Lucene search
+L

11 matches found

snyk
snyk
added 2025/12/12 4:44 p.m.3 views

Incorrect Permission Assignment for Critical Resource

Overview xmo/mine-core is a mineadmin core package Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource due to login to the superAdmin account by using the default credentials. An attacker can execute arbitrary commands and gain full account...

9.8CVSS7.6AI score0.0043EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-42908

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00337EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 4:10 a.m.6 views

CVE-2023-39173

In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access...

8.8CVSS7AI score0.00337EPSS
Exploits0
nessus
nessus
added 2023/09/29 12:0 a.m.24 views

TeamCity Server < 2023.05.2 Multiple Vulnerabilities

According to its its self-reported version number, the version of JetBrains TeamCity running on the remote host is a version prior to 2023.05.2. It is, therefore, affected by multiple vulnerabilities: - In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain...

8.8CVSS6.8AI score0.01417EPSS
Exploits0References4
cnvd
cnvd
added 2023/07/30 12:0 a.m.27 views

JetBrains TeamCity elevation of privilege vulnerability (CNVD-2023-62626)

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A privilege vulnerability exists in JetBrains...

8.8CVSS7.3AI score0.00337EPSS
Exploits0References1
osv
osv
added 2023/07/25 3:15 p.m.4 views

CVE-2023-39173

In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access...

8.8CVSS5.8AI score0.00337EPSS
Exploits0References1
nvd
nvd
added 2023/07/25 3:15 p.m.27 views

CVE-2023-39173

In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access...

8.8CVSS7.1AI score0.00337EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2023/06/25 12:0 a.m.4 views

The vulnerability of the Grafana data visualization web tool, related to bypassing authentication through spoofing, allows attackers to gain full access to the user account.

The vulnerability of the Grafana data visualization web tool is related to the ability to bypass authentication through spoofing. Exploiting this vulnerability can allow a malicious actor to gain full access to the user account...

9.7CVSS7.8AI score0.04094EPSS
Exploits0References5Affected Software3
bdu_fstec
bdu_fstec
added 2022/07/29 12:0 a.m.6 views

The vulnerability of the Samba network file system, related to errors during authentication procedures, allows a perpetrator to change the password of an arbitrary user and gain full access to that user’s account.

The vulnerability of the Samba network file system is related to errors during authentication procedures. Exploiting this vulnerability allows a malicious actor, operating remotely, to alter the password of an arbitrary user and gain full access to the account...

9CVSS6.6AI score0.00956EPSS
Exploits0References15Affected Software9
cnvd
cnvd
added 2019/11/22 12:0 a.m.5 views

Zulip server authorization issue vulnerability

Zulip server is an open source team chat application from the American company Zulip. An authorization issue vulnerability exists in the new user registration process in Zulip server version 1.7.0 and later versions, which can be exploited by an attacker to gain full access to a user's account...

9.8CVSS7AI score0.01352EPSS
Exploits0References1
osv
osv
added 2019/01/16 10:29 p.m.5 views

CVE-2018-18814

The TIBCO Spotfire authentication component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains a vulnerability in the handling of the authentication that theoretically may allow an attacker to gain full access to a target account,...

9.8CVSS5.7AI score0.03097EPSS
Exploits0References3
Rows per page
Query Builder