Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1083

Malicious code in bioql PyPI...

7.2CVSS6.9AI score0.00862EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 12:29 a.m.28 views

CVE-2022-48365

An issue was discovered in eZ Platform Ibexa Kernel before 1.3.26. The Company admin role gives excessive privileges...

7.2CVSS6.8AI score0.00862EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 12:17 a.m.8 views

CVE-2022-48366

An issue was discovered in eZ Platform Ibexa Kernel before 1.3.19. It allows determining account existence via a timing attack...

3.7CVSS6.7AI score0.00458EPSS
Exploits0
OSV
OSV
added 2023/03/12 6:30 a.m.15 views

GHSA-QQ2J-9PF8-G58C Company admin role gives excessive privileges in eZ Platform Ibexa

Users with the Company admin role introduced by the company account feature in v4 can assign any role to any user. This also applies to any other user that has the role / assign policy. Any subtree limitation in place does not have any effect. The role / assign policy is typically only given to...

7.2CVSS6.8AI score0.00862EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2023/03/12 6:30 a.m.35 views

Duplicate Advisory: Cross Site Scripting in eZ Platform Ibexa Kernel

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mrvj-7q4f-5p42. This link is maintained to preserve external references. Original Description Impact In file upload it is possible by certain means to upload files like .html and .js. These may contain XSS...

6.1CVSS6.1AI score0.00398EPSS
Exploits0References4Affected Software2
NVD
NVD
added 2023/03/12 5:15 a.m.46 views

CVE-2022-48365

An issue was discovered in eZ Platform Ibexa Kernel before 1.3.26. The Company admin role gives excessive privileges...

7.2CVSS7AI score0.00862EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/03/12 12:0 a.m.23 views

CVE-2022-48366

An issue was discovered in eZ Platform Ibexa Kernel before 1.3.19. It allows determining account existence via a timing attack...

4.5AI score0.00458EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/03/12 12:0 a.m.6 views

CVE-2022-48366

An issue was discovered in eZ Platform Ibexa Kernel before 1.3.19. It allows determining account existence via a timing attack...

4.1AI score0.00458EPSS
Exploits0References3
Rows per page
Query Builder