6 matches found
CVE-2026-44571 Open WebUI: Improper Authorization in Standard Channels Allows Message Updates with Read Permission
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, in standard channels i.e., channels whose channel.type is neither group nor dm, the endpoint POST /api/v1/channels/channelid/messages/messageid/update can be accessed with read...
CVE-2026-44571
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, in standard channels i.e., channels whose channel.type is neither group nor dm, the endpoint POST /api/v1/channels/channelid/messages/messageid/update can be accessed with read...
EUVD-2018-2312
Malware in sbrugna...
WordPress Contact Form 7 Telegram Plugin <= 0.8.5 is vulnerable to Broken Access Control
Software Contact Form 7 Telegram Type Plugin Vulnerable versions = 0.8.5 Fixed in 0.8.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9629 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID bc9031e15885 Credits István Márton Required...
Buffer overflow
bvlc.c in skarg BACnet Protocol Stack bacserv 0.9.1 and 0.8.5 is affected by a Buffer Overflow because of a lack of packet-size validation. The affected component is bacserv BACnet/IP BVLC forwarded NPDU. The function bvlcbdtforwardnpdu calls bvlcencodeforwardednpdu which copies the content from...
CVE-2018-10238
bvlc.c in skarg BACnet Protocol Stack bacserv 0.9.1 and 0.8.5 is affected by a Buffer Overflow because of a lack of packet-size validation. The affected component is bacserv BACnet/IP BVLC forwarded NPDU. The function bvlcbdtforwardnpdu calls bvlcencodeforwardednpdu which copies the content from...