Lucene search
K

65 matches found

Cvelist
Cvelist
added 2026/06/22 1:37 p.m.35 views

CVE-2026-8074 Improper Permission Check Allows User Manager to Deactivate Bot Accounts

Mattermost versions 11.7.x = 11.7.0, 10.11.x = 10.11.17 fail to enforce bot-specific permission checks on the user active status endpoint, which allows a User Manager with user management write access but no Integrations access to deactivate bot accounts via the PUT /api/v4/users/id/active API...

3.8CVSS0.00192EPSS
Exploits0References1
Veracode
Veracode
added 2024/06/04 9:24 a.m.17 views

Improper Permission Check

Wagtail is vulnerable to Improper Permission Check. The vulnerability is due to an improperly applied permission check in the wagtail.contrib.settings module, allowing users with admin access to modify settings models without proper permissions...

5.5CVSS6.2AI score0.0033EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2021/05/06 2:15 p.m.19 views

Input validation

An issue has been discovered in GitLab affecting versions starting with 13.5 up to 13.9.7. Improper permission check could allow the change of timestamp for issue creation or update...

4CVSS4.6AI score0.00756EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2021/05/06 1:35 p.m.20 views

CVE-2021-22208

Removed by vendor...

4.3CVSS5.8AI score0.00756EPSS
Exploits0
CNVD
CNVD
added 2021/02/04 12:0 a.m.10 views

JetBrains TeamCity Improper Permission Check Vulnerability

TeamCity is a Java-based build management and continuous integration server from JetBrains. JetBrains TeamCity versions prior to 2020.2.1 are vulnerable to improper privilege checking during user deletion. No details of the vulnerability are provided at this time...

5.3CVSS6.8AI score0.00758EPSS
Exploits0References1
CNVD
CNVD
added 2020/10/21 12:0 a.m.2 views

CloudBees Jenkins ElasTest Plugin Improper Permission Check Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An improper privilege checkin...

4.3CVSS6.9AI score0.00656EPSS
Exploits0References1
Veracode
Veracode
added 2019/05/02 5:2 a.m.33 views

Privilege Escalation

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when...

10CVSS8.5AI score0.07571EPSS
Exploits0References9Affected Software1
Veracode
Veracode
added 2019/05/02 5:2 a.m.26 views

Information Disclosure

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when...

10CVSS8.5AI score0.07571EPSS
Exploits0References16Affected Software2
Veracode
Veracode
added 2019/05/02 5:2 a.m.29 views

Information Disclosure

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when...

10CVSS8.6AI score0.07571EPSS
Exploits0References10Affected Software1
Veracode
Veracode
added 2019/05/02 5:2 a.m.39 views

Information Disclosure

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when...

10CVSS8.6AI score0.07571EPSS
Exploits0References17Affected Software2
Veracode
Veracode
added 2019/05/02 5:2 a.m.39 views

Information Disclosure

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when...

10CVSS8.6AI score0.07571EPSS
Exploits0References12Affected Software1
Veracode
Veracode
added 2019/05/02 4:52 a.m.22 views

Sandbox Restrictions Bypass

openjdk is vulnerable to sandbox restrictions bypass. An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions...

5CVSS8.8AI score0.0395EPSS
Exploits0References13Affected Software1
Cvelist
Cvelist
added 2015/12/07 8:0 p.m.23 views

CVE-2015-1344

The dowritepids function in lxcfs.c in LXCFS before 0.12 does not properly check permissions, which allows local users to gain privileges by writing a pid to the tasks file...

6.3AI score0.00375EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.34 views

Amazon Linux: Security Advisory (ALAS-2013-162)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.2AI score0.35584EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.27 views

Amazon Linux: Security Advisory (ALAS-2013-151)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.04577EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.43 views

Amazon Linux: Security Advisory (ALAS-2014-327)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.8AI score0.07571EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/07/30 12:0 a.m.61 views

RHEL 7 : java-1.6.0-openjdk (RHSA-2014:0685)

Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

10CVSS7.8AI score0.07571EPSS
Exploits0References39
OpenVAS
OpenVAS
added 2014/07/28 12:0 a.m.36 views

CentOS Update for java CESA-2014:0907 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.8AI score0.06118EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/07/21 12:0 a.m.41 views

RedHat Update for java-1.7.0-openjdk RHSA-2014:0890-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS5.5AI score0.06118EPSS
Exploits1References2
OSV
OSV
added 2014/04/23 4:13 p.m.22 views

MGASA-2014-0189 Updated java-1.7.0-openjdk packages fix multiple security vulnerabilities

Updated java-1.7.0-openjdk packages fix security vulnerabilities: An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application...

10CVSS7.7AI score0.07571EPSS
Exploits0References5
Rows per page
Query Builder