Lucene search
+L

389 matches found

redhatcve
redhatcve
added 2025/09/11 1:23 p.m.13 views

CVE-2025-9364

An open database issue exists in the affected product and version. The security issue stems from an over permissive Redis instance. This could result in an attacker on the intranet accessing sensitive data and potential alteration of data...

8.8CVSS6.6AI score0.00269EPSS
Exploits0References1
osv
osv
added 2025/09/09 1:15 p.m.4 views

CVE-2025-9364

An open database issue exists in the affected product and version. The security issue stems from an over permissive Redis instance. This could result in an attacker on the intranet accessing sensitive data and potential alteration of data...

8.8CVSS5.8AI score
Exploits0References1
nvd
nvd
added 2025/09/09 1:15 p.m.6 views

CVE-2025-9364

An open database issue exists in the affected product and version. The security issue stems from an over permissive Redis instance. This could result in an attacker on the intranet accessing sensitive data and potential alteration of data...

8.8CVSS0.00269EPSS
Exploits0References1
cve
cve
added 2025/09/09 12:41 p.m.37 views

CVE-2025-9364

CVE-2025-9364 describes an open Redis database issue in Rockwell Automation’s FactoryTalk Analytics LogixAI, caused by an overly permissive Redis instance. The vulnerability could allow an attacker on the intranet to access and potentially alter sensitive data. The entry lists high impact (CVSS v...

8.8CVSS6.1AI score0.00269EPSS
Exploits0References1Affected Software1
ics
ics
added 2025/09/09 12:0 a.m.6 views

Siemens SIMATIC Virtualization as a Service (SIVaaS)

SUMMARY SIMATIC Virtualization as a Service SIVaaS is affected by a vulnerability which exposes a network share without any authentication. This could allow an attacker to access or alter sensitive data without proper authorization. Siemens recommends to contact technical support to fix the...

9.3CVSS6.7AI score0.00384EPSS
Exploits0References10
snyk
snyk
added 2025/07/13 9:44 p.m.3 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the heap process. An attacker can execute arbitrary code, cause a denial of service, or alter data by providing crafted input to the affected binary tools after gaining local access. Remediation A fix was...

7.8CVSS7.3AI score0.00254EPSS
Exploits0References3
redhatcve
redhatcve
added 2025/05/23 10:13 a.m.10 views

CVE-2024-40603

An issue was discovered in the ArticleRatings extension for MediaWiki through 1.42.1. Special:ChangeRating allows CSRF to alter data via a GET request...

4.3CVSS6.8AI score0.002EPSS
Exploits0
redhatcve
redhatcve
added 2025/05/23 7:16 a.m.11 views

CVE-2024-36451

Improper handling of insufficient permissions or privileges vulnerability exists in ajaxterm module of Webmin prior to 2.003. If this vulnerability is exploited, a console session may be hijacked by an unauthorized user. As a result, data within a system may be referred, a webpage may be altered,...

8.8CVSS6.8AI score0.00569EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 3:37 a.m.7 views

CVE-2023-28713

Plaintext storage of a password exists in CONPROSYS HMI System CHS versions prior to 3.5.3. Because account information of the database is saved in a local file in plaintext, a user who can access the PC where the affected product is installed can obtain the information. As a result, information ...

8.1CVSS6.5AI score0.00431EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 3:31 a.m.9 views

CVE-2023-27304

Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker to alter the data of Message and/or Bulletin...

4.3CVSS6.6AI score0.00517EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 1:9 a.m.11 views

CVE-2022-24351

TOCTOU race-condition vulnerability in Insyde InsydeH2O with Kernel 5.2 before version 05.27.29, Kernel 5.3 before version 05.36.29, Kernel 5.4 version before 05.44.13, and Kernel 5.5 before version 05.52.13 allows an attacker to alter data and code used by the remainder of the boot process...

4.7CVSS7AI score0.00143EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 12:9 a.m.6 views

CVE-2022-26051

Operation restriction bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Portal...

4.3CVSS6.6AI score0.00718EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 12:9 a.m.4 views

CVE-2022-26054

Operation restriction bypass vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Link...

4.3CVSS6.6AI score0.00718EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 12:8 a.m.7 views

CVE-2022-25775

Prior to the patched version, logged in users of Mautic are vulnerable to an SQL injection vulnerability in the Reports bundle. The user could retrieve and alter data like sensitive data, login, and depending on database permission the attacker can manipulate file systems...

7.2CVSS7.5AI score0.00593EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 10:58 p.m.8 views

CVE-2022-32583

Operation restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to alter the data of Scheduler via unspecified vectors...

4.3CVSS6.6AI score0.00671EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 10:57 p.m.7 views

CVE-2022-32453

HTTP header injection vulnerability in Cybozu Office 10.0.0 to 10.8.5 may allow a remote attacker to obtain and/or alter the data of the product via unspecified vectors...

6.5CVSS7.2AI score0.00601EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 10:56 p.m.5 views

CVE-2022-32544

Operation restriction bypass vulnerability in Project of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to alter the data of Project via unspecified vectors...

4.3CVSS6.6AI score0.00671EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 10:42 p.m.7 views

CVE-2022-28692

Improper input validation vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Scheduler...

4.3CVSS6.5AI score0.00685EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 10:34 p.m.7 views

CVE-2022-26368

Browse restriction bypass and operation restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter and/or obtain the data of Cabinet...

5.5CVSS6.6AI score0.00669EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 8:58 p.m.5 views

CVE-2021-20760

Improper input validation vulnerability in User Profile of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of User Profile without the appropriate privilege...

4.3CVSS6.8AI score0.0078EPSS
Exploits0References1
Rows per page
Query Builder