11 matches found
Admidio 安全漏洞
Admidio is a set of open-source member management systems developed by the Admidio team. This system supports features such as member lists, event management, message boards, photo albums, and downloads. Versions 5.0.0 to 5.0.6 of Admidio have security vulnerabilities. These vulnerabilities stem...
GO-2025-4267 Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea
Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea...
CVE-2025-68940
In Gitea before 1.22.5, branch deletion permissions are not adequately enforced after merging a pull request...
CVE-2025-68940
In Gitea before 1.22.5, branch deletion permissions are not adequately enforced after merging a pull request...
EUVD-2015-5164
Malware in sbrugna...
CVE-2021-25778
In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly...
PT-2025-23246 · Freescout · Freescout
Name of the Vulnerable Software and Affected Versions: FreeScout versions prior to 1.8.180 Description: The issue allows an authorized user with the administrator role or the privilege User::PERM EDIT USERS to create a user and specify the path to the user's avatar as ../.htaccess during creation...
CVE-2025-41423
Mattermost versions 10.4.x = 10.4.2, 10.5.x = 10.5.0, 9.11.x = 9.11.10 fail to properly validate permissions for the API endpoint /plugins/playbooks/api/v0/signal/keywords/ignore-thread, allowing any user or attacker to delete posts containing actions created by the Playbooks bot, even without...
CVE-2022-22676
An event handler validation issue in the XPC Services API was addressed by removing the service. This issue is fixed in macOS Monterey 12.2. An application may be able to delete files for which it does not have permission...
ownCloud 安全漏洞
Owncloud ownCloud is a personal cloud storage solution from the American company ownCloud Owncloud. A security vulnerability exists in ownCloud Server that stems from the ability to bypass permission checks for file deletion by using the shareinfo API. The vulnerability can be exploited by an...
Safemode Gem for Ruby is vulnerable to bypassing safe mode limitations
Safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation...