CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-42332

Malicious code in bioql PyPI...

4.8CVSS5.4AI score0.00053EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-25083

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.00065EPSS

Exploits0References2

Positive Technologies•added 2025/06/26 12:0 a.m.•2 views

PT-2016-7979 · Debian · Pdns

Name of the Vulnerable Software and Affected Versions: pdns versions prior to 3.3.1-1 Description: The issue arises from the pdns package in Debian, where the MySQL user is created with excessive privileges. Specifically, the maintainer scripts of pdns-backend-mysql grant too wide database...

9.8CVSS7.1AI score0.0035EPSS

Exploits0References6

CVE•added 2025/05/20 1:47 p.m.•33 views

CVE-2025-47937

CVE-2025-47937 affects TYPO3 (PHP-based CMS). The issue arises in TYPO3 versions 9.0.0 through just before the fixed ELTS releases, where a DBAL multi-table query applies FrontendGroupRestriction only to the first table. This can allow data from additional tables in the same query to be exposed t...

5.3CVSS6.9AI score0.00201EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2025/05/06 2:2 a.m.•9 views

CVE-2025-4374

A flaw was found in Quay. When an organization acts as a proxy cache, and a user or robot pulls an image that hasn't been mirrored yet, they are granted "Admin" permissions on the newly created repository. Mitigation Permissions can be updated after creation but there's no preventative measure...

6.5CVSS6.4AI score0.00233EPSS

Exploits0References3

Positive Technologies•added 2025/02/04 12:0 a.m.•5 views

PT-2025-2723 · Ibm · Ibm Security Verify Access Appliance +1

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance and Container versions 10.0.0 through 10.0.8 Description: The issue allows a local privileged user to perform unauthorized actions due to incorrect permissions assignment. Recommendations: For versions...

6.7CVSS4.8AI score0.0002EPSS

Exploits0References5

NVD•added 2024/09/17 12:15 a.m.•16 views

CVE-2024-44188

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data...

5.5CVSS0.00131EPSS

Exploits0References2

NVD•added 2024/09/17 12:15 a.m.•10 views

CVE-2024-27795

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A camera extension may be able to access the internet...

7.5CVSS0.00127EPSS

Exploits0References2

CVE•added 2024/01/23 1:54 p.m.•42 views

CVE-2023-49783

CVE-2023-49783 affects SilverStripe Admin. In 1.x before 1.13.19 and 2.x before 2.1.8, users who lack edit/delete permissions for ModelAdmin records can still edit/delete records via the CSV import form if they have create permissions. The issue can enable unintended record modification, though t...

4.3CVSS4.4AI score0.00146EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2023/11/15 12:0 a.m.•4 views

PT-2023-30527 · Pimcore · Pimcore

Name of the Vulnerable Software and Affected Versions: Pimcore versions prior to 11.1.1 Description: The issue allows backend users with basic permissions to execute arbitrary SQL statements by passing input directly into an SQL statement through the /admin/object/grid-proxy endpoint. This is due...

8.8CVSS9AI score0.7572EPSS

Exploits1References10

CNNVD•added 2023/04/05 12:0 a.m.•1 views

BHIMA 安全漏洞

BHIMA is a free, open source accounting and hospital information management system HIMS open source from IMAWorldHealth.org in Congo. A security vulnerability exists in BHIMA version 1.27.0. An attacker exploited the vulnerability to update the permissions of any account registered in the...

6.5CVSS6.5AI score0.00201EPSS

Exploits1References3

OSV•added 2022/09/23 1:23 p.m.•7 views

SUSE-SU-2022:3353-1 Security update for permissions

This update for permissions fixes the following issues: - CVE-2022-31252: Fixed chkstat group controlled paths bsc1203018...

4.4CVSS4.7AI score0.00031EPSS

Exploits0References3

OSV•added 2022/09/19 10:1 p.m.•8 views

OPENSUSE-SU-2022:10128-1 Security update for permissions

This update for permissions fixes the following issues: Update to version 20200127: chkstat: also consider group controlled paths boo1203018, CVE-2022-31252...

4.4CVSS4.7AI score0.00031EPSS

Exploits0References3

OSV•added 2022/08/03 7:51 a.m.•2 views

SUSE-SU-2022:2632-1 Security update for permissions

This update for permissions fixes the following issues: apptainer: fix starter-suid location bsc1198720 static permissions: remove deprecated bind / named chroot entries bsc1200747 postfix: add postlog setgid for maildrop binary bsc1201385...

7.2AI score

Exploits0References4

Positive Technologies•added 2022/08/03 12:0 a.m.•2 views

PT-2022-37506 · Apptainer +3 · Apptainer +3

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned as vulnerable in the provided descriptions. Description: The issue concerns updates for permissions that fix several problems, including the starter-suid location in apptainer, removal of...

7AI score

Exploits0References5

OSV•added 2022/06/03 5:15 p.m.•4 views

MGASA-2022-0217 Updated logrotate packages fix security vulnerability

A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist, it is created with world-readable permission, allowing an...

6.5CVSS6.2AI score0.0011EPSS

Exploits0References5

OSV•added 2021/12/28 9:39 a.m.•1 views

OPENSUSE-SU-2021:4192-1 Security update for permissions

This update for permissions fixes the following issues: - Update to version 20181225: drop ping capabilities in favor of ICMPPROTO sockets bsc1174504...

7.2AI score

Exploits0References2