CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

RedhatCVE•added 2025/05/22 8:43 a.m.•6 views

CVE-2019-5930

Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to bypass access restriction to browse unauthorized pages via the application 'Management of Basic System'...

4.3CVSS7AI score0.00153EPSS

Exploits0References1

NVD•added 2021/06/22 2:15 a.m.•9 views

CVE-2021-20737

Improper authentication vulnerability in GROWI versions prior to v4.2.20 allows a remote attacker to view the unauthorized pages without access privileges via unspecified vectors...

6.5CVSS0.00471EPSS

Exploits0References2

OSV•added 2021/06/22 2:15 a.m.•9 views

CVE-2021-20737

Improper authentication vulnerability in GROWI versions prior to v4.2.20 allows a remote attacker to view the unauthorized pages without access privileges via unspecified vectors...

6.5CVSS6.9AI score

Exploits0References2

Cvelist•added 2021/06/22 1:35 a.m.•12 views

CVE-2021-20737

Improper authentication vulnerability in GROWI versions prior to v4.2.20 allows a remote attacker to view the unauthorized pages without access privileges via unspecified vectors...

7.2AI score0.00471EPSS

Exploits0References2

CNNVD•added 2021/06/14 12:0 a.m.•1 views

Weseek GROWI 授权问题漏洞

Weseek GROWI is a suite of team collaboration software from Weseek Japan. An access control error vulnerability exists in WESEEK GROWI that originates from an error in the handling of authentication requests. A remote, authenticated attacker could exploit the vulnerability to view unauthorized...

6.5CVSS5.6AI score0.00471EPSS

Exploits0References3

NOZOMI•added 2020/02/25 12:0 a.m.•5 views

NGINX allows HTTP request smuggling

Summary Under some special configuration NGINX permits HTTP request smuggling which can lead an attacker to access unauthorized web pages. Impact None. Our products are not affected by this issue because the configuration used is not vulnerable. Mitigation Not required Solution Not required...

5.3CVSS6.8AI score0.69569EPSS

Exploits3

OSV•added 2020/01/09 9:15 p.m.•0 views

UBUNTU-CVE-2019-20372

NGINX before 1.17.7, with certain errorpage configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer...

5.3CVSS6.8AI score0.69569EPSS

Exploits3References8

CNVD•added 2019/10/29 12:0 a.m.•1 views

Override Access Vulnerability in TurboCRM

TruboCRM Management System is a customer relationship management system. An override access vulnerability exists in TurboCRM, which can be exploited by an attacker to log in and access unauthorized pages...

6.9AI score

Exploits0

NVD•added 2019/05/17 4:29 p.m.•17 views

CVE-2019-5930

Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to bypass access restriction to browse unauthorized pages via the application 'Management of Basic System'...

4.3CVSS4.7AI score0.00153EPSS

Exploits0References2

OSV•added 2019/05/17 4:29 p.m.•1 views

CVE-2019-5930

Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to bypass access restriction to browse unauthorized pages via the application 'Management of Basic System'...

4.3CVSS6.1AI score

Exploits0References2

Prion•added 2019/05/17 4:29 p.m.•18 views

Authentication flaw

Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to bypass access restriction to browse unauthorized pages via the application 'Management of Basic System'...

4CVSS5.5AI score0.00153EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/05/17 3:25 p.m.•14 views

CVE-2019-5930

Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to bypass access restriction to browse unauthorized pages via the application 'Management of Basic System'...

5.2AI score0.00153EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by