Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2026/05/28 7:37 p.m.7 views

CVE-2026-33463 Operation on a Resource after Expiration or Termination in Kibana Leading to Unauthorized File Access

Operation on a Resource after Expiration or Termination CWE-672 in Kibana can lead to unauthorized information disclosure. A logic error in how expiration timestamps were validated allowed a time-bounded access token to remain usable beyond its intended validity window, enabling an unauthenticate...

5.3CVSS5.8AI score0.00238EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/15 9:32 p.m.6 views

Operation on a Resource after Expiration or Release

Overview Affected versions of this package are vulnerable to Operation on a Resource after Expiration or Release due to the failure to enforce the PostEditTimeLimit in the post patch and update API endpoints. An attacker can alter file attachments, properties, and pin status of posts after the...

4.3CVSS5.8AI score0.00165EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/31 8:27 p.m.21 views

EUVD-2026-17636

PdfDing is a selfhosted PDF manager, viewer and editor offering a seamless user experience on multiple devices. Prior to version 1.7.1, checksharedaccessallowed validates only session existence — it does not check SharedPdf.inactive expiration / max views or SharedPdf.deleted. The Serve and...

6.5CVSS5.8AI score0.00295EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/02/05 6:16 p.m.9 views

CVE-2025-68121

During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the...

10CVSS6.8AI score0.00765EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.9 views

Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2026-1374)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1374 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processe...

10CVSS7.8AI score0.01945EPSS
Exploits2References10
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/22 3:24 p.m.36 views

Security Bulletin: Due to the use of IBM WebSphere Liberty, IBM CICS TX Standard is vulnerable to weaker than expected security due to improper resource expiration handling (CVE-2023-46158).

Summary IBM WebSphere Liberty is used by IBM CICS TX Standard to provide a web based administration console CVE-2023-46158. Vulnerability Details CVEID:CVE-2023-46158 DESCRIPTION: IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 could provide weaker than expected security due t...

9.8CVSS6.8AI score0.00456EPSS
Exploits0Affected Software1
Rows per page
Query Builder