CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

51 matches found

CNNVD•added 2026/06/04 12:0 a.m.•3 views

MISP 安全漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes functions for analyzing threats to network security and malware analysis. MISP has a security vulnerability that...

5.3CVSS5.3AI score0.00176EPSS

Exploits0References1

OSV•added 2026/05/27 5:23 p.m.•6 views

GHSA-39VQ-49QM-R2MC Kirby CMS's content locks disclose IDs and emails of inaccessible users from `users.access/list` permissions

TL;DR This vulnerability affects all Kirby sites that restrict the visibility of users for certain roles via the users.access or users.list permissions. A site is affected if users of a particular role are not allowed to see other users in the Panel, for example because the role's blueprint sets...

5.3CVSS5.6AI score0.00033EPSS

Exploits0References4

SUSE CVE•added 2026/03/25 12:25 a.m.•5 views

SUSE CVE-2026-30233

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, an authorization flaw in OliveTin allows authenticated users with view: false permission to enumerate action bindings and metadata via dashboard and API endpoints. Although execution exec may be...

6.5CVSS5.9AI score0.00417EPSS

Exploits1References3

RedhatCVE•added 2026/03/08 1:44 a.m.•5 views

CVE-2026-30233

6.5CVSS5.8AI score0.00417EPSS

Exploits1References1

NVD•added 2026/03/06 9:16 p.m.•6 views

CVE-2026-30233

6.5CVSS0.00417EPSS

Exploits1References3

Cvelist•added 2026/03/06 9:5 p.m.•17 views

CVE-2026-30233 OliveTin: View permission not being checked when returning dashboards

6.5CVSS0.00417EPSS

Exploits1References3

Vulnrichment•added 2026/03/06 9:5 p.m.•2 views

CVE-2026-30233 OliveTin: View permission not being checked when returning dashboards

6.5CVSS5.8AI score0.00417EPSS

Exploits1References3

CVE•added 2026/03/06 9:5 p.m.•12 views

CVE-2026-30233

Technical details for CVE-2026-30233 are not publicly available in the provided connected documents. Monitor for updates.

6.5CVSS5.8AI score0.00417EPSS

Exploits1References3Affected Software1

Positive Technologies•added 2026/03/05 12:0 a.m.•5 views

PT-2026-23617

Name of the Vulnerable Software and Affected Versions OliveTin versions prior to 3000.11.1 Description OliveTin has an authorization issue where authenticated users with insufficient permissions view: false can access metadata related to actions through the dashboard and API endpoints...

9.9CVSS5.9AI score0.22162EPSS

Exploits68References140

OSV•added 2026/03/03 1:16 p.m.•4 views

CVE-2026-3351

Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...

4.3CVSS5.8AI score

Exploits0References3

RedhatCVE•added 2026/01/09 12:41 p.m.•22 views

CVE-2023-25407

Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Restricted users have read access to administrator credentials...

7.2CVSS6.7AI score0.0078EPSS

Exploits1References1

RedhatCVE•added 2025/10/30 11:19 p.m.•3 views

CVE-2025-54548

On affected platforms, restricted users could view sensitive portions of the config database via a debug API e.g., user password hashes...

4.3CVSS6.8AI score0.00187EPSS

Exploits0References1

RedhatCVE•added 2025/10/30 11:19 p.m.•4 views

CVE-2025-54546

On affected platforms, restricted users could use SSH port forwarding to access host-internal services...

7.5CVSS6.8AI score0.00202EPSS

Exploits0References1

EUVD•added 2025/10/30 12:31 a.m.•3 views

EUVD-2025-36725

On affected platforms, restricted users could view sensitive portions of the config database via a debug API e.g., user password hashes...

4.3CVSS6.3AI score0.00187EPSS

Exploits0References2

EUVD•added 2025/10/30 12:31 a.m.•3 views

EUVD-2025-36727

On affected platforms, restricted users could use SSH port forwarding to access host-internal services...

7.5CVSS6.3AI score0.00202EPSS

Exploits0References2

NVD•added 2025/10/29 11:16 p.m.•4 views

CVE-2025-54548

On affected platforms, restricted users could view sensitive portions of the config database via a debug API e.g., user password hashes...

4.3CVSS0.00187EPSS

Exploits0References1

NVD•added 2025/10/29 11:16 p.m.•5 views

CVE-2025-54546

On affected platforms, restricted users could use SSH port forwarding to access host-internal services...

7.5CVSS0.00202EPSS

Exploits0References1

CVE•added 2025/10/29 10:52 p.m.•8 views

CVE-2025-54548

CVE-2025-54548 involves a debug API that could let restricted users view parts of the config DB (including password hashes) in Arista DANZ Monitoring Fabric and related DMF/CCF/CVA/MCD deployments. The advisory and Red/NCSC/NVD entries confirm the affected products and the underlying issue, with ...

4.3CVSS6.5AI score0.00187EPSS

Exploits0References1

Vulnrichment•added 2025/10/29 10:52 p.m.•2 views

CVE-2025-54548 On affected platforms, restricted users could view sensitive portions of the config database via a debug API (e.g., user password hashes)

On affected platforms, restricted users could view sensitive portions of the config database via a debug API e.g., user password hashes...

4.3CVSS6.5AI score0.00187EPSS

Exploits0References1

Vulnrichment•added 2025/10/29 10:40 p.m.•3 views

CVE-2025-54546 On affected platforms, restricted users could use SSH port forwarding to access host-internal services

On affected platforms, restricted users could use SSH port forwarding to access host-internal services...

7.5CVSS6.5AI score0.00202EPSS

Exploits0References1

Rows per page