Lucene search
K

230 matches found

NVD
NVD
added 6 days ago6 views

CVE-2026-8800

Incorrect Authorization vulnerability in Progress MOVEit Transfer Audit User module. This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3...

8.8CVSS0.00196EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42384

Incorrect Authorization vulnerability in Progress MOVEit Transfer Audit User module. This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3...

2.7CVSS5.9AI score0.00196EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago5 views

CVE-2026-8800

Incorrect Authorization vulnerability in Progress MOVEit Transfer Audit User module. This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3...

2.7CVSS5.9AI score0.00196EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 6 days ago4 views

PT-2026-56573

Name of the Vulnerable Software and Affected Versions MOVEit Transfer versions prior to 2025.0.7 MOVEit Transfer versions 2025.1.0 through 2025.1.2 Description An incorrect authorization issue exists within the Audit User module, which may allow unauthorized access or actions. Recommendations...

8.8CVSS6.1AI score0.00196EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/12 9:34 p.m.4 views

EUVD-2026-11706

The Honeywell IQ4x building management controller, exposes its full web-based HMI without authentication in its factory-default configuration. With no user module configured, security is disabled by design and the system operates under a System Guest level 100 context, granting read/write...

10CVSS5.8AI score0.05585EPSS
Exploits1References4
CVE
CVE
added 2026/02/01 12:15 p.m.26 views

CVE-2021-47917

CVE-2021-47917 affects Simple CMS 2.1. It describes a persistent cross-site scripting (XSS) vulnerability in user input parameters that attackers can inject via the newUser and editUser modules. The injected scripts can execute on the user list preview, potentially leading to session hijacking an...

6.4CVSS5.9AI score0.00289EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/01 12:0 a.m.12 views

PT-2026-5562

Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading...

6.4CVSS5.9AI score0.00289EPSS
Exploits1References4
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.4 views

Astra Linux – Vulnerability in ansible-core

A flaw was discovered in Ansible. The ansible-core user module allows an unprivileged user to silently create or replace the contents of any file on any system path, and to take ownership of that file when a privileged user executes the user module against the unprivileged user’s home directory. ...

6.3CVSS6.8AI score0.00256EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 12:36 p.m.9 views

CVE-2023-49244

Permission management vulnerability in the multi-user module. Successful exploitation of this vulnerability may affect service confidentiality...

7.5CVSS7AI score0.00443EPSS
Exploits0References1
Snyk
Snyk
added 2025/12/04 12:31 p.m.2 views

Insertion of Sensitive Information into Log File

Overview ansible is a simple IT automation system. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the community.general.keycloakuser module due to exposing the credentials.value field in verbose output. An attacker can obtain sensitive...

6.8CVSS6.8AI score0.00117EPSS
Exploits0References2
Veracode
Veracode
added 2025/11/20 11:5 a.m.6 views

Remote Code Execution (RCE)

Dolibarr is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of the computed field parameter in the User module configuration, which allows an attacker to inject malicious input and execute arbitrary code...

8.8CVSS7.6AI score0.00469EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/11/10 3:31 p.m.5 views

EUVD-2025-44060

Cross-Site Request Forgery CSRF in SourceCodester Product Expiry Management System. The User Management module delete-user.php allows remote attackers to delete arbitrary user accounts via forged cross-origin GET requests because the endpoint relies solely on session cookies and lacks CSRF...

6.6AI score0.00208EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-3783

Malware in sbrugna...

4.3CVSS6.4AI score0.01633EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2019-3484

Malware in sbrugna...

6.1CVSS6.2AI score0.00765EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-4771

Malware in sbrugna...

6CVSS6.1AI score0.01812EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-1322

Malware in sbrugna...

6.8CVSS6.4AI score0.01076EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-3752

Malware in sbrugna...

4.3CVSS6.2AI score0.01646EPSS
Exploits3References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-0017

Malware in sbrugna...

7.8CVSS7.7AI score0.00354EPSS
Exploits0References30
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2019-3485

Malware in sbrugna...

7.8CVSS7.7AI score0.01001EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-0002

Malware in sbrugna...

8.8CVSS8.6AI score0.02498EPSS
Exploits0References6
Rows per page
Query Builder