Lucene search
K

5 matches found

AlpineLinux
AlpineLinux
added 2026/06/23 5:55 p.m.6 views

CVE-2026-45692

Caddy is an extensible server platform that uses TLS by default. From 2.4.0 until 2.11.3, the authorization layer and the /config traversal layer do not agree on what object the path refers to. In this case, a path authorized for one config object is accepted, but then resolves to a different...

5.4CVSS5.9AI score0.00144EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/04/09 7:23 p.m.7 views

CVE-2026-39659

Missing Authorization vulnerability in Ultimate Member Ultimate Member ultimate-member allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Member: from n/a through = 2.11.3...

5.9AI score0.00037EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/20 12:0 a.m.4 views

PT-2024-5352 · Argo Cd · Argo Cd

Name of the Vulnerable Software and Affected Versions: Argo CD versions prior to 2.11.3 Argo CD versions prior to 2.10.12 Argo CD versions prior to 2.9.17 Description: Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It’s possible for authenticated users to enumerate...

4.3CVSS7AI score0.00408EPSS
Exploits0References16
OSV
OSV
added 2022/08/05 12:0 a.m.1 views

GHSA-JP3M-P26H-MM7V Apache JSPWiki CSRF due to crafted invocation on the Image plugin

A carefully crafted invocation on the Image plugin could trigger an CSRF vulnerability on Apache JSPWiki before 2.11.3, which could allow a group privilege escalation of the attacker's account. Further examination of this issue established that it could also be used to modify the email associated...

8.8CVSS5.9AI score0.01093EPSS
Exploits0References3
OSV
OSV
added 2019/01/08 8:29 p.m.4 views

CVE-2019-0246

SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for functionalities that require user identity...

9.8CVSS5.8AI score0.02744EPSS
Exploits0References3
Rows per page
Query Builder