Lucene search
+L

41 matches found

EUVD
EUVD
added 2025/12/31 7:32 a.m.6 views

EUVD-2025-205901

The NPort 6100-G2/6200-G2 Series is affected by a high-severity vulnerability CVE-2025-2026 that allows remote attackers to execute a null byte injection through the device’s web API. This may lead to an unexpected device reboot and result in a denial-of-service DoS condition. An authenticated...

7.7CVSS6.8AI score0.00378EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/04 12:0 a.m.3 views

CVE-2025-65900

Kalmia CMS version 0.2.0 contains an Incorrect Access Control vulnerability in the /kal-api/auth/users API endpoint. Due to insufficient permission validation and excessive data exposure in the backend, an authenticated user with basic read permissions can retrieve sensitive information for all...

6AI score0.00266EPSS
Exploits3References2
EUVD
EUVD
added 2025/11/18 9:32 p.m.6 views

EUVD-2025-198074

A vulnerability in the SSH restricted shell interface of the network management services allows improper access control for authenticated read-only users. If successfully exploited, this vulnerability could allow an attacker with read-only privileges to gain administrator access on the affected...

7.8CVSS6.4AI score0.00114EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/06 4:41 p.m.8 views

CVE-2025-20305

A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because certain files lack proper data protection mechanisms. An attacker with read-only Administrato...

4.9CVSS6.4AI score0.00278EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-7916

Malware in sbrugna...

7.5CVSS7.4AI score0.01751EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2025/08/14 3:49 p.m.16 views

CVE-2025-5468

Improper handling of symbolic links in Ivanti Connect Secure before version 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a local authenticated attacker to re...

5.5CVSS6.9AI score0.00354EPSS
Exploits0References1
NVD
NVD
added 2025/08/12 3:15 p.m.7 views

CVE-2025-5468

Improper handling of symbolic links in Ivanti Connect Secure before version 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a local authenticated attacker to re...

5.5CVSS0.00354EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2014-5020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The File module in Drupal 7.x before 7.29 does not properly check permissions to view files, which allows remote authenticated users with certain permissions to...

4.9CVSS6.2AI score0.01323EPSS
Exploits0References2
OSV
OSV
added 2025/03/11 3:15 p.m.5 views

CVE-2024-52960

A client-side enforcement of server-side security vulnerability CWE-602 in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.6 and before 4.2.7 allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests...

8.8CVSS5.9AI score0.00313EPSS
Exploits0References1
CVE
CVE
added 2024/07/10 6:40 p.m.6898 views

CVE-2024-5911

CVE-2024-5911 affects Palo Alto Networks PAN-OS Panorama web interface via an arbitrary file upload vulnerability accessible to an authenticated read-write administrator. The issue can disrupt system processes and crash Panorama, with repeated attacks potentially forcing maintenance mode requirin...

7CVSS6.6AI score0.00576EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2024/03/13 6:15 p.m.6 views

CVE-2024-2433

An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload files using the web interface and completely fill one of the disk partitions with those uploaded files, which prevents the ability to log into the web interfa...

4.3CVSS5.8AI score0.00568EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/12/13 7:15 p.m.1 views

CVE-2023-6791

A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface...

4.9CVSS5.8AI score0.00624EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/05/10 5:15 p.m.26 views

CVE-2023-0008

A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition...

4.4CVSS4.8AI score0.00542EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:58 a.m.3 views

SUSE CVE-2016-7031

The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list the bucket contents via a URL...

7.5CVSS7.2AI score0.01751EPSS
Exploits1References3
OSV
OSV
added 2021/10/21 3:15 a.m.5 views

CVE-2021-40123

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker with administrative read-only privileges to download files that should be restricted. This vulnerability is due to incorrect permissions settings on an affecte...

6.5CVSS5.8AI score0.00771EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2017/10/11 12:7 p.m.84 views

USN-3452-1: Ceph vulnerabilities

It was discovered that Ceph incorrectly handled the handlecommand function. A remote authenticated user could use this issue to cause Ceph to crash, resulting in a denial of service. CVE-2016-5009 Rahul Aggarwal discovered that Ceph incorrectly handled the authenticated-read ACL. A remote attacke...

7.5CVSS6.2AI score0.04396EPSS
Exploits2
OSV
OSV
added 2017/10/11 12:7 p.m.8 views

USN-3452-1 ceph vulnerabilities

It was discovered that Ceph incorrectly handled the handlecommand function. A remote authenticated user could use this issue to cause Ceph to crash, resulting in a denial of service. CVE-2016-5009 Rahul Aggarwal discovered that Ceph incorrectly handled the authenticated-read ACL. A remote attacke...

7.5CVSS6.6AI score0.04396EPSS
Exploits2References5
NVD
NVD
added 2017/01/30 4:59 p.m.23 views

CVE-2017-5573

An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can cancel tasks of other administrators...

4.9CVSS5.1AI score0.01104EPSS
Exploits0References3
OSV
OSV
added 2016/10/03 6:59 p.m.6 views

DEBIAN-CVE-2016-7031

The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list the bucket contents via a URL...

7.5CVSS6.1AI score0.01751EPSS
Exploits1References1
Cvelist
Cvelist
added 2016/10/03 6:0 p.m.34 views

CVE-2016-7031

The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list the bucket contents via a URL...

7.4AI score0.01751EPSS
Exploits1References6
Rows per page
Query Builder