Lucene search
K

5469 matches found

Fedora
Fedora
added 2025/06/14 1:52 a.m.7 views

[SECURITY] Fedora 41 Update: rust-sev-6.1.0-2.fc41

Library for AMD SEV...

6.5CVSS7.4AI score0.00443EPSS
Exploits0
Fedora
Fedora
added 2025/06/14 1:10 a.m.10 views

[SECURITY] Fedora 42 Update: rust-sev-6.1.0-2.fc42

Library for AMD SEV...

6.5CVSS7.4AI score0.00443EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/06/12 12:21 p.m.7 views

CVE-2025-43697

Improper Preservation of Permissions vulnerability in Salesforce OmniStudio DataMapper allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025...

7.5CVSS7.7AI score0.0041EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/12 12:21 p.m.5 views

CVE-2025-43700

Improper Preservation of Permissions vulnerability in Salesforce OmniStudio FlexCards allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025...

7.5CVSS7.7AI score0.00392EPSS
Exploits0References1
OSV
OSV
added 2025/06/11 12:0 p.m.4 views

RUSTSEC-2025-0041 matrix-sdk-crypto vulnerable to encrypted event sender spoofing by homeserver administrator

matrix-sdk-crypto versions 0.8.0 up to and including 0.11.0 does not correctly validate the sender of an encrypted event. Accordingly, a malicious homeserver operator can modify events served to clients, making those events appear to the recipient as if they were sent by another user. Although th...

4.9CVSS5.5AI score0.00311EPSS
Exploits0References3
RustSec
RustSec
added 2025/06/11 12:0 p.m.8 views

matrix-sdk-crypto vulnerable to encrypted event sender spoofing by homeserver administrator

matrix-sdk-crypto versions 0.8.0 up to and including 0.11.0 does not correctly validate the sender of an encrypted event. Accordingly, a malicious homeserver operator can modify events served to clients, making those events appear to the recipient as if they were sent by another user. Although th...

4.9CVSS7.2AI score0.00311EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2025/06/11 2:45 a.m.2 views

SUSE CVE-2025-48937

matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. matrix-sdk-crypto since version 0.8.0 and up to 0.11.0 does not correctly validate the sender of an encrypted event. Accordingly, a malicious homeserver operator can modify events served to clients, making those event...

4.9CVSS6.9AI score0.00311EPSS
Exploits0References3
CNVD
CNVD
added 2025/06/11 12:0 a.m.2 views

Fortinet FortiPortal Log Message Disclosure Vulnerability

Fortinet FortiPortal is an advanced, feature-rich hosted security analysis and management support tool for Fortinet's FortiGate, FortiWiFi and FortiAP product lines, available as a virtual machine for MSPs. Fortinet FortiPortal suffers from a log information disclosure vulnerability that originat...

2.7CVSS6.6AI score0.00209EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/06/10 8:15 p.m.17 views

matrix-sdk-crypto vulnerable to sender of encrypted events being spoofed by homeserver administrator

Summary matrix-sdk-crypto since version 0.8.0 up to 0.11.0 does not correctly validate the sender of an encrypted event. Accordingly, a malicious homeserver operator can modify events served to clients, making those events appear to the recipient as if they were sent by another user. Although the...

4.9CVSS5AI score0.00311EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2025/06/10 4:15 p.m.32 views

CVE-2025-48937

matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. matrix-sdk-crypto since version 0.8.0 and up to 0.11.0 does not correctly validate the sender of an encrypted event. Accordingly, a malicious homeserver operator can modify events served to clients, making those event...

4.9CVSS0.00311EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/06/10 3:32 p.m.8 views

CVE-2025-48937 matrix-sdk-crypto vulnerable to sender of encrypted events being spoofed by homeserver administrator

matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. matrix-sdk-crypto since version 0.8.0 and up to 0.11.0 does not correctly validate the sender of an encrypted event. Accordingly, a malicious homeserver operator can modify events served to clients, making those event...

4.9CVSS5AI score0.00311EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/06/10 3:32 p.m.38 views

CVE-2025-48937 matrix-sdk-crypto vulnerable to sender of encrypted events being spoofed by homeserver administrator

matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. matrix-sdk-crypto since version 0.8.0 and up to 0.11.0 does not correctly validate the sender of an encrypted event. Accordingly, a malicious homeserver operator can modify events served to clients, making those event...

4.9CVSS0.00311EPSS
Exploits0References4
NVD
NVD
added 2025/06/10 12:15 p.m.8 views

CVE-2025-43697

Improper Preservation of Permissions vulnerability in Salesforce OmniStudio DataMapper allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025...

7.5CVSS0.0041EPSS
Exploits0References1
NVD
NVD
added 2025/06/10 12:15 p.m.12 views

CVE-2025-43700

Improper Preservation of Permissions vulnerability in Salesforce OmniStudio FlexCards allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025...

7.5CVSS0.00392EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/10 11:28 a.m.19 views

CVE-2025-43697

Improper Preservation of Permissions vulnerability in Salesforce OmniStudio DataMapper allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025...

0.0041EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/10 11:28 a.m.2 views

CVE-2025-43697

Improper Preservation of Permissions vulnerability in Salesforce OmniStudio DataMapper allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025...

7.1AI score0.0041EPSS
Exploits0References1
CVE
CVE
added 2025/06/10 11:28 a.m.55 views

CVE-2025-43697

CVE-2025-43697 is a Salesforce OmniStudio (DataMapper) issue described as Improper Preservation of Permissions, enabling exposure of encrypted data for affected records when field-level permissions are not enforced. Public details indicate the vulnerability affects OmniStudio before Spring 2025 a...

7.5CVSS7.1AI score0.0041EPSS
Exploits0References1
CVE
CVE
added 2025/06/10 11:12 a.m.52 views

CVE-2025-43700

CVE-2025-43700 is a vulnerability in Salesforce OmniStudio (FlexCards) described as Improper Preservation of Permissions that can expose encrypted data. Public sources (NVD/NVD-derived entries) state impact on OmniStudio versions before Spring 2025 with a CVSS v3.1 base score of 7.5 (HIGH), indic...

7.5CVSS7.1AI score0.00392EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/10 11:12 a.m.6 views

CVE-2025-43700

Improper Preservation of Permissions vulnerability in Salesforce OmniStudio FlexCards allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025...

7.5AI score0.00392EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.1 views

Salesforce OmniStudio 安全漏洞

Salesforce OmniStudio is a digitization platform from US-based Salesforce, Inc. A security vulnerability exists in versions of Salesforce OmniStudio prior to 2025, which stems from an improper privilege retention issue that could lead to the disclosure of encrypted data...

7.5CVSS9AI score0.00392EPSS
Exploits0References1
Rows per page
Query Builder