Lucene search
K

7 matches found

CVE
CVE
added yesterday7 views

CVE-2026-59217

Open WebUI prior to version 0.10.0 allowed a metadata.knowledge_id value in file uploads to auto-link files to a knowledge base, bypassing the write-access check on /api/v1/knowledge//file/add. This enabled read-only knowledge-base users to add arbitrary files. The issue is fixed in version 0.10....

4.3CVSS6AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.13 views

PT-2026-50136

Name of the Vulnerable Software and Affected Versions Gitea affected versions not specified Description An authorization bypass allows any authenticated low-privilege user with read access to a repository to push arbitrary commits directly to that repository, bypassing write-access checks. This...

8.5CVSS6AI score0.00291EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/01/09 11:28 a.m.7 views

CVE-2021-33718

A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.22, Mendix Applications using Mendix 8 All versions V8.18.7, Mendix Applications using Mendix 9 All versions V9.3.0. Write access checks of attributes of an object could be bypassed, if user has a write...

5.3CVSS6.7AI score0.00581EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-20395

Malware in sbrugna...

5.3CVSS5.5AI score0.00581EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 3:11 a.m.10 views

CVE-2011-0466

The API in SUSE openSUSE Build Service OBS 2.0.x before 2.0.8 and 2.1.x before 2.1.6 allows attackers to bypass intended write-access restrictions and modify a 1 package or 2 project via unspecified vectors...

6.4CVSS7AI score0.0107EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/11/09 12:15 p.m.4 views

CVE-2021-42025

A vulnerability has been identified in Mendix Applications using Mendix 8 All versions V8.18.13, Mendix Applications using Mendix 9 All versions V9.6.2. Applications built with affected versions of Mendix Studio Pro do not properly control write access for certain client actions. This could allow...

6.8CVSS6.5AI score0.00565EPSS
Exploits0References2
CVE
CVE
added 2014/08/29 10:0 a.m.50 views

CVE-2014-3084

The CVE-2014-3084 issue affects IBM Maximo Asset Management and related products (including Maximo Asset Management Essentials, Maximo Industry Solutions, SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and CMDB products). It allows re...

4.9CVSS6.3AI score0.01735EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder