Lucene search
K

19181 matches found

OSV
OSV
added 2025/11/04 10:7 p.m.4 views

CVE-2025-62721 LinkAce: Authorization Bypass Allows Unauthorized Access to All Private Links, Lists, and Tags

LinkAce is a self-hosted archive to collect website links. In versions 2.3.1 and below, authenticated RSS feed endpoints in the FeedController class fail to implement proper authorization checks, allowing any authenticated user to access all links, lists, and tags from all users in the system,...

7.1CVSS6.6AI score0.00327EPSS
Exploits1References5
CVE
CVE
added 2025/11/04 10:3 p.m.10 views

CVE-2025-62720

CVE-2025-62720 affects the LinkAce self-hosted archive. The vulnerability lies in the ExportController HTML/CSV export paths, which retrieve all links without applying ownership or visibility filtering, enabling any authenticated user to exfiltrate private links from all users. Affected versions ...

7.1CVSS6AI score0.0033EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/04 9:8 a.m.8 views

CVE-2025-12623

A vulnerability was identified in fushengqian fuint up to 41e26be8a2c609413a0feaa69bdad33a71ae8032. Affected by this issue is some unknown functionality of the file fuint-application/src/main/java/com/fuint/module/clientApi/controller/ClientSignController.java of the component Authentication Toke...

3.1CVSS4.1AI score0.00314EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/04 3:19 a.m.33 views

CVE-2025-47370 Reachable Assertion in BT Controller

Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan...

6.5CVSS0.00106EPSS
Exploits0References1
CVE
CVE
added 2025/11/04 3:19 a.m.17 views

CVE-2025-47370

Technical details, affected product/versions, root cause, and fixes for CVE-2025-47370 are not publicly provided in the supplied documents. Monitor for updates from vendors/security bulletins.

6.5CVSS6.6AI score0.00106EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/11/04 12:0 a.m.4 views

LinkAce 访问控制错误漏洞

LinkAce is a self-hosted archive of links to your favorite websites by Kevin Woblick Individual Developer. An Access Control Error vulnerability exists in LinkAce 2.3.1 and prior versions, which stems from the HTML and CSV export functionality in the ExportController class not applying ownership ...

7.1CVSS6.5AI score0.0033EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.6 views

PT-2025-44933

Name of the Vulnerable Software and Affected Versions Bluetooth affected versions not specified Description A temporary denial-of-service condition can occur when a remote device sends an invalid connection request during a Bluetooth Low Energy LE connectable scan. This issue is related to an...

6.5CVSS6.5AI score0.00106EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.6 views

PT-2025-44971

Name of the Vulnerable Software and Affected Versions Linksys Wireless Network Controller Driver affected versions not specified Description The wlan AP driver contains a potential out-of-bounds write issue stemming from an incorrect bounds check. Successful exploitation could allow a malicious...

5.3CVSS6.5AI score0.00103EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.4 views

PT-2025-49093

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where an invalid memory access can occur in the cros ec keyb process function when receiving an EC MKBP EVENT KEY MATRIX event. This happens if cros ec...

4.6CVSS6.3AI score0.00161EPSS
Exploits0
EUVD
EUVD
added 2025/11/03 8:2 a.m.7 views

EUVD-2025-37478

A vulnerability was identified in fushengqian fuint up to 41e26be8a2c609413a0feaa69bdad33a71ae8032. Affected by this issue is some unknown functionality of the file fuint-application/src/main/java/com/fuint/module/clientApi/controller/ClientSignController.java of the component Authentication Toke...

3.1CVSS6.2AI score0.00314EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/11/03 8:2 a.m.12 views

CVE-2025-12623 fushengqian fuint Authentication Token ClientSignController.java authorization

A vulnerability was identified in fushengqian fuint up to 41e26be8a2c609413a0feaa69bdad33a71ae8032. Affected by this issue is some unknown functionality of the file fuint-application/src/main/java/com/fuint/module/clientApi/controller/ClientSignController.java of the component Authentication Toke...

3.1CVSS0.00314EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/03 12:0 a.m.3 views

fuint 安全漏洞

fuint is an all-in-one system for store cashier, online loyalty center, and marketing by zach personal developer. A security vulnerability exists in fuint, which originates from a flaw in the authentication token processing component in file...

3.1CVSS4.4AI score0.00314EPSS
Exploits0References4
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.5 views

CVE-2025-61724 vulnerabilities

Vulnerabilities for packages: mesosphere-vsphere-csi, container-object-storage-interface, etcd, go-licenses, ini-file, skaffold, sops, node-problem-detector, nova, azurefile-csi, gops, terraform, pvc-autoresizer, spire-controller-manager, cloud-provider-gcp-cloud-controller-manager, speedtest-go,...

5.3CVSS6.6AI score0.00526EPSS
Exploits0
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.13 views

CVE-2025-61723 vulnerabilities

Vulnerabilities for packages: mesosphere-vsphere-csi, container-object-storage-interface, etcd, go-licenses, ini-file, skaffold, sops, node-problem-detector, nova, azurefile-csi, gops, terraform, pvc-autoresizer, spire-controller-manager, cloud-provider-gcp-cloud-controller-manager, speedtest-go,...

7.5CVSS7.1AI score0.00626EPSS
Exploits0
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.8 views

CVE-2025-58187 vulnerabilities

Vulnerabilities for packages: coredns, container-object-storage-interface, etcd, terraform, gke-gcloud-auth-plugin, ko, falco-no-driver, elvish, kuberlr, prometheus-blackbox-exporter, cloud-provider-azure, cosign, velero, protoc-gen-go-grpc, wgcf, ipfs-cluster, direnv, harbor, pulumi-language-jav...

7.5CVSS6.7AI score0.00384EPSS
Exploits0
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.6 views

GHSA-9GCR-GP5F-JW27 vulnerabilities

Vulnerabilities for packages: mesosphere-vsphere-csi, container-object-storage-interface, etcd, go-licenses, ini-file, skaffold, sops, node-problem-detector, nova, azurefile-csi, gops, terraform, pvc-autoresizer, spire-controller-manager, cloud-provider-gcp-cloud-controller-manager, speedtest-go,...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.6 views

GHSA-HJX7-FPXX-MJ48 vulnerabilities

Vulnerabilities for packages: mesosphere-vsphere-csi, container-object-storage-interface, etcd, go-licenses, ini-file, skaffold, sops, node-problem-detector, nova, azurefile-csi, gops, terraform, pvc-autoresizer, spire-controller-manager, cloud-provider-gcp-cloud-controller-manager, speedtest-go,...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.6 views

GHSA-WCW9-47FP-RRFR vulnerabilities

Vulnerabilities for packages: mesosphere-vsphere-csi, container-object-storage-interface, etcd, go-licenses, ini-file, skaffold, sops, node-problem-detector, nova, azurefile-csi, gops, terraform, pvc-autoresizer, spire-controller-manager, cloud-provider-gcp-cloud-controller-manager, speedtest-go,...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.7 views

GHSA-RJCG-56PH-3QVG vulnerabilities

Vulnerabilities for packages: mesosphere-vsphere-csi, container-object-storage-interface, etcd, go-licenses, ini-file, skaffold, sops, node-problem-detector, nova, azurefile-csi, gops, terraform, pvc-autoresizer, spire-controller-manager, cloud-provider-gcp-cloud-controller-manager, speedtest-go,...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2025/11/02 2:17 p.m.6 views

GHSA-QH38-484V-W52X vulnerabilities

Vulnerabilities for packages: container-object-storage-interface, etcd, go-licenses, ini-file, skaffold, sops, node-problem-detector, nova, azurefile-csi, gops, terraform, pvc-autoresizer, spire-controller-manager, cloud-provider-gcp-cloud-controller-manager, speedtest-go, gke-gcloud-auth-plugin,...

5.8AI score
Exploits0
Rows per page
Query Builder