Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Vulnrichment
Vulnrichmentadded 2025/05/30 2:22 p.m.6 views

CVE-2025-3230 Bypass of System Admin User Deactivation Controls for Personal Access Tokens in Mattermost Server

Mattermost versions 10.7.x = 10.7.0, 10.6.x = 10.6.2, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fails to properly invalidate personal access tokens upon user deactivation, allowing deactivated users to maintain full system access by exploiting access token validation flaws via continued usage of previous...

5.4CVSS7.1AI score0.00193EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/06/06 12:0 a.m.3 views

PT-2024-18651 · Zenml Io · Zenml

Name of the Vulnerable Software and Affected Versions: zenml-io/zenml version 0.55.3 Description: An improper authorization issue exists in the zenml-io/zenml repository, specifically within the API "PUT /api/v1/users/id" endpoint. This issue allows any authenticated user to modify the informatio...

6.5CVSS6.5AI score0.0005EPSS
Exploits1References10
NVD
NVDadded 2021/12/29 9:15 a.m.14 views

CVE-2021-25991

In Ifme, versions v5.0.0 to v7.32 are vulnerable against an improper access control, which makes it possible for admins to ban themselves leading to their deactivation from Ifme account and complete loss of admin access to Ifme...

7.3CVSS0.00192EPSS
Exploits1References2
Prion
Prionadded 2021/12/29 9:15 a.m.11 views

Improper access control

In Ifme, versions v5.0.0 to v7.32 are vulnerable against an improper access control, which makes it possible for admins to ban themselves leading to their deactivation from Ifme account and complete loss of admin access to Ifme...

4.9CVSS7.1AI score0.00192EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2021/12/29 9:10 a.m.3 views

CVE-2021-25991 ifme - Improper Access Control leads to admin deactivation

In Ifme, versions v5.0.0 to v7.32 are vulnerable against an improper access control, which makes it possible for admins to ban themselves leading to their deactivation from Ifme account and complete loss of admin access to Ifme...

5.7CVSS6.8AI score0.00192EPSS
Exploits1References2
Cvelist
Cvelistadded 2021/12/29 9:10 a.m.10 views

CVE-2021-25991 ifme - Improper Access Control leads to admin deactivation

In Ifme, versions v5.0.0 to v7.32 are vulnerable against an improper access control, which makes it possible for admins to ban themselves leading to their deactivation from Ifme account and complete loss of admin access to Ifme...

5.7CVSS7.4AI score0.00192EPSS
Exploits1References2
CNNVD
CNNVDadded 2021/09/20 12:0 a.m.2 views

WordPress 插件跨站请求伪造漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site request forgery vulnerability...

8.1CVSS7.5AI score0.0012EPSS
Exploits2References2
Rows per page
Query Builder