Lucene search
K

8 matches found

OSV
OSV
added 2024/09/26 3:15 p.m.4 views

CVE-2024-9155

Mattermost versions 9.10.x = 9.10.1, 9.9.x = 9.9.2, 9.5.x = 9.5.8 fail to limit access to channels files that have not been linked to a post which allows an attacker to view them in channels that they are a member of...

4.3CVSS4.8AI score
Exploits0References1
CNVD
CNVD
added 2020/06/30 12:0 a.m.11 views

Unspecified Vulnerability in ASRock RGB Driver

ASRock RGB Driver is a RGB three primary colors light mode light driver from ASRock Taiwan, China. A security vulnerability exists in the AsrDrv103.sys file in ASRock RGB Driver, which originates from the program's failure to properly restrict access from user space. No details of the vulnerabili...

5.5CVSS6.7AI score0.01349EPSS
Exploits1References1
OSV
OSV
added 2017/04/20 6:59 p.m.2 views

CVE-2016-1220

Cybozu Garoon before 4.2.2 does not properly restrict access...

4.3CVSS5.8AI score
Exploits0References4
Cvelist
Cvelist
added 2017/04/14 6:0 p.m.20 views

CVE-2016-4889

ZOHO ManageEngine ServiceDesk Plus before 9.0 allows remote authenticated guest users to have unspecified impact by leveraging failure to restrict access to unknown functions...

8.7AI score0.02683EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/11/11 5:50 a.m.3 views

CG-WLR300NX fails to restrict access permissions

Overview CG-WLR300NX provided by Corega Inc is a wireless LAN router. CG-WLR300NX fails to restrict access permissions. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

8.8CVSS6.6AI score0.00889EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/03/25 12:0 a.m.59 views

ManageEngine Desktop Central Remote Security Bypass (Intrusive Check)

The version of ManageEngine Desktop Central running on the remote host is affected by a remote security bypass vulnerability, due to a failure to restrict access to 'DCPluginServelet'. This allows an unauthenticated, remote attacker to create an account with full administrative privileges within...

9.8CVSS8.6AI score0.81048EPSS
Exploits8References2
Debian CVE
Debian CVE
added 2004/11/19 5:0 a.m.33 views

CVE-2004-0749

The modauthzsvn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via 1 svn log -v, 2 svn propget, or 3 svn blame, and other commands that follow renames...

5CVSS5.4AI score0.01457EPSS
Exploits0
CVE
CVE
added 2001/10/12 4:0 a.m.52 views

CVE-2001-0535

The CVE-2001-0535 issue affects ColdFusion Server 4.x Exampleapps, where access checks do not correctly limit requests from outside the local host domain. This enables remote attackers to spoof the HTTP Host (CGI.Host) to the Web Publish and Email example scripts, allowing upload, read, or execut...

7.5CVSS6.7AI score0.01958EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder