Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2026/05/12 12:0 a.m.4 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in the AI component, which could allow remote attackers who have breached the rendering proce...

3.1CVSS5.9AI score0.00027EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/05/08 12:0 a.m.4 views

UltraDAG 访问控制错误漏洞

UltraDAG is a lightweight IoT blockchain developed by the UltraDAGcom team. Prior versions of UltraDAG had an access control vulnerability caused by a logical flaw in the policy execution pipeline implemented in SmartTransferTx. This flaw allowed the system to check expenditure policies without...

8.8CVSS5.9AI score0.00017EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/05/05 12:0 a.m.6 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in Search, which could allow remote attackers to leak cross-source data through specially...

4.3CVSS6AI score0.00041EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/02/06 12:0 a.m.3 views

OpenFGA 安全漏洞

OpenFGA is an open-source engine designed for developers, inspired by Google Zanzibar. It is a high-performance and flexible authorization/licensing tool. Versions of OpenFGA from 1.8.5 to 1.11.2 contain security vulnerabilities, which stem from improper policy execution during specific checks...

8.8CVSS5.9AI score0.00022EPSS
Exploits0References2
OSV
OSVadded 2025/09/12 3:33 a.m.3 views

GHSA-Q86R-GWQC-JX85 Liferay Portal JSON Web Services Direct Class Invocation Enables Service Access Policy Execution

JSON Web Services in Liferay Portal 7.4.0 through 7.4.3.119, and Liferay DXP 2024.Q1.1 through 2024.Q1.9, 7.4 GA through update 92 published to OSGi are registered and invoked directly as classes which allows Service Access Policies to get executed...

1CVSS7AI score0.00051EPSS
Exploits0References7
OSV
OSVadded 2025/09/12 3:15 a.m.3 views

CVE-2025-43789

JSON Web Services in Liferay Portal 7.4.0 through 7.4.3.119, and Liferay DXP 2024.Q1.1 through 2024.Q1.9, 7.4 GA through update 92 published to OSGi are registered and invoked directly as classes which allows Service Access Policies get executed...

5.3CVSS6.9AI score0.00051EPSS
Exploits0References1
Packet Storm News
Packet Storm Newsadded 2025/05/30 12:0 a.m.4 views

Authentication and Authorization in Data Spaces: a Relationship-Based Access Control Approach for Policy Specification Based on ODRL

Data has become a crucial resource in the digital economy, fostering initiatives for secure and sovereign data sharing frameworks such as Data Spaces. However, these distributed environments require fine-grained access control mechanisms that balance openness with sovereignty and security. This...

7.2AI score
Exploits0
RedHat Linux
RedHat Linuxadded 2023/07/31 9:24 a.m.2 views

postgresql: row security policies disregard user ID changes after inlining.

A flaw was found in PostgreSQL, which could permit incorrect policies being applied in certain cases where role-specific policies are used and a given query is planned under one role and executed under other roles. This scenario can happen under security definer functions, or when a common user a...

5.4CVSS7.3AI score0.00226EPSS
Exploits0References5
Rows per page
Query Builder