Lucene search
K

527 matches found

Nuclei
Nuclei
added 11 hours ago87 views

b2evolution CMS <6.11.6 - Open Redirect

b2evolution CMS before 6.11.6 contains an open redirect vulnerability via the redirectto parameter in emailpassthrough.php. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-22840 info:...

6.1CVSS6.4AI score0.13817EPSS
Exploits3References5
OSV
OSV
added 6 days ago3 views

ALPINE-CVE-2026-42486

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7AI score0.0014EPSS
Exploits0References1
OSV
OSV
added 6 days ago3 views

ALPINE-CVE-2026-23562

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS6.2AI score0.0014EPSS
Exploits0References1
NVD
NVD
added 6 days ago6 views

CVE-2026-23561

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS0.0014EPSS
Exploits0References1
NVD
NVD
added 6 days ago6 views

CVE-2026-23562

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS0.0014EPSS
Exploits0References1
OSV
OSV
added 6 days ago5 views

ALPINE-CVE-2026-23559

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7.1AI score0.00134EPSS
Exploits0References1
OSV
OSV
added 6 days ago3 views

ALPINE-CVE-2026-23560

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7.1AI score0.0014EPSS
Exploits0References1
NVD
NVD
added 6 days ago6 views

CVE-2026-23559

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS0.00134EPSS
Exploits0References1
CVE
CVE
added 6 days ago23 views

CVE-2026-42486

Summary: CVE-2026-42486 is documented as a RBAC-related vulnerability in XAPI. Several CVEs describe over-permissive admin roles; specifically, CVE-2026-42486 states that a vm-admin can set VM.platform:hvm_serial, a setting that should be pool-admin restricted, and this can allow arbitrary dom0 f...

9.4CVSS7.2AI score0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-42486 Multiple RBAC issues in XAPI

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS0.0014EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42608

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7.2AI score0.0014EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42607

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7.2AI score0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-23562 Multiple RBAC issues in XAPI

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS0.0014EPSS
Exploits0References1
CVE
CVE
added 6 days ago21 views

CVE-2026-23562

The CVE-2026-23562 entry concerns RBAC mis-configuration in XAPI. The advisory notes that the PCI passthrough configuration was normally restricted to pool-admin, but one API did not enforce this check, allowing a vm-admin to access unintended host hardware. This is described alongside related RB...

9.4CVSS7.2AI score0.0014EPSS
Exploits0References1
CVE
CVE
added 6 days ago30 views

CVE-2026-23561

CVE-2026-23561 is part of a set of RBAC-related issues in XAPI (XenServer/XCP-ng) where certain administrator roles (vm-admin, etc.) can improperly modify RBAC-protected settings. Specifically, this CVE allows a vm-admin to set VM.other_config:storage_driver_domain and mark a VM as the storage do...

9.4CVSS7.3AI score0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-23561 Multiple RBAC issues in XAPI

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS0.0014EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-42604

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7.3AI score0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-23560 Multiple RBAC issues in XAPI

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS0.0014EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42603

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7.3AI score0.0014EPSS
Exploits0References1
CVE
CVE
added 6 days ago27 views

CVE-2026-23560

Summary: The CVE-2026-23560 issue is described in multiple sources as a RBAC-related vulnerability in XAPI for XenServer/XCP-ng where a vm-admin can modify VM.other-config:is_system_domain to mark a VM as a system domain. This can cause system domains to be ignored or hidden during certain host/p...

9.4CVSS7.3AI score0.0014EPSS
Exploits0References1
Rows per page
Query Builder