Lucene search
K

115 matches found

CNNVD
CNNVD
added 2025/05/07 12:0 a.m.1 views

Cisco IOS 安全漏洞

Cisco IOS is a set of operating systems developed by Cisco USA for its network devices. A security vulnerability exists in Cisco IOS that stems from insufficient authorization validation, which could lead to elevated privileges...

8.3CVSS6.5AI score0.00294EPSS
Exploits0References1
NVD
NVD
added 2025/05/03 5:15 p.m.16 views

CVE-2025-1495

IBM Business Automation Workflow 24.0.0 and 24.0.1 through 24.0.1 IF001 Center may leak sensitive information due to missing authorization validation...

4.3CVSS0.00211EPSS
Exploits0References1
CVE
CVE
added 2025/05/03 4:53 p.m.57 views

CVE-2025-1495

CVE-2025-1495 affects IBM Business Automation Workflow 24.0.0 and 24.0.1 through 24.0.1 IF001 Center, where information can be leaked due to missing authorization validation. Root cause: missing authentication for a critical function. Impact: potential disclosure of sensitive information. Remedia...

4.3CVSS4.4AI score0.00211EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/03 6:5 a.m.11 views

Security Bulletin: Information leakage vulnerability affect IBM Business Automation Workflow - CVE-2025-1495

Summary IBM Business Automation Workflow is vulnerable to an information leakage attack. Vulnerability Details CVEID:CVE-2025-1495 DESCRIPTION: IBM Business Automation Workflow Center may leak sensitive information due to missing authorization validation. CWE:CWE-306: Missing Authentication for...

4.3CVSS6.1AI score0.00211EPSS
Exploits0Affected Software2
Positive Technologies
Positive Technologies
added 2025/05/03 12:0 a.m.6 views

PT-2025-18949 · Ibm · Ibm Business Automation Workflow

Name of the Vulnerable Software and Affected Versions: IBM Business Automation Workflow versions 24.0.0 through 24.0.1 IF001 Description: The issue is related to missing authorization validation, which may cause the software to leak sensitive information. Recommendations: For IBM Business...

4.3CVSS5.7AI score0.00211EPSS
Exploits0References7
Veracode
Veracode
added 2025/02/24 4:0 a.m.5 views

Server-side Request Forgery

github.com/bishopfox/sliver is vulnerable to Server-side Request Forgery. The vulnerability is due to improper authorization and lack of validation in the Sliver teamserver's reverse port forwarding mechanism, which allows the implant to open a reverse tunnel without operator instruction...

6.9CVSS6.7AI score0.00578EPSS
Exploits1References4Affected Software1
CNVD
CNVD
added 2025/02/06 12:0 a.m.2 views

coolLabs Coolify Elevation of Privilege Vulnerability

Coolify is an open source and self-hosted alternative to Heroku/Netlify/Vercel. A elevation of privilege vulnerability exists in coolLabs Coolify, which is caused by improper authorization validation of terminal functions. An attacker can exploit the vulnerability to gain elevated privileges and...

9.9CVSS8AI score0.00473EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/04 6:3 p.m.38 views

Security Bulletin: IBM Instana Observability is vulnerable to AuthZ Plugin Bypass and Privilege Escalation

Summary Vulnerability in Docker Engine that could allow attackers to bypass authorization plugins AuthZ was remediated in IBM Observability with Instana Build 279. CVE-2024-41110 Vulnerability Details CVEID:CVE-2024-41110 DESCRIPTION: Moby is an open-source project created by Docker for software...

9.9CVSS9.9AI score0.16496EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.3 views

WordPress plugin Xola 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.3CVSS8.2AI score0.00245EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.3 views

WordPress plugin PayPal Marketing Solutions 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

4.3CVSS8.2AI score0.00245EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.2 views

WordPress plugin Chamber Dashboard Business Directory 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

5.4CVSS8.3AI score0.00463EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.2 views

WordPress plugin Loginplus 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

5.3CVSS8.3AI score0.0057EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.2 views

WordPress plugin SendGrid for WordPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS8.2AI score0.00398EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.2 views

WordPress plugin Woo Tuner 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.4CVSS8.3AI score0.00442EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.4 views

WordPress plugin WordPress Graphs & Charts 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...

5.4CVSS8.2AI score0.00273EPSS
Exploits0References2
CVE
CVE
added 2024/12/26 3:45 p.m.69 views

CVE-2024-12908

Delinea Secret Server v11.7.31 (protocol handler 6.0.3.26) is affected by a flaw in the protocol handler where URIs were compared before normalization/canonicalization, enabling potential over-matching against an approved list. This could allow a remote attacker to lure a user to a malicious web ...

8.3CVSS7.1AI score0.00715EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2024/12/04 5:18 p.m.36 views

CVE-2024-12148

Incorrect authorization in permission validation component in Devolutions Server 2024.3.6.0 and earlier allows an authenticated user to access some reporting endpoints...

0.00357EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/26 12:0 a.m.2 views

WordPress plugin Joy Of Text Lite 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

4.3CVSS6.7AI score0.00272EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/09/07 12:0 a.m.4 views

Veeam Agent for Linux 安全漏洞

Veeam Agent for Linux is a data protection and disaster recovery solution for physical and virtual machines from Veeam USA. A security vulnerability exists in Veeam Agent for Linux version 6.2 and prior versions, which stems from a lack of authorization validation that allows a local,...

7.8CVSS7.6AI score0.00187EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/26 12:0 a.m.4 views

Softvelum Nimble Commander 安全漏洞

Softvelum Nimble Commander is a media server software from Softvelum Inc. It is used to stream live and on-demand video and audio to desktop computers, mobile devices, Internet-connected TVs, and more. A security vulnerability exists in Softvelum Nimble Commander that originates from incorrect or...

8.8CVSS6.9AI score0.00246EPSS
Exploits1References2
Rows per page
Query Builder