Lucene search
K

4 matches found

CVE
CVE
added 4 hours ago6 views

CVE-2026-55478

Snipe-IT (IT asset/license management) has a vulnerability in the Kits API. Before version 8.6.2, POST /api/v1/kits/{kit_id}/licenses validates the caller’s ability to edit kits but does not authorize access to the referenced license object. This allows a low-privilege user with predefined-kit pe...

5.4CVSS6.1AI score
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.10 views

Parse Server 授权问题漏洞

Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that supports Node.js. There were authorization-related vulnerabilities in versions of Parse Server prior to 8.6.10 and 9.5.0-alpha.11. These vulnerabilities stemmed from the...

9.8CVSS5.8AI score0.00525EPSS
Exploits0References1
OSV
OSV
added 2020/02/06 3:15 a.m.6 views

CVE-2019-20402

Support zip files in Atlassian Jira Server and Data Center before version 8.6.0 could be downloaded by a System Administrator user without requiring the user to re-enter their password via an improper authorization vulnerability...

4.9CVSS5.8AI score0.00766EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2011/05/20 12:0 a.m.6 views

PT-2011-2778 · Cisco · Cisco Unified Operations Manager

Name of the Vulnerable Software and Affected Versions: Cisco Unified Operations Manager CUOM versions prior to 8.6 Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the CCMs parameter to the "/iptm/PRTestCreation.do" API endpoint or the ccm...

7.5CVSS7.4AI score0.03779EPSS
Exploits6References8
Rows per page
Query Builder