Lucene search
K

132 matches found

NVD
NVD
added 6 days ago9 views

CVE-2026-26053

An Incorrect Privilege Assignment CWE-266 vulnerability in the Command Centre Server allows an authenticated operator with limited privileges to perform some operations that they would not normally be authorized to perform. Version of Command Centre affected: 9.50 prior to vEL9.50.1587MR1, 9.40...

5.3CVSS0.00153EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-42000

An Incorrect Privilege Assignment CWE-266 vulnerability in the Command Centre Server allows an authenticated operator with limited privileges to perform some operations that they would not normally be authorized to perform. Version of Command Centre affected: 9.50 prior to vEL9.50.1587MR1, 9.40...

5.3CVSS5.9AI score0.00153EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-26053

An Incorrect Privilege Assignment CWE-266 vulnerability in the Command Centre Server allows an authenticated operator with limited privileges to perform some operations that they would not normally be authorized to perform. Version of Command Centre affected: 9.50 prior to vEL9.50.1587MR1, 9.40...

5.3CVSS0.00153EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago7 views

CVE-2026-26053

An Incorrect Privilege Assignment CWE-266 vulnerability in the Command Centre Server allows an authenticated operator with limited privileges to perform some operations that they would not normally be authorized to perform. Version of Command Centre affected: 9.50 prior to vEL9.50.1587MR1, 9.40...

5.3CVSS5.9AI score0.00153EPSS
Exploits0References2Affected Software1
CVE
CVE
added 6 days ago12 views

CVE-2026-26053

CV-E-2026-26053 concerns the Command Centre Server. Affected versions: 9.50 before vEL9.50.1587(MR1), 9.40 before vEL9.40.3130(MR3), 9.30 before vEL9.30.3983(MR5), 9.20 before vEL9.20.4349(MR7), and all 9.10. Root cause: Incorrect Privilege Assignment (CWE-266) enabling an authenticated operator ...

5.3CVSS5.9AI score0.00153EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/04 7:37 a.m.7 views

CVE-2026-20757

Improper Locking vulnerability CWE-667 in Gallagher Morpho integration allows a privileged operator to cause a limited denial-of-service in the Command Centre Server. This issue affects Command Centre Server: 9.40 prior to vEL9.40.1976MR1, 9.30 prior to vEL9.30.3382 MR4, 9.20 prior to vEL9.20.378...

2.5CVSS5.9AI score0.00069EPSS
Exploits0References1
NVD
NVD
added 2026/03/03 3:15 a.m.5 views

CVE-2026-20757

Improper Locking vulnerability CWE-667 in Gallagher Morpho integration allows a privileged operator to cause a limited denial-of-service in the Command Centre Server. This issue affects Command Centre Server: 9.40 prior to vEL9.40.1976MR1, 9.30 prior to vEL9.30.3382 MR4, 9.20 prior to vEL9.20.378...

2.5CVSS0.00069EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/03 2:40 a.m.3 views

CVE-2026-20757

Improper Locking vulnerability CWE-667 in Gallagher Morpho integration allows a privileged operator to cause a limited denial-of-service in the Command Centre Server. This issue affects Command Centre Server: 9.40 prior to vEL9.40.1976MR1, 9.30 prior to vEL9.30.3382 MR4, 9.20 prior to vEL9.20.378...

2.5CVSS5.9AI score0.00069EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/03/03 2:40 a.m.5 views

EUVD-2026-9275

Improper Locking vulnerability CWE-667 in Gallagher Morpho integration allows a privileged operator to cause a limited denial-of-service in the Command Centre Server. This issue affects Command Centre Server: 9.40 prior to vEL9.40.1976MR1, 9.30 prior to vEL9.30.3382 MR4, 9.20 prior to vEL9.20.378...

2.5CVSS5.9AI score0.00069EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/03 2:40 a.m.33 views

CVE-2026-20757

Improper Locking vulnerability CWE-667 in Gallagher Morpho integration allows a privileged operator to cause a limited denial-of-service in the Command Centre Server. This issue affects Command Centre Server: 9.40 prior to vEL9.40.1976MR1, 9.30 prior to vEL9.30.3382 MR4, 9.20 prior to vEL9.20.378...

2.5CVSS0.00069EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/03 2:40 a.m.4 views

CVE-2026-20757

Improper Locking vulnerability CWE-667 in Gallagher Morpho integration allows a privileged operator to cause a limited denial-of-service in the Command Centre Server. This issue affects Command Centre Server: 9.40 prior to vEL9.40.1976MR1, 9.30 prior to vEL9.30.3382 MR4, 9.20 prior to vEL9.20.378...

2.5CVSS5.9AI score0.00069EPSS
Exploits0References1
CVE
CVE
added 2026/03/03 2:40 a.m.10 views

CVE-2026-20757

CVE-2026-20757 is an Improper Locking (CWE-667) vulnerability in the Gallagher Morpho integration affecting the Command Centre Server. Affected versions include 9.40 before vEL9.40.1976(MR1), 9.30 before vEL9.30.3382(MR4), 9.20 before vEL9.20.3783(MR6), 9.10 before vEL9.10.4647(MR9), and all 9.00...

2.5CVSS5.9AI score0.00069EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.5 views

PT-2026-22716

Improper Locking vulnerability CWE-667 in Gallagher Morpho integration allows a privileged operator to cause a limited denial-of-service in the Command Centre Server. This issue affects Command Centre Server: 9.40 prior to vEL9.40.1976MR1, 9.30 prior to vEL9.30.3382 MR4, 9.20 prior to vEL9.20.378...

2.5CVSS5.9AI score0.00069EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:2 a.m.13 views

CVE-2023-25074

Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Competencies. This issue affects Command Centre: vEL8.90 prior to vEL8.90.1318 MR1, vEL8.80 prior to vEL8.80.1192 MR2, vEL8.70 prior to vEL8.70.2185 MR4, vEL8.60 prior to...

7.1CVSS6.8AI score0.00264EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:41 a.m.12 views

CVE-2022-26348

Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attacker using the Visitor Management Kiosk, an application designed for public use, to invoke an arbitrary SQL query that has been preloaded in...

8.2CVSS7.9AI score0.00266EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/19 4:16 a.m.3 views

CVE-2025-52457

Observable Timing Discrepancy CWE-208 in HBUS devices may allow an attacker with physical access to the device to extract device-specific keys, potentially compromising further site security. This issue affects Command Centre Server: 9.30 prior to vCR9.30.251028a distributed in 9.30.2881 MR3, 9.2...

5.7CVSS6.6AI score0.0013EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/19 4:16 a.m.4 views

CVE-2025-52578

Incorrect Usage of Seeds in Pseudo-Random Number Generator CWE- 335 vulnerability in the High Sec ELM may allow a sophisticated attacker with physical access, to compromise internal device communications. This issue affects Command Centre Server: 9.30 prior to vCR9.30.251028a distributed in...

5.7CVSS6.6AI score0.0013EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/19 4:16 a.m.3 views

CVE-2025-64734

Missing Release of Resource after Effective Lifetime CWE-772 in the T21 Reader allows an attacker with physical access to the Reader to perform a denial-of-service attack against that specific reader, preventing cardholders from badging for entry. This issue affects Command Centre Server: 9.30...

2.4CVSS6.5AI score0.00144EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/18 6:30 a.m.6 views

EUVD-2025-197914

Observable Timing Discrepancy CWE-208 in HBUS devices may allow an attacker with physical access to the device to extract device-specific keys, potentially compromising further site security. This issue affects Command Centre Server: 9.30 prior to vCR9.30.251028a distributed in 9.30.2881 MR3, 9.2...

5.7CVSS6.1AI score0.0013EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/18 6:30 a.m.3 views

EUVD-2025-197913

Incorrect Usage of Seeds in Pseudo-Random Number Generator CWE- 335 vulnerability in the High Sec ELM may allow a sophisticated attacker with physical access, to compromise internal device communications. This issue affects Command Centre Server: 9.30 prior to vCR9.30.251028a distributed in...

5.7CVSS6.1AI score0.0013EPSS
Exploits0References2
Rows per page
Query Builder