Lucene search
K

24 matches found

CNNVD
CNNVD
added 2026/05/04 12:0 a.m.10 views

n8n 安全漏洞

n8n is an open-source, scalable workflow automation tool developed by n8n. Versions of n8n prior to 1.123.32, 2.17.4, and 2.18.1 contained security vulnerabilities. These vulnerabilities stemmed from the lack of enforcement of project member checks on public API variable endpoints, allowing...

6.5CVSS5.8AI score0.00203EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:8 a.m.6 views

CVE-2019-20869

An issue was discovered in Mattermost Server before 5.10.0, 5.9.1, 5.8.2, and 4.10.9. A non-member could change the Update/Patch Channel endpoint for a private channel...

5.3CVSS6.9AI score0.00811EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/26 12:0 a.m.3 views

Files 授权问题漏洞

Files is a single-file PHP application by the individual developer Karl Ward. It can be dragged and dropped into any directory, allowing browsing of the files and directories within. An authorization issue vulnerability exists in Files versions prior to 0.16.11 and 0.17.2, which stems from...

5.4CVSS6.6AI score0.00157EPSS
Exploits0References3
CVE
CVE
added 2025/11/25 11:38 p.m.10 views

CVE-2025-65963

CVE-2025-65963 affects the Files module used to manage files inside spaces and user profiles. Prior to versions 0.16.11 and 0.17.2, insufficient authorization checks allow non-member users in public spaces to create folders and to upload or download files as a ZIP archive; private spaces are not ...

5.4CVSS6.4AI score0.00157EPSS
Exploits0References2
OSV
OSV
added 2025/11/25 11:38 p.m.4 views

CVE-2025-65963 CFiles Unauthorized Folder/ZIP Access in Public Spaces

Files is a module for managing files inside spaces and user profiles. Prior to versions 0.16.11 and 0.17.2, insufficient authorization checks allow non-member users to create new folders, up- and download files as a ZIP archive in public spaces. Private spaces are not affected. This issue has bee...

5.4CVSS6.6AI score0.00157EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-4042

Malware in sbrugna...

4.3CVSS4.6AI score0.00751EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-49615

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.00435EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 7:19 a.m.9 views

CVE-2024-8650

An issue was discovered in GitLab CE/EE affecting all versions from 15.0 prior to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2 that allowed non-member users to view unresolved threads marked as internal notes in public projects merge requests...

5.3CVSS4.8AI score0.00435EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:20 p.m.13 views

CVE-2020-14457

An issue was discovered in Mattermost Server before 5.20.0. Non-members can receive broadcasted team details via the updateteam WebSocket event, aka MMSA-2020-0012...

5.3CVSS6.8AI score0.0092EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:24 a.m.7 views

CVE-2019-12432

An issue was discovered in GitLab Community and Enterprise Edition 8.13 through 11.11. Non-member users who subscribed to issue notifications could access the title of confidential issues through the unsubscription page. It allows Information Disclosure...

4.3CVSS6.4AI score0.00751EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:54 a.m.9 views

CVE-2019-11544

An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. It allows Information Disclosure. Non-member users who subscribe to notifications of an internal project with issue and repository...

4.3CVSS6.4AI score0.01044EPSS
Exploits1References1
OSV
OSV
added 2024/12/18 7:10 a.m.479 views

BIT-GITLAB-2024-8650 Incorrect Authorization in GitLab

An issue was discovered in GitLab CE/EE affecting all versions from 15.0 prior to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2 that allowed non-member users to view unresolved threads marked as internal notes in public projects merge requests...

5.3CVSS5.1AI score0.00435EPSS
Exploits1References3
NVD
NVD
added 2024/12/16 5:15 a.m.31 views

CVE-2024-8650

An issue was discovered in GitLab CE/EE affecting all versions from 15.0 prior to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2 that allowed non-member users to view unresolved threads marked as internal notes in public projects merge requests...

5.3CVSS0.00435EPSS
Exploits1References2
OSV
OSV
added 2024/12/16 5:15 a.m.2 views

UBUNTU-CVE-2024-8650

An issue was discovered in GitLab CE/EE affecting all versions from 15.0 prior to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2 that allowed non-member users to view unresolved threads marked as internal notes in public projects merge requests...

5.3CVSS5.8AI score0.00435EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/12/16 4:30 a.m.13 views

CVE-2024-8650 Incorrect Authorization in GitLab

An issue was discovered in GitLab CE/EE affecting all versions from 15.0 prior to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2 that allowed non-member users to view unresolved threads marked as internal notes in public projects merge requests...

5.3CVSS6.4AI score0.00435EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/04/19 12:0 a.m.4 views

PT-2024-6746 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.1 through 16.11.5 GitLab CE/EE versions 17.0 through 17.0.3 GitLab CE/EE versions 17.1 through 17.1.1 Description: The issue is related to inadequate access control in GitLab, a collaborative coding platform. It allow...

4.3CVSS6.8AI score0.00323EPSS
Exploits0References15
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.5 views

Mattermost Security Vulnerabilities

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from the inability to check if compliance export is enabled when fetching posts from a public channel, allowing users who are not members of...

4.3CVSS4.6AI score0.00331EPSS
Exploits0References2
OSV
OSV
added 2023/12/15 3:31 p.m.22 views

CVE-2023-3511 Incorrect Authorization in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 8.17 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. It was possible for auditor users to fork and submit merge requests to private projects they're not a...

2CVSS4.5AI score0.00395EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/03/31 12:0 a.m.5 views

PT-2023-22003 · Nextcloud · Nextcloud Talk

Name of the Vulnerable Software and Affected Versions: Nextcloud Talk versions prior to 14.0.9 Nextcloud Talk versions prior to 15.0.4 Description: The issue arises from the talk app not properly filtering access to a conversation's member list. This allows an attacker to gain information about t...

3.5CVSS3.9AI score0.00445EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/03/07 12:0 a.m.12 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. GitLab suffers from a security vulnerability that stems from the fact that...

5.3CVSS5.7AI score0.00786EPSS
Exploits0References5
Rows per page
Query Builder