Lucene search
+L

3113 matches found

cvelist
cvelist
added 2026/06/10 3:15 a.m.43 views

CVE-2026-24724 File Station 5

An incorrect authorization vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass intended access restrictions. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.52...

8.6CVSS0.00259EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/06/10 12:0 a.m.20 views

SpiceDB 授权问题漏洞

SpiceDB is a fine-grained permission database developed by the Authzed team. In versions 1.15.0 to 1.52.0 of SpiceDB, there was an authorization vulnerability. This vulnerability stemmed from the caveat structure, which contained nested lists, potentially leading to improper caching reuse...

2.3CVSS5.3AI score0.00276EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/06/10 12:0 a.m.19 views

Apache OFBiz 授权问题漏洞

Apache OFBiz is an ERP system developed by the Apache Foundation in the United States. This system provides a complete set of Java-based web application components and tools. Versions of Apache OFBiz prior to 24.09.07 had an authorization vulnerability; this vulnerability stemmed from an issue wi...

8.8CVSS5.3AI score0.00407EPSS
Exploits0References1
euvd
euvd
added 2026/06/09 4:6 a.m.18 views

EUVD-2026-35347

A missing authorization vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to access unauthorized data or perform unauthorized actions. We have already fixed the vulnerability in the following version: QuMagie 2.9.0 and later...

8.7CVSS5.5AI score0.00322EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/09 4:6 a.m.35 views

CVE-2026-26236 QuMagie

A missing authorization vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to access unauthorized data or perform unauthorized actions. We have already fixed the vulnerability in the following version: QuMagie 2.9.0 and later...

8.7CVSS0.00322EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.15 views

PT-2026-47641

Name of the Vulnerable Software and Affected Versions QuMagie versions prior to 2.9.0 Description A missing authorization issue allows remote attackers to access unauthorized data or perform unauthorized actions. Recommendations Update to version 2.9.0 or later...

8.7CVSS5.8AI score0.00322EPSS
Exploits0References5
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.17 views

Microsoft Windows Cryptographic Services 授权问题漏洞

Microsoft Windows Cryptographic Services are encryption services provided by Microsoft Corporation. There is an authorization issue vulnerability in Microsoft Windows Cryptographic Services. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions ar...

8.4CVSS5.3AI score0.00261EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.17 views

LimeSurvey 授权问题漏洞

LimeSurvey PHPSurveyor is a set of open-source online survey programs developed by the LimeSurvey team. It supports functions such as survey program development, survey questionnaire publishing, and data collection. LimeSurvey has an authorization issue vulnerability, which stems from the lack of...

8.8CVSS5.4AI score0.00372EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.10 views

Microsoft Office Sharepoint Server 授权问题漏洞

Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. There are authorization-related vulnerabilities in Microsoft Office SharePoint. Attackers can exploit these vulnerabilities to execute code remotely. The followi...

8CVSS7.1AI score0.00669EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.12 views

Microsoft PowerToys 授权问题漏洞

Microsoft PowerToys is a set of advanced Windows productivity tools that are open-source by Microsoft. There are authorization-related vulnerabilities in Microsoft PowerToys; these vulnerabilities stem from improper authorization practices, which may allow unauthorized attackers to gain local...

7.8CVSS5.4AI score0.00291EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.18 views

FreeSWITCH 授权问题漏洞

FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and short message-based products and applications. Prior to FreeSWITCH version 1.11.1, there was an...

4.3CVSS5.4AI score0.00172EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.15 views

Spring Framework 授权问题漏洞

The Spring Framework is an application development framework developed by Spring in open source. Versions 7.0.0 to 7.0.7, 6.2.0 to 6.2.18, 6.1.0 to 6.1.27, and 5.3.0 to 5.3.48 of the Spring Framework contain authorization vulnerabilities. These vulnerabilities stem from the WebFlux application,...

4.2CVSS5.3AI score0.00197EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.20 views

Taier 授权问题漏洞

Taier is a distributed scheduling system open source by DTStack. It aims to reduce the costs of ETL processes, clarify complex dependencies between tasks, and lower labor costs related to submission, scheduling, and operations. Versions of Taier 1.4.0 and earlier have vulnerabilities related to...

7.5CVSS7.5AI score0.00401EPSS
Exploits0References1
euvd
euvd
added 2026/06/08 4:16 p.m.11 views

EUVD-2026-35128

STACKIT IaaS API contains a missing authorization check vulnerability that allows authenticated, low-privileged attackers to escalate privileges to full organization compromise by attaching arbitrary service accounts to virtual machines they control. Attackers can exploit the unvalidated PUT...

9.8CVSS5.6AI score0.00302EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/08 12:0 a.m.25 views

PT-2026-47295

A security vulnerability has been detected in Mohammed-eid35 bank-management-system-springboot up to 7b9bcc65ad7df3db29af71aed9bb500e5f24d948. This affects an unknown part of the file src/main/java/com/alien/bank/management/system/controller/TransactionController.java of the component Transaction...

6.5CVSS6.1AI score0.00272EPSS
Exploits0References7
cnnvd
cnnvd
added 2026/06/08 12:0 a.m.15 views

Bludit 授权问题漏洞

Bludit is an open-source, lightweight blog content management system developed by Bludit. Versions of Bludit prior to 3.22.0 had an authorization issue vulnerability. This vulnerability stemmed from the fact that active sessions remained valid even after user accounts were deleted, potentially...

8.8CVSS5.3AI score0.00294EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/06/06 12:0 a.m.12 views

OneDev 授权问题漏洞

OneDev is a JAVA-based multi-functional DevOps platform developed by Theonedev team. This platform supports container building, orchestration, CI, Git management, and team collaboration, helping developers create a simple yet powerful development platform. OneDev versions 15.0.5 and earlier have...

6.5CVSS6.5AI score0.00214EPSS
Exploits0References6
redhatcve
redhatcve
added 2026/06/05 7:33 p.m.11 views

CVE-2026-27393

Missing Authorization vulnerability in Tobias CF7 WOW Styler allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CF7 WOW Styler: from n/a through 1.7.6...

5.3CVSS5.4AI score0.00171EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:26 p.m.11 views

CVE-2026-48971

Missing Authorization vulnerability in WebToffee Product Import Export for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Product Import Export for WooCommerce: from n/a through 2.5.6...

4.3CVSS5.4AI score0.00231EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:18 p.m.9 views

CVE-2026-45399

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user with low privileges can enumerate active background tasks across the system and stop tasks belonging to other users via the GET /api/tasks and POST...

7.1CVSS5.5AI score0.0027EPSS
Exploits1References1
Rows per page
Query Builder