Lucene search
K

60 matches found

CNNVD
CNNVD
added 2025/01/28 12:0 a.m.6 views

Google Android 安全漏洞

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An elevation of privilege vulnerability exists in the Google Android MediaTek component Mediatek WLAN TDLS. An attacker can exploit this vulnerability to achieve elevation of...

8.8CVSS7AI score0.00195EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that originates from a direct link to netdevice...

7.8CVSS6.5AI score0.00208EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.6 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that originates from a direct link to netdevice...

7.8CVSS6.5AI score0.00218EPSS
Exploits0References5
NVD
NVD
added 2024/12/25 3:15 p.m.14 views

CVE-2023-5117

An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be accessed without authentication via a direct link to the uploaded file URL...

3.7CVSS0.00302EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/25 2:46 p.m.26 views

CVE-2023-5117 Exposure of Sensitive Information Due to Incompatible Policies in GitLab

An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be accessed without authentication via a direct link to the uploaded file URL...

3.7CVSS0.00302EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/25 2:46 p.m.11 views

CVE-2023-5117 Exposure of Sensitive Information Due to Incompatible Policies in GitLab

An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be accessed without authentication via a direct link to the uploaded file URL...

3.7CVSS6.7AI score0.00302EPSS
Exploits0References1
OSV
OSV
added 2024/11/15 11:15 a.m.7 views

UBUNTU-CVE-2021-3991

An Improper Authorization vulnerability exists in Dolibarr versions prior to the 'develop' branch. A user with restricted permissions in the 'Reception' section is able to access specific reception details via direct URL access, bypassing the intended permission restrictions...

4.3CVSS5.8AI score0.00309EPSS
Exploits0References4
CVE
CVE
added 2024/06/19 12:0 a.m.55 views

CVE-2024-36677

The CVE-2024-36677 affects Weblir’s PrestaShop module Login as customer PRO (versions

7.5CVSS6.9AI score0.00379EPSS
Exploits0References1
NVD
NVD
added 2024/05/17 3:15 p.m.33 views

CVE-2024-35842

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: sof-common: Add NULL check for normallink string It's not granted that all entries of struct sofconnstream declare a normallink a non-SOF, direct link string, and this is the case for SoCs that support only SOF...

5.5CVSS7.5AI score0.00216EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/05/17 3:15 p.m.30 views

CVE-2024-35842

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: sof-common: Add NULL check for normallink string It's not granted that all entries of struct sofconnstream declare a normallink a non-SOF, direct link string, and this is the case for SoCs that support only SOF...

5.5CVSS6.3AI score0.00216EPSS
Exploits0References14
OSV
OSV
added 2024/05/15 9:7 p.m.26 views

GHSA-XMP3-7745-G4VJ ezsystems/ez-support-tools Failing access control in system info view

This Security Advisory is about a vulnerability in ezsystems/ez-support-tools v2.2, part of Ibexa DXP v3.2. Older versions are not affected. A user having insufficient permissions is able to access the system information tabs if they type in the direct link the link is not shown in the menu. The...

6.7AI score
Exploits0References3
Vivaldi Security Advisories
Vivaldi Security Advisories
added 2024/05/13 9:13 p.m.19 views

Minor update (5) for Vivaldi Desktop Browser 6.7

Download Vivaldi The following improvements were made since the fourth 6.7 minor update: Chromium Upgraded 124.0.6367.219 CVE-2024-4761: NB. Chromium updates may include security enhancements or fixes, crash fixes, or website compatibility updates. Web Compatibility Auth does not work when link i...

8.8CVSS5.8AI score0.11007EPSS
Exploits2References1
OSV
OSV
added 2024/03/06 11:2 a.m.47 views

BIT-MATTERMOST-2023-1776

Boards in Mattermost allows an attacker to upload a malicious SVG image file as an attachment to a card and share it using a direct link to the file...

7.3CVSS6AI score0.00447EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/05/18 2:15 a.m.9 views

CVE-2023-29857

An issue in Teslamate v1.27.1 allows attackers to obtain sensitive information via directly accessing the teslamate link...

5.3CVSS6.1AI score0.00528EPSS
Exploits0References3
OSV
OSV
added 2023/04/26 10:15 p.m.3 views

CVE-2023-27107

Incorrect access control in the runReport function of MyQ Solution Print Server before 8.2 Patch 32 and Central Server before 8.2 Patch 22 allows users who do not have appropriate access rights to generate internal reports using a direct URL...

8.8CVSS7.3AI score
Exploits0References1
CNNVD
CNNVD
added 2023/04/26 12:0 a.m.3 views

MyQ Solution Print Server和MyQ Solution Central Server 安全漏洞

MyQ Solution Print Server and MyQ Solution Central Server are both products of MyQ Solution, Inc.MyQ Solution Print Server is an easy-to-use print management software. It can control printers, reduce printing costs, and be environmentally friendly by reducing unnecessary waste.MyQ Solution Centra...

8.8CVSS8AI score0.00837EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/04/26 12:0 a.m.3 views

PT-2023-20957 · Unknown · Myq Solution Print Server +1

Name of the Vulnerable Software and Affected Versions: MyQ Solution Print Server versions prior to 8.2 Patch 32 MyQ Solution Central Server versions prior to 8.2 Patch 22 Description: The issue is related to incorrect access control in the runReport function, allowing users without appropriate...

8.8CVSS8.5AI score0.00837EPSS
Exploits1References4
OSV
OSV
added 2023/03/31 12:30 p.m.55 views

GHSA-63F2-6959-2PXJ Mattermost vulnerable to cross-site scripting (XSS)

Boards in Mattermost allows an attacker to upload a malicious SVG image file as an attachment to a card and share it using a direct link to the file. Issue Identifier: MMSA-2023-00139...

5.4CVSS6AI score0.00447EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/03/31 11:29 a.m.30 views

CVE-2023-1776 Stored XSS via SVG attachment on Boards

Boards in Mattermost allows an attacker to upload a malicious SVG image file as an attachment to a card and share it using a direct link to the file...

7.3CVSS7.3AI score0.00447EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/03/31 12:0 a.m.15 views

Mattermost 跨站脚本漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from Boards that allows an attacker to upload a malicious SVG image file as an attachment to a card and share it using a direct link to the...

7.3CVSS6.5AI score0.00447EPSS
Exploits0References2
Rows per page
Query Builder