13 matches found
CVE-2024-54017
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SA82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SD82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SJ81 CP150 All versions = V7.80, SIPROT...
CVE-2024-54017
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SA82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SD82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SJ81 CP150 All versions = V7.80, SIPROT...
PT-2026-39977
Name of the Vulnerable Software and Affected Versions SIPROTEC 5 6MD84 CP300 versions prior to V11.0 SIPROTEC 5 6MD85 CP200 affected versions not specified SIPROTEC 5 6MD85 CP300 versions V7.80 through V11.0 SIPROTEC 5 6MD86 CP200 affected versions not specified SIPROTEC 5 6MD86 CP300 versions...
📄 HPE OneView Unauthenticated Remote Code Execution
This Metasploit module exploits an unauthenticated remote code execution vulnerability against Hewlett Packard Enterprise HPE OneView. All versions below 11.00 are vulnerable so long as the vendor supplied hotfix has not been applied, however some VM product versions do not enable the vulnerable...
HPE OneView unauthenticated RCE
This module exploits an unauthenticated RCE vulnerability, CVE-2025-37164, against Hewlett Packard Enterprise HPE OneView. All versions below 11.00 are vulnerable so long as the vendor supplied hotfix has not been applied, however some VM product versions do not enable the vulnerable "ID Pools"...
CVE-2025-41436
Mattermost versions 11.0 fail to properly enforce the "Allow users to view archived channels" setting which allows regular users to access archived channel content and files via the "Open in Channel" functionality from followed threads...
CVE-2025-55070 Lack of MFA enforcement in WebSocket connections
Mattermost versions 11 fail to enforce multi-factor authentication on WebSocket connections which allows unauthenticated users to access sensitive information via WebSocket events...
CVE-2025-41436 Unauthorized access to archived channel content via threads interface
Mattermost versions 11.0 fail to properly enforce the "Allow users to view archived channels" setting which allows regular users to access archived channel content and files via the "Open in Channel" functionality from followed threads...
CVE-2025-11776
Mattermost CVE-2025-11776 affects Mattermost Server versions earlier than 11.0.0. A flaw in access control on the archived channel search API (/api/v4/teams/{team_id}/channels/search_archived) allows guest users to discover archived public channels. Root cause: insufficient restrictions on archiv...
CVE-2025-11776 Guest user can discover archived public channels
Mattermost versions 11 fail to properly restrict access to archived channel search API which allows guest users to discover archived public channels via the /api/v4/teams/teamid/channels/searcharchived endpoint...
WordPress PixelYourSite plugin < 11.1.2 - Admin+ LFI vulnerability
Admin+ LFI vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin PixelYourSite – Your smart PIXEL TAG Manager versions 11.1.2...
CVE-2024-9230
The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.9.18 does not sanitise and escape some of its settings when adding a podcast, which could allow author and above users to perform Stored Cross-Site Scripting attacks...
CVE-2023-31238
A vulnerability has been identified in SICAM P850 7KG8500-0AA00-0AA0 All versions V3.11, SICAM P850 7KG8500-0AA00-2AA0 All versions V3.11, SICAM P850 7KG8500-0AA10-0AA0 All versions V3.11, SICAM P850 7KG8500-0AA10-2AA0 All versions V3.11, SICAM P850 7KG8500-0AA30-0AA0 All versions V3.11, SICAM P8...