Lucene search
K

21 matches found

CVE
CVE
added 2026/05/15 6:36 p.m.24 views

CVE-2026-46362

CVE-2026-46362 affects phpMyFAQ prior to 4.1.2, where a flaw in AbstractAdministrationController::userHasPermission() allows an authenticated user to bypass authorization and access any permission-protected admin page. The root cause is failure to terminate execution after sending a forbidden res...

7.1CVSS5.9AI score0.00303EPSS
Exploits0References2
Veracode
Veracode
added 2026/02/21 5:7 a.m.15 views

Authorization Bypass

askbot is vulnerable to Authorization Bypass. The vulnerability is due to an incomplete permissions check, where an attacker authenticated with normal user permissions can modify the profile picture of other application users...

5.3CVSS5.7AI score0.00318EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003921)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003921 advisory. The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be...

4.1CVSS6.5AI score0.00308EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-43109

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.0035EPSS
Exploits0References2
NVD
NVD
added 2024/04/15 8:15 p.m.17 views

CVE-2024-23560

HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type...

4.9CVSS4.8AI score0.00324EPSS
Exploits0References1
OSV
OSV
added 2023/08/13 12:15 p.m.2 views

CVE-2023-39384

Vulnerability of incomplete permission verification in the input method module. Successful exploitation of this vulnerability may cause features to perform abnormally...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References2
NVD
NVD
added 2023/08/13 12:15 p.m.23 views

CVE-2023-39384

Vulnerability of incomplete permission verification in the input method module. Successful exploitation of this vulnerability may cause features to perform abnormally...

7.5CVSS7.5AI score0.0035EPSS
Exploits0References2
OSV
OSV
added 2023/07/05 1:15 p.m.2 views

CVE-2021-46891

Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability...

9.8CVSS5.8AI score0.00382EPSS
Exploits0References2
CVE
CVE
added 2022/04/21 5:25 p.m.47 views

CVE-2020-14121

The CVE-2020-14121 issue affects Xiaomi Mi App Store. Affected component: the store’s business logic with incomplete product permission checks, allowing bypass and a local silent installation. Root cause: insufficient permission enforcement enables an attacker to install without user-visible prom...

5.5CVSS5.4AI score0.00188EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2021/11/02 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2020:2879-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.1AI score0.00492EPSS
Exploits0References2
OSV
OSV
added 2021/10/18 2:15 p.m.4 views

CVE-2021-42098

An incomplete permission check on entries in Devolutions Remote Desktop Manager before 2021.2.16 allows attackers to bypass permissions via batch custom PowerShell...

8.8CVSS7.3AI score0.01603EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.32 views

SUSE: Security Advisory (SUSE-SU-2020:2905-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.7AI score0.03292EPSS
Exploits0References2
Veracode
Veracode
added 2020/12/06 2:28 a.m.37 views

Privilege Escalation

linux-kvm is vulnerable to privilege escalation. The vulnerability exists as the rbd block device driver in drivers/block/rbd.c used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices...

4.1CVSS4.6AI score0.00308EPSS
Exploits0References8Affected Software5
OpenVAS
OpenVAS
added 2020/10/12 12:0 a.m.35 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-2176)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.01308EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2020/09/25 7:0 a.m.6 views

The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices which could be leveraged by local attackers to map or unmap rbd block devices aka CID-f44d04e696fe.

...

4.1CVSS7AI score0.00308EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2020/09/13 6:15 p.m.37 views

CVE-2020-25284

The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe...

4.1CVSS6.7AI score0.00308EPSS
Exploits0References8
Prion
Prion
added 2020/09/13 6:15 p.m.30 views

Design/Logic Flaw

The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe...

1.9CVSS5.1AI score0.00308EPSS
Exploits0References7Affected Software3
OSV
OSV
added 2020/09/13 6:15 p.m.9 views

UBUNTU-CVE-2020-25284

The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe...

4.1CVSS6.6AI score0.00308EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2020/09/13 5:28 p.m.36 views

CVE-2020-25284

The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe...

4.1CVSS6.5AI score0.00308EPSS
Exploits0
Mageia
Mageia
added 2019/11/07 11:36 p.m.65 views

Updated proftpd packages fix security vulnerabilities

Updated proftpd package fixes security vulnerabilities: It was discovered that the modcopy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands CVE-2019-12815. It was discovered that due to incorrect handling of overly long commands, a...

9.8CVSS2.1AI score0.57606EPSS
Exploits1References1
Rows per page
Query Builder