Lucene search
K

81 matches found

NVD
NVD
added yesterday5 views

CVE-2026-59999

In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not...

5.9CVSS0.00132EPSS
Exploits0References3
Brave Browser
Brave Browser
added 2026/05/28 4:16 a.m.33 views

Brave Desktop 1.90.128 Security Fixes

Updated wallet to handle more "Permit" type warnings in the "Sign" panel as reported on HackerOne by syarif07. - Fix wallet provider binding issue as reported on HackerOne by shinchan69. Upgraded Chromium to 148.0.7778.217 — refer to Google Chrome advisories for inherited CVEs...

5.8AI score
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 9:5 a.m.5 views

CVE-2024-41736

Under certain conditions SAP Permit to Work allows an authenticated attacker to access information which would otherwise be restricted causing low impact on the confidentiality of the application...

4.3CVSS6.5AI score0.00299EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/13 1:0 a.m.12 views

CVE-2025-64280

A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to inject SQL via the permitno field...

9.8CVSS7.9AI score0.0031EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/12 6:31 p.m.4 views

EUVD-2025-131927

A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to inject SQL via the permitno field...

7.3AI score0.0031EPSS
Exploits0References3
NVD
NVD
added 2025/11/12 4:15 p.m.6 views

CVE-2025-64280

A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to inject SQL via the permitno field...

9.8CVSS0.0031EPSS
Exploits0References2
OSV
OSV
added 2025/11/12 4:15 p.m.5 views

CVE-2025-64280

A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to inject SQL via the permitno field...

9.8CVSS5.9AI score0.0031EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/12 12:0 a.m.10 views

CVE-2025-64280

A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to inject SQL via the permitno field...

0.0031EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/12 12:0 a.m.5 views

CentralSquare Community Development 安全漏洞

CentralSquare Community Development is a public affairs department software system for local governments from CentralSquare USA. A security vulnerability exists in CentralSquare Community Development version 19.5.7 that stems from unfiltered input in the permitno field, which could lead to an SQL...

9.8CVSS7.4AI score0.0031EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/12 12:0 a.m.2 views

CVE-2025-64280

A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to inject SQL via the permitno field...

7.4AI score0.0031EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/12 12:0 a.m.10 views

PT-2025-46671

Name of the Vulnerable Software and Affected Versions CentralSquare Community Development version 19.5.7 Description A SQL Injection issue exists in CentralSquare Community Development 19.5.7. Attackers can inject SQL code through the permit no field. Recommendations Update to a newer version tha...

9.8CVSS7.7AI score0.0031EPSS
Exploits0References7
CVE
CVE
added 2025/11/12 12:0 a.m.14 views

CVE-2025-64280

CVE-2025-64280 affects CentralSquare Community Development 19.5.7. The vulnerability is a SQL injection through the permit_no field caused by unfiltered input in the application, with CVSS v3.1 base score 9.8 (CRITICAL). The impact targets confidentiality, integrity, and availability. No exploita...

9.8CVSS7.4AI score0.0031EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-39179

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00299EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/09/25 12:0 a.m.3 views

Disable PermitUserEnvironment

PermitUserEnvironment allows users to set SSH environment variables, which may be exploited by attackers to launch attacks. If PermitUserEnvironment is set to yes, attackers can modify SSH environment variables to evade the security mechanism or execute attack code. This configuration must be...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-37154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - checkbyssh in Nagios nagios-plugins 2.4.5 allows arbitrary command execution via ProxyCommand, LocalCommand, and PermitLocalCommand with $IFS. This has been...

8.4CVSS6AI score0.00456EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/07/04 12:0 a.m.5 views

SecureT2I: No More Unauthorized Manipulation on AI Generated Images from Prompts

Text-guided image manipulation with diffusion models enables flexible and precise editing based on prompts, but raises ethical and copyright concerns due to potential unauthorized modifications. To address this, we propose SecureT2I, a secure framework designed to prevent unauthorized editing in...

6.9AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2025/07/01 3:15 p.m.8 views

CVE-2025-34066

An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due to the use of wget with --no-check-certificate in scripts like SyncCloudAccount.sh and SyncPermit.sh. This exposes HTTPS communications to man-in-the-middle MITM attacks...

8.3CVSS5.9AI score0.00269EPSS
Exploits0References4
OSV
OSV
added 2025/03/26 7:14 a.m.7 views

BIT-HUBBLE-RELAY-2025-30163 Node based network policies may incorrectly allow workload traffic

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Node based network policies fromNodes and toNodes will incorrectly permit traffic to/from non-node endpoints that share the labels specified in fromNodes and toNodes sections of network policies. Node based...

4.7CVSS3.8AI score0.00197EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.7 views

The vulnerability of the SAP Permit to Work (PTW) security and labor protection system, related to insufficient protection of operational data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SAP Permit to Work PTW security and labor protection system is related to insufficient protection of operational data. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to protected information...

4.3CVSS5.4AI score0.00299EPSS
Exploits0References3
OSV
OSV
added 2024/10/28 9:30 a.m.19 views

GHSA-C4Q5-6C82-3QPW Spring Security vulnerable to Authorization Bypass of Static Resources in WebFlux Applications

Spring WebFlux applications that have Spring Security authorization rules on static resources can be bypassed under certain circumstances. For this to impact an application, all of the following must be true: It must be a WebFlux application It must be using Spring's static resources support It...

9.3CVSS5.9AI score0.01726EPSS
Exploits2References6
Rows per page
Query Builder