Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2026/06/23 4:52 p.m.6 views

Gogs Vulnerable to Privilege Escalation via Collaboration Access Mode Validation

Summary A repository admin collaborator can escalate their privileges to owner-level access by exploiting an off-by-one error in the ChangeCollaborationAccessMode function. Vulnerable Code In internal/database/repocollaboration.go, line 129: go func r Repository ChangeCollaborationAccessModeuserI...

7CVSS5.9AI score0.00499EPSS
Exploits0References5Affected Software1
Hacker One
Hacker One
added 2025/07/24 10:44 a.m.27 views

Malwarebytes: Replayable Password Change Request Across Sessions.

Vulnerability description not provided...

7.1AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/06/03 2:13 a.m.4 views

SUSE CVE-2023-23600

Per origin notification permissions were being stored in a way that didn't take into account what browsing context the permission was granted in. This lead to the possibility of notifications to be displayed during different browsing sessions. This bug only affects Firefox for Android. Other...

6.5CVSS6.8AI score0.00493EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/08/23 5:1 a.m.4 views

CVE-2022-25304

All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited numb...

7.5CVSS7.1AI score0.01063EPSS
Exploits0References4
Rows per page
Query Builder