Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2025/01/09 1:21 a.m.20 views

Security Bulletin: IBM OpenPages vulnerable to exposure of sensitive information through improper authorization controls on APIs. (CVE-2024-43176)

Summary A vulnerability caused by improper authorization checks could allow an authenticated user to obtain sensitive information such as configurations that should only be available to privileged users. Vulnerability Details CVEID:CVE-2024-43176 DESCRIPTION: IBM OpenPages could allow an...

5.4CVSS5.7AI score0.00109EPSS
Exploits0Affected Software1
Veracode
Veracodeadded 2025/01/06 2:49 a.m.11 views

Authentication Bypass

Elasticsearch is vulnerable to Authentication Bypass. The vulnerability is due to improper implementation of authorization controls, allowing a malicious actor to circumvent Document Level Security and access restricted documents...

6.5CVSS6.6AI score0.00369EPSS
Exploits0References3Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/09/05 7:25 p.m.25 views

Security Bulletin: IBM OpenPages vulnerable to exposure of sensitive information through improper authorization controls on APIs. (CVE-2024-35151)

Summary A vulnerability caused by improper authorization checks could allow authenticated users access to sensitive information through APIs. Vulnerability Details CVEID:CVE-2024-35151 DESCRIPTION: IBM OpenPages with Watson could allow authenticated users access to sensitive information through...

6.5CVSS6.4AI score0.0013EPSS
Exploits0Affected Software1
NVD
NVDadded 2024/08/22 11:15 a.m.10 views

CVE-2024-35151

IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive information through improper authorization controls on APIs...

6.5CVSS0.0013EPSS
Exploits0References2
NVD
NVDadded 2022/11/22 1:15 a.m.12 views

CVE-2022-41326

The web conferencing component of Mitel MiCollab through 9.6.0.13 could allow an unauthenticated attacker to upload arbitrary scripts due to improper authorization controls. A successful exploit could allow remote code execution within the context of the application...

9.8CVSS0.02214EPSS
Exploits0References2
NVD
NVDadded 2022/10/25 6:15 p.m.13 views

CVE-2022-36453

A vulnerability in the MiCollab Client API of Mitel MiCollab 9.1.3 through 9.5.0.101 could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated attacker to control another extension number...

8.8CVSS0.0041EPSS
Exploits0References2
NVD
NVDadded 2022/10/25 6:15 p.m.7 views

CVE-2022-36454

A vulnerability in the MiCollab Client API of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated attacker to impersonate another user's name...

6.5CVSS0.00218EPSS
Exploits0References2
Rows per page
Query Builder