Lucene search
+L

10 matches found

github
github
added 2026/05/21 9:30 p.m.9 views

LiteLLM allows a user to modify their own user_role via the /user/update endpoint

LiteLLM prior to 1.83.10 allows a user to modify their own userrole via the /user/update endpoint. While the endpoint correctly restricts users to updating only their own account, it does not restrict which fields may be changed. A user who can reach this endpoint can set their role to proxyadmin...

8.8CVSS6.1AI score0.00653EPSS
Exploits2References10Affected Software1
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-42147

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00436EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-45993

Malicious code in bioql PyPI...

8.1CVSS6.5AI score0.01128EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/02/05 12:24 p.m.7 views

CVE-2024-52323

Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated sensitive data exposure which allows the users to retrieve sensitive tokens associated to the org-admin account...

8.1CVSS6.5AI score0.01128EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/11/27 9:54 a.m.8 views

CVE-2024-52323 Sensitive Data Exposure

Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated sensitive data exposure which allows the users to retrieve sensitive tokens associated to the org-admin account...

8.1CVSS6.8AI score0.01128EPSS
Exploits0References1
cvelist
cvelist
added 2024/11/27 9:54 a.m.24 views

CVE-2024-52323 Sensitive Data Exposure

Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated sensitive data exposure which allows the users to retrieve sensitive tokens associated to the org-admin account...

8.1CVSS0.01128EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/11/27 12:0 a.m.5 views

ZOHO ManageEngine Analytics Plus 安全漏洞

ZOHO ManageEngine Analytics Plus is a self-service IT analytics solution from ZOHO. Get a better view of your IT data with rich visualizations and dashboards. A security vulnerability exists in ZOHO ManageEngine Analytics Plus prior to version 6100 that stems from vulnerability to an authenticate...

8.1CVSS6.3AI score0.01128EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/09/15 12:0 a.m.14 views

CVE-2024-46918

app/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org admin from viewing sensitive login fields of another org admin in the same org...

6.8AI score0.00436EPSS
Exploits0References2
cvelist
cvelist
added 2024/09/15 12:0 a.m.29 views

CVE-2024-46918

app/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org admin from viewing sensitive login fields of another org admin in the same org...

0.00436EPSS
Exploits0References2
securityvulns
securityvulns
added 2015/01/19 12:0 a.m.91 views

SEC Consult SA-20150113-1 :: Privilege Escalation & XSS & Missing Authentication in Ansible Tower

SEC Consult Vulnerability Lab Security Advisory 20150113-1 ======================================================================= title: Privilege Escalation & XSS & Missing Authentication product: Ansible Tower vulnerable version: =2.0.2 fixed version: =2.0.5 impact: high homepage:...

0.3AI score
Exploits0
Rows per page
Query Builder