Lucene search
K

6 matches found

NVD
NVD
added 2026/04/17 9:16 p.m.7 views

CVE-2026-40196

HomeBox is a home inventory and organization system. Versions prior to 0.25.0 contain a vulnerability where the defaultGroup ID remained permanently assigned to a user after being invited to a group, even after their access to that group was revoked. While the web interface correctly enforced the...

8.1CVSS0.00247EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/18 12:0 a.m.6 views

PT-2024-22241 · Rsa · Rsa Netwitness Platform

Name of the Vulnerable Software and Affected Versions: RSA NetWitness Platform versions prior to 12.5.1 Description: The issue allows an internal threat actor to impersonate a revoked user and gain unauthorized access to sensitive data, even after an administrator has revoked the user's access...

7.5CVSS7.2AI score0.00357EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/11/18 12:0 a.m.4 views

RSA Security NetWitness Platform 安全漏洞

RSA Security NetWitness Platform is a comprehensive platform from RSA Security USA that accelerates threat detection and response. It collects and analyzes data from all capture points logs, packets, netflow, endpoints, and IoT and compute platforms physical, virtual, and cloud, enriching data wi...

7.5CVSS6.6AI score0.00357EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/07 12:0 a.m.22 views

Atlassian Jira 8.5.x < 8.19.1 (JRASERVER-72801)

The version of Atlassian Jira installed on the remote host is prior to 8.5.x 8.19.1. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-72801 advisory. - Access-revoked user can enable/disable Issue Collectors on a Jira project - CVE-2021-41312 CVE-2021-41312 Note that...

7.5CVSS7.4AI score0.01173EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/06/10 12:0 a.m.4 views

ZTE ZXHN HS562 访问控制错误漏洞

The ZTE ZXHN HS562 is a smart camera from China's ZTE ZTE. The ZTE ZXHN HS562 V1.0.0.0B2.0000, V1.0.0.0B3.0000E suffers from an Access Control Error vulnerability, which stems from a flaw in user rights management, where a user whose shared privileges have been revoked can still control the camer...

8CVSS7.1AI score0.00879EPSS
Exploits0References1
Hacker One
Hacker One
added 2020/08/19 5:56 p.m.20 views

GitLab: Revoked User can still view the Merge Request created by him via API

Summary In Gitlab when a user is demoted to Guest role, the Guest user will not be able to view and edit the Merge requests in a project even if the merge request is created by him. But this check is not implemented in API so the Guest user will be able to the following actions for the Merge...

1.7AI score
Exploits0
Rows per page
Query Builder