CVE-2025-55035

Mattermost Desktop App versions =5.13.0 fail to manage modals in the Mattermost Desktop App that stops a user with a server that uses basic authentication from accessing their server which allows an attacker that provides a malicious server to the user to deny use of the Desktop App via having th...

EUVD-2025-34773

Mattermost Desktop App versions =5.13.0 fail to manage modals in the Mattermost Desktop App that stops a user with a server that uses basic authentication from accessing their server which allows an attacker that provides a malicious server to the user to deny use of the Desktop App via having th...

CVE-2025-55035

Mattermost Desktop App versions =5.13.0 fail to manage modals in the Mattermost Desktop App that stops a user with a server that uses basic authentication from accessing their server which allows an attacker that provides a malicious server to the user to deny use of the Desktop App via having th...

CVE-2025-55035

Mattermost Desktop App versions =5.13.0 fail to manage modals in the Mattermost Desktop App that stops a user with a server that uses basic authentication from accessing their server which allows an attacker that provides a malicious server to the user to deny use of the Desktop App via having th...

CVE-2025-55035

Mattermost Desktop App versions

CVE-2025-55035 Mattermost Desktop DoS when user has basic authentication server configured

Mattermost Desktop App versions =5.13.0 fail to manage modals in the Mattermost Desktop App that stops a user with a server that uses basic authentication from accessing their server which allows an attacker that provides a malicious server to the user to deny use of the Desktop App via having th...

CVE-2025-55035 Mattermost Desktop DoS when user has basic authentication server configured

Mattermost Desktop App versions =5.13.0 fail to manage modals in the Mattermost Desktop App that stops a user with a server that uses basic authentication from accessing their server which allows an attacker that provides a malicious server to the user to deny use of the Desktop App via having th...

CVE-2025-42939

SAP S/4HANA Manage Processing Rules - For Bank Statements allows an authenticated attacker with basic privileges to delete conditions from any shared rule of any user by tampering the request parameter. Due to missing authorization check, the attacker can delete shared rule conditions that should...

CVE-2025-40765

A vulnerability has been identified in TeleControl Server Basic V3.1 All versions = V3.1.2.2 V3.1.2.3. The affected application contains an information disclosure vulnerability. This could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform...

Amazon Linux 2 : cups, --advisory ALAS2-2025-3028 (ALAS-2025-3028)

The version of cups installed on the remote host is prior to 1.6.3-51. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3028 advisory. A flaw was found in CUPS, a widely used printing service on Linux and UNIX-like systems. The issue arises when authentication is...

CVE-2025-40765

A vulnerability has been identified in TeleControl Server Basic V3.1 All versions = V3.1.2.2 V3.1.2.3. The affected application contains an information disclosure vulnerability. This could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform...

CVE-2025-40765

A vulnerability has been identified in TeleControl Server Basic V3.1 All versions = V3.1.2.2 V3.1.2.3. The affected application contains an information disclosure vulnerability. This could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform...

EUVD-2025-34161

A vulnerability has been identified in TeleControl Server Basic V3.1 All versions = V3.1.2.2 V3.1.2.3. The affected application contains an information disclosure vulnerability. This could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform...

CVE-2025-40765

CVE-2025-40765 affects Siemens TeleControl Server Basic, versions 3.1.2.2–3.1.2.3. The vulnerability is an information disclosure that could allow an unauthenticated remote attacker to obtain user password hashes and login to perform authenticated operations on the database service. The issue is ...

CVE-2025-42939

SAP S/4HANA: The Manage Processing Rules – For Bank Statements component is affected by CVE-2025-42939. An authenticated attacker with basic privileges can tamper request parameters to delete conditions from any shared rule, due to a missing authorization check, compromising integrity without imp...

Siemens TeleControl Server Basic 访问控制错误漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens Germany. An access control error vulnerability exists in Siemens TeleControl Server Basic versions V3.1.2.2 through prior to V3.1.2.3, which originates from an unauthenticated, remote attacker being able to obtain a...

Medium: cups

Issue Overview: A flaw was found in CUPS, a widely used printing service on Linux and UNIX-like systems. The issue arises when authentication is configured to use a method other than Basic, but the attacker sends an HTTP request with a Basic authentication header. Due to improper validation in th...

PT-2025-41844

Name of the Vulnerable Software and Affected Versions SAP S/4HANA affected versions not specified Description An authenticated attacker with basic privileges can delete conditions from any shared rule of any user by manipulating the request parameter. This is due to a missing authorization check,...

Siemens TeleControl Server Basic

SUMMARY TeleControl Server Basic V3.1 contains an information disclosure vulnerability that could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform authenticated operations of the database service. Siemens has released a new version for...

PT-2025-41882

Name of the Vulnerable Software and Affected Versions TeleControl Server Basic versions 3.1.2.2 through 3.1.2.3 Description The application contains an information disclosure issue that could allow a remote attacker to obtain password hashes of users. This access could allow an attacker to log in...