Lucene search
K

6 matches found

CVE
CVE
added 2026/06/01 3:32 a.m.21 views

CVE-2026-48191

CVE-2026-48191 affects STORM modules in OTRS (versions 7.0.x, 8.0.x, 2023.x, 2024.x, 2025.x, and 2026.x prior to 2026.4.x). The vulnerability arises from incorrect handling of permissions in Document Search Article Meta Filters, enabling an attacker to learn the number of affected CIs, SLA and se...

3.5CVSS5.8AI score0.00143EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/12/08 10:16 a.m.8 views

CVE-2025-14262

A wrong permission check in KNIME Business Hub before version 1.17.0 allowed an authenticated user to save jobs of other users as if there were saved by the job owner. The attacker must have permissions to access the jobs but then they were saved into the catalog service using the wrong owner...

5.3CVSS0.00158EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/08 9:34 a.m.7 views

EUVD-2025-201697

A wrong permission check in KNIME Business Hub before version 1.17.0 allowed an authenticated user to save jobs of other users as if there were saved by the job owner. The attacker must have permissions to access the jobs but then they were saved into the catalog service using the wrong owner...

5.3CVSS6.2AI score0.00194EPSS
Exploits0References2
OSV
OSV
added 2025/09/04 6:15 p.m.3 views

CVE-2025-26420

In multiple functions of GrantPermissionsActivity.java , there is a possible way to trick the user into granting the incorrect permission due to permission overload. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

4.4CVSS5.9AI score0.00084EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/02 12:0 a.m.22 views

Grafana Labs Incorrect Permission (cve-2024-8118)

The version of Grafana Labs installed on the remote host is prior to 10.3.10, 10.4.9, 11.0.5, 11.1.6, or 11.2.1. It is, therefore, affected by a vulnerability as referenced in the cve-2024-8118 advisory. - In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing...

5.1CVSS6.9AI score0.00579EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/26 6:46 p.m.16 views

CVE-2024-8118 Grafana alerting wrong permission on datasource rule write endpoint

In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules...

5.1CVSS7.1AI score0.00579EPSS
Exploits0References1
Rows per page
Query Builder