Lucene search
K

2078 matches found

Cvelist
Cvelist
added 2026/03/06 4:45 a.m.32 views

CVE-2026-29061 Gokapi: Privilege escalation via incomplete API-key permission revocation on user rank demotion

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to version 2.2.3, a privilege escalation vulnerability in the user rank demotion logic allows a demoted user's existing API keys to retain ApiPermManageFileRequests and ApiPermManageLogs permission...

5.4CVSS0.00116EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/06 12:31 a.m.6 views

EUVD-2025-208330

Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 41124...

4.4CVSS5.9AI score0.00114EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/06 12:31 a.m.7 views

EUVD-2025-208333

Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 40497, Acronis Cyber Protect 17 Linux, macOS, Windows before build 41186...

4.4CVSS5.9AI score0.00153EPSS
Exploits0References3
OSV
OSV
added 2026/03/06 12:16 a.m.7 views

CVE-2025-30413

Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 40497, Acronis Cyber Protect 17 Linux, macOS, Windows before build 41186...

4.4CVSS5.8AI score0.00153EPSS
Exploits0References2
NVD
NVD
added 2026/03/06 12:16 a.m.5 views

CVE-2025-30413

Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 40497, Acronis Cyber Protect 17 Linux, macOS, Windows before build 41186...

4.4CVSS0.00153EPSS
Exploits0References2
OSV
OSV
added 2026/03/06 12:16 a.m.3 views

CVE-2025-11790

Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 41124...

4.4CVSS5.8AI score0.00114EPSS
Exploits0References2
NVD
NVD
added 2026/03/06 12:16 a.m.6 views

CVE-2025-11790

Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 41124...

4.4CVSS0.00114EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/06 12:0 a.m.6 views

OliveTin 代码问题漏洞

OliveTin is an open-source web application developed by OliveTin. Versions of OliveTin prior to 300.11.1 had code vulnerabilities. These vulnerabilities stemmed from the lack of server-side session revocation when users log out, allowing attackers to continue authenticating after logging out usin...

5.4CVSS7.3AI score0.00302EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/03/05 11:56 p.m.4 views

CVE-2025-30413

Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 40497, Acronis Cyber Protect 17 Linux, macOS, Windows before build 41186...

4.4CVSS5.9AI score0.00153EPSS
Exploits0References3
CVE
CVE
added 2026/03/05 11:56 p.m.11 views

CVE-2025-30413

CVE-2025-30413 affects Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40497 and Acronis Cyber Protect 17 before build 41186. The issue: credentials are not deleted from the Acronis Agent after plan revocation. Impact per CVSSv3: Confidentiality High, Integrity None, Availa...

4.4CVSS5.9AI score0.00153EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2026/03/05 11:56 p.m.29 views

CVE-2025-30413

Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 40497, Acronis Cyber Protect 17 Linux, macOS, Windows before build 41186...

4.4CVSS0.00153EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/05 11:47 p.m.29 views

CVE-2025-11790

Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 41124...

4.4CVSS0.00114EPSS
Exploits0References2
CVE
CVE
added 2026/03/05 11:47 p.m.19 views

CVE-2025-11790

The CVE concerns Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) prior to build 41124, where credentials are not deleted after plan revocation. Affected components: the Acronis Agent software. Root cause: data persistence of credentials after revocation is not addressed (per CVE notes)....

4.4CVSS5.9AI score0.00114EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/05 11:47 p.m.7 views

CVE-2025-11790

Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 41124...

4.4CVSS5.9AI score0.00114EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/05 11:47 p.m.4 views

CVE-2025-11790

Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 41124...

4.4CVSS5.8AI score0.00114EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/05 9:30 p.m.6 views

Cloudfoundry UAA has logic error in the token revocation endpoint implementation

Inappropriate user token revocation due to a logic error in the token revocation endpoint implementation in Cloudfoundry UAA v77.30.0 to v78.7.0 and in Cloudfoundry Deployment v48.7.0 to v54.10.0...

6.5CVSS5.8AI score0.00224EPSS
Exploits0References5Affected Software1
Snyk
Snyk
added 2026/03/05 9:30 p.m.2 views

Comparison Using Wrong Factors

Overview org.cloudfoundry.identity:cloudfoundry-identity-server is a Cloud Foundry User Account and Authentication UAA Server. Affected versions of this package are vulnerable to Comparison Using Wrong Factors due to a logic error in the token revocation endpoint implementation. An attacker can...

6.5CVSS5.8AI score0.00224EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/05 9:30 p.m.6 views

EUVD-2026-9877

Inappropriate user token revocation due to a logic error in the token revocation endpoint implementation in Cloudfoundry UAA v77.30.0 to v78.7.0 and in Cloudfoundry Deployment v48.7.0 to v54.10.0...

6.5CVSS5.9AI score0.00224EPSS
Exploits0References2
OSV
OSV
added 2026/03/05 9:30 p.m.3 views

GHSA-6WCW-R64P-QRRW Cloudfoundry UAA has logic error in the token revocation endpoint implementation

Inappropriate user token revocation due to a logic error in the token revocation endpoint implementation in Cloudfoundry UAA v77.30.0 to v78.7.0 and in Cloudfoundry Deployment v48.7.0 to v54.10.0...

6.5CVSS5.8AI score0.00224EPSS
Exploits0References5
NVD
NVD
added 2026/03/05 9:16 p.m.4 views

CVE-2026-22723

Inappropriate user token revocation due to a logic error in the token revocation endpoint implementation in Cloudfoundry UAA v77.30.0 to v78.7.0 and in Cloudfoundry Deployment v48.7.0 to v54.10.0...

6.5CVSS0.00224EPSS
Exploits0References1
Rows per page
Query Builder