Lucene search
K

14 matches found

EUVD
EUVD
added 2026/03/26 9:31 p.m.12 views

EUVD-2026-16389

Improper Handling of Case Sensitivity vulnerability in Drupal OpenID Connect / OAuth client allows Privilege Escalation.This issue affects OpenID Connect / OAuth client: from 0.0.0 before 1.5.0...

5.8AI score0.00133EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.6 views

Raytha CMS 安全漏洞

Raytha CMS is a content management system developed by the American company Raytha. Versions of Raytha CMS prior to 1.5.0 contained security vulnerabilities. These vulnerabilities stemmed from the password reset function’s user enumeration feature. Differences in messages might allow attackers to...

6.9CVSS5.8AI score0.0028EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-16665

Malware in sbrugna...

10CVSS7AI score0.05525EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/08/11 9:31 p.m.10 views

Mattermost Confluence Plugin has Missing Authorization vulnerability

Mattermost Confluence Plugin versions 1.5.0 fail to check user access to the channel, allowing attackers to create a channel subscription without proper access to the channel via an API call to the edit channel subscription endpoint...

4CVSS6.9AI score0.00183EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/08/11 6:57 p.m.53 views

CVE-2025-53857 Lack of Authorization on Get Channel Subscriptions for Autocomplete in Mattermost Confluence Plugin

Mattermost Confluence Plugin version 1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without proper access to the channel via API call to the GET autocomplete/GetChannelSubscriptions endpoint...

3.7CVSS0.00192EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/10 12:0 a.m.5 views

PT-2025-32581 · WordPress · Mattermost Confluence Plugin

Name of the Vulnerable Software and Affected Versions: Mattermost Confluence Plugin versions prior to 1.5.0 Description: The Mattermost Confluence Plugin does not properly handle unexpected request bodies. Attackers can exploit this to crash the plugin by repeatedly sending invalid request bodies...

5.9CVSS7.2AI score0.00275EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/07/10 12:0 a.m.3 views

PT-2025-32576 · WordPress · Mattermost Confluence Plugin

Name of the Vulnerable Software and Affected Versions: Mattermost Confluence Plugin versions prior to 1.5.0 Description: The Mattermost Confluence Plugin is susceptible to a denial-of-service issue. Attackers can crash the plugin by repeatedly sending invalid request bodies to the update channel...

7.8CVSS7.2AI score0.00312EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/07/10 12:0 a.m.5 views

PT-2025-32580 · Mattermost · Mattermost Confluence Plugin

Name of the Vulnerable Software and Affected Versions: Mattermost Confluence Plugin versions prior to 1.5.0 Description: The Mattermost Confluence Plugin does not verify user access to Confluence spaces. This allows attackers to create subscriptions for Confluence spaces that a user does not have...

5CVSS7.1AI score0.00192EPSS
Exploits0References10
Patchstack
Patchstack
added 2024/11/21 10:34 p.m.6 views

WordPress Media Library Tools plugin < 1.5.0 - Author+ Stored XSS via SVG vulnerability

Author+ Stored XSS via SVG vulnerability discovered by Bob Matyas in WordPress Plugin Media Library Tools versions 1.5.0...

5.4CVSS6AI score0.00363EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/05/02 6:15 p.m.6 views

AZL-64791 CVE-2024-33394 affecting package kubevirt for versions less than 1.5.0-2

An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...

5.9CVSS6.1AI score0.00324EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/10 12:0 a.m.5 views

Easy!Appointments 输入验证错误漏洞

Easy!Appointments is a web-based appointment and schedule management system. An input validation error vulnerability exists in versions of Easy!Appointments prior to 1.5.0, which originates from a redirect that opens up...

6.3CVSS5.2AI score0.00376EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/12/27 12:0 a.m.5 views

Open Media Player 跨站脚本漏洞

Open Media Player is a mainstream audio and video player service open-sourced by the IET at the OU. A cross-site scripting vulnerability exists in versions of Open Media Player prior to 1.5.0, which stems from the fact that incorrect manipulation of the parameter ttmlurl can lead to cross-site...

5.4CVSS4.2AI score0.00549EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2021/04/26 12:0 a.m.12 views

PT-2021-18239 · Hedgedoc · Hedgedoc

Name of the Vulnerable Software and Affected Versions: HedgeDoc versions prior to 1.5.0 Description: The issue affects HedgeDoc, an open-source collaborative markdown editor, where an attacker can receive arbitrary files from the file system when exporting a note to PDF. This exploit requires the...

10CVSS9.3AI score0.01158EPSS
Exploits0References4
OSV
OSV
added 2017/04/11 9:59 p.m.3 views

CVE-2017-7689

A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0...

9.8CVSS5.8AI score0.05525EPSS
Exploits0References3
Rows per page
Query Builder