Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7696 matches found

OSV
OSVadded 2023/01/17 6:15 p.m.1 views

DEBIAN-CVE-2018-14628

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store...

4.3CVSS6.1AI score0.00504EPSS
Exploits1References1
OSV
OSVadded 2023/01/17 6:15 p.m.0 views

UBUNTU-CVE-2018-14628

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store...

4.3CVSS6.8AI score0.00504EPSS
Exploits1References4
Prion
Prionadded 2023/01/17 6:15 p.m.20 views

Information disclosure

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store...

4CVSS4.2AI score0.00504EPSS
Exploits1References5Affected Software2
OSV
OSVadded 2023/01/17 5:38 p.m.9 views

GSD-2023-1000429 drm/i915/ttm: consider CCS for backup objects

drm/i915/ttm: consider CCS for backup objects This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.18 by commit...

7.2AI score
Exploits0
Debian CVE
Debian CVEadded 2023/01/17 12:0 a.m.30 views

CVE-2018-14628

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store...

4.3CVSS4.7AI score0.00504EPSS
Exploits1
AlpineLinux
AlpineLinuxadded 2023/01/17 12:0 a.m.32 views

CVE-2018-14628

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store...

4.3CVSS3.2AI score0.00504EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2023/01/13 6:35 p.m.34 views

CVE-2018-14628

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store...

4.3CVSS3.2AI score0.00504EPSS
Exploits1References3
RedHat Linux
RedHat Linuxadded 2023/01/12 2:51 p.m.3 views

postgresql: Extension scripts replace objects not belonging to the extension.

A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the objec...

8CVSS6.9AI score0.00973EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2023/01/12 9:29 a.m.3 views

postgresql: Extension scripts replace objects not belonging to the extension.

A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the objec...

8CVSS6.9AI score0.00973EPSS
Exploits0References5
Veracode
Veracodeadded 2023/01/11 3:50 a.m.15 views

Prototype Pollution

baobab is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes via the merger function in helpers.js and modify attributes such as proto, constructor, and other prototype base objects...

9.8CVSS4.2AI score0.00636EPSS
Exploits1References7Affected Software1
NVD
NVDadded 2023/01/10 9:15 p.m.12 views

CVE-2022-46163

Travel support program is a rails app to support the travel support program of openSUSE TSP. Sensitive user data bank account details, password Hash can be extracted via Ransack query injection. Every deployment of travel-support-program below the patched version is affected. The...

7.5CVSS7.7AI score0.00833EPSS
Exploits1References3
Cvelist
Cvelistadded 2023/01/10 8:26 p.m.20 views

CVE-2022-46163 travel-support-program vulnerable to data exfiltration via Ransack query injection

Travel support program is a rails app to support the travel support program of openSUSE TSP. Sensitive user data bank account details, password Hash can be extracted via Ransack query injection. Every deployment of travel-support-program below the patched version is affected. The...

7.5CVSS7.9AI score0.00833EPSS
Exploits1References3
OSV
OSVadded 2023/01/10 8:26 p.m.25 views

CVE-2022-46163 travel-support-program vulnerable to data exfiltration via Ransack query injection

Travel support program is a rails app to support the travel support program of openSUSE TSP. Sensitive user data bank account details, password Hash can be extracted via Ransack query injection. Every deployment of travel-support-program below the patched version is affected. The...

7.5CVSS7.5AI score0.00833EPSS
Exploits1References5
NVD
NVDadded 2023/01/05 9:15 p.m.10 views

CVE-2022-47543

An issue was discovered in Siren Investigate before 12.1.7. There is an ACL bypass on global objects...

5.3CVSS5.4AI score0.00175EPSS
Exploits0References2
OSV
OSVadded 2023/01/05 9:15 p.m.1 views

CVE-2022-47543

An issue was discovered in Siren Investigate before 12.1.7. There is an ACL bypass on global objects...

5.3CVSS5.8AI score
Exploits0References2
Prion
Prionadded 2023/01/05 9:15 p.m.17 views

Design/Logic Flaw

An issue was discovered in Siren Investigate before 12.1.7. There is an ACL bypass on global objects...

5CVSS5.4AI score0.00175EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2023/01/05 6:15 p.m.2 views

CVE-2022-43573

IBM Robotic Process Automation 20.12 through 21.0.6 is vulnerable to exposure of the name and email for the creator/modifier of platform level objects. IBM X-Force ID: 238678...

5.3CVSS5.8AI score
Exploits0References2
Prion
Prionadded 2023/01/05 6:15 p.m.21 views

Code injection

IBM Robotic Process Automation 20.12 through 21.0.6 is vulnerable to exposure of the name and email for the creator/modifier of platform level objects. IBM X-Force ID: 238678...

5CVSS5.2AI score0.00165EPSS
Exploits0References2Affected Software3
Positive Technologies
Positive Technologiesadded 2023/01/05 12:0 a.m.3 views

PT-2023-15393 · Unknown · Siren Investigate

Name of the Vulnerable Software and Affected Versions: Siren Investigate versions prior to 12.1.7 Description: An issue was discovered that allows for an ACL bypass on global objects. Recommendations: For versions prior to 12.1.7, update to version 12.1.7 or later to resolve the issue...

5.3CVSS5.3AI score0.00175EPSS
Exploits0References4
CNNVD
CNNVDadded 2023/01/05 12:0 a.m.3 views

Siren Investigate 安全漏洞

Siren Investigate is a front-end to the Siren platform from Siren Ireland, allowing the creation of dashboards, charts, link analysis, alerts and more. A security vulnerability exists in Siren Investigate versions prior to 12.1.7 that stems from the presence of ACL bypasses on global objects...

5.3CVSS5.7AI score0.00175EPSS
Exploits0References3
Rows per page
Query Builder