Lucene search
K

47725 matches found

Vulnrichment
Vulnrichment
added 2026/02/10 4:47 p.m.5 views

CVE-2026-25530 Kanboard is missing authorization check in getSwimlane API allows cross-project data access

Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, the getSwimlane API method lacks project-level authorization, allowing authenticated users to access swimlane data from projects they cannot access. This vulnerability is fixed in 1.2.50...

4.3CVSS5.5AI score0.00235EPSS
Exploits1References3
OSV
OSV
added 2026/02/10 4:47 p.m.4 views

CVE-2026-25530 Kanboard is missing authorization check in getSwimlane API allows cross-project data access

Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, the getSwimlane API method lacks project-level authorization, allowing authenticated users to access swimlane data from projects they cannot access. This vulnerability is fixed in 1.2.50...

4.3CVSS5.5AI score0.00235EPSS
Exploits1References5
GithubExploit
GithubExploit
added 2026/02/10 3:40 p.m.423 views

Exploit for Improper Access Control in Oracle Http_Server

CVE-2026-21962 Concurrent WebLogic Scanner/Exploiter High-per...

10CVSS6AI score0.42658EPSS
Exploits4
HackRead
HackRead
added 2026/02/10 9:12 a.m.4 views

Navigating MiCA: A Practical Compliance Guide for European CASPs

MiCA creates a single EU crypto rulebook, replacing national regimes with unified licensing, capital, and compliance rules for all CASPs...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/10 7:33 a.m.6 views

CVE-2026-22613

The server identity check mechanism for firmware upgrade performed via command shell is insecurely implemented potentially allowing an attacker to perform a Man-in-the-middle attack. This security issue has been fixed in the latest firmware version of Eaton Network M3 which is available on the...

5.7CVSS5.5AI score0.00154EPSS
Exploits0References1
ICS
ICS
added 2026/02/10 7:0 a.m.5 views

Yokogawa FAST/TOOLS

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to redirected users to malicious sites, decrypt communications, perform a man-in-the-middle MITM attack, execute malicious scripts, steal files, and perform other various attacks. 2. RECOMMENDED PRACTICES...

5.5AI score
Exploits0References13
ICS
ICS
added 2026/02/10 7:0 a.m.4 views

ZLAN Information Technology Co. ZLAN5143D

RISK EVALUATION Successful exploitation of these vulnerabilities could result in an attacker bypassing authentication, or resetting the device password. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

9.8CVSS5.7AI score0.00732EPSS
Exploits0References11
NVD
NVD
added 2026/02/10 4:16 a.m.7 views

CVE-2026-24322

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing sensitive information to be disclosed. This vulnerability has a high impact on confidentiality and does not affect integrity or availability...

7.7CVSS0.00209EPSS
Exploits0References2
OSV
OSV
added 2026/02/10 4:16 a.m.2 views

CVE-2026-23681

Due to missing authorization check in a function module in SAP Support Tools Plug-In, an authenticated attacker could invoke specific function modules to retrieve information about the system and its configuration. This disclosure of the system information could assist the attacker to plan...

4.3CVSS5.8AI score0.00168EPSS
Exploits0References2
CVE
CVE
added 2026/02/10 3:4 a.m.14 views

CVE-2026-24322

CVE-2026-24322 affects the SAP Solution Tools Plug-In (ST-PI). A function module does not perform required authorization checks for authenticated users, enabling disclosure of sensitive information. Impact is confined to confidentiality (high) per the provided metrics (CVSS 3.1: base 7.7, HIGH). ...

7.7CVSS5.4AI score0.00209EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/02/10 3:4 a.m.27 views

CVE-2026-24322 Missing Authorization check in SAP Solution Tools Plug-In (ST-PI)

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing sensitive information to be disclosed. This vulnerability has a high impact on confidentiality and does not affect integrity or availability...

7.7CVSS0.00209EPSS
Exploits0References2
CVE
CVE
added 2026/02/10 3:2 a.m.13 views

CVE-2026-23681

CVE-2026-23681 affects SAP Support Tools Plug-In where a missing authorization check in a function module allows an authenticated attacker to invoke certain function modules and retrieve system and configuration information. The vulnerability risks only low confidentiality impact for the applicat...

4.3CVSS5.6AI score0.00168EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/10 3:2 a.m.3 views

CVE-2026-23681 Missing Authorization check in a function module in SAP Support Tools Plug-In

Due to missing authorization check in a function module in SAP Support Tools Plug-In, an authenticated attacker could invoke specific function modules to retrieve information about the system and its configuration. This disclosure of the system information could assist the attacker to plan...

4.3CVSS5.5AI score0.00168EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.8 views

SAP Solution Tools Plug-In 安全漏洞

SAP Solution Tools Plug-In is a basic component plugin developed by the German company SAP. The SAP Solution Tools Plug-In contains a security vulnerability; this vulnerability stems from the lack of necessary authorization checks, which may lead to the disclosure of sensitive information...

7.7CVSS5.8AI score0.00209EPSS
Exploits0References2
Kaspersky
Kaspersky
added 2026/02/10 12:0 a.m.3 views

KLA90880 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in CSS can be exploited to cause denial of service or execute...

8.8CVSS6.3AI score0.08754EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.6 views

PT-2026-7236

Name of the Vulnerable Software and Affected Versions Agentflow versions affected versions not specified Description Agentflow, developed by Flowring, exhibits an authentication bypass condition. Unauthenticated remote attackers can exploit a specific functionality to obtain arbitrary user...

9.8CVSS5.7AI score0.00507EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.23 views

PT-2026-7221

Name of the Vulnerable Software and Affected Versions SAP Solution Tools Plug-In affected versions not specified Description The SAP Solution Tools Plug-In ST-PI includes a function module lacking proper authorization checks for authenticated users, potentially leading to the disclosure of...

7.7CVSS5.4AI score0.00209EPSS
Exploits0References6
VulnCheck KEV
VulnCheck KEV
added 2026/02/10 12:0 a.m.5 views

VulnCheck KEV: CVE-2026-21962

Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server Proxy Plug-in for IIS. Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0...

10CVSS7.3AI score0.42658EPSS
In wildExploits4References3
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.6 views

libssh 代码问题漏洞

libssh is a C-language development package from the libssh organization that allows access to SSH services. It can execute remote commands, perform file transfers, and provide a secure transmission channel for remote programs. libssh has code vulnerabilities, which stem from insecure default...

7.8CVSS6.7AI score0.00129EPSS
Exploits0References5
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2026/02/10 12:0 a.m.16 views

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 145 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 145.0.7632.45 Linux 145.0.7632.45/46 Windows/Mac contains a number of fixes and improvements -- a list of changes is availab...

8.8CVSS5.9AI score0.08754EPSS
Exploits0Affected Software1
Rows per page
Query Builder