CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2 days ago•22 views

CVE-2026-24754 Kiteworks Secure Data Forms Vulnerable to Cross-site Scripting

5.4CVSS0.00029EPSS

Cvelist•added 2 days ago•23 views

CVE-2026-24753 Kiteworks Secure Data Forms is vulnerable to Authorization Bypass Through User-Controlled Key

Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify resources belonging to other users due to insufficient authorization checks on resource ownership. Upgrade...

6.5CVSS0.00026EPSS

CVE•added 2 days ago•9 views

CVE-2026-24753

Kiteworks (PDN) prior to 9.3.0 is affected by an Insecure Direct Object Reference (IDOR) in Secure Data Forms. An authenticated user can modify resources belonging to other users due to insufficient authorization checks on resource ownership. A patch is available in version 9.3.0 and later; upgra...

6.5CVSS5.8AI score0.00026EPSS

Exploits0References1Affected Software1

Cvelist•added 2 days ago•22 views

CVE-2026-24752 Kiteworks Secure Data Forms Vulnerable to Cross-site Scripting

Kiteworks is a private data network PDN. Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks Secure Data Forms could allow an external attacker to trick a user into executing arbitrary JavaScript code. Upgrade Kiteworks to version 9.3.0 or later to receive a patch...

8.2CVSS0.00033EPSS

Vulnrichment•added 2 days ago•3 views

CVE-2026-24752 Kiteworks Secure Data Forms Vulnerable to Cross-site Scripting

8.2CVSS5.9AI score0.00033EPSS

EUVD•added 2 days ago•5 views

EUVD-2026-33834

8.2CVSS5.9AI score0.00033EPSS

ATTACKERKB•added 2 days ago•6 views

CVE-2026-24752

8.2CVSS5.9AI score0.00033EPSS

Exploits0References2Affected Software1

NVD•added 2 days ago•8 views

CVE-2026-24751

8.2CVSS0.00033EPSS

NVD•added 2 days ago•5 views

CVE-2021-46747

Insufficient granularity of access control in ASP AMD Secure Processor may allow an attacker with an untrusted user space application to map sensitive SMN System Management Network apertures leading to a potential escalation of privileges...

7.1CVSS0.00012EPSS

Vulnrichment•added 2 days ago•3 views

CVE-2026-0045

In btajvrfcommconnect of btajvact.cc, there is a possible bypass of bonding for a secure connection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00009EPSS

ATTACKERKB•added 2 days ago•4 views

CVE-2026-0045

5.9AI score0.00009EPSS

Exploits0References2Affected Software1

Cvelist•added 2 days ago•19 views

CVE-2026-0045

0.00009EPSS

CVE•added 2 days ago•7 views

CVE-2026-0045

CVE-2026-0045 concerns a logic error in the Bluetooth stack: in bta_jv_rfcomm_connect of bta_jv_act.cc , there is a possible bypass of bonding for a secure connection. This could allow local escalation of privilege with no additional execution privileges needed, and requires no user interaction t...

7.8CVSS5.9AI score0.00009EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2 days ago•3 views

CVE-2021-46747

ATTACKERKB•added 2 days ago•5 views

CVE-2021-46747

Cvelist•added 2 days ago•20 views

Exploits0References3

CVE-2021-46747

7.1CVSS0.00012EPSS

EUVD•added 2 days ago•4 views

EUVD-2021-34843

CVE•added 2 days ago•13 views

CVE-2021-46747

CVE-2021-46747 involves AMD’s Secure Processor (ASP) and is detailed in AMD’s security bulletins. The issue is described as insufficient granularity of access control in the ASP, which could allow an attacker with an untrusted user-space application to map sensitive SMN (System Management Network...