Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/04/07 6:31 p.m.1 views

GHSA-QXPC-96FQ-WWMG Apache Cassandra is vulnerable to privilege escalation in an mTLS environment using MutualTlsAuthenticator

Privilege escalation in Apache Cassandra 5.0 on an mTLS environment using MutualTlsAuthenticator allows a user with only CREATE permission to associate their own certificate identity with an arbitrary role, including a superuser role, and authenticate as that role via ADD IDENTITY. Users are...

8.8CVSS5.9AI score0.00037EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2015-7459

Malware in sbrugna...

9.1CVSS9.1AI score0.00926EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/04/02 7:24 p.m.9 views

CVE-2024-29834 Apache Pulsar: Improper Authorization For Namespace and Topic Management Endpoints

This vulnerability allows authenticated users with produce or consume permissions to perform unauthorized operations on partitioned topics, such as unloading topics and triggering compaction. These management operations should be restricted to users with the tenant admin role or superuser role. A...

6.4CVSS6.5AI score0.00222EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2024/02/26 7:53 p.m.2 views

postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL

A flaw was found in PostgreSQL. A late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL can allow an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling a safe refre...

8CVSS7.5AI score0.00753EPSS
Exploits0References4
Veracode
Veracodeadded 2019/01/15 9:10 a.m.17 views

Remote Code Execution (RCE)

redhat-support-plugin-rhev is vulnerable to remote code execution. It was found that redhat-support-plugin-rhev passed a user-specified path and file name directly to the command line in the log viewer component. This could allow users with the SuperUser role on any Entity to execute arbitrary...

9.1CVSS9.6AI score0.00926EPSS
Exploits0References7Affected Software1
NVD
NVDadded 2017/09/25 9:29 p.m.12 views

CVE-2015-7544

redhat-support-plugin-rhev in Red Hat Enterprise Virtualization Manager aka RHEV Manager before 3.6 allows remote authenticated users with the SuperUser role on any Entity to execute arbitrary commands on any host in the RHEV environment...

9.1CVSS9.4AI score0.00926EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2017/09/25 12:0 a.m.3 views

PT-2017-7223 · Red Hat · Red Hat Enterprise Virtualization Manager

Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Virtualization Manager versions prior to 3.6 Description: The issue allows remote authenticated users with the SuperUser role on any Entity to execute arbitrary commands on any host in the environment. Recommendations: For...

9.1CVSS9.3AI score0.00926EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2016/03/09 8:20 p.m.1 views

redhat-support-plugin-rhev: Remote code execution by SuperUser role on hosts in RHEV

It was found that redhat-support-plugin-rhev passed a user-specified path and file name directly to the command line in the log viewer component. This could allow users with the SuperUser role on any Entity to execute arbitrary commands on any host in the RHEV environment...

9.1CVSS6.1AI score0.00926EPSS
Exploits0References4
Rows per page
Query Builder