Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:18 a.m.7 views

CVE-2025-1102

A CWE-346 "Origin Validation Error" in the CORS configuration in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to affect the device confidentiality, integrity, or availability via crafted URLs or HTTP requests...

7.1CVSS7AI score0.00138EPSS
Exploits0References1
NVD
NVD
added 2025/02/12 2:15 p.m.6 views

CVE-2025-1102

A CWE-346 "Origin Validation Error" in the CORS configuration in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to affect the device confidentiality, integrity, or availability via crafted URLs or HTTP requests...

7.1CVSS0.00138EPSS
Exploits0References1
Circl
Circl
added 2025/02/12 1:27 p.m.8 views

CVE-2025-1102

creationtimestamp| type| source ---|---|--- 2025-02-12 13:27:46+00:00| seen| https://infosec.exchange/users/cve/statuses/113991146946426594...

7.1CVSS6.9AI score0.00138EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/12 1:26 p.m.10 views

CVE-2025-1102

A CWE-346 "Origin Validation Error" in the CORS configuration in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to affect the device confidentiality, integrity, or availability via crafted URLs or HTTP requests...

5.5CVSS0.00138EPSS
Exploits0References1
CVE
CVE
added 2025/02/12 1:26 p.m.53 views

CVE-2025-1102

CVE-2025-1102 concerns a CWE-346 Origin Validation Error in the CORS configuration of Q-Free MaxTime (<= 2.11.0). The issue allows an unauthenticated remote attacker to affect device confidentiality, integrity, or availability via crafted URLs or HTTP requests. Connected sources confirm affect...

7.1CVSS5.6AI score0.00138EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/12 1:26 p.m.6 views

CVE-2025-1102

A CWE-346 "Origin Validation Error" in the CORS configuration in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to affect the device confidentiality, integrity, or availability via crafted URLs or HTTP requests...

5.5CVSS5.6AI score0.00138EPSS
Exploits0References1
Rows per page
Query Builder