EUVD-2019-1630

Malware in sbrugna...

EUVD-2020-6342

Malware in sbrugna...

CVE-2025-51865

CVE-2025-51865 concerns the Ai2 Playground web service (playground.allenai.org). The vulnerability is an Insecure Direct Object Reference (IDOR) that lets an attacker enumerate thread keys in the URL to gain sensitive information. The CVE is tracked with CVSS 3.1: Network attack, Low attack compl...

CVE-2025-22612 Coolify Vulnerable to Private Key Enumeration on Onboarding resulting in Remote Command Execution (RCE)

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.374, the missing authorization allows an authenticated user to retrieve any existing private keys on a coolify instance in plain text. If the server configuration of IP ...

CVE-2025-22612 Coolify Vulnerable to Private Key Enumeration on Onboarding resulting in Remote Command Execution (RCE)

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.374, the missing authorization allows an authenticated user to retrieve any existing private keys on a coolify instance in plain text. If the server configuration of IP ...

Atlassian Jira < 7.13.17 Project Key Enumeration

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 7.13.17, 7.14.x prior to 8.5.8 or 8.6.x prior to 8.12.0. It is, therefore, affected by a vulnerability that permits remote attackers to enumerate project keys via an Informati...

Atlassian Jira 8.6.0 < 8.12.0 Project Key Enumeration

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 7.13.17, 7.14.x prior to 8.5.8 or 8.6.x prior to 8.12.0. It is, therefore, affected by a vulnerability that permits remote attackers to enumerate project keys via an Informati...

Exploit for Improper Authentication in Fortinet Fortiproxy

CVE-2022-40684 One-click enumeration of all usernames and wr...

Atlassian JIRA Data Center 注入漏洞

Atlassian JIRA Server and Atlassian JIRA Data Center are both products of Atlassian Australia.Atlassian JIRA Server is a server version of a defect tracking management system. Atlassian JIRA Data Center is the data center version of Atlassian JIRA, which is an information disclosure vulnerability...

CVE-2020-35585

In Solstice Pod before 3.3.0 or Open4.3, the screen key can be enumerated using brute-force attacks via the /lookin/info Solstice Open Control API because there are only 1.7 million possibilities...

CVE-2020-14185

Affected versions of Jira Server allow remote unauthenticated attackers to enumerate issue keys via a missing permissions check in the ActionsAndOperations resource. The affected versions are before 7.13.18, from version 8.0.0 before 8.5.9, and from version 8.6.0 before version 8.12.2...

CVE-2020-14185

Affected versions of Jira Server allow remote unauthenticated attackers to enumerate issue keys via a missing permissions check in the ActionsAndOperations resource. The affected versions are before 7.13.18, from version 8.0.0 before 8.5.9, and from version 8.6.0 before version 8.12.2...

Microsoft Windows 10 1809 - CmKeyBodyRemapToVirtualForEnum Arbitrary Key Enumeration

Exploit for windows platform in category local exploits Microsoft Windows 10 1809 - 'CmKeyBodyRemapToVirtualForEnum' Arbitrary Key Enumeration Privilege Escalation Windows: CmKeyBodyRemapToVirtualForEnum Arbitrary Key Enumeration EoP Platform: Windows 10 1809 not tested earlier Class: Elevation o...

Microsoft Windows 10 1809 - &#039;CmKeyBodyRemapToVirtualForEnum&#039; Arbitrary Key Enumeration Privilege Escalation

Windows: CmKeyBodyRemapToVirtualForEnum Arbitrary Key Enumeration EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The kernel’s Registry Virtualization doesn’t safely open the real key fo...

CVE-2019-0881

An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka 'Windows Kernel Elevation of Privilege Vulnerability'...

CVE-2019-0881

An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka 'Windows Kernel Elevation of Privilege Vulnerability'...

CVE-2019-0881

An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka 'Windows Kernel Elevation of Privilege Vulnerability'...

Microsoft Windows Multiple Vulnerabilities (KB4499151)

This host is missing a critical security update according to Microsoft KB4499151 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

Windows Kernel Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit this vulnerability by running a...

PT-2019-2220 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient access control in the Windows operating system kernel. It allows a remote attacker to elevate their privileges using a specially crafted application. Th...