24 matches found
CVE-2026-28276 Initiative Allows Unauthenticated Access to Uploaded Documents via Public /uploads/ Endpoint
Initiative is a self-hosted project management platform. An access control vulnerability exists in Initiative versions prior to 0.32.2 where uploaded documents are served from a publicly accessible /uploads/ directory without any authentication or authorization checks. Any uploaded file can be...
CVE-2026-28276
Technical details beyond the Initial Description are not provided in the connected documents. Monitor for updates on CVE-2026-28276.
CVE-2025-8613
creationtimestamp| type| source ---|---|--- 2025-08-06 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-805/ 2025-09-02 23:21:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxvazgzilv27...
CVE-2025-8475
creationtimestamp| type| source ---|---|--- 2025-08-01 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-764/...
CVE-2025-7288
creationtimestamp| type| source ---|---|--- 2025-07-08 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-534/...
CVE-2025-7291
creationtimestamp| type| source ---|---|--- 2025-07-08 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-539/...
CVE-2025-7236
creationtimestamp| type| source ---|---|--- 2025-07-08 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-487/...
CVE-2025-48443
creationtimestamp| type| source ---|---|--- 2025-06-11 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-361/ 2025-07-03 01:19:51+00:00| seen| https://bsky.app/profile/kdm.pw/post/3lszkqcpne22k 2025-07-03 06:31:55+00:00| seen|...
CVE-2025-5826
creationtimestamp| type| source ---|---|--- 2025-06-11 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-345/ 2025-06-25 18:52:07+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19520...
CVE-2025-49216
creationtimestamp| type| source ---|---|--- 2025-06-11 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-373/ 2025-06-13 05:11:08+00:00| seen| https://infosec.exchange/users/vuldb/statuses/114674333654788638 2025-06-16 16:53:04+00:00| seen| https://t.me/truesecator/7129...
CVE-2025-30310
creationtimestamp| type| source ---|---|--- 2025-05-21 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-308/...
CVE-2025-1649
creationtimestamp| type| source ---|---|--- 2025-03-13 19:42:29+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7471 2025-03-18 04:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-159/ 2025-04-24 21:07:10+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13344...
CVE-2025-2015
creationtimestamp| type| source ---|---|--- 2025-03-10 04:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-116/...
CVE-2024-11933
creationtimestamp| type| source ---|---|--- 2024-11-27 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1630/ 2024-11-28 00:42:53+00:00| seen| https://infosec.exchange/users/cve/statuses/113557803696464261...
CVE-2024-11527
creationtimestamp| type| source ---|---|--- 2024-11-21 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1538/...
CVE-2024-11568
creationtimestamp| type| source ---|---|--- 2024-11-21 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1563/...
CVE-2024-11529
creationtimestamp| type| source ---|---|--- 2024-11-21 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1537/...
CVE-2024-50318
creationtimestamp| type| source ---|---|--- 2024-11-12 18:03:29+00:00| seen| https://t.me/cvedetector/10651 2024-11-13 06:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1489/...
CVE-2024-9739
creationtimestamp| type| source ---|---|--- 2024-10-11 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1349/...
CVE-2024-9758
creationtimestamp| type| source ---|---|--- 2024-10-11 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1361/...