Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:40 p.m.12 views

CVE-2026-25125

October is a Content Management System CMS and web platform. Versions prior to 3.7.14 and 4.1.10 contain a server-side information disclosure vulnerability in the INI settings parser. Because PHP's parseinistring function supports $ syntax for environment variable interpolation, attackers with...

4.9CVSS5.3AI score0.00326EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.12 views

CVE-2026-41004

A flaw was found in Spring Cloud Config Server. When trace logging is enabled, sensitive information is inadvertently written in plain text to the logs. A highly privileged local user could exploit this vulnerability to gain unauthorized access to confidential data, leading to information...

4.4CVSS5AI score0.00168EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2024/02/28 10:15 p.m.2 views

CVE-2023-45859

In Hazelcast through 4.1.10, 4.2 through 4.2.8, 5.0 through 5.0.5, 5.1 through 5.1.7, 5.2 through 5.2.4, and 5.3 through 5.3.2, some client operations don't check permissions properly, allowing authenticated users to access data stored in the cluster...

7.6CVSS7.1AI score0.00503EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2019/07/30 11:15 p.m.40 views

CVE-2019-10162

A vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.10, 4.0.8 allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when ...

7.5CVSS6.1AI score0.01691EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2002/11/05 12:0 a.m.4 views

security flaw

The default servlet org.apache.catalina.servlets.DefaultServlet in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet...

5CVSS5.9AI score0.1682EPSS
Exploits1References4
Rows per page
Query Builder