Lucene search
K

11 matches found

CVE
CVE
added 2026/06/17 3:29 p.m.23 views

CVE-2026-32652

Dell AIOps Collector pre-1.18.3 is vulnerable to a Use of Default Credentials flaw. A low-privilege attacker with console access could gain filesystem access on fresh installations not upgraded to 1.18.3+. Upgraded installations (1.18.3+) are not affected. Remediate by upgrading to 1.18.3 or later.

7.8CVSS5.5AI score0.00098EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.16 views

PT-2026-50462

Name of the Vulnerable Software and Affected Versions Dell AIOps Collector versions prior to 1.18.3 Description Fresh installations of the software contain an issue where default credentials are used. A low privileged attacker with console access could potentially exploit this to gain filesystem...

7.8CVSS5.9AI score0.00098EPSS
Exploits0References6
NVD
NVD
added 2026/06/04 3:16 p.m.11 views

CVE-2026-41065

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 are vulnerable to remote code execution via the newsletter custom template directory feature. On a fresh install before the setup wizard is completed, all management endpoints are completely...

9.3CVSS0.00434EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/04 2:17 p.m.11 views

EUVD-2026-34273

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 are vulnerable to remote code execution via the newsletter custom template directory feature. On a fresh install before the setup wizard is completed, all management endpoints are completely...

9.3CVSS6.5AI score0.00434EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/30 1:22 p.m.15 views

CVE-2025-11587

The Call Now Button – The 1 Click to Call Button for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the activate function in all versions up to, and including, 1.5.3. This makes it possible for authenticated attackers, with...

4.3CVSS5AI score0.00214EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/29 3:31 p.m.5 views

EUVD-2025-36639

The Call Now Button – The 1 Click to Call Button for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the activate function in all versions up to, and including, 1.5.3. This makes it possible for authenticated attackers, with...

4.3CVSS4.6AI score0.00214EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/29 12:31 p.m.10 views

CVE-2025-11587 Call Now Button <= 1.5.3 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Settings Update

The Call Now Button – The 1 Click to Call Button for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the activate function in all versions up to, and including, 1.5.3. This makes it possible for authenticated attackers, with...

4.3CVSS0.00214EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/05/11 2:38 a.m.3 views

SUSE CVE-2024-4317

Missing authorization in PostgreSQL built-in views pgstatsext and pgstatsextexprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwi...

6.2CVSS9.2AI score0.00722EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.4 views

SUSE CVE-2013-4451

gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via vectors involving world-writable permissions when creating 1 /.gitolite.rc, 2 /.gitolite, or 3 /repositories/gitolite-admin.git on fresh installs...

9.8CVSS9.8AI score0.03079EPSS
Exploits0References3
Prion
Prion
added 2018/09/21 5:29 p.m.9 views

Information disclosure

gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via vectors involving world-writable permissions when creating 1 /.gitolite.rc, 2 /.gitolite, or 3 /repositories/gitolite-admin.git on fresh installs...

7.5CVSS7.5AI score0.03079EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2018/09/21 5:0 p.m.21 views

CVE-2013-4451

gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via vectors involving world-writable permissions when creating 1 /.gitolite.rc, 2 /.gitolite, or 3 /repositories/gitolite-admin.git on fresh installs...

9.8CVSS9.8AI score0.03079EPSS
Exploits0
Rows per page
Query Builder