Lucene search
+L

351 matches found

CVE
CVE
added 2025/08/11 6:57 p.m.38 views

CVE-2025-54458

Mattermost Confluence Plugin vulnerability CVE-2025-54458: versions = 1.5.0 or apply vendor-provided fix as available.

5CVSS7.1AI score0.00206EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/11 6:57 p.m.4 views

CVE-2025-53910 Unauthorized Channel Subscription Edit in Mattermost Confluence Plugin

Mattermost Confluence Plugin version 1.5.0 fails to check the access of the user to the channel which allows attackers to create a channel subscription without proper access to the channel via API call to the edit channel subscription endpoint...

4CVSS7AI score0.00196EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/11 6:56 p.m.3 views

CVE-2025-44001 Unauthorized Channel Subscription Read in Mattermost Confluence Plugin

Mattermost Confluence Plugin version 1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without proper access to the channel via API call to the Get Channel Subscriptions details endpoint...

4CVSS7.1AI score0.00206EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-50080

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tee: add overflow check in registershmhelper With special lengths supplied by user space,...

5.5CVSS6.1AI score0.00223EPSS
Exploits0References3
OSV
OSV
added 2025/07/25 3:15 p.m.3 views

DEBIAN-CVE-2025-38434

In the Linux kernel, the following vulnerability has been resolved: Revert "riscv: Define TASKSIZEMAX for accessok" This reverts commit ad5643cf2f69 "riscv: Define TASKSIZEMAX for accessok". This commit changes TASKSIZEMAX to be LONGMAX to optimize accessok, because the previous TASKSIZEMAX defau...

5.5CVSS5.2AI score0.00157EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/07/25 2:32 p.m.6 views

CVE-2025-38434

In the Linux kernel, the following vulnerability has been resolved: Revert "riscv: Define TASKSIZEMAX for accessok" This reverts commit ad5643cf2f69 "riscv: Define TASKSIZEMAX for accessok". This commit changes TASKSIZEMAX to be LONGMAX to optimize accessok, because the previous TASKSIZEMAX defau...

5.5CVSS5.7AI score0.00157EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/06/18 11:15 a.m.4 views

UBUNTU-CVE-2022-50080

In the Linux kernel, the following vulnerability has been resolved: tee: add overflow check in registershmhelper With special lengths supplied by user space, registershmhelper has an integer overflow when calculating the number of pages covered by a supplied user space memory region. This causes...

5.5CVSS6.1AI score0.00223EPSS
Exploits0References9
CVE
CVE
added 2025/06/18 11:2 a.m.69 views

CVE-2022-50080

CVE-2022-50080 (Linux kernel) affects kernel code path for tee/shm handling. The issue is an integer overflow in register_shm_helper() when calculating pages for a memory region supplied by user space, which can lead to a NULL pointer dereference in internal_get_user_pages_fast() via pin_user_pag...

5.5CVSS6.3AI score0.00223EPSS
Exploits0References7Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 5:37 a.m.9 views

CVE-2023-26481

authentik is an open-source Identity Provider. Due to an insufficient access check, a recovery flow link that is created by an admin or sent via email by an admin can be used to set the password for any arbitrary user. This attack is only possible if a recovery flow exists, which has both an...

9.1CVSS7AI score0.00275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:9 a.m.6 views

CVE-2022-24980

An issue was discovered in the Kitodo.Presentation aka dif extension before 2.3.2, 3.x before 3.2.3, and 3.3.x before 3.3.4 for TYPO3. A missing access check in an eID script allows an unauthenticated user to submit arbitrary URLs to this component. This results in SSRF, allowing attackers to vie...

7.5CVSS7AI score0.01201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:31 p.m.6 views

CVE-2022-24979

An issue was discovered in the Varnishcache extension before 2.0.1 for TYPO3. The Edge Site Includes ESI content element renderer component does not include an access check. This allows an unauthenticated user to render various content elements, resulting in insecure direct object reference IDOR,...

5.3CVSS7AI score0.00758EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:10 a.m.8 views

CVE-2019-19845

In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure...

5.3CVSS6.7AI score0.01101EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/28 10:33 p.m.36 views

CVE-2025-46326 Snowflake Connector for .NET has race condition when checking access to Easy Logging configuration file

snowflake-connector-net is the Snowflake Connector for .NET. Versions starting from 2.1.2 to before 4.4.1, are vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition. When using the Easy Logging feature on Linux and macOS, the Connector reads logging configuration from a user-provided...

3.3CVSS0.00135EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/22 12:0 a.m.5 views

PT-2025-17921

Name of the Vulnerable Software and Affected Versions Moodle affected versions not specified Description A flaw was discovered in the software, where additional checks were required to ensure that users can only access cohort data they are authorized to retrieve. Recommendations At the moment,...

4.3CVSS5.9AI score0.00284EPSS
Exploits0References18
OSV
OSV
added 2025/04/03 2:15 p.m.17 views

BIT-JOOMLA-2023-23752 [20230201] - Core - Improper access check in webservice endpoints

An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints...

5.3CVSS5.5AI score0.99827EPSS
Exploits43References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-0225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any...

4.3CVSS6AI score0.00719EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/02/27 3:9 a.m.4 views

SUSE CVE-2022-49250

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rx-macro: fix accessing compander for aux AUX interpolator does not have compander, so check before accessing compander data for this. Without this checkan array of out bounds access will be made in compenabled arra...

5.5CVSS6.5AI score0.00252EPSS
Exploits0References7
NVD
NVD
added 2025/02/19 5:15 p.m.60 views

CVE-2025-27089

Directus is a real-time API and App dashboard for managing SQL database content. In affected versions if there are two overlapping policies for the update action that allow access to different fields, instead of correctly checking access permissions against the item they apply for the user is...

5.4CVSS0.0022EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/02/14 7:7 a.m.11 views

SUSE CVE-2023-0459

Copyfromuser on 64-bit versions of the Linux kernel does not implement the uaccessbeginnospec allowing a user to bypass the "accessok" check and pass a kernel pointer to copyfromuser. This would allow an attacker to leak information. We recommend upgrading beyond commit...

4.7CVSS6.5AI score0.00635EPSS
Exploits0References26
RedhatCVE
RedhatCVE
added 2025/02/05 10:1 a.m.7 views

CVE-2024-3821

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the wdtajaxactions.php file in all versions up to, and including, 6.3.2. This makes it possible for...

7.3CVSS6.6AI score0.00325EPSS
Exploits0References1
Rows per page
Query Builder