Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2025/12/05 4:34 p.m.2 views

CVE-2024-9183 Time-of-check Time-of-use (TOCTOU) Race Condition in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 prior to 18.4.5, 18.5 prior to 18.5.3, and 18.6 prior to 18.6.1 that could have allowed an authenticated user to obtain credentials from higher-privileged users and perform actions in their context under specific...

7.7CVSS6.3AI score0.00213EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/04/28 12:0 a.m.1 views

PT-2022-15433 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue allows an authenticated user to view information of higher privileged users and groups due to a privilege escalation vulnerability. Recommendations: For IBM InfoSphere...

6.5CVSS6.4AI score0.0084EPSS
Exploits0References5
NVD
NVD
added 2018/06/07 12:29 p.m.23 views

CVE-2018-0322

A vulnerability in the web management interface of Cisco Prime Collaboration Provisioning PCP could allow an authenticated, remote attacker to modify sensitive data that is associated with arbitrary accounts on an affected device. The vulnerability is due to a failure to enforce access restrictio...

8.8CVSS8.7AI score0.02625EPSS
Exploits0References3
OSV
OSV
added 2018/06/07 12:29 p.m.5 views

CVE-2018-0322

A vulnerability in the web management interface of Cisco Prime Collaboration Provisioning PCP could allow an authenticated, remote attacker to modify sensitive data that is associated with arbitrary accounts on an affected device. The vulnerability is due to a failure to enforce access restrictio...

8.8CVSS6AI score0.02625EPSS
Exploits0References3
Prion
Prion
added 2017/10/16 4:29 a.m.13 views

Cross site scripting

Shopware v5.2.5 - v5.3 is vulnerable to cross site scripting in the customer and order section of the content management system backend modules. Remote attackers are able to inject malicious script code into the firstname, lastname, or order input fields to provoke persistent execution in the...

4.3CVSS6.2AI score0.04812EPSS
Exploits7References2Affected Software1
Rows per page
Query Builder