CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-13417

Malicious code in bioql PyPI...

9.8CVSS6.3AI score0.00445EPSS

Exploits1References2

RedhatCVE•added 2025/05/07 12:24 a.m.•16 views

CVE-2025-45616

Incorrect access control in the /admin/ API of brcc v1.2.0 allows attackers to gain access to Admin rights via a crafted request...

9.8CVSS7AI score0.00445EPSS

Exploits1References1

Github Security Blog•added 2025/05/05 9:31 p.m.•51 views

BRCC Incorrect Access Control vulnerability

Incorrect access control in the /admin/ API of brcc v1.2.0 allows attackers to gain access to Admin rights via a crafted request...

9.8CVSS6.9AI score0.00445EPSS

Exploits1References3Affected Software1

Snyk•added 2025/05/05 9:31 p.m.•2 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass through the use of request.getRequestURI validation in com.baidu.brcc.config.UserAuthFilter.doFilter. An attacker can gain unauthorized admin rights by sending requests to /admin/ URIs on misconfigured servers. Not...

9.8CVSS7AI score0.00445EPSS

Exploits1References2

OSV•added 2025/05/05 9:31 p.m.•5 views

GHSA-W7XJ-PJ5F-8PWH BRCC Incorrect Access Control vulnerability

Incorrect access control in the /admin/ API of brcc v1.2.0 allows attackers to gain access to Admin rights via a crafted request...

9.8CVSS6.8AI score0.00445EPSS

Exploits1References3

NVD•added 2025/05/05 8:15 p.m.•11 views

CVE-2025-45616

Incorrect access control in the /admin/ API of brcc v1.2.0 allows attackers to gain access to Admin rights via a crafted request...

9.8CVSS0.00445EPSS

Exploits1References1

OSV•added 2025/05/05 8:15 p.m.•1 views

CVE-2025-45616

Incorrect access control in the /admin/ API of brcc v1.2.0 allows attackers to gain access to Admin rights via a crafted request...

9.8CVSS7AI score

Exploits0References1

Vulnrichment•added 2025/05/05 12:0 a.m.•8 views

CVE-2025-45616

Incorrect access control in the /admin/ API of brcc v1.2.0 allows attackers to gain access to Admin rights via a crafted request...

6.7AI score0.00445EPSS

Exploits1References1

Positive Technologies•added 2025/05/05 12:0 a.m.•3 views

PT-2025-19784 · Brcc · Brcc

Name of the Vulnerable Software and Affected Versions: brcc version 1.2.0 Description: The issue is related to incorrect access control in the "/admin/" API endpoint, which allows attackers to gain access to Admin rights via a crafted request. Recommendations: For brcc version 1.2.0, as a tempora...

9.8CVSS6.5AI score0.00445EPSS

Exploits1References7

CVE•added 2025/05/05 12:0 a.m.•80 views

CVE-2025-45616

CVE-2025-45616 affects Baidu BRCC v1.2.0, with an incorrect access-control in the /admin/** API that can let an attacker obtain Admin rights via a crafted request. The public records consistently describe the vulnerability as an improper access-control /admin/** exposure, enabling unauthorized ad...

9.8CVSS6.7AI score0.00445EPSS

Exploits1References1Affected Software1