Lucene search
K

5 matches found

Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.21 views

(Pwn2Own) QNAP QHora-322 access_setting HTTP Request Smuggling Vulnerability

This vulnerability allows network-adjacent attackers to smuggle arbitrary HTTP requests on affected installations of QNAP QHora-322 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within th...

6.3CVSS7.4AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/07/04 2:43 p.m.3 views

SUSE CVE-2025-3611

Mattermost versions 10.7.x = 10.7.0, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fails to properly enforce access control restrictions for System Manager roles, allowing authenticated users with System Manager privileges to view team details they should not have access to via direct API requests to team...

4.3CVSS6.8AI score0.00191EPSS
Exploits0References2
OSV
OSV
added 2025/04/16 7:45 a.m.2 views

CVE-2025-27571 Channel metadata visible in archived channels despite configuration setting

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to check the "Allow Users to View Archived Channels" configuration when fetching channel metadata of a post from archived channels, which allows authenticated users to access such information when a channel is archived...

4.3CVSS5.9AI score0.00239EPSS
Exploits0References3
OSV
OSV
added 2020/03/10 6:15 p.m.2 views

UBUNTU-CVE-2019-13457

An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.8. A customer user can use the search results to disclose information from their "company" tickets with the same CustomerID, even when the CustomerDisableCompanyTicketAccess setting is turned on...

4.3CVSS6AI score0.00907EPSS
Exploits0References4
0day.today
0day.today
added 2014/03/08 12:0 a.m.43 views

Huawei E5331 MiFi Unauthenticated Access / Setting Manipulation

Huawei E5331 MiFi mobile hotspot version 21.344.11.00.414 suffers from unauthenticated access and setting manipulation vulnerabilities. ======================================================================= title: Unauthenticated access & manipulation of settings product: Huawei E5331 MiFi mobil...

7.3AI score
Exploits0
Rows per page
Query Builder