Lucene search
K

5 matches found

Nuclei
Nuclei
added yesterday40 views

Kubernetes Dashboard <1.10.1 - Authentication Bypass

Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster. id: CVE-2018-18264 info: name: Kubernetes Dashboard 1.10.1 - Authentication Bypass author: edoardottt severity: high description: | Kubernetes...

7.5CVSS7AI score0.70372EPSS
Exploits1References5
CVE
CVE
added 5 days ago11 views

CVE-2026-12593

The CVE concerns Axivion Dashboard’s OIDC/OAuth2/SSO subsystem. An internal, undocumented API endpoint (POST /api/users/~/{user}/tokens) did not enforce sufficient permissions when creating an API token for another user. Preconditions include an internal user with higher privileges, knowledge of ...

8.7CVSS6.4AI score0.00281EPSS
Exploits0References1
OSV
OSV
added 2026/05/01 12:30 p.m.7 views

GHSA-MQ9Q-25HM-G4GP AstrBot Makes Use of Hard-coded Password

A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0. This issue affects some unknown processing of the file astrbot/dashboard/routes/auth.py of the component Dashboard. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The...

7.3CVSS6.6AI score0.00288EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/05/01 12:30 p.m.11 views

AstrBot Makes Use of Hard-coded Password

A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0. This issue affects some unknown processing of the file astrbot/dashboard/routes/auth.py of the component Dashboard. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The...

7.5CVSS6.6AI score0.00288EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2024/12/22 12:0 a.m.20 views

CVE-2024-56312

A stored cross-site scripting XSS vulnerability in the Project Dashboard name of REDCap through 14.9.6 allows authenticated users to inject malicious scripts into the name field of a Project Dashboard. When a user clicks on the project Dashboard name, the crafted payload is executed, potentially...

0.00386EPSS
Exploits1References2
Rows per page
Query Builder