Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-12952

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00669EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 8:58 a.m.5 views

CVE-2024-22278

Incorrect user permission validation in Harbor...

6.4CVSS6.6AI score0.00368EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/14 11:56 a.m.23 views

CVE-2022-31668 User permission validation failure and disclosure of P2P preheat execution logs

Harbor fails to validate the user permissions when updating p2p preheat policies. By sending a request to update a p2p preheat policy with an id that belongs to a project that the currently authenticated user doesn't have access to, the attacker could modify p2p preheat policies configured in oth...

7.4CVSS0.00296EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/14 11:56 a.m.15 views

CVE-2022-31668 User permission validation failure and disclosure of P2P preheat execution logs

Harbor fails to validate the user permissions when updating p2p preheat policies. By sending a request to update a p2p preheat policy with an id that belongs to a project that the currently authenticated user doesn't have access to, the attacker could modify p2p preheat policies configured in oth...

7.4CVSS6.7AI score0.00296EPSS
Exploits0References1
CVE
CVE
added 2024/11/14 11:56 a.m.82 views

CVE-2022-31668

Harbor (github.com/goharbor/harbor) is affected by CVE-2022-31668 due to improper permission validation when updating p2p preheat policies. A request to update a policy with an id belonging to a project the authenticated user cannot access could allow modification of p2p preheat policies in other...

7.7CVSS7.2AI score0.00296EPSS
Exploits0References1Affected Software1
Veracode
Veracode
added 2023/07/12 10:15 a.m.21 views

Information Disclosure

mediawiki/proofread-page is vulnerable to Information Disclosure. The vulnerability exists due to the lack of user permission validation in PageDisplayHandler.php and PageContentHandler.php, which allows an attacker to discover hidden users in the system...

5.3CVSS6.6AI score0.00514EPSS
Exploits1References5Affected Software1
CNVD
CNVD
added 2021/11/10 12:0 a.m.23 views

WordPress Plugin Cross-Site Request Forgery Vulnerability (CNVD-2021-92549)

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports the erection of personal blog sites on PHP and MySQL servers. WordPress Plugin is a WordPress open source application plugin. access control error vulnerability in Wordpress...

4.3CVSS3.4AI score0.00435EPSS
Exploits2References1
seebug.org
seebug.org
added 2014/03/05 12:0 a.m.68 views

IBM Algo One Algo多个安全漏洞

CVE ID:CVE-2013-6299、CVE-2013-6300、CVE-2013-6301、CVE-2013-6302、CVE-2013-6303、CVE-2013-6318、CVE-2013-6319、CVE-2013-6320、CVE-2013-6331、CVE-2013-6333 IBM Algo One是一个风险管理软件解决方案。 IBM Algo One存在多个安全漏洞: 1,应用程序不正确校验用户权限,允许攻击者利用漏洞获取受限内容。 2,存在多个跨站脚本漏洞,允许攻击者构建恶意URI,诱使用户解析,可获得敏感Cookie,劫持会话或在客户端上进行恶意操作。...

6.5CVSS6.5AI score0.01453EPSS
Exploits1
Rows per page
Query Builder