Lucene search
K

27 matches found

Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.5 views

PT-2026-33919

The Responsive Blocks – Page Builder for Blocks & Patterns plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.2.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticat...

4.3CVSS5.7AI score0.0023EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2013-5311

Malware in sbrugna...

6.8CVSS6.4AI score0.00984EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2025/08/26 1:11 p.m.2 views

CVE-2025-8424

Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access to the appliance NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access...

8.7CVSS6AI score0.02723EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2025/05/02 6:18 a.m.7 views

BIT-MOODLE-2024-43435 Moodle: can create global glossary without being admin

A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary...

5.3CVSS5.4AI score0.00336EPSS
Exploits0References3
OSV
OSV
added 2024/11/11 3:31 p.m.8 views

GHSA-4GQ2-X5W4-7HP8 Moodle has insufficient capability checks

A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary...

6.9CVSS5.4AI score0.00336EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/11/11 3:31 p.m.15 views

Moodle has insufficient capability checks

A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary...

5.3CVSS6.5AI score0.00336EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/11/11 1:15 p.m.3 views

UBUNTU-CVE-2024-43435

A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary...

5.3CVSS5.6AI score0.00336EPSS
Exploits0References4
Snyk
Snyk
added 2024/11/11 12:47 p.m.1 views

Improper Privilege Management

Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Improper Privilege Management due to insufficient capability checks in the process of restoring glossaries which allows an attacker to restore glossaries in courses into the global site glossary...

6.9CVSS6.7AI score0.00336EPSS
Exploits0References2
NVD
NVD
added 2024/01/18 7:15 p.m.38 views

CVE-2024-22212

Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server. A problem in the password verification method allows an attacker to authenticate as another user. It is recommended that the Nextcloud Global Site Selector i...

9.8CVSS9.5AI score0.00755EPSS
Exploits0References3
Prion
Prion
added 2024/01/18 7:15 p.m.21 views

Design/Logic Flaw

Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server. A problem in the password verification method allows an attacker to authenticate as another user. It is recommended that the Nextcloud Global Site Selector i...

7.5CVSS7.2AI score0.00755EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2024/01/18 7:4 p.m.120 views

CVE-2024-22212

CVE-2024-22212 concerns the Nextcloud Global Site Selector, where a flaw in the password verification method allows an attacker to authenticate as another user. Affected versions require upgrades to 1.4.1, 2.1.2, 2.3.4, or 2.4.5; no public workarounds are noted in the provided documents. There ar...

9.8CVSS9.4AI score0.00755EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/01/18 7:4 p.m.40 views

CVE-2024-22212 Nextcloud global site selector authentication bypass

Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server. A problem in the password verification method allows an attacker to authenticate as another user. It is recommended that the Nextcloud Global Site Selector i...

9.6CVSS9.8AI score0.00755EPSS
Exploits0References3
OSV
OSV
added 2024/01/18 7:4 p.m.32 views

CVE-2024-22212 Nextcloud global site selector authentication bypass

Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server. A problem in the password verification method allows an attacker to authenticate as another user. It is recommended that the Nextcloud Global Site Selector i...

9.6CVSS9.2AI score0.00755EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/01/18 12:0 a.m.6 views

PT-2024-19279 · Nextcloud · Nextcloud Global Site Selector

Name of the Vulnerable Software and Affected Versions: Nextcloud Global Site Selector versions prior to 1.4.1 Nextcloud Global Site Selector versions prior to 2.1.2 Nextcloud Global Site Selector versions prior to 2.3.4 Nextcloud Global Site Selector versions prior to 2.4.5 Description: The...

9.8CVSS9.4AI score0.00755EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/01/18 12:0 a.m.6 views

Nextcloud Access Control Error Vulnerability

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An access control error vulnerability exists in Nextcloud Global Site Selector, which stems from a security flaw in the password authentication method that...

9.8CVSS7AI score0.00755EPSS
Exploits0References4
Hacker One
Hacker One
added 2023/11/11 11:48 p.m.44 views

Nextcloud: Authentication bypass in Global Site Selector allows an attacker to log in as any user

Authentication bypass vulnerability in software allowed attacker to bypass authentication and log in as any user...

9.8CVSS9.6AI score0.00755EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/30 10:51 p.m.22 views

OneView updates: Dive into Report 2.0 & the new Global Site Filter

Were rolling out two new features to enhance usability in OneView, our multi-tenant platform for Managed Service Providers: Report 2.0 and the Global Site Filter. Heres what you need to know: Report 2.0: Improved Reporting in OneView Report 2.0 offers a more streamlined approach to reporting with...

7AI score
Exploits0
Prion
Prion
added 2013/09/05 3:27 a.m.10 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the web framework in Cisco Global Site Selector GSS allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuh42164...

6.8CVSS7.7AI score0.00984EPSS
Exploits0References4
Cvelist
Cvelist
added 2013/09/05 1:0 a.m.15 views

CVE-2013-5471

Cross-site request forgery CSRF vulnerability in the web framework in Cisco Global Site Selector GSS allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuh42164...

7.2AI score0.00984EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/07/18 12:0 a.m.20 views

Cisco Global Site Selector Appliances DNS Vulnerability (cisco-sa-20090107-gss)

The remote Cisco Application Control Engine Global Site Selector GSS contains a denial of service DoS issue when processing specific Domain Name System DNS requests. TRUSTED...

5CVSS5.4AI score0.01397EPSS
Exploits1References2
Rows per page
Query Builder