CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2025/11/27 12:58 a.m.•2 views

CVE-2025-46174

Ruoyi v4.8.0 vulnerable to Incorrect Access Control. There is a missing checkUserDataScope permission check in the resetPwd Method of SysUserController.java...

7.5CVSS6.7AI score0.00043EPSS

Exploits0References1

NVD•added 2025/11/26 5:15 p.m.•2 views

CVE-2025-46175

Ruoyi v4.8.0 is vulnerable to Incorrect Access Control. There is a missing checkUserDataScope permission check in the authRole method of SysUserController.java...

7.5CVSS0.00043EPSS

Exploits0References3

Vulnrichment•added 2025/11/26 12:0 a.m.•2 views

CVE-2025-46174

Ruoyi v4.8.0 vulnerable to Incorrect Access Control. There is a missing checkUserDataScope permission check in the resetPwd Method of SysUserController.java...

6.3AI score0.00043EPSS

Exploits0References3

Positive Technologies•added 2025/11/26 12:0 a.m.•2 views

PT-2025-48151

Ruoyi v4.8.0 is vulnerable to Incorrect Access Control. There is a missing checkUserDataScope permission check in the authRole method of SysUserController.java...

6.8AI score0.00043EPSS

Exploits0References4

CVE•added 2025/11/26 12:0 a.m.•8 views

CVE-2025-46175

Ruoyi v4.8.0 is reported vulnerable to Incorrect Access Control due to a missing checkUserDataScope permission check in the authRole method of SysUserController.java. The CVE entry (CVE-2025-46175) shows a high impact with CVSS v3.1 base score 7.5 (Network, Low complexity, No privileges required,...

7.5CVSS6.4AI score0.00043EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by