Lucene search
K

8 matches found

OSV
OSV
added 2026/03/10 5:6 p.m.6 views

CVE-2026-30959 OneUptime has WhatsApp Resend Verification Authorization Bypass

OneUptime is a solution for monitoring and managing online services. The resend-verification-code endpoint allows any authenticated user to trigger a verification code resend for any UserWhatsApp record by ID. Ownership is not validated unlike the verify endpoint. This affects the...

5.3CVSS5.9AI score0.00371EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-2424

Malware in sbrugna...

8.8CVSS8.6AI score0.01182EPSS
Exploits0References6
OSV
OSV
added 2025/06/09 6:14 p.m.5 views

GO-2025-3740 Grafana vulnerable to authenticated users bypassing dashboard, folder permissions in github.com/grafana/grafana

Grafana vulnerable to authenticated users bypassing dashboard, folder permissions in github.com/grafana/grafana. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports...

8.3CVSS6.8AI score0.10611EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/06/05 1:36 p.m.7 views

CVE-2025-3768

Improper access control in Tor network blocking feature in Devolutions Server 2025.1.10.0 and earlier allows an authenticated user to bypass the tor blocking feature when the Devolutions hosted endpoint is not reachable...

5.1AI score0.00213EPSS
Exploits0References1
OSV
OSV
added 2023/03/10 10:15 p.m.4 views

CVE-2023-23328

A File Upload vulnerability exists in AvantFAX 3.3.7. An authenticated user can bypass PHP file type validation in FileUpload.php by uploading a specially crafted PHP file...

8.8CVSS7.3AI score0.01097EPSS
Exploits1References2
OSV
OSV
added 2021/09/09 10:15 p.m.5 views

CVE-2021-39203

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions authenticated users who don't have permission to view private post types/data can bypass restrictions in the block editor under certain conditions. This...

6.5CVSS5.8AI score0.00911EPSS
Exploits0References2
CNVD
CNVD
added 2021/07/16 12:0 a.m.15 views

IBM Security Access Manager Privilege License and Access Control Issues Vulnerability (CNVD-2021-53344)

IBM Security Access Manager is a product for information security management applications from IBM, USA. The product enables access management control through integrated devices for web, mobile and cloud computing. IBM Security Access Manager Docker is vulnerable to a privilege permission and...

4.9CVSS5.4AI score0.00649EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/07/13 12:0 a.m.6 views

IBM Security Access Manager 输入验证错误漏洞

IBM Security Access Manager is a product for information security management applications from IBM, USA. The product enables access management control through integrated devices for web, mobile and cloud computing. IBM Security Access Manager Docker is vulnerable to a privilege permission and...

4.9CVSS8.3AI score0.00649EPSS
Exploits0References3
Rows per page
Query Builder