Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.12 views

CVE-2026-5936

An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior may be exploited to probe internal network services, access otherwise unreachable endpoints e.g., cloud metadata services, or bypass...

9.8CVSS5.6AI score0.00195EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.33 views

Keycloak 安全漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak. Keycloak has a security vulnerability, which stems from the IdentityBrokerService.performLogin endpoint allowing authentication with disabled identity providers, potentially leading to bypass of access...

8.1CVSS5.8AI score0.00333EPSS
Exploits0References5
NVD
NVD
added 2022/08/10 5:15 p.m.16 views

CVE-2022-33925

Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An remote authenticated attacker could potentially exploit this vulnerability by bypassing access controls in order to download reports containing sensitive information...

6.5CVSS0.00701EPSS
Exploits0References1
Prion
Prion
added 2022/08/10 5:15 p.m.10 views

Improper access control

Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An remote authenticated attacker could potentially exploit this vulnerability by bypassing access controls in order to download reports containing sensitive information...

4CVSS6.2AI score0.00701EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2021/09/08 9:15 p.m.20 views

CVE-2021-30605

Inappropriate implementation in the ChromeOS Readiness Tool installer on Windows prior to 1.0.2.0 loosens DCOM access rights on two objects allowing an attacker to potentially bypass discretionary access controls...

7.8CVSS0.0012EPSS
Exploits0References2
exploitpack
exploitpack
added 2018/05/03 12:0 a.m.35 views

JasperReports - (Authenticated) File Read

JasperReports - Authenticated File Read TIBCO’s JasperReports string = wrapper.getParameterValues"page" To: getResource @ DirResourceSet.java:101 file = new File/home/rhino/jasperreports...mcat/webapps/jasperserver,"/WEB-INF/jsp/modules/administer/adminImport.jsp" Due to a lack of input validatio...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.7 views

The vulnerability of the Flash Player software allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability in Adobe Flash Player allows attackers to circumvent access restrictions...

7.5CVSS5.4AI score0.04384EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/11/20 12:0 a.m.7 views

The vulnerability of the Android operating system allows attackers to circumvent existing access restrictions, breach data confidentiality, or cause service failures.

The vulnerability of the Android operating system is related to deficiencies in access control for certain functions. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions, compromise data confidentiality, or cause service failures through a specially creat...

5.8CVSS5.5AI score0.00563EPSS
Exploits0References1
Rows per page
Query Builder