Lucene search
+L

9 matches found

euvd
euvd
added 2026/02/04 9:42 p.m.7 views

EUVD-2026-5329

Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.3.19, 4.4.13, 4.5.6, Mastodon is vulnerable to web cache poisoning via Rails.cache. When AUTHORIZEDFETCH is enabled, the ActivityPub endpoints for pinned posts and featured hashtags have contents that...

6.5CVSS5.4AI score0.00394EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2023/08/25 9:6 a.m.10 views

CVE-2023-4478 Parameter tampering in the registration resulting in blocked accounts to be created

Mattermost fails to restrict which parameters' values it takes from the request during signup allowing an attacker to register users as inactive, thus blocking them from later accessing Mattermost without the system admin activating their accounts...

4.3CVSS7.1AI score0.00441EPSS
Exploits0References1
cvelist
cvelist
added 2023/08/25 9:6 a.m.26 views

CVE-2023-4478 Parameter tampering in the registration resulting in blocked accounts to be created

Mattermost fails to restrict which parameters' values it takes from the request during signup allowing an attacker to register users as inactive, thus blocking them from later accessing Mattermost without the system admin activating their accounts...

4.3CVSS8.4AI score0.00441EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2022/06/24 12:0 a.m.9 views

The vulnerability of the PAM auth function in the configuration management system and the remote execution of Salt operations allows a perpetrator to execute any commands they want.

The vulnerability of the PAM auth function in configuration management and remote execution of Salt operations is related to the absence of effective blocking for “locked accounts”. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

7.5CVSS8.2AI score0.01878EPSS
Exploits0References7Affected Software9
ncsc
ncsc
added 2021/12/10 12:0 a.m.24 views

Vulnerabilities fixed in Atlassian Jira Server

Atlassian has fixed two vulnerabilities in Jira Server. A authenticated malicious person could exploit the vulnerabilities to give themselves elevated privileges, gain access to sensitive data and manipulate that data. The vulnerability is in access control, which allows accounts that have been...

7.5CVSS7.1AI score0.00836EPSS
Exploits0
cnvd
cnvd
added 2021/07/06 12:0 a.m.6 views

MediaWiki suffers from an unspecified vulnerability (CNVD-2021-48983)

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. MediaWiki 1.36 suffers from a security vulnerability that stems from the fact that the search results...

4.3CVSS6.7AI score0.00742EPSS
Exploits1References1
cnnvd
cnnvd
added 2021/07/02 12:0 a.m.5 views

MediaWiki 安全漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. MediaWiki 1.36 suffers from a security vulnerability that stems from the fact that the search results...

4.3CVSS5.5AI score0.00742EPSS
Exploits1References4
osv
osv
added 2019/12/19 9:15 p.m.4 views

UBUNTU-CVE-2019-19234

In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file instead of a password hash is not considered, allowing an attacker who has access to a Runas ALL sudoer account to impersonate any blocked user. NOTE: The software maintainer believes...

7.5CVSS6.6AI score0.02831EPSS
Exploits0References4
securityvulns
securityvulns
added 2002/02/08 12:0 a.m.35 views

Проблемы с блокирвоанными пользователями в Cisco Secure ACS (protection bypass)

Пользователи с блокирвоанными учетными записями NDS могут войти в систему...

1.2AI score
Exploits0References1Affected Software1
Rows per page
Query Builder