Lucene search
K

24 matches found

EUVD
EUVD
added 2026/06/03 3:49 p.m.11 views

EUVD-2026-34110

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: clear stale link mapping of ahvif-linksmap When an arvif is initialized in non-AP STA mode but MLO connection preparation fails before the arvif is created arvif-iscreated remains false, the error path attempts to...

5.8AI score0.00121EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 8:13 p.m.17 views

CVE-2026-46424

Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...

4.2CVSS5.7AI score0.00163EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 6:16 p.m.14 views

CVE-2026-46424

Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...

4.2CVSS0.00163EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/27 5:5 p.m.10 views

CVE-2026-46424

Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...

4.2CVSS5.7AI score0.00163EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/27 5:5 p.m.9 views

CVE-2026-46424 Budibase: Missing Cache Invalidation on Public API Role Unassignment Allows Revoked Users to Retain Privileges for Up to 1 Hour

Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...

4.2CVSS5.7AI score0.00163EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/27 5:5 p.m.47 views

CVE-2026-46424 Budibase: Missing Cache Invalidation on Public API Role Unassignment Allows Revoked Users to Retain Privileges for Up to 1 Hour

Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...

4.2CVSS0.00163EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 5:5 p.m.13 views

EUVD-2026-32597

Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...

4.2CVSS5.7AI score0.00163EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/19 4:30 p.m.14 views

Budibase: Missing Cache Invalidation on Public API Role Unassignment Allows Revoked Users to Retain Privileges for Up to 1 Hour

Summary The public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user identity and permissions from this cache TTL: 3600 seconds...

4.2CVSS5.8AI score0.00163EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.13 views

PT-2026-42049

Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.38.2 Description The public API role unassignment endpoint "/api/public/v1/roles/unassign" updates user documents in CouchDB but fails to invalidate the corresponding Redis user cache entries. Because the...

4.2CVSS5.7AI score0.00163EPSS
Exploits0References5
OSV
OSV
added 2025/02/27 2:15 a.m.2 views

DEBIAN-CVE-2024-57995

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix read pointer after free in ath12kmacassignviftovdev In ath12kmacassignviftovdev, if arvif is created on a different radio, it gets deleted from that radio through a call to ath12kmacunassignlinkvif. This action...

7.8CVSS5.9AI score0.0022EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/05/21 2:2 a.m.3 views

SUSE CVE-2023-52671

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix hang/underflow when transitioning to ODM4:1 Why Under some circumstances, disabling an OPTC and attempting to reclaim its OPPs for a different OPTC could cause a hang/underflow due to OPPs not being properly...

6.6CVSS6.2AI score0.00222EPSS
Exploits0References16
OSV
OSV
added 2024/05/17 2:15 p.m.1 views

UBUNTU-CVE-2023-52671

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix hang/underflow when transitioning to ODM4:1 Why Under some circumstances, disabling an OPTC and attempting to reclaim its OPPs for a different OPTC could cause a hang/underflow due to OPPs not being properly...

5.5CVSS6.6AI score0.00222EPSS
Exploits0References6
NVD
NVD
added 2023/05/29 6:15 p.m.11 views

CVE-2022-32723

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...

6.5AI score
Exploits0
NVD
NVD
added 2023/05/08 8:15 p.m.11 views

CVE-2022-32930

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...

6.5AI score
Exploits0
NVD
NVD
added 2023/01/27 6:15 p.m.13 views

CVE-2022-46231

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...

6.5AI score
Exploits0
NVD
NVD
added 2022/12/02 10:15 p.m.11 views

CVE-2020-26380

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

Exploits0
Prion
Prion
added 2021/12/20 11:15 p.m.8 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

7AI score
Exploits0
CVE
CVE
added 2021/12/20 10:44 p.m.26 views

CVE-2019-14167

This CVE entry is rejected/not used and does not represent an active vulnerability entry.

7.3AI score
Exploits0
Prion
Prion
added 2021/06/11 10:15 p.m.7 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

7AI score
Exploits0
CVE
CVE
added 2021/01/06 7:33 p.m.32 views

CVE-2020-5123

CVE-2020-5123 entry is rejected; do not use this candidate number.

6.7AI score
Exploits0
Rows per page
Query Builder