CVE-2025-4430
- EPSS 0.1%
- Veröffentlicht 14.05.2025 10:36:38
- Zuletzt bearbeitet 16.05.2025 14:43:56
Unauthorized access to "/api/Token/gettoken" endpoint in EZD RP allows file manipulation.This issue affects EZD RP in versions before 20.19 (published on 22nd August 2024).
CVE-2024-7266
- EPSS 0.26%
- Veröffentlicht 07.08.2024 11:15:46
- Zuletzt bearbeitet 17.03.2025 09:15:12
Incorrect User Management vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP allows logged-in user to list all users in the system, including those from other organizations. This issue affects EZD RP: from 15 ...
CVE-2024-7267
- EPSS 0.36%
- Veröffentlicht 07.08.2024 11:15:46
- Zuletzt bearbeitet 17.03.2025 09:15:12
Exposure of Sensitive Information vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP allows logged-in user to retrieve information about IP infrastructure and credentials. This issue affects EZD RP all version...
CVE-2024-7265
- EPSS 0.29%
- Veröffentlicht 07.08.2024 11:15:45
- Zuletzt bearbeitet 17.03.2025 09:15:11
Incorrect User Management vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP allows logged-in user to change the password of any user, including root user, which could lead to privilege escalation. This issue ...