Lucene search
K

41 matches found

CNNVD
CNNVD
added 2025/05/15 12:0 a.m.6 views

Checkmate 安全漏洞

Checkmate is an open source, self-hosted tool from BlueWave Open Source designed to track and monitor server hardware, uptime, response time and events in real-time with beautiful visualizations. A security vulnerability exists in Checkmate versions prior to 2.1 that stems from unrestricted acces...

5CVSS6.2AI score0.00283EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/05/15 12:0 a.m.18 views

CVE-2025-48024

In BlueWave Checkmate before 2.1, an authenticated regular user can access sensitive application secrets via the /api/v1/settings endpoint...

5CVSS0.00283EPSS
Exploits0References5
CVE
CVE
added 2025/05/15 12:0 a.m.39 views

CVE-2025-48024

CVE-2025-48024 affects BlueWave Checkmate before 2.1. An authenticated regular user can access sensitive application secrets via the /api/v1/settings endpoint, leading to secret disclosure. The advisories consistently describe the issue and recommend upgrading to version 2.1 or later; as a tempor...

5CVSS6.9AI score0.00283EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/12 12:6 a.m.33 views

CVE-2025-47817

In BlueWave Checkmate through 2.0.2 before b387eba, a profile edit request can include a role parameter...

8.8CVSS7.2AI score0.00427EPSS
Exploits0References1
NVD
NVD
added 2025/05/10 10:15 p.m.22 views

CVE-2025-47817

In BlueWave Checkmate through 2.0.2 before b387eba, a profile edit request can include a role parameter...

8.8CVSS0.00427EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/05/10 12:0 a.m.4 views

Checkmate 安全漏洞

Checkmate is an open source, self-hosted tool from BlueWave Open Source designed to track and monitor server hardware, uptime, response time and events in real-time with beautiful visualizations. A security vulnerability exists in Checkmate 2.0.2 and earlier versions that stems from unvalidated...

8.8CVSS6.5AI score0.00427EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/05/10 12:0 a.m.12 views

PT-2025-20645 · Bluewave · Bluewave Checkmate

Name of the Vulnerable Software and Affected Versions: BlueWave Checkmate versions 2.0.2 and earlier, before b387eba Description: The issue allows a profile edit request to include a role parameter. This is related to the external control of assumed-immutable web parameters. Recommendations: For...

8.8CVSS6.4AI score0.00427EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2025/05/10 12:0 a.m.5 views

CVE-2025-47817

In BlueWave Checkmate through 2.0.2 before b387eba, a profile edit request can include a role parameter...

8.8CVSS8.7AI score0.00427EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/05/10 12:0 a.m.11 views

CVE-2025-47817

In BlueWave Checkmate through 2.0.2 before b387eba, a profile edit request can include a role parameter...

8.8CVSS0.00427EPSS
Exploits0References3
OSV
OSV
added 2025/05/10 12:0 a.m.7 views

CVE-2025-47817

In BlueWave Checkmate through 2.0.2 before b387eba, a profile edit request can include a role parameter...

8.8CVSS6.8AI score0.00427EPSS
Exploits0References5
CVE
CVE
added 2025/05/10 12:0 a.m.77 views

CVE-2025-47817

CVE-2025-47817 affects BlueWave Checkmate 2.0.2 and earlier (pre-b387eba). The issue arises from a profile edit request permitting a role parameter, enabling unvalidated external control of web parameters. CVSS v3.1: Network attack, low privileges, no user interaction, with high impacts to confid...

8.8CVSS7.2AI score0.00427EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/05 1:1 a.m.26 views

CVE-2025-47245

In BlueWave Checkmate through 2.0.2 before d4a6072, an invite request can be modified to specify a privileged role...

8.1CVSS6.8AI score0.0042EPSS
Exploits0References1
NVD
NVD
added 2025/05/04 12:15 a.m.44 views

CVE-2025-47245

In BlueWave Checkmate through 2.0.2 before d4a6072, an invite request can be modified to specify a privileged role...

8.1CVSS0.0042EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/05/04 12:0 a.m.4 views

Checkmate 安全漏洞

Checkmate is an open source, self-hosted tool from BlueWave Open Source designed to track and monitor server hardware, uptime, response time and events in real-time with beautiful visualizations. A security vulnerability exists in Checkmate 2.0.2 and earlier versions, which stems from the fact th...

8.1CVSS6.6AI score0.0042EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/05/03 12:0 a.m.5 views

PT-2025-18959 · Unknown · Bluewave Checkmate

Name of the Vulnerable Software and Affected Versions: BlueWave Checkmate versions through 2.0.2 before d4a6072 Description: The issue allows an invite request to be modified to specify a privileged role. Recommendations: For BlueWave Checkmate versions through 2.0.2 before d4a6072, consider...

8.1CVSS6.3AI score0.0042EPSS
Exploits0References13
Vulnrichment
Vulnrichment
added 2025/05/03 12:0 a.m.5 views

CVE-2025-47245

In BlueWave Checkmate through 2.0.2 before d4a6072, an invite request can be modified to specify a privileged role...

8.1CVSS6.8AI score0.0042EPSS
Exploits0References3
OSV
OSV
added 2025/05/03 12:0 a.m.5 views

CVE-2025-47245

In BlueWave Checkmate through 2.0.2 before d4a6072, an invite request can be modified to specify a privileged role...

8.1CVSS6.6AI score0.0042EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/05/03 12:0 a.m.30 views

CVE-2025-47245

In BlueWave Checkmate through 2.0.2 before d4a6072, an invite request can be modified to specify a privileged role...

8.1CVSS0.0042EPSS
Exploits0References3
CVE
CVE
added 2025/05/03 12:0 a.m.84 views

CVE-2025-47245

CVE-2025-47245 affects BlueWave Checkmate up to version 2.0.2 before commit d4a6072, where an invite request can be modified to specify a privileged role. The issue is documented across multiple feeds (NVD, Red Hat, OSV, NVD enrichments) with a high impact and CVSS 3.1 base score of 8.1 (CONF/INT...

8.1CVSS7AI score0.0042EPSS
Exploits0References3
HackRead
HackRead
added 2023/02/05 1:31 a.m.39 views

Instant Checkmate, TruthFinder Data Breach: 20M Accounts Leaked

By Deeba Ahmed Instant Checkmate and TruthFinder are two subscription-based services allowing users to carry out background checks on people. This is a post from HackRead.com Read the original post: Instant Checkmate, TruthFinder Data Breach: 20M Accounts Leaked...

5AI score
Exploits0
Rows per page
Query Builder