Lucene search
K

44 matches found

Vulnrichment
Vulnrichment
added 2026/05/29 6:15 p.m.13 views

CVE-2026-49374

In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters...

7.6CVSS5.8AI score0.00226EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/29 6:15 p.m.33 views

CVE-2026-49374

In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters...

7.6CVSS0.00226EPSS
Exploits0References1
CVE
CVE
added 2026/05/29 6:15 p.m.21 views

CVE-2026-49374

CVE-2026-49374 affects JetBrains TeamCity before 2026.1, where improper permission checks exposed build configuration parameters. The CVSS 3.1 base score is 7.6 (HIGH) with Network attack vector, Low attack complexity, Privileges Required: LOW, and UI none. Impact: Confidentiality HIGH, Integrity...

7.6CVSS5.8AI score0.00226EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.9 views

Mattermost Plugins 安全漏洞

Mattermost Plugins is a plugin provided by the American company Mattermost, offering powerful feature extensions and tight integration with servers and network/desktop applications. Versions 11.5, 11.1.5, 10.13.11, and 11.3.4.0 of Mattermost Plugins contain security vulnerabilities. These...

6.5CVSS5.8AI score0.00228EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.10 views

Lenovo Software Fix 安全漏洞

Lenovo Software Fix is a system repair tool developed by the Chinese company Lenovo. Lenovo Software Fix has a security vulnerability, which stems from improper permission verification. This vulnerability may allow locally authenticated users to execute arbitrary code with elevated privileges...

8.5CVSS6.2AI score0.00196EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.12 views

Conecteo Kiamo 安全漏洞

Conecteo Kiamo is a multi-channel customer interaction and contact center management platform developed by the French company Conecteo. Versions of Conecteo Kiamo prior to version 8.4 contained security vulnerabilities. These vulnerabilities were due to improper permission verification, which cou...

8.8CVSS6AI score0.00288EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.4 views

PT-2026-30861

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, RecipeBookViewSet and RecipeBookEntryViewSet use CustomIsShared as an alternative permission class, but CustomIsShared.has object permission returns True for all HTTP methods —...

8.1CVSS5.9AI score0.00378EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/23 6:28 p.m.24 views

CVE-2026-33650 AVideo's Video Moderator Privilege Escalation via Ownership Transfer Enables Arbitrary Video Deletion

WWBN AVideo is an open source video platform. In versions up to and including 26.0, a user with the "Videos Moderator" permission can escalate privileges to perform full video management operations — including ownership transfer and deletion of any video — despite the permission being documented ...

7.6CVSS0.0024EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/04 12:13 p.m.5 views

CVE-2026-24732 Improper permission checks in Extension:NSFileRepo

Files or Directories Accessible to External Parties, Incorrect Permission Assignment for Critical Resource vulnerability in Hallo Welt! GmbH BlueSpice Extension:NSFileRepo modules allows Accessing Functionality Not Properly Constrained by ACLs, Bypassing Electronic Locks and Access Controls.This...

8.7CVSS5.9AI score0.00265EPSS
Exploits0References1
CVE
CVE
added 2026/03/04 12:13 p.m.15 views

CVE-2026-24732

CVE-2026-24732 affects Hallo Welt! GmbH BlueSpice Extension:NSFileRepo, with vulnerable versions 5.1–5.1.5 and 5.2–5.2.0. The issue is improper permission checks in the extension, allowing access to functionality not properly constrained by ACLs and bypassing electronic locks and access controls....

8.7CVSS5.9AI score0.00265EPSS
Exploits0References1
OSV
OSV
added 2026/02/03 6:35 p.m.22 views

GHSA-4QVV-G3VR-M348 Wagtail has improper permission handling on admin preview endpoints

Impact Due to a missing permission check on the preview endpoints, a user with access to the Wagtail admin and knowledge of a model's fields can craft a form submission to obtain a preview rendering of any page, snippet or site setting object for which previews are enabled, consisting of any data...

5.1CVSS5.5AI score0.00343EPSS
Exploits0References13
NVD
NVD
added 2025/12/21 4:16 a.m.6 views

CVE-2025-12654

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary directory creation in all versions up to, and including, 0.9.120. This is due to the checkfilesystempermissions function not properly restricting the directories that can be created, or in...

2.7CVSS0.00427EPSS
Exploits2References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-15568

Malware in sbrugna...

4.3CVSS4.5AI score0.00888EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-8377

Malware in sbrugna...

6.5CVSS6.6AI score0.02155EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-38316

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00353EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/04 12:0 a.m.4 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the American company Google. Google Android suffers from a security vulnerability that stems from a lack of permission checking, which could lead to local elevation of privileges...

4CVSS6AI score0.00086EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 2:29 a.m.11 views

CVE-2024-42453

A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes the ability to power off virtual machines, delete files in storage, and make configuration changes, potentially leading to Denial of...

8.1CVSS6.7AI score0.00325EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/12/20 12:0 a.m.14 views

Atlassian Confluence 3.7.x < 7.19.22 / 7.20.x < 8.5.9 / 8.6.x < 8.9.0 / 9.2.0 (CONFSERVER-98713)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-98713 advisory. - In Hazelcast through 4.1.10, 4.2 through 4.2.8, 5.0 through 5.0.5, 5.1 through 5.1.7, 5.2 through 5.2.4, and 5.3 through 5.3.2, some client...

7.6CVSS7.3AI score0.00503EPSS
Exploits0References2
NVD
NVD
added 2024/12/04 2:15 a.m.18 views

CVE-2024-42453

A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes the ability to power off virtual machines, delete files in storage, and make configuration changes, potentially leading to Denial of...

8.1CVSS0.00325EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/04 1:6 a.m.15 views

CVE-2024-42453

A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes the ability to power off virtual machines, delete files in storage, and make configuration changes, potentially leading to Denial of...

7.4CVSS6.8AI score0.00325EPSS
Exploits0References1
Rows per page
Query Builder