Lucene search
K

4 matches found

CVE
CVE
added 10 hours ago6 views

CVE-2026-56226

Capgo (Cap-go/capgo) before 12.128.2 exposes the Supabase PostgREST RPC function public.get_orgs_v6(userid uuid), which is SECURITY DEFINER and granted to the anon role, allowing unauthenticated access. The function accepts a caller-supplied user UUID without verifying it matches the authenticate...

8.7CVSS6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.3 views

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2026-33343)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-33343 advisory. - etcd is a distributed key-value store for the data of a distributed system. Prior to versions...

6.5CVSS6AI score0.0021EPSS
Exploits0References1
OSV
OSV
added 2026/03/27 11:39 a.m.1 views

BIT-ETCD-2026-33413 etcd: Authorization bypasses in multiple APIs

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call certain etcd functions in clusters that expose the gRPC API to untrusted or partially trusted...

8.8CVSS5.9AI score0.00249EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/07/15 12:0 a.m.3 views

PT-2023-4939 · Advantech · Webaccess/Scada

Name of the Vulnerable Software and Affected Versions: Advantech WebAccess/SCADA versions prior to 9.1.4 Description: The issue is related to the use of untrusted pointers in the software. Specifically, the RPC arguments sent by the client could contain raw memory pointers that the server uses...

9.8CVSS9.6AI score0.02798EPSS
Exploits0References7
Rows per page
Query Builder