Lucene search
K

15 matches found

Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.13 views

PT-2026-38327

The Appointment Booking Calendar plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 1.6.10.6. This is due to a flawed authorization logic in the nonce permissions check method combined with the public exposure of a site-wide reusable nonce. The plugin...

6.5CVSS5.9AI score0.00492EPSS
Exploits0References9
CVE
CVE
added 2025/12/17 9:40 p.m.15 views

CVE-2025-68399

ChurchCRM security advisory documents describe a Stored Cross-Site Scripting (XSS) in the GroupEditor.php page occurring in versions prior to 6.5.4 . The vulnerability allows an attacker to inject JavaScript when creating a group role, but requires the attacker to have permission to view and modi...

5.4CVSS5AI score0.00162EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 5:30 p.m.4 views

CVE-2020-6214

SAP S/4HANA Financial Products Subledger, version 100, uses an incorrect authorization object in some reports. Although the affected reports are protected with other authorization objects, exploitation of the vulnerability would allow an authenticated attacker to view, change, or delete data,...

6.5CVSS6.6AI score0.00647EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/11/15 4:6 a.m.3 views

SUSE CVE-2024-10978

Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem arises when an application query uses...

4.2CVSS9.4AI score0.00705EPSS
Exploits0References21
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.3 views

PostgreSQL 安全漏洞

PostgreSQL is a free object-relational database management system from the PostgreSQL organization. The system supports most of the SQL standards and provides many other features such as foreign keys, triggers, views, and more. A security vulnerability exists in PostgreSQL that stems from...

5.4CVSS6.7AI score0.00786EPSS
Exploits0References3
OSV
OSV
added 2023/12/20 2:15 a.m.5 views

CVE-2023-47702

IBM Security Guardium Key Lifecycle Manager 4.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view modify files on the system. IBM X-Force ID: 271196...

9.1CVSS5.8AI score0.00975EPSS
Exploits0References2
OSV
OSV
added 2023/11/14 6:15 p.m.2 views

CVE-2023-36633

An improper authorization vulnerability CWE-285 in FortiMail webmail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests...

5.4CVSS5.8AI score0.0047EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/26 12:0 a.m.5 views

Encourage Technologies ESS REC Agent Server 路径遍历漏洞

Encourage Technologies ESS REC Agent Server is a software system from Encourage Technologies for receiving, processing, and managing audio and video data from surveillance devices. A security vulnerability exists in Encourage Technologies ESS REC Agent Server that stems from the presence of a...

8.1CVSS7.9AI score0.00908EPSS
Exploits0References4
OSV
OSV
added 2023/02/11 1:23 a.m.5 views

CVE-2022-34449

PowerPath Management Appliance with versions 3.3 & 3.2 contains a Hardcoded Cryptographic Keys vulnerability. Authenticated admin users can exploit the issue that leads to view and modifying sensitive information stored in the application...

6CVSS5.8AI score0.00176EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/07/08 12:0 a.m.6 views

IBM InfoSphere Information Server SQL注入漏洞

IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. IBM InfoSphere Information Server has a security vulnerability that can be exploited by an attacker to view...

8.8CVSS5.7AI score0.00968EPSS
Exploits0References5
OSV
OSV
added 2021/01/20 8:15 p.m.2 views

CVE-2021-1269

Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this...

6.3CVSS5.9AI score0.00774EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/13 12:0 a.m.2 views

Microsoft Windows Media Foundation Memory Corruption Vulnerability (CNVD-2020-48264)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Microsoft Windows Media Foundation A memory corruption vulnerability exists in Microsoft...

7.8CVSS6.9AI score0.02678EPSS
Exploits0References1
OSV
OSV
added 2020/06/26 5:15 p.m.5 views

CVE-2020-14477

In Philips Ultrasound ClearVue Versions 3.2 and prior, Ultrasound CX Versions 5.0.2 and prior, Ultrasound EPIQ/Affiniti Versions VM5.0 and prior, Ultrasound Sparq Version 3.0.2 and prior and Ultrasound Xperius all versions, an attacker may use an alternate path or channel that does not require...

4.4CVSS5.8AI score0.00275EPSS
Exploits0References1
CNVD
CNVD
added 2020/03/20 12:0 a.m.2 views

Smartbi has a flawed logic vulnerability

Smartbi is the business intelligence BI and data analytics brand of Guangzhou Sematic Software Co. Smartbi has a logic flaw vulnerability that can be exploited by an attacker to view and modify sensitive system configuration information...

6.8AI score
Exploits0
CNVD
CNVD
added 2019/11/29 12:0 a.m.3 views

Unauthorized Access Vulnerability in Intelligent Gateway of Beijing BiNian Technology Co.

Smart Gateway is a multi-service converged gateway that integrates the features of wireless controller AC, router and firewall independently developed by Beijing Beyond Technology Co. An unauthorized access vulnerability exists in the Intelligent Gateway of Beijing BiNian Technology Co. An attack...

6.9AI score
Exploits0
Rows per page
Query Builder