Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-6873

Malicious code in bioql PyPI...

7.3CVSS6.9AI score0.00525EPSS
Exploits1References3
OSV
OSV
added 2025/03/20 10:15 a.m.11 views

CVE-2024-9098

In lunary-ai/lunary before version 1.4.30, a privilege escalation vulnerability exists where admins can invite new members with billing permissions, thereby gaining unauthorized access to billing resources. This issue arises because the user creation endpoint does not restrict admins from invitin...

6.1CVSS7.3AI score0.00525EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/03/20 10:9 a.m.11 views

CVE-2024-9098 Privilege Escalation in lunary-ai/lunary

In lunary-ai/lunary before version 1.4.30, a privilege escalation vulnerability exists where admins can invite new members with billing permissions, thereby gaining unauthorized access to billing resources. This issue arises because the user creation endpoint does not restrict admins from invitin...

7.3CVSS7.3AI score0.00525EPSS
Exploits1References2
CVE
CVE
added 2025/03/20 10:9 a.m.56 views

CVE-2024-9098

CVE-2024-9098 affects lunary-ai/lunary prior to version 1.4.30. The root cause is a user-creation endpoint that allows admins to invite users with billing roles, bypassing access controls and enabling privilege escalation to billing resources. Documented impact is unauthorized access to billing r...

7.3CVSS7.3AI score0.00525EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/03/20 10:9 a.m.51 views

CVE-2024-10275

CVE-2024-10275 affects lunary-ai/lunary (v1.5.5). Multiple connected sources confirm an improper privilege management flaw where admins can grant billing permissions to existing users, enabling privilege escalation to access billing resources and bypass RBAC. Root cause: admins without direct bil...

7.3CVSS7.3AI score0.00469EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2024/02/15 11:15 p.m.12 views

CVE-2024-23674

The Online-Ausweis-Funktion eID scheme in the German National Identity card through 2024-02-15 allows authentication bypass by spoofing. A man-in-the-middle attacker can assume a victim's identify for access to government, medical, and financial resources, and can also extract personal data from...

9.6CVSS6.6AI score0.0073EPSS
Exploits0References4
CVE
CVE
added 2024/02/15 12:0 a.m.65 views

CVE-2024-23674

The CVE concerns The Online-Ausweis-Funktion eID scheme in the German National Identity Card (through 2024-02-15). A malevolent actor can perform authentication bypass via spoofing, enabling a network-based MITM to impersonate a victim for government, medical, and financial access and to extract ...

9.6CVSS6.8AI score0.0073EPSS
Exploits0References4
Hacker One
Hacker One
added 2018/02/23 3:1 p.m.25 views

Brave Software: There is vulnebility Click Here TO fix

NOTE! Thanks for submitting a report! Please fill all sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty. Summary: add summary of the vulnerability Products affected: operating system, Brave versi...

0.8AI score
Exploits0
ThreatPost
ThreatPost
added 2016/02/22 3:41 p.m.18 views

Delicate Hardware Hacks Could Unlock Shooter's iPhone

A researcher at IOActive believes the U.S. intelligence community has the capability to carry out a delicate hardware hack that could unlock the iPhone 5c at the center of the current FBiOS debate. The attack requires considerable financial resources and acumen with an intrusive attack against th...

6.7AI score
Exploits0References9
ThreatPost
ThreatPost
added 2009/09/29 3:1 p.m.10 views

SMBs, Non-Profits New Targets of Choice for Attackers

Large enterprises and consumers have been dealing with sophisticated phishing scams, online extortion plots and other assorted theft schemes for years, but now attackers are turning their attention to the huge population of small businesses and non-profits in the U.S. And they are finding a gold...

0.3AI score
Exploits0References4
Rows per page
Query Builder