Lucene search
K

73 matches found

NVD
NVD
added 2025/11/21 10:16 p.m.6 views

CVE-2025-0504

Black Duck SCA versions prior to 2025.10.0 had user role permissions configured in an overly broad manner. Users with the scoped Project Manager user role with the Global User Read access permission enabled access to certain Project Administrator functionalities which should have be inaccessible...

5.4CVSS0.00143EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/21 9:30 p.m.10 views

CVE-2025-0504 Black Duck SCA Project Privilege Escalation

Black Duck SCA versions prior to 2025.10.0 had user role permissions configured in an overly broad manner. Users with the scoped Project Manager user role with the Global User Read access permission enabled access to certain Project Administrator functionalities which should have be inaccessible...

5.4CVSS6.3AI score0.00143EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/21 12:0 a.m.5 views

PT-2025-47803

Black Duck SCA versions prior to 2025.10.0 had user role permissions configured in an overly broad manner. Users with the scoped Project Manager user role with the Global User Read access permission enabled access to certain Project Administrator functionalities which should have be inaccessible...

5.4CVSS6.7AI score0.00143EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-11740

Malware in sbrugna...

7.5CVSS6.5AI score0.01338EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-5449

Malware in sbrugna...

3.6CVSS6.4AI score0.01433EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2001-0615

Malware in sbrugna...

2.1CVSS6.4AI score0.00321EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/09/07 8:12 a.m.5 views

parisc: Revise __get_user() to probe user read access

...

5.5CVSS6.8AI score0.00136EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/07 8:11 a.m.6 views

parisc: Revise gateway LWS calls to probe user read access

...

5.5CVSS6.8AI score0.00136EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/09/07 12:0 a.m.4 views

PT-2025-36405

Name of the Vulnerable Software and Affected Versions: IBM MQ LTS versions 9.1.0.0 through 9.1.0.29 IBM MQ LTS versions 9.2.0.0 through 9.2.0.36 IBM MQ LTS versions 9.3.0.0 through 9.3.0.30 IBM MQ LTS versions 9.4.0.0 through 9.4.0.12 IBM MQ CD versions 9.3.0.0 through 9.3.5.1 IBM MQ CD versions...

5.1CVSS6.1AI score0.00094EPSS
Exploits0References6
NVD
NVD
added 2025/09/05 6:15 p.m.6 views

CVE-2025-39716

In the Linux kernel, the following vulnerability has been resolved: parisc: Revise getuser to probe user read access Because of the way read access support is implemented, read access interruptions are only triggered at privilege levels 2 and 3. The kernel executes at privilege level 0, so getuse...

5.5CVSS0.00136EPSS
Exploits0References7
OSV
OSV
added 2025/09/05 6:15 p.m.2 views

DEBIAN-CVE-2025-39715

In the Linux kernel, the following vulnerability has been resolved: parisc: Revise gateway LWS calls to probe user read access We use load and stbys,e instructions to trigger memory reference interruptions without writing to memory. Because of the way read access support is implemented, read acce...

5.5CVSS5.5AI score0.00136EPSS
Exploits0References1
OSV
OSV
added 2025/09/05 5:21 p.m.5 views

CVE-2025-39716 parisc: Revise __get_user() to probe user read access

In the Linux kernel, the following vulnerability has been resolved: parisc: Revise getuser to probe user read access Because of the way read access support is implemented, read access interruptions are only triggered at privilege levels 2 and 3. The kernel executes at privilege level 0, so getuse...

5.5CVSS6.2AI score0.00136EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/09/05 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly detecting user read permissions, which could lead to a system call bypass...

5.5CVSS7.9AI score0.00136EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/05 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly detecting user read permissions, which could lead to elevated privileges...

5.5CVSS8AI score0.00136EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 5:19 a.m.3 views

CVE-2023-21279

In visitUris of RemoteViews.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.6AI score0.00089EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:16 a.m.4 views

CVE-2023-22869

IBM Aspera Faspex 5.0.0 through 5.0.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 244119...

5.5CVSS5.9AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:9 a.m.6 views

CVE-2023-21312

In IntentResolver, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.5AI score0.00088EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:16 a.m.7 views

CVE-2012-5557

The User Read-Only module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.4 for Drupal, does not properly assign roles when there are more than three roles on the site and certain unspecified configurations, which might allow remote authenticated users to gain privileges by performing certain...

3.6CVSS6.9AI score0.01433EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/01/17 12:20 a.m.4 views

SUSE CVE-2025-0504

Black Duck SCA versions prior to 2025.10.0 had user role permissions configured in an overly broad manner. Users with the scoped Project Manager user role with the Global User Read access permission enabled access to certain Project Administrator functionalities which should have be inaccessible...

5.4CVSS6.8AI score0.00143EPSS
Exploits0References3
OSV
OSV
added 2024/11/13 6:15 p.m.5 views

CVE-2024-43090

In multiple locations, there is a possible cross-user image read due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation...

5CVSS5.9AI score0.00163EPSS
Exploits0References2
Rows per page
Query Builder