Lucene search
K

12 matches found

Cvelist
Cvelist
added 2026/05/18 7:5 a.m.38 views

CVE-2026-6341 Incomplete group locking implementation

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...

4.3CVSS0.00152EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.12 views

Mattermost Plugins 安全漏洞

Mattermost Plugins is a plugin provided by the American company Mattermost, offering powerful feature extensions and tight integration with servers and network/desktop applications. Versions 11.5, 11.1.5, 10.13.11, and 11.3.4.0 of Mattermost Plugins contain security vulnerabilities. These...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/11 8:52 p.m.5 views

WordPress BuddyTask plugin <= 1.3.0 - Missing Authorization to Authenticated (Subscriber+) Cross-Group Task Board Access and Manipulation vulnerability

Missing Authorization to Authenticated Subscriber+ Cross-Group Task Board Access and Manipulation vulnerability discovered by Itthidej Aramsri Boeing777 in WordPress Plugin BuddyTask versions = 1.3.0...

6.5CVSS6.7AI score0.00183EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-6955

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A missing authorization check vulnerability exists in GitLab Remote Development affecting all versions prior to 16.5.6, 16.6 prior to 16.6.4 and 16.7 prior to...

6.6CVSS6AI score0.00552EPSS
Exploits0References2
OSV
OSV
added 2025/06/20 6:15 p.m.2 views

UBUNTU-CVE-2025-5121

An issue has been discovered in GitLab CE/EE affecting all versions from 17.11 before 17.11.4 and 18.0 before 18.0.2. A missing authorization check may have allowed compliance frameworks to be applied to projects outside the compliance framework's group...

9.9CVSS5.7AI score0.07524EPSS
Exploits0References4
NCSC
NCSC
added 2024/11/12 6:53 p.m.8 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Execution of arbitrary code User Rights - Execution of arbitrary code System Rights - Obtaining...

9.8CVSS8.8AI score0.81817EPSS
Exploits3
ATTACKERKB
ATTACKERKB
added 2024/01/12 2:15 p.m.8 views

CVE-2023-6955

A missing authorization check vulnerability exists in GitLab Remote Development affecting all versions prior to 16.5.6, 16.6 prior to 16.6.4 and 16.7 prior to 16.7.2. This condition allows an attacker to create a workspace in one group that is associated with an agent from another group...

6.6CVSS5.8AI score0.00552EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/01/12 2:15 p.m.3 views

UBUNTU-CVE-2023-6955

A missing authorization check vulnerability exists in GitLab Remote Development affecting all versions prior to 16.5.6, 16.6 prior to 16.6.4 and 16.7 prior to 16.7.2. This condition allows an attacker to create a workspace in one group that is associated with an agent from another group...

6.6CVSS5.8AI score0.00552EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/12/19 12:0 a.m.3 views

PT-2023-8248 · Gitlab · Gitlab Remote Development +1

Name of the Vulnerable Software and Affected Versions: GitLab Remote Development versions prior to 16.5.6 GitLab Remote Development version 16.6 prior to 16.6.4 GitLab Remote Development version 16.7 prior to 16.7.2 Description: The issue is related to improper access control in GitLab Remote...

6.6CVSS6.7AI score0.00552EPSS
Exploits0References21
OSV
OSV
added 2023/07/08 11:5 a.m.3 views

OESA-2023-1413 kubernetes security update

Container cluster management. Security Fixes: Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are...

8.8CVSS6.9AI score0.02157EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/01/04 12:0 a.m.3 views

IBM Sterling B2B Integrator 安全漏洞

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. An elevation of privilege...

8.8CVSS7.2AI score0.00549EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2018/05/13 5:5 p.m.11 views

lpextranet.southerncrossgroup.com XSS vulnerability

Open Bug Bounty ID: OBB-616127 Description| Value ---|--- Affected Website:| lpextranet.southerncrossgroup.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6...

Exploits0
Rows per page
Query Builder