9 matches found
CVE-2025-26360
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to delete dashboards via crafted HTTP requests...
CVE-2025-26360
CVE-2025-26360 describes a CWE-306 vulnerability: Missing Authentication for Critical Function in the Q-Free MaxTime product. The flaw resides in maxprofile/persistance/routes.lua and affects MaxTime versions less than or equal to 2.11.0, enabling an unauthenticated remote attacker to delete dash...
CVE-2025-26360
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to delete dashboards via crafted HTTP requests...
CVE-2025-26360
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to delete dashboards via crafted HTTP requests...
PT-2023-23720 · Dataease · Dataease
Name of the Vulnerable Software and Affected Versions: DataEase versions prior to 1.18.7 Description: The API interface for DataEase delete dashboard and delete system messages is vulnerable to insecure direct object references IDOR. This could result in a user deleting another user's dashboard o...
F5 Networks BIG-IP : BIG-IP TMUI vulnerability (K41877405)
The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K41877405 advisory. - On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1....
Design/Logic Flaw
IBM Rational Jazz Team Server JTS, as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x...
CVE-2014-6129
IBM Rational Jazz Team Server JTS, as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x...
CVE-2014-6129
IBM Rational Jazz Team Server JTS, as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x...