CVE-2026-0998

Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 and Mattermost Plugin Zoom versions =1.11.0 fail to validate user identity and post ownership in the /api/v1/askPMI endpoint which allows unauthorized users to start Zoom meetings as any user and overwrite arbitrary posts via...

HP ThinPro 安全漏洞

HP ThinPro is a Linux-based operating system from Hewlett-Packard HP in the United States. A security vulnerability exists in HP ThinPro version 8.1, which stems from a failure to validate a user's true identity...

EUVD-2017-15207

Malware in sbrugna...

CVE-2025-52395

An issue in Roadcute API v.1 allows a remote attacker to execute arbitrary code via the application exposing a password reset API endpoint that fails to validate the identity of the requester properly...

PT-2025-34234 · Unknown · Roadcute Api

Name of the Vulnerable Software and Affected Versions: Roadcute API version 1 Description: An issue in the application allows a remote attacker to execute arbitrary code via an insecure password reset API endpoint. The endpoint fails to validate the identity of the requester properly...

CVE-2020-9109

There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful...

CVE-2025-3793

The Buddypress Force Password Change plugin for WordPress is vulnerable to authenticated account takeover due to the plugin not properly validating a user's identity prior to updating their password through the 'bpforcepasswordajax' function in all versions up to, and including, 0.1. This makes i...