Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

143 matches found

NVD
NVDadded 2024/08/15 7:15 p.m.32 views

CVE-2024-25633

eLabFTW is an open source electronic lab notebook for research labs. In an eLabFTW system, one can configure who is allowed to create new user accounts. A vulnerability has been found starting in version 4.4.0 and prior to version 5.0.0 that allows regular users to create new, validated accounts ...

5.4CVSS0.00242EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/08/15 6:23 p.m.23 views

CVE-2024-25633 In eLabFTW, if administrators can create users, users can too

eLabFTW is an open source electronic lab notebook for research labs. In an eLabFTW system, one can configure who is allowed to create new user accounts. A vulnerability has been found starting in version 4.4.0 and prior to version 5.0.0 that allows regular users to create new, validated accounts ...

5.4CVSS0.00242EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/08/15 6:23 p.m.21 views

CVE-2024-25633 In eLabFTW, if administrators can create users, users can too

eLabFTW is an open source electronic lab notebook for research labs. In an eLabFTW system, one can configure who is allowed to create new user accounts. A vulnerability has been found starting in version 4.4.0 and prior to version 5.0.0 that allows regular users to create new, validated accounts ...

5.4CVSS5.5AI score0.00242EPSS
Exploits0References1
CVE
CVEadded 2024/08/15 6:23 p.m.85 views

CVE-2024-25633

CVE-2024-25633 affects eLabFTW, where versions 4.4.0 up to (and not including) 5.0.0 allow regular users to create new, validated accounts within their team. If anonymous access is enabled, unauthenticated users can create accounts in any team. The issue was fixed starting with version 5.0.0 (Feb...

5.4CVSS5.5AI score0.00242EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2024/08/15 6:23 p.m.3 views

CVE-2024-25633 In eLabFTW, if administrators can create users, users can too

eLabFTW is an open source electronic lab notebook for research labs. In an eLabFTW system, one can configure who is allowed to create new user accounts. A vulnerability has been found starting in version 4.4.0 and prior to version 5.0.0 that allows regular users to create new, validated accounts ...

5.4CVSS6.8AI score0.00242EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/08/15 12:0 a.m.3 views

PT-2024-21053 · Elabftw · Elabftw

Name of the Vulnerable Software and Affected Versions: eLabFTW versions 4.4.0 through 4.9.x are not explicitly mentioned, but since the vulnerability exists starting in version 4.4.0 and prior to version 5.0.0, it can be simplified to: eLabFTW versions 4.4.0 through 4.9.x is not needed, instead...

5.4CVSS7.2AI score0.00242EPSS
Exploits0References7
CNNVD
CNNVDadded 2024/08/15 12:0 a.m.4 views

eLabFTW 安全漏洞

eLabFTW is an open source experimental data hosting platform from eLabFTW Open Source. The platform runs on Linux and supports storing a wide range of objects. A security vulnerability exists in versions prior to eLabFTW 5.0.0 that stems from allowing administrators to create new users by default...

5.4CVSS6.4AI score0.00242EPSS
Exploits0References3
NVD
NVDadded 2022/08/01 7:15 p.m.10 views

CVE-2022-31178

eLabFTW is an electronic lab notebook manager for research teams. A vulnerability was discovered which allows a logged in user to read a template without being authorized to do so. This vulnerability has been patched in 4.3.4. Users are advised to upgrade. There are no known workarounds for this...

4.3CVSS0.00406EPSS
Exploits0References1
Prion
Prionadded 2022/08/01 7:15 p.m.16 views

Design/Logic Flaw

eLabFTW is an electronic lab notebook manager for research teams. A vulnerability was discovered which allows a logged in user to read a template without being authorized to do so. This vulnerability has been patched in 4.3.4. Users are advised to upgrade. There are no known workarounds for this...

4CVSS4.6AI score0.00406EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/08/01 7:10 p.m.6 views

CVE-2022-31178 Improper Authorization in eLabFTW

eLabFTW is an electronic lab notebook manager for research teams. A vulnerability was discovered which allows a logged in user to read a template without being authorized to do so. This vulnerability has been patched in 4.3.4. Users are advised to upgrade. There are no known workarounds for this...

4.3CVSS4.5AI score0.00406EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/08/01 7:10 p.m.17 views

CVE-2022-31178 Improper Authorization in eLabFTW

eLabFTW is an electronic lab notebook manager for research teams. A vulnerability was discovered which allows a logged in user to read a template without being authorized to do so. This vulnerability has been patched in 4.3.4. Users are advised to upgrade. There are no known workarounds for this...

4.3CVSS4.8AI score0.00406EPSS
Exploits0References1
CVE
CVEadded 2022/08/01 7:10 p.m.76 views

CVE-2022-31178

CVE-2022-31178 affects the eLabFTW electronic lab notebook. A vulnerability allows a logged-in user to read a template without proper authorization. Red Hat and other sources corroborate the issue and note a fix in version 4.3.4. Affected systems should upgrade to 4.3.4 or later to remediate. If ...

4.3CVSS4.4AI score0.00406EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2022/08/01 7:10 p.m.18 views

CVE-2022-31178 Improper Authorization in eLabFTW

eLabFTW is an electronic lab notebook manager for research teams. A vulnerability was discovered which allows a logged in user to read a template without being authorized to do so. This vulnerability has been patched in 4.3.4. Users are advised to upgrade. There are no known workarounds for this...

4.3CVSS4.9AI score0.00406EPSS
Exploits0References3
CNNVD
CNNVDadded 2022/08/01 12:0 a.m.3 views

eLabFTW 安全漏洞

eLabFTW is an open source platform for hosting experimental data. The platform runs on Linux and supports storing a wide range of objects. A security vulnerability exists in eLabFTW versions prior to 0.15.10 that stems from allowing logged-in users to read templates without authorization...

4.3CVSS5.2AI score0.00406EPSS
Exploits0References2
NVD
NVDadded 2022/05/31 8:15 p.m.24 views

CVE-2022-31007

eLabFTW is an electronic lab notebook manager for research teams. Prior to version 4.3.0, a vulnerability allows an authenticated user with an administrator role in a team to assign itself system administrator privileges within the application, or create a new system administrator account. The...

7.2CVSS0.26098EPSS
Exploits0References2
Prion
Prionadded 2022/05/31 8:15 p.m.11 views

Design/Logic Flaw

eLabFTW is an electronic lab notebook manager for research teams. Prior to version 4.3.0, a vulnerability allows an authenticated user with an administrator role in a team to assign itself system administrator privileges within the application, or create a new system administrator account. The...

6.5CVSS7AI score0.26098EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2022/05/31 7:30 p.m.6 views

CVE-2022-31007 Privilege escalation from administrator in eLabFTW

eLabFTW is an electronic lab notebook manager for research teams. Prior to version 4.3.0, a vulnerability allows an authenticated user with an administrator role in a team to assign itself system administrator privileges within the application, or create a new system administrator account. The...

4.9CVSS7.1AI score0.26098EPSS
Exploits0References2
CVE
CVEadded 2022/05/31 7:30 p.m.78 views

CVE-2022-31007

eLabFTW prior to 4.3.0 contains a permission issue where an authenticated administrator within a team can grant themselves system administrator privileges or create a new system administrator account. The vulnerability stems from abuse of administrator permissions and is mitigated in version 4.3....

7.2CVSS6AI score0.26098EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2022/05/31 7:30 p.m.30 views

CVE-2022-31007 Privilege escalation from administrator in eLabFTW

eLabFTW is an electronic lab notebook manager for research teams. Prior to version 4.3.0, a vulnerability allows an authenticated user with an administrator role in a team to assign itself system administrator privileges within the application, or create a new system administrator account. The...

4.9CVSS7.3AI score0.26098EPSS
Exploits0References2
OSV
OSVadded 2022/05/31 7:30 p.m.16 views

CVE-2022-31007 Privilege escalation from administrator in eLabFTW

eLabFTW is an electronic lab notebook manager for research teams. Prior to version 4.3.0, a vulnerability allows an authenticated user with an administrator role in a team to assign itself system administrator privileges within the application, or create a new system administrator account. The...

4.9CVSS7AI score0.26098EPSS
Exploits0References4
Rows per page
Query Builder