Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2025/10/23 12:0 a.m.1 views

PT-2025-43523

Name of the Vulnerable Software and Affected Versions OpenBao AWS Plugin versions prior to 0.1.1 Description The OpenBao AWS Plugin generates AWS access credentials based on IAM policies. Versions of the plugin prior to 0.1.1 are susceptible to cross-account IAM role Impersonation within the AWS...

8.1CVSS6.3AI score0.00242EPSS
Exploits0References13
Veracode
Veracodeadded 2024/08/05 6:13 a.m.12 views

Improper Privilege Management

org.apache.linkis: linkis-common is vulnerable to Improper Privilege Management. The vulnerability is due to incorrect handling of permissions for Critical Resources. An attacker with a trusted account can gain unauthorized access to the Token information and escalate privileges...

8.8CVSS6.9AI score0.00664EPSS
Exploits0
CVE
CVEadded 2024/08/02 9:27 a.m.49 views

CVE-2024-27181

CVE-2024-27181 affects Apache Linkis prior to 1.6.0. The issue is privilege escalation in the Basic management services where an attacker with a trusted account can access Linkis token information, elevating privileges. The root cause is elevation of privilege through trusted-account access to se...

8.8CVSS6.5AI score0.00664EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2024/07/08 10:29 a.m.26 views

CVE-2024-37999

A vulnerability has been identified in Medicalis Workflow Orchestrator All versions. The affected application executes as a trusted account with high privileges and network access. This could allow an authenticated local attacker to escalate privileges...

8.5CVSS7AI score0.00138EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/07/08 12:0 a.m.4 views

Medicalis Workflow Orchestrator Security Breach

Siemens Medicalis Workflow Orchestrator is a workflow orchestrator from Siemens Germany. It can be used as a common platform to standardize the workflow of radiologists. A security vulnerability exists in all versions of Medicalis Workflow Orchestrator that stems from the application executing as...

8.5CVSS6.4AI score0.00138EPSS
Exploits0References2
NVD
NVDadded 2017/03/28 2:59 a.m.11 views

CVE-2016-9454

Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted non-admin account. The banner image URL for external banners wasn't properly escaped when displayed in most of the banner related pages...

5.4CVSS5.3AI score0.01102EPSS
Exploits0References3
OSV
OSVadded 2017/03/28 2:59 a.m.12 views

CVE-2016-9454

Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted non-admin account. The banner image URL for external banners wasn't properly escaped when displayed in most of the banner related pages...

5.4CVSS6AI score
Exploits0References3
Rows per page
Query Builder