Lucene search
K

14 matches found

ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-59715

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.6.16 before 0.10.0, the Socket.IO server is configured with alwaysconnect=True. The ydoc:awareness:update and ydoc:document:leave Socket.IO handlers accepted collaborative-document events without requirin...

3.1CVSS5.9AI score0.00222EPSS
Exploits1References5Affected Software1
CVE
CVE
added 5 days ago8 views

CVE-2026-59715

Affected software: Open WebUI self-hosted AI platform. Vulnerability: Unauthenticated access to collaborative-document Socket.IO handlers (ydoc:awareness:update, ydoc:document:leave) that accepted events without authenticated user, enabling unauthorized manipulation of document collaboration stat...

6.5CVSS5.9AI score0.00222EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 5 days ago10 views

PT-2026-56832

Name of the Vulnerable Software and Affected Versions Open WebUI versions 0.6.16 through 0.9.x Description The Socket.IO server is configured with always connect=True, which allows the ydoc:awareness:update and ydoc:document:leave Socket.IO handlers to accept collaborative-document events without...

6.5CVSS6.1AI score0.00222EPSS
Exploits1References8
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.10 views

M-Files Server 安全漏洞

The M-Files Server is a server belonging to the M-Files company’s M-Files system. Versions of the M-Files Server prior to 26.3 contained security vulnerabilities. These vulnerabilities stemmed from an outdated connection method used in the document collaborative editing feature, which allowed for...

7.3CVSS5.9AI score0.00195EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-29131

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00455EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/02/13 4:43 p.m.35 views

CVE-2023-25159 Nextcloud Server previews are accessible without a watermark

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Office is a document collaboration app for the same platform. Nextcloud Server 24.0.x prior to 24.0.8 and 25.0.x prior to 25.0.1, Nextcloud Enterprise Server 24.0.x prior to 24.0.8 and...

2.3CVSS5.3AI score0.00455EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/02/13 4:43 p.m.7 views

CVE-2023-25159 Nextcloud Server previews are accessible without a watermark

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Office is a document collaboration app for the same platform. Nextcloud Server 24.0.x prior to 24.0.8 and 25.0.x prior to 25.0.1, Nextcloud Enterprise Server 24.0.x prior to 24.0.8 and...

2.3CVSS4.6AI score0.00455EPSS
Exploits0References4
CVE
CVE
added 2023/02/13 4:43 p.m.96 views

CVE-2023-25159

CVE-2023-25159 affects Nextcloud Server and related components. Technical details from PT Security show the issue resides in OCFilesNodeFolder::getFullPath(), where improper validation/normalization can allow crafted paths to escape a user’s space, potentially overwriting other users’ data. Affec...

5.3CVSS4.3AI score0.00455EPSS
Exploits0References4Affected Software2
CNVD
CNVD
added 2021/12/30 12:0 a.m.48 views

Microsoft SharePoint Elevation of Privilege Vulnerability (CNVD-2022-01686)

Microsoft Office Sharepoint Server is a U.S. Microsoft Microsoft company for enterprise customers and design, web-based content management and collaboration tools. The initial version of the software exists in the form of Office components, and now also still greatly dependent on Office to provid...

8.8CVSS8.5AI score0.01918EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/20 12:0 a.m.18 views

Etherpad Cross-Site Scripting Vulnerability

Etherpad is a web-based online document collaboration tool. Multiple users can write a text document simultaneously through Etherpad and see all participants' edits in real time.A cross-site scripting vulnerability exists in the chat component of Etherpad version 1.8.13, which can be exploited by...

6.1CVSS1.9AI score0.01343EPSS
Exploits1References1
OwnCloud
OwnCloud
added 2014/11/25 6:39 p.m.36 views

ACLs not properly enforced in "documents" application - ownCloud

The "documents" application is a collaborative web-based online editor for ODT files. Using this application you can easily share and collaborate on office documents. This application uses strong and very long random "Session IDs" to limit access to specific resources. Knowledge of this ID allows...

4CVSS6.2AI score0.00947EPSS
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2012/03/16 12:0 a.m.53 views

EMC Documentum eRoom 7.33.498.98 Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple permanent cross-site scripting vulnerabilities product: EMC Documentum eRoom vulnerable version: 7.33.498.98 fixed version: 7.4.4 impact: high homepage:...

Exploits0
Tenable Nessus
Tenable Nessus
added 2010/10/14 12:0 a.m.18 views

Microsoft Groove Server Installed

Microsoft Groove Server is installed on the remote host. This application is used to centrally manage deployments of Microsoft Office Groove and Microsoft SharePoint Workspace. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid49977; scriptversion"1.12";...

5.5AI score
Exploits0References1
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.13 views

SharePoint Server 2019/Office Online Server

SharePoint Server 2019/Office Online Server...

1AI score
Exploits0
Rows per page
Query Builder