Lucene search
K

14 matches found

UbuntuCve
UbuntuCve
added 2026/05/20 12:0 a.m.12 views

CVE-2026-43617

Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass hostname-based deny rules by controlling the PTR record for their source IP address, allowing...

6.3CVSS5.8AI score0.00282EPSS
Exploits0References4
OSV
OSV
added 2026/04/14 1:10 p.m.15 views

JLSEC-2026-107 Deno permission escalation vulnerability via open of privileged files with missing `--deny` flag

The Deno sandbox may be unexpectedly weakened by allowing file read/write access to privileged files in various locations on Unix and Windows platforms. For example, reading /proc/self/environ may provide access equivalent to --allow-env, and writing /proc/self/mem may provide access equivalent t...

8.4CVSS5.8AI score0.00368EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/19 8:23 p.m.21 views

CVE-2026-33302 OpenEMR: zhAclCheck Ignores Explicit ACL Denies

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, the module ACL function AclMain::zhAclCheck only checks for the presence of any "allow" user or group. It never checks for explicit "deny" allowed=0. As a result,...

8.6CVSS0.00315EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/19 8:23 p.m.10 views

EUVD-2026-13221

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, the module ACL function AclMain::zhAclCheck only checks for the presence of any "allow" user or group. It never checks for explicit "deny" allowed=0. As a result,...

8.6CVSS5.8AI score0.00315EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/10/03 12:0 a.m.6 views

PT-2025-40539

Name of the Vulnerable Software and Affected Versions Claude Code versions prior to 1.0.120 Description An issue existed where Claude Code did not properly handle symlinks when enforcing permission deny rules. Specifically, if a user blocked Claude Code’s access to a file, but Claude Code had...

2.3CVSS6.6AI score0.00396EPSS
Exploits0References8
HackRead
HackRead
added 2025/08/21 5:30 p.m.4 views

Europol Denies $50K Reward for Qilin Ransomware, Calls It a Scam

Europol has confirmed that a widely reported $50,000 reward for information on the Qilin ransomware group is a…...

7.1AI score
Exploits0
HackRead
HackRead
added 2023/01/29 12:8 a.m.28 views

Yandex Source Code Online Leaked, Company Denies Hack

By Waqas The threat actor has dumped a whopping 44.7 GB worth of Yandex data, including its source code repository, on a popular hacker forum. This is a post from HackRead.com Read the original post: Yandex Source Code Online Leaked, Company Denies Hack...

0.8AI score
Exploits0
HackRead
HackRead
added 2023/01/12 12:43 p.m.16 views

Twitter Denies Any Hack Attack in 200M Account Leak Scare

By Waqas Twitter claims that “The data is likely a collection of data already publicly available online through different sources.” This is a post from HackRead.com Read the original post: Twitter Denies Any Hack Attack in 200M Account Leak Scare...

1.4AI score
Exploits0
HackRead
HackRead
added 2022/06/08 12:36 a.m.15 views

Cyber Security Giant Mandiant Denies Hacking Claims By LockBit Ransomware

By Deeba Ahmed According to a Mandiant representative, the company was aware of LockBit 2.0 claims, but there was no evidence of… This is a post from HackRead.com Read the original post: Cyber Security Giant Mandiant Denies Hacking Claims By LockBit Ransomware...

1.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2020/11/10 12:0 a.m.5 views

PT-2020-6602 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 1.10.11 Description: The issue is related to the Experimental API in Apache Airflow, which previously allowed all API requests without authentication by default. This poses security risks to users who are not...

9.8CVSS9.7AI score0.997EPSS
Exploits8References28
OSV
OSV
added 2020/01/26 5:15 a.m.3 views

CVE-2020-3139

A vulnerability in the out of band OOB management interface IP table rule programming for Cisco Application Policy Infrastructure Controller APIC could allow an unauthenticated, remote attacker to bypass configured deny entries for specific IP ports. These IP ports would be permitted to the OOB...

5.3CVSS6.1AI score0.01042EPSS
Exploits0References1
HackRead
HackRead
added 2018/01/22 4:22 p.m.28 views

Google Denies Using Google Arts & Culture App to Collect Selfie Data

By Waqas Google Arts Culture App was recently introduced and its This is a post from HackRead.com Read the original post: Google Denies Using Google Arts Culture App to Collect Selfie Data...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2016/11/24 7:34 a.m.18 views

Microsoft Shares Telemetry Data Collected from Windows 10 Users with 3rd-Party

Cyber security is a major challenge in today's world, as cyber attacks have become more automated and difficult to detect, where traditional cyber security practices and systems are no longer sufficient to protect businesses, governments, and other organizations. In past few years, Artificial...

6.6AI score
Exploits0
Cvelist
Cvelist
added 2005/08/16 4:0 a.m.21 views

CVE-2004-2317

Information leak in Mbedthis AppWeb HTTP server 1.0 through 1.1.2 allows remote attackers to obtain sensitive information via a user message that is generated when Mbedthis denies access...

6.1AI score0.01181EPSS
Exploits0References2
Rows per page
Query Builder