CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

CNVD•added 2026/05/06 12:0 a.m.•5 views

IBM i Web Administration GUI Elevation of Privilege Vulnerability

IBM i is an integrated operating system developed by IBM for use on IBM Power Systems servers, providing database, network, and application services. An elevation of privilege vulnerability exists in IBM i. The vulnerability stems from an invalid authorization check in the Web Administration GUI...

9.8CVSS5.9AI score0.00043EPSS

Exploits0

RedhatCVE•added 2026/05/02 8:47 a.m.•0 views

CVE-2026-2311

IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 s vulnerable to privilege escalation caused by an invalid IBM i Web Administration GUI authorization check. A malicious actor could cause user-controlled code to run with administrator privilege...

9.8CVSS5.9AI score0.00043EPSS

Exploits0References1

NVD•added 2026/04/30 10:16 p.m.•1 views

CVE-2026-2311

9.8CVSS0.00043EPSS

Exploits0References1

Vulnrichment•added 2026/04/30 9:45 p.m.•1 views

CVE-2026-2311 IBM i is affected by a privilege escalation vulnerability in Web Administration GUI []

6.4CVSS5.9AI score0.00043EPSS

Exploits0References1

CVE•added 2026/04/30 9:45 p.m.•7 views

CVE-2026-2311

CVE-2026-2311 affects IBM i releases 7.6, 7.5, 7.4, 7.3, and 7.2. The root cause is an invalid authorization check in the IBM i Web Administration GUI, enabling privilege escalation where a malicious actor could cause user‑controlled code to execute with administrator privileges. Impact is high (...

9.8CVSS5.2AI score0.00043EPSS

Exploits0References1Affected Software1

IBM Security Bulletins•added 2026/04/15 2:49 p.m.•2 views

Security Bulletin: IBM i is affected by a privilege escalation vulnerability in Web Administration GUI [CVE-2026-2311]

Summary Web Administration GUI for IBM i is vulnerable to privilege escalation caused by an invalid authorization check as described in the vulnerability details section. Vulnerability Details CVEID:CVE-2026-2311 DESCRIPTION: IBM i is vulnerable to privilege escalation caused by an invalid IBM i...

9.8CVSS5.8AI score0.00043EPSS

Exploits0Affected Software6

RedhatCVE•added 2026/04/01 5:3 p.m.•1 views

CVE-2026-34377

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-consensus version 5.0.1, a logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By matching a valid transaction's txid while providing invalid...

8.4CVSS5.7AI score0.00023EPSS

Exploits1References1

ATTACKERKB•added 2026/03/31 2:5 p.m.•0 views

CVE-2026-34377

8.4CVSS5.7AI score0.00023EPSS

Exploits1References4Affected Software2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-21738

Malware in sbrugna...

7.8CVSS7.6AI score0.00082EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-55680

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00065EPSS

Exploits0References2

CNNVD•added 2024/06/06 12:0 a.m.•3 views

ZenML Security Vulnerability

ZenML is an extensible open source MLOps framework for creating portable, production-ready machine learning pipelines. A security vulnerability exists in ZenML version 0.55.3, which stems from an improper authorization vulnerability in the API PUT /api/v1/users/id endpoint that allows an attacker...

6.5CVSS6.5AI score0.0005EPSS

Exploits1References3

NVD•added 2024/02/17 4:15 p.m.•12 views

CVE-2023-50951

IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 in some circumstances will log some sensitive information about invalid authorization attempts. IBM X-Force ID: 275747...

4.3CVSS4AI score0.00065EPSS

Exploits0References2

OSV•added 2024/02/17 4:15 p.m.•0 views

CVE-2023-50951

4.3CVSS5.8AI score0.00065EPSS

Exploits0References2

Positive Technologies•added 2024/02/16 12:0 a.m.•1 views

PT-2024-1915 · Ibm · Ibm Qradar Suite +1

Name of the Vulnerable Software and Affected Versions: IBM QRadar Suite versions 1.10.12.0 through 1.10.17.0 IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0 Description: The issue is related to insufficient protection of registration data in IBM QRadar Suite and IBM Cloud Pak for...

4.3CVSS6.6AI score0.00065EPSS

Exploits0References8

NVD•added 2022/06/14 10:15 a.m.•15 views

CVE-2021-35094

Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

7.8CVSS0.00082EPSS

Exploits0References1

CVE•added 2022/06/14 9:51 a.m.•71 views

CVE-2021-35094

CVE-2021-35094 involves Qualcomm components (e.g., QCA family, AQT1000) with an improper validation of timeout-based authentication in identity credentials, which can lead to invalid authorization in HLOS. The issue affects multiple Qualcomm/Qualcomm-supplied platforms including Snapdragon Auto, ...

7.8CVSS7.8AI score0.00082EPSS

Exploits0References1Affected Software1

CNNVD•added 2021/01/11 12:0 a.m.•3 views

Abhinavsingh Proxy.py Authorization Issues Vulnerability

Abhinavsingh Proxy.py is a Python-based proxy server for network monitoring, control and application development, testing, and debugging by Abhinavsingh Personal Developer. A security vulnerability exists in Abhinavsingh Proxy.py version 2.3.1 and earlier versions of AuthPlugin that allows...

7.5CVSS7.1AI score0.00412EPSS

Exploits1References4

OSV•added 2018/09/18 6:29 p.m.•0 views

CVE-2018-17178

An issue was discovered on Neato Botvac Connected 2.2.0 devices. They execute unauthenticated manual drive commands sent to /bin/webserver on port 8081 if they already have an active session. Commands like forward, back, arc-left, arc-right, pivot-left, and pivot-right are executed even though th...

5.3CVSS5.9AI score0.00096EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by