Lucene search
K

1711 matches found

RedhatCVE
RedhatCVE
added 2026/02/21 1:31 a.m.8 views

CVE-2026-26721

An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attacker to obtain sensitive information via the sid query parameter...

7.1CVSS5.5AI score0.00262EPSS
Exploits1References1
NVD
NVD
added 2026/02/20 5:25 p.m.11 views

CVE-2026-26721

An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attacker to obtain sensitive information via the sid query parameter...

7.1CVSS0.00262EPSS
Exploits1References1
OSV
OSV
added 2026/02/20 5:25 p.m.5 views

CVE-2026-26721

An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attacker to obtain sensitive information via the sid query parameter...

7.1CVSS5.9AI score0.00262EPSS
Exploits1References1
CVE
CVE
added 2026/02/20 12:0 a.m.15 views

CVE-2026-26721

Summary : CVE-2026-26721 affects Key Systems Inc Global Facilities Management Software v.20230721a. A vulnerability in the SID query parameter can allow a remote attacker to obtain sensitive information, impacting confidentiality (CVE-3.1.3.1 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N) ...

7.1CVSS5.6AI score0.00262EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/20 12:0 a.m.2 views

CVE-2026-26721

An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attacker to obtain sensitive information via the sid query parameter...

5.3AI score0.00262EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.11 views

Key Systems Global Facilities Management Software 安全漏洞

Key Systems Global Facilities Management Software is a facilities management system developed by the American company Key Systems. Version 20230721a of Key Systems Global Facilities Management Software contains a security vulnerability. This vulnerability stems from issues with the sid query...

7.1CVSS5.8AI score0.00262EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.10 views

PT-2026-21242

Name of the Vulnerable Software and Affected Versions Key Systems Inc Global Facilities Management Software version 20230721a Description A flaw exists that allows a remote attacker to obtain sensitive information. The issue is related to the sid query parameter. The API endpoint is affected. The...

5.3AI score0.00262EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2026/02/04 12:0 a.m.156 views

📄 Microsoft Windows 11 Build 10.0.27898.1000 Advanced Admin Protection Bypass

This enhanced proof of concept demonstrates an advanced method for bypassing Windows Administrator Protection by manipulating registry hives using both WinAPI and NTAPI. The code implements safe smart‑pointer wrappers for handles, secure SID management, deep registry enumeration, privilege checks...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/29 3:18 p.m.8 views

CVE-2025-59896

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting XSS vulnerability. An attacker could send malicious content to an authenticated user and steal information from their session due to insufficient validation of user...

5.4CVSS5.9AI score0.00173EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/29 3:18 p.m.7 views

CVE-2025-59897

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting XSS vulnerability. An attacker could send malicious content to an authenticated user and steal information from their session due to insufficient validation of user...

5.4CVSS5.9AI score0.00173EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/29 3:18 p.m.12 views

CVE-2025-59899

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting XSS vulnerability. An attacker could send malicious content to an authenticated user and steal information from their session due to insufficient validation of user...

5.4CVSS5.9AI score0.00173EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/29 3:18 p.m.17 views

CVE-2025-59891

Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...

8.5CVSS5.9AI score0.00127EPSS
Exploits0References1
OSV
OSV
added 2026/01/28 12:15 p.m.3 views

CVE-2025-59896

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting XSS vulnerability. An attacker could send malicious content to an authenticated user and steal information from their session due to insufficient validation of user...

5.4CVSS5.8AI score0.00173EPSS
Exploits0References1
NVD
NVD
added 2026/01/28 12:15 p.m.12 views

CVE-2025-59896

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting XSS vulnerability. An attacker could send malicious content to an authenticated user and steal information from their session due to insufficient validation of user...

5.4CVSS0.00173EPSS
Exploits0References1
NVD
NVD
added 2026/01/28 12:15 p.m.7 views

CVE-2025-59900

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting XSS vulnerability. An attacker could send malicious content to an authenticated user and steal information from their session due to insufficient validation of user...

5.4CVSS0.00173EPSS
Exploits0References1
NVD
NVD
added 2026/01/28 12:15 p.m.8 views

CVE-2025-59899

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting XSS vulnerability. An attacker could send malicious content to an authenticated user and steal information from their session due to insufficient validation of user...

5.4CVSS0.00173EPSS
Exploits0References1
OSV
OSV
added 2026/01/28 12:15 p.m.9 views

CVE-2025-59899

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting XSS vulnerability. An attacker could send malicious content to an authenticated user and steal information from their session due to insufficient validation of user...

5.4CVSS5.8AI score0.00173EPSS
Exploits0References1
OSV
OSV
added 2026/01/28 12:15 p.m.5 views

CVE-2025-59900

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting XSS vulnerability. An attacker could send malicious content to an authenticated user and steal information from their session due to insufficient validation of user...

5.4CVSS5.8AI score0.00173EPSS
Exploits0References1
OSV
OSV
added 2026/01/28 12:15 p.m.5 views

CVE-2025-59892

Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...

8CVSS5.9AI score0.00127EPSS
Exploits0References1
NVD
NVD
added 2026/01/28 12:15 p.m.6 views

CVE-2025-59893

Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...

8.5CVSS0.00127EPSS
Exploits0References1
Rows per page
Query Builder