Lucene search
K

6 matches found

EUVD
EUVD
added 2026/06/12 6:11 p.m.9 views

EUVD-2026-36530

Solidtime is an open-source time-tracking app. Prior to version 0.12.2, Solidtime defines an explicit invitations:view and members:view permissions that gates the official invitations and members API. The Jetstream web team page authorizes access with only belongsToTeam and then loads and...

4.3CVSS5.2AI score0.00183EPSS
Exploits0References2
NVD
NVD
added 2025/01/08 7:15 a.m.9 views

CVE-2025-22215

VMware Aria Automation contains a server-side request forgery SSRF vulnerability. A malicious actor with "Organization Member" access to Aria Automation may exploit this vulnerability enumerate internal services running on the host/network...

4.3CVSS0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/08 6:43 a.m.22 views

CVE-2025-22215 VMSA-2025-0001: VMware Aria automation update addresses a server side request forgery vulnerability (CVE-2025-22215)

VMware Aria Automation contains a server-side request forgery SSRF vulnerability. A malicious actor with "Organization Member" access to Aria Automation may exploit this vulnerability enumerate internal services running on the host/network...

4.3CVSS0.00247EPSS
Exploits0References1
OSV
OSV
added 2024/07/16 10:15 p.m.4 views

CVE-2024-6336

A Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive information disclosure to unauthorized users in GitHub Enterprise Server by exploiting organization ruleset feature. This attack required an organization member to explicitly change the visibility of a depende...

5.3CVSS5.8AI score0.0042EPSS
Exploits0References5
NVD
NVD
added 2020/06/03 2:15 p.m.16 views

CVE-2020-10516

An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gain access to unauthorized repositories within an organization. This vulnerability affected all versions of GitHub Enterprise Server prior t...

9.8CVSS9.6AI score0.01591EPSS
Exploits0References3
Prion
Prion
added 2020/06/03 2:15 p.m.20 views

Improper access control

An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gain access to unauthorized repositories within an organization. This vulnerability affected all versions of GitHub Enterprise Server prior t...

7.5CVSS9.5AI score0.01591EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder