Lucene search
+L

5804 matches found

Nuclei
Nuclei
added 9 hours ago43 views

QNAP HBS 3 - Broken Access Control

An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 Hybrid Backup Sync. If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to...

10CVSS8.7AI score0.7825EPSS
Exploits0References4
Nuclei
Nuclei
added 9 hours ago28 views

WordPress Easy Student Results <=2.2.8 - Improper Authorization

WordPress Easy Student Results plugin through 2.2.8 is susceptible to information disclosure. The plugin lacks authorization in its REST API, which can allow an attacker to retrieve sensitive information related to courses, exams, and departments, as well as student grades and information such as...

7.5CVSS7.1AI score0.02801EPSS
Exploits2References5
Nuclei
Nuclei
added 9 hours ago48 views

Jira - Incorrect Authorization

Jira before version 7.13.3, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 is susceptible to an incorrect authorization check in the /rest/api/2/user/picker rest resource, enabling an attacker to enumerate usernames and gain improper access. id: CVE-2019-3403...

5.3CVSS6.2AI score0.52637EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday162 views

Tenda AC1200 V-W15Ev2 - Authentication Bypass

The Tenda AC1200 V-W15Ev2 router is affected by improper authorization/improper session management. The software does not perform or incorrectly perform an authorization check when a user attempts to access a resource or perform an action. This allows the router's login page to be bypassed. The...

4.9CVSS6.2AI score0.28802EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday79 views

Modoboa < 2.1.0 - Improper Authorization

Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0. id: CVE-2023-2227 info: name: Modoboa 2.1.0 - Improper Authorization author: ritikchaddha,princechaddha severity: critical description: | Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0. impact:...

9.1CVSS7AI score0.43756EPSS
Exploits1References3
Veracode
Veracode
added 2 days ago6 views

Improper Authorization

n8n-mcp is vulnerable to Improper Authorization. The vulnerability is due to insufficient tenant isolation of locally stored workflow version history, which allows an authenticated tenant to read or delete workflow backups belonging to other tenants, exposing sensitive configuration data and...

9.9CVSS6.1AI score0.00389EPSS
Exploits0References3Affected Software1
CVE
CVE
added 3 days ago11 views

CVE-2026-48321

Technical details are not publicly available in the provided documents; no affected products, versions, or remediation are specified. Monitor for updates.

10CVSS6.1AI score0.00516EPSS
Exploits0References1Affected Software1
NVD
NVD
added 3 days ago6 views

CVE-2026-58540

Improper authorization in Windows Installer allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00284EPSS
Exploits0References1
NVD
NVD
added 3 days ago5 views

CVE-2026-58277

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network...

8.8CVSS0.0074EPSS
Exploits0References1
NVD
NVD
added 3 days ago3 views

CVE-2026-54121

Improper authorization in Active Directory Certificate Services AD CS allows an authorized attacker to elevate privileges over a network...

8.8CVSS0.00802EPSS
Exploits0References1
NVD
NVD
added 3 days ago4 views

CVE-2026-50344

Improper authorization in Windows OLE allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00284EPSS
Exploits0References1
NVD
NVD
added 3 days ago3 views

CVE-2026-50346

Improper authorization in RPC Runtime allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00284EPSS
Exploits0References1
CVE
CVE
added 3 days ago6 views

CVE-2026-15058

The CVE-2026-15058 affects Devolutions Server versions 2026.2.11 and 2026.1.22, where the secure messages deletion endpoint incorrectly authorizes access. An authenticated user can delete another user’s messages by directly referencing the message identifier, due to an improper authorization flaw...

3.1CVSS6.1AI score0.00162EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-15058

Improper authorization in the secure messages deletion endpoint in Devolutions Server 2026.2.11, 2026.1.22 allows an authenticated user to delete another user's messages via a direct object reference to the message identifier...

0.00162EPSS
Exploits0References1
NVD
NVD
added 3 days ago7 views

CVE-2026-58631

Improper authorization in Windows Admin Center allows an authorized attacker to execute code locally...

7.8CVSS0.00295EPSS
Exploits0References1
CVE
CVE
added 3 days ago15 views

CVE-2026-58631

CVE-2026-58631 involves Windows Admin Center where improper authorization allows an authorized attacker to execute code locally. The available sources describe a local attack vector with high impact (C:H/I:H/A:H) and a CVSS v3.1 base score of 7.8, indicating remote code execution risk within the ...

7.8CVSS6.1AI score0.00295EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 3 days ago5 views

Netlogon RPC Elevation of Privilege Vulnerability

Improper authorization in RPC Runtime allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score0.00284EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 3 days ago4 views

Windows OLE Elevation of Privilege Vulnerability

Improper authorization in Windows OLE allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score0.00284EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 3 days ago7 views

Windows Admin Center (WAC) Remote Code Execution Vulnerability

Improper authorization in Windows Admin Center allows an authorized attacker to execute code locally...

7.8CVSS6.2AI score0.00295EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 3 days ago9 views

Microsoft SharePoint Elevation of Privilege Vulnerability

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network...

8.8CVSS6.1AI score0.0074EPSS
Exploits0
Rows per page
Query Builder