Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/06/15 10:4 a.m.32 views

CVE-2026-34028 Unauthenticated direct access to web data in Wertheim SafeController Software exposes files

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, exposes web-accessible file paths that are not protected by an authorization scheme. An unauthenticated attacker can directly access HTTP endpoints to download files from locations such as /Resources/CompanyIdID/Audio/ and...

6.9CVSS0.00397EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.5 views

Apache Answer 信息泄露漏洞

Apache Answer is a community platform of the Apache Foundation in the United States. Versions of Apache Answer 2.0.0 and earlier had an information leakage vulnerability. This vulnerability stemmed from the lack of access restrictions on direct API endpoints, which allowed authenticated users to...

6.5CVSS5.3AI score0.00325EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/06 9:10 p.m.2 views

CVE-2026-30231 Flare: Private File IDOR via raw/direct endpoints

Flare is a Next.js-based, self-hostable file sharing platform that integrates with screenshot tools. Prior to version 1.7.2, the raw and direct file routes only block unauthenticated users from accessing private files. Any authenticated, non‑owner user who knows the file URL can retrieve the...

6CVSS5.7AI score0.00283EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/06 9:10 p.m.17 views

CVE-2026-30231 Flare: Private File IDOR via raw/direct endpoints

Flare is a Next.js-based, self-hostable file sharing platform that integrates with screenshot tools. Prior to version 1.7.2, the raw and direct file routes only block unauthenticated users from accessing private files. Any authenticated, non‑owner user who knows the file URL can retrieve the...

6CVSS0.00283EPSS
Exploits1References1
Rows per page
Query Builder