Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2025/11/15 8:40 a.m.9 views

CVE-2025-55070

Mattermost versions 11 fail to enforce multi-factor authentication on WebSocket connections which allows unauthenticated users to access sensitive information via WebSocket events...

7.5CVSS6.9AI score0.00272EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/14 12:0 a.m.7 views

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in versions prior to Mattermost 11 that stems from a WebSocket connection that does not enforce multi-factor authentication, which could result in an unauthenticated use...

7.5CVSS6.3AI score0.00272EPSS
Exploits0References2
OSV
OSV
added 2025/07/08 11:15 a.m.5 views

CVE-2024-31853

A vulnerability has been identified in SICAM TOOLBOX II All versions V07.11. During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check the extended key usage attribute of that device's certificate. This could allow an attacker to...

7.7CVSS5.8AI score0.00173EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/09 12:0 a.m.5 views

LearningDigital Orca HCM 路径遍历漏洞

LearningDigital Orca HCM is a digital learning platform from China-based LearningDigital. A path traversal vulnerability exists in LearningDigital Orca HCM versions prior to 11.0, which arises from improperly restricting certain parameters of the file download function, allowing a remote attacker...

6.5CVSS6.8AI score0.00673EPSS
Exploits0References3
OSV
OSV
added 2024/08/14 2:15 p.m.4 views

CVE-2024-23908

Insecure inherited permissions in some Flexlm License Daemons for IntelR FPGA software before version v11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS5.8AI score0.00131EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/29 12:0 a.m.4 views

Secomea GateManager 安全漏洞

Secomea GateManager is a remote access server product from Secomea, Denmark. A security vulnerability exists in Secomea GateManager versions prior to 11.2.624071020, which stems from a security flaw in the pseudo-random number generator PRNG...

8.1CVSS6.8AI score0.0052EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/08/08 12:0 a.m.8 views

Digital Ant E-Commerce Cross-Site Scripting Vulnerability

Digital Ant E-Commerce is an e-commerce platform from Digital Ant, Inc. A cross-site scripting vulnerability exists in versions of Digital Ant E-Commerce Software prior to version 11, which arises from improperly neutralized input during web page generation...

5.4CVSS6.1AI score0.00376EPSS
Exploits0References2
CNVD
CNVD
added 2019/09/27 12:0 a.m.2 views

Apple Xcode ld64 component arbitrary code execution vulnerability (CNVD-2019-37184)

Apple Xcode is a set of integrated development environments IDEs provided to developers by Apple, Inc. that are used to develop applications for Mac OS X and iOS. ld64 is one of the Apple toolchain linking programs. An arbitrary code execution vulnerability exists in the ld64 component of Apple...

9.3CVSS8AI score0.01881EPSS
Exploits0References1
CNVD
CNVD
added 2018/04/08 12:0 a.m.5 views

Apple iOS APNs Man-in-the-Middle Attack Vulnerability

Apple iOS is an operating system developed by Apple Inc. for mobile devices.APNs are a component of the push notification service. A security vulnerability exists in the APNs component in versions of Apple iOS prior to 11. An attacker can exploit this vulnerability to conduct a man-in-the-middle...

5.9CVSS6.4AI score0.00423EPSS
Exploits0References1
CNVD
CNVD
added 2016/11/03 12:0 a.m.3 views

Schneider Electric Unity Pro Remote Code Execution Vulnerability

Schneider Electric Unity Pro is a suite of development software for testing, debugging and managing applications from the French company Schneider Electric. A remote code execution vulnerability exists in versions of Schneider Electric Unity Pro prior to V11.1. A remote attacker can exploit the...

7CVSS8.4AI score0.01103EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2004/04/14 1:59 p.m.7 views

security flaw

The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405...

2.6CVSS5.9AI score0.01832EPSS
Exploits0References4
Rows per page
Query Builder