CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

66 matches found

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.5.12 contained security vulnerabilities. These vulnerabilities stemmed from a permission escalation flaw in Slack plugin approval processes, allowing authorized users with exec...

4.3CVSS5.8AI score0.00023EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: exec: Do not issue warnings for the racy pathnoexec check Both the imode and noexec checks, wrapped within WARNON, originate from an artifact of the previous implementation. They were originally used to properly check the...

4.7CVSS6.6AI score0.00011EPSS

Exploits0References2

Github Security Blog•added 2026/03/31 11:44 p.m.•5 views

File Browser's Signup Grants Execution Permissions When Default Permissions Includes Execution

Summary The signupHandler in File Browser applies default user permissions via d.settings.Defaults.Applyuser, then strips only Admin commit a63573b. The Execute permission and Commands list from the default user template are not stripped. When an administrator has enabled signup, server-side...

9.8CVSS6.7AI score0.00085EPSS

Exploits1References4Affected Software1

RedhatCVE•added 2026/01/09 10:55 a.m.•3 views

CVE-2022-23448

A vulnerability has been identified in SIMATIC Energy Manager Basic All versions V7.3 Update 1, SIMATIC Energy Manager PRO All versions V7.3 Update 1. Affected applications improperly assign permissions to critical directories and files used by the application processes. This could allow a local...

7.8CVSS7.2AI score0.00027EPSS

Exploits0References1

Snyk•added 2025/11/06 3:12 p.m.•2 views

Incorrect Execution-Assigned Permissions

Overview Affected versions of this package are vulnerable to Incorrect Execution-Assigned Permissions when initialising host directories with 711 and 755 permissions instead of 700. An attacker can gain unauthorized access to sensitive data and potentially escalate privileges by accessing...

8.5CVSS6.5AI score0.00005EPSS

Exploits1References2

Snyk•added 2025/11/06 3:12 p.m.•2 views

Incorrect Execution-Assigned Permissions

8.5CVSS6.9AI score0.00005EPSS

Exploits1References2

Snyk•added 2025/11/06 3:12 p.m.•2 views

Incorrect Execution-Assigned Permissions

8.5CVSS6.9AI score0.00005EPSS

Exploits1References2

Snyk•added 2025/11/06 3:12 p.m.•2 views

Incorrect Execution-Assigned Permissions

8.5CVSS6.5AI score0.00005EPSS

Exploits1References2

EUVD•added 2025/10/10 12:30 p.m.•1 views

EUVD-2025-33706

Apache StreamPark contains an Incorrect Execution-Assigned Permissions vulnerability...

7.3CVSS6.4AI score0.00272EPSS

Exploits0References3

Github Security Blog•added 2025/10/10 12:30 p.m.•4 views

Apache StreamPark contains an Incorrect Execution-Assigned Permissions vulnerability

Incorrect Execution-Assigned Permissions vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1.4 before 2.1.6. Users are recommended to upgrade to version 2.1.6, which fixes the issue. Version 2.1.6 has yet to be published in the Maven registry...

7.3CVSS7AI score0.00272EPSS

Exploits0References4Affected Software1

Snyk•added 2025/10/10 10:43 a.m.•1 views

Incorrect Execution-Assigned Permissions

Overview Affected versions of this package are vulnerable to Incorrect Execution-Assigned Permissions via the process responsible for executing system commands. An attacker can execute arbitrary commands on the server by sending crafted requests after authentication. Remediation A fix was pushed...

7.3CVSS7.6AI score0.00272EPSS

Exploits0References2