9 matches found
PT-2026-50584
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.26.2 Description Authenticated self routes under the /api/v1/user/... group do not properly enforce the public-only token restriction. This allows a token or OAuth grant marked as public-only to access or modify priva...
PT-2026-45362
SOPlanning is vulnerable to Cross‑Site Request Forgery CSRF in groupe save create, modify and delete endpoints. An attacker can craft a malicious website that, when visited by an authenticated user, automatically sends a forged GET or POST request to the application. This issue affects SOPlanning...
PT-2026-25589
A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function cgi create...
CVE-2025-64487
Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a privilege escalation vulnerability exists in the Outline document management system due to inconsistent authorization checks between user and group membership management endpoints. This vulnerability is fixed in...
CVE-2025-64487
Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a privilege escalation vulnerability exists in the Outline document management system due to inconsistent authorization checks between user and group membership management endpoints. This vulnerability is fixed in...
CVE-2025-64487 Outline is vulnerable to privilege escalation vulnerability in document sharing
Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a privilege escalation vulnerability exists in the Outline document management system due to inconsistent authorization checks between user and group membership management endpoints. This vulnerability is fixed in...
CVE-2025-64487 Outline is vulnerable to privilege escalation vulnerability in document sharing
Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a privilege escalation vulnerability exists in the Outline document management system due to inconsistent authorization checks between user and group membership management endpoints. This vulnerability is fixed in...
CVE-2025-64487
Outline is a collaborative documentation service. CVE-2025-64487 describes a privilege escalation in the Outline document management system caused by inconsistent authorization checks between user and group membership endpoints, prior to version 1.1.0. The issue enables lower-privilege users to e...
Outline 安全漏洞
Outline is an open-source knowledge base developed by Outline. Versions prior to Outline 1.1.0 contained security vulnerabilities. These vulnerabilities stemmed from inconsistent authorization checks between user and group member management endpoints, which could lead to privilege escalation...