing asset information...

5CVSS6.9AI score0.01142EPSS

Exploits4References6Affected Software1

OSV•added 2025/05/02 9:30 p.m.•14 views

GHSA-H3VP-QWMX-5J25 Grokability Snipe-IT has incorrect authorization for accessing asset information

Grokability Snipe-IT before 8.1.0 has incorrect authorization for accessing asset information...

5CVSS6.8AI score0.01142EPSS

Exploits4References6

OSV•added 2025/05/02 9:15 p.m.•17 views

CVE-2025-47226

Grokability Snipe-IT before 8.1.0 has incorrect authorization for accessing asset information...

3.3CVSS6.8AI score0.01142EPSS

Exploits4References4

NVD•added 2025/05/02 9:15 p.m.•28 views

CVE-2025-47226

Grokability Snipe-IT before 8.1.0 has incorrect authorization for accessing asset information...

5CVSS0.01142EPSS

Exploits4References4

Vulnrichment•added 2025/05/02 12:0 a.m.•7 views

CVE-2025-47226

Grokability Snipe-IT before 8.1.0 has incorrect authorization for accessing asset information...

5CVSS7AI score0.01142EPSS

Exploits4References4

CNNVD•added 2025/05/02 12:0 a.m.•2 views

Snipe-IT 安全漏洞

Snipe-IT is an open source IT asset/license management system from Grokability Open Source. A security vulnerability exists in Snipe-IT versions prior to 8.1.0 that stems from improper authorization to access asset information...

5CVSS5.2AI score0.01142EPSS

Exploits4References5

Cvelist•added 2025/05/02 12:0 a.m.•29 views

CVE-2025-47226

Grokability Snipe-IT before 8.1.0 has incorrect authorization for accessing asset information...

5CVSS0.01142EPSS

Exploits4References4

CNNVD•added 2024/02/26 12:0 a.m.•3 views

Bentley Assetwise ALIM Web Security Vulnerability

Bentley AssetWise ALIM Web is a Bentley web-based application for managing asset and infrastructure lifecycles. A security vulnerability exists in Bentley Assetwise ALIM Web versions prior to 23.00.02.03 and Assetwise Information Integrity Server versions prior to 23.00.04.04, which stems from th...

9.1CVSS6.7AI score0.00645EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by