CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2026/01/26 3:10 p.m.•4 views

CVE-2025-70986

Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily access sensitive department data...

7.5CVSS5.9AI score0.00023EPSS

Exploits1References1

NVD•added 2026/01/23 7:15 p.m.•7 views

CVE-2025-70986

Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily access sensitive department data...

7.5CVSS0.00023EPSS

Exploits1References4

OSV•added 2026/01/23 7:15 p.m.•1 views

CVE-2025-70986

Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily access sensitive department data...

7.5CVSS5.9AI score

Exploits0References4

ATTACKERKB•added 2026/01/23 12:0 a.m.•2 views

CVE-2025-70986

Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily access sensitive department data...

7.5CVSS5.9AI score0.00023EPSS

Exploits1References5

Cvelist•added 2026/01/23 12:0 a.m.•27 views

CVE-2025-70986

Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily access sensitive department data...

0.00023EPSS

Exploits1References4

Vulnrichment•added 2026/01/23 12:0 a.m.•4 views

CVE-2025-70986

Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily access sensitive department data...

5.4AI score0.00023EPSS

Exploits1References4

CVE•added 2026/01/23 12:0 a.m.•7 views

CVE-2025-70986

CVE-2025-70986 affects RuoYi v4.8.2, in the selectDept function where improper access control allows unauthorized users to arbitrarily read sensitive department data. The vulnerability is rated CVSS v3.1 base score 7.5 (HIGH), with NETWORK attack vector, LOW complexity, no privileges required, an...

7.5CVSS5.4AI score0.00023EPSS

Exploits1References4Affected Software1

CNNVD•added 2026/01/23 12:0 a.m.•3 views

Ruoyi security vulnerabilities

Ruoyi is a backend management system developed by Ruoyi’s individual developer. The Ruoyi v4.8.2 version has a security vulnerability, which stems from improper access control in the selectDept function. This vulnerability could allow unauthorized attackers to access sensitive departmental data a...

7.5CVSS5.8AI score0.00023EPSS

Exploits1References5

Positive Technologies•added 2026/01/23 12:0 a.m.•3 views

PT-2026-4524

Name of the Vulnerable Software and Affected Versions RuoYi version 4.8.2 Description A flaw exists in the access control mechanism of the selectDept function. This allows unauthorized access to sensitive department data. Recommendations Update to a newer version that contains a fix for this...

7.5CVSS5.3AI score0.00023EPSS

Exploits1References7

Packet Storm•added 2025/05/06 12:0 a.m.•77 views

📄 Grokability Snipe-IT 8.0.4 Insecure Direct Object Reference

Grokability Snipe-IT versions 8.0.4 and below suffer from an insecure direct object reference vulnerability. Exploit Title: Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference IDOR Google Dork: N/A Date: 2025-05-02 Exploit Author: Sn1p3r-H4ck3r Siripong Jintung Vendor Homepage:...

5CVSS6.3AI score0.01048EPSS

Exploits4

ATTACKERKB•added 2022/08/15 11:21 a.m.•1 views

CVE-2022-2379

The Easy Student Results WordPress plugin through 2.2.8 lacks authorisation in its REST API, allowing unauthenticated users to retrieve information related to the courses, exams, departments as well as student's grades and PII such as email address, physical address, phone number etc...

7.5CVSS5.9AI score0.36543EPSS

Exploits2References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by