Lucene search
+L

5 matches found

UbuntuCve
UbuntuCve
added 2026/03/13 7:54 p.m.6 views

CVE-2026-2859

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 EOL allows unauthenticated users to enumerate existing hosts by observing different HTTP response codes in deployagent endpoint, which could lead to information disclosure...

6.3CVSS5.9AI score0.0019EPSS
Exploits0References2
OSV
OSV
added 2026/03/13 9:40 a.m.5 views

CVE-2026-24097 Authenticated Host Enumeration via Observable Response Discrepancy on Agent Register Existing Endpoint

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 EOL allows authenticated users to enumerate existing hosts by observing different HTTP response codes in agent-receiver/registerexisting endpoint, which could lead to information disclosure...

5.3CVSS5.9AI score0.00237EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.12 views

PT-2026-25169

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 EOL allows unauthenticated users to enumerate existing hosts by observing different HTTP response codes in deploy agent endpoint, which could lead to information disclosure...

6.3CVSS5.8AI score0.0019EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.9 views

PT-2026-25168

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 EOL allows authenticated users to enumerate existing hosts by observing different HTTP response codes in agent-receiver/register existing endpoint, which could lead to information disclosur...

5.3CVSS5.8AI score0.00237EPSS
Exploits0References1
Veracode
Veracode
added 2025/04/10 5:55 p.m.10 views

Authorization Bypass

org.apache.activemq:artemis-server is vulnerable to Authorization Bypass. The vulnerability is due to improper permission enforcement due to users being able to augment the routing-type of an address without having the necessary createAddress permission, potentially allowing unauthorized message...

4.3CVSS6.5AI score0.0058EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder