Lucene search
K

55 matches found

EUVD
EUVD
added 2026/07/06 4:13 p.m.5 views

EUVD-2026-41887

A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support. Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts...

9.2CVSS6AI score0.00653EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 4:13 p.m.40 views

CVE-2026-40139 Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access

A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support. Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts...

9.2CVSS0.00653EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/07/06 4:12 p.m.7 views

CVE-2026-40138 Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access

A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance...

9.2CVSS6AI score0.00417EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 4:12 p.m.39 views

CVE-2026-40138 Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access

A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance...

9.2CVSS0.00417EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.10 views

PT-2026-55950

Name of the Vulnerable Software and Affected Versions BeyondTrust Remote Support and Privileged Remote Access versions prior to 26.2.1 BeyondTrust Remote Support and Privileged Remote Access versions prior to 25.3.3 Description A critical pre-authentication flaw exists in the authentication...

9.2CVSS6.2AI score0.00417EPSS
Exploits0References23
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.12 views

PT-2026-55951

Name of the Vulnerable Software and Affected Versions BeyondTrust Remote Support affected versions not specified Description A critical pre-authentication flaw exists in the authentication subsystem. Improper processing of authentication requests allows an unauthenticated remote attacker to bypas...

9.8CVSS6.2AI score0.00653EPSS
Exploits0References15
RedhatCVE
RedhatCVE
added 2026/06/05 6:14 a.m.17 views

CVE-2026-4035

A flaw was found in MLflow. This vulnerability allows an attacker to exfiltrate sensitive server-side environment credentials. It occurs because the AI Gateway secrets can resolve environment variables, which are then sent to an attacker-controlled endpoint. This could lead to unauthorized access...

9.1CVSS5.6AI score0.00435EPSS
Exploits1References5
Metasploit
Metasploit
added 2026/05/14 7:0 p.m.311 views

GestioIP 3.5.7 Remote Command Execution

This module exploits a command execution via file upload. If GestioIP is configured to use no authentication for admin account, no password is required to exploit the vulnerability. Otherwise, an authenticated user with admin right on the web site is required to exploit. Module Options msf use...

9.8CVSS7.2AI score0.45109EPSS
Exploits5
Snyk
Snyk
added 2026/03/05 8:52 p.m.7 views

User Impersonation

Overview Affected versions of this package are vulnerable to User Impersonation in the authentication process when JWT tokens are parsed without enforcing the audience claim in certain configurations. An attacker can gain unauthorized access by presenting a validly signed JWT token with an...

8.8CVSS5.8AI score0.00301EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/18 4:45 p.m.5 views

CVE-2026-20142 Sensitive Information Disclosure in "_internal" index in Splunk Enterprise

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the Splunk internal index could view the RSA accessKey value from the Authentication.conf file, in plain text...

6.8CVSS5.5AI score0.0031EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/12 7:32 p.m.7 views

EUVD-2025-203118

A vulnerability was found in UTT 进取 512W up to 1.7.7-171114. This affects an unknown part of the file /goform/formWebAuthGlobalConfig. Performing manipulation of the argument hidcontact results in memory corruption. Remote exploitation of the attack is possible. The exploit has been made public a...

9CVSS5.8AI score0.03108EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-0441

Malware in sbrugna...

7.5CVSS6.4AI score0.01721EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2004-0809

Malware in sbrugna...

7.5CVSS6.1AI score0.06813EPSS
Exploits1References21
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2013-6274

Malware in sbrugna...

5CVSS6.4AI score0.01876EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-4100

Malicious code in bioql PyPI...

9.8CVSS6.3AI score0.01006EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-23933

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00254EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.4 views

Siemens Mendix SAML 数据伪造问题漏洞

Siemens Mendix SAML is an authentication module provided by the Siemens Mendix platform for single sign-on SSO functionality. An account hijacking vulnerability exists in Siemens Mendix SAML, which stems from insufficient signature verification and binding checks, and can be exploited by an...

8.7CVSS7AI score0.00221EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/09 12:23 a.m.6 views

CVE-2025-54395

Netwrix Directory Manager formerly Imanami GroupID 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data...

6.1CVSS6.2AI score0.00254EPSS
Exploits0References1
OSV
OSV
added 2025/08/07 5:15 p.m.4 views

CVE-2025-54395

Netwrix Directory Manager formerly Imanami GroupID 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data...

6.1CVSS5.8AI score0.00254EPSS
Exploits0References1
NVD
NVD
added 2025/08/07 5:15 p.m.6 views

CVE-2025-54395

Netwrix Directory Manager formerly Imanami GroupID 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data...

6.1CVSS0.00254EPSS
Exploits0References1
Rows per page
Query Builder