Lucene search
K

15 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/22 4:4 p.m.3 views

CVE-2026-5262

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.1.0 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that under certain conditions could have allowed an unauthenticated user to access tokens in the Storybook development environment due to improper input...

8CVSS5.8AI score0.00223EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/03/25 9:10 p.m.4 views

EUVD-2026-14913

Vikunja Allows Disabled/Locked User Accounts to Authenticate via API Tokens, CalDAV, and OpenID Connect...

7.1CVSS5.8AI score0.00453EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2026/01/09 10:9 a.m.9 views

CVE-2019-11213

In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. The endpoint would need to be already compromised for exploitation to succeed...

8.1CVSS6.8AI score0.02822EPSS
Exploits0References1
Apple
Apple
added 2025/12/12 12:0 a.m.23 views

About the security content of macOS Tahoe 26.2

About the security content of macOS Tahoe 26.2 This document describes the security content of macOS Tahoe 26.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

9.8CVSS7.3AI score0.16212EPSS
Exploits2References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-13433

Malware in sbrugna...

7.2CVSS7AI score0.01036EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-5294

Malware in sbrugna...

6.5CVSS9.1AI score0.01491EPSS
Exploits0References7
Snyk
Snyk
added 2025/09/04 11:42 p.m.1 views

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the project details API endpoint. An attacker can access sensitive repository credentials by using API tokens with project-level or project get permissions,...

9.9CVSS6.9AI score0.04518EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-3035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allow...

8.1CVSS5.5AI score0.00355EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:7 p.m.6 views

CVE-2022-3740

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. A group owner may be able to bypass External Authorization check, if it is enabled, to access git repositories and package registries by using...

6.5CVSS6.4AI score0.0089EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/22 12:27 p.m.8 views

CVE-2024-12880

A vulnerability in infiniflow/ragflow version RAGFlow-0.13.0 allows for partial account takeover via insecure data querying. The issue arises from the way tenant IDs are handled in the application. If a user has access to multiple tenants, they can manipulate their tenant access to query and acce...

8.1CVSS6.7AI score0.00641EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/09/10 12:0 a.m.3 views

PT-2024-38518 · Phoenix Contact · Fl Mguard 2102 +46

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A low privileged remote attacker can get access to CSRF tokens of higher privileged users, which can be abused to mount CSRF attacks. Recommendations: A...

5.7CVSS7AI score0.00384EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/07/03 12:0 a.m.4 views

Ovarro TBox RTUs 授权问题漏洞

Ovarro TBox RTUs is a modular remote monitoring and automation solution from Ovarro Germany. An authorization issue vulnerability exists in Ovarro TBox RTUs that stems from allowing a low-privileged user to access higher-privileged software security tokens, potentially allowing an attacker to...

6.5CVSS6.5AI score0.00509EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/07 12:0 a.m.3 views

PT-2022-23178 · Kubevela · Kubevela

Name of the Vulnerable Software and Affected Versions: KubeVela versions prior to 1.4.11 and 1.5.4 Description: KubeVela is an application delivery platform that could be affected by an authentication bypass issue. The VelaUX APIServer uses the PlatformID as the signed key to generate JWT tokens...

9.8CVSS9.6AI score0.00698EPSS
Exploits0References5
Code423n4
Code423n4
added 2022/01/11 12:0 a.m.10 views

Tokens can be burned with no access control

Handle sirhashalot Vulnerability details Impact The Vault.sol contract has two address state variables, the keeper variable and the controller variable, which are both permitted to be the zero address. If both variables are zero simultaneously, any address can burn the available funds available...

6.9AI score
Exploits0
OSV
OSV
added 2021/10/05 1:15 p.m.3 views

UBUNTU-CVE-2021-39872

In all versions of GitLab CE/EE since version 14.1, an improper access control vulnerability allows users with expired password to still access GitLab through git and API through access tokens acquired before password expiration...

6.5CVSS5.8AI score0.00957EPSS
Exploits0References5
Rows per page
Query Builder