Lucene search
K

8 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/19 11:17 p.m.8 views

CVE-2026-34970

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow a bugnote author to access the note's Revisions page after losing access to the parent private issue. This issue has been fixed in version 2.28.2...

5.3CVSS5.7AI score0.00372EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:8 p.m.2 views

CVE-2026-33424

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, an attacker can grant access to a private message topic through invites even after they lose access to that PM. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain a patch. No know...

5.9CVSS5.8AI score0.00217EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/20 11:8 p.m.2 views

CVE-2026-33424

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, an attacker can grant access to a private message topic through invites even after they lose access to that PM. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain a patch. No know...

5.9CVSS5.8AI score0.00217EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 5:26 a.m.4 views

CVE-2023-25927

IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, and 10.0.5 could allow an attacker to crash the webseald process using specially crafted HTTP requests resulting in loss of access to the system. IBM X-Force ID: 247635...

7.5CVSS8AI score0.01485EPSS
Exploits2References1
BDU FSTEC
BDU FSTEC
added 2024/05/15 12:0 a.m.3 views

The vulnerability of the tcp_twsk_purge() function in the net/ipv4/tcp_minisocks.c module, which is part of the Linux kernel’s IPv4 protocol implementation, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the tcptwskpurge function in the net/ipv4/tcpminisocks.c module, which is part of the Linux kernel’s IPv4 protocol implementation, relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

7CVSS6.7AI score0.0023EPSS
Exploits0References17Affected Software4
CNNVD
CNNVD
added 2023/11/16 12:0 a.m.5 views

Zulip security vulnerability

Zulip is a powerful open source group chat application from Zulip, Inc. for combining the immediacy of real-time chat with the productivity benefits of threaded conversations. A security vulnerability exists in Zulip version 7.5 that stems from the fact that an active user who previously subscrib...

4.3CVSS6.6AI score0.00478EPSS
Exploits0References3
Prion
Prion
added 2019/06/07 3:29 p.m.15 views

Design/Logic Flaw

In Cloudera Navigator Key Trustee KMS 5.12 and 5.13, incorrect default ACL values allow remote access to purge and undelete API calls on encryption zone keys. The Navigator Key Trustee KMS includes 2 API calls in addition to those in Apache Hadoop KMS: purge and undelete. The KMS ACL values for...

5.5CVSS5.3AI score0.00455EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.6 views

The vulnerability of the microprogramming software of Siemens Simatic S7-1200 programmable logic controllers allows a malicious actor to cause malfunctions during maintenance operations.

The software of the programmable logic controller Simatic S7-1200 contains a vulnerability that causes loss of access to the device during the processing of specific TCP/IP packets...

7.8CVSS5.5AI score0.02392EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder