Lucene search
K

29 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-50711

Malicious code in bioql PyPI...

4.6CVSS6.5AI score0.00169EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:49 a.m.6 views

CVE-2024-12247

Mattermost versions 9.7.x = 9.7.5, 9.8.x = 9.8.2 and 9.9.x = 9.9.2 fail to properly propagate permission scheme updates across cluster nodes which allows a user to keep old permissions, even if the permission scheme has been updated...

4.6CVSS6.8AI score0.00169EPSS
Exploits0References1
OSV
OSV
added 2024/12/05 4:15 p.m.4 views

CVE-2024-12247

Mattermost versions 9.7.x = 9.7.5, 9.8.x = 9.8.2 and 9.9.x = 9.9.2 fail to properly propagate permission scheme updates across cluster nodes which allows a user to keep old permissions, even if the permission scheme has been updated...

4.3CVSS6.8AI score
Exploits0References1
NVD
NVD
added 2024/12/05 4:15 p.m.17 views

CVE-2024-12247

Mattermost versions 9.7.x = 9.7.5, 9.8.x = 9.8.2 and 9.9.x = 9.9.2 fail to properly propagate permission scheme updates across cluster nodes which allows a user to keep old permissions, even if the permission scheme has been updated...

4.6CVSS0.00169EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/05 3:20 p.m.24 views

CVE-2024-12247 Improper propagation of permission scheme updates across cluster nodes

Mattermost versions 9.7.x = 9.7.5, 9.8.x = 9.8.2 and 9.9.x = 9.9.2 fail to properly propagate permission scheme updates across cluster nodes which allows a user to keep old permissions, even if the permission scheme has been updated...

4.6CVSS0.00169EPSS
Exploits0References1
CVE
CVE
added 2024/12/05 3:20 p.m.63 views

CVE-2024-12247

Summary: CVE-2024-12247 affects Mattermost. Affected versions: 9.7.x up to 9.7.5, 9.8.x up to 9.8.2, and 9.9.x up to 9.9.2. Root cause: failure to propagate permission scheme updates across cluster nodes. Impact: a user can retain old permissions even after the permission scheme is updated. Evide...

4.6CVSS4.7AI score0.00169EPSS
Exploits0References1Affected Software1
Atlassian
Atlassian
added 2022/11/02 3:42 p.m.29 views

"Browse Project" permission set to specific values overrides the customer permission that results in the project getting exposed in the customer portal

h3. Steps to Reproduce In JSD project A, set the customer permission as "Who can access the portal and send requests to ?": "Customers my team adds to the project" Confirm that the project has no customers added Access the portal by a customer that has access to customer portal customer that is...

0.6AI score
Exploits0
Atlassian
Atlassian
added 2022/08/25 5:48 p.m.36 views

Granting the 'Browse Project Archive' permission to a 'Custom Field' within a permission scheme allows all users to see archived issues in result set

h3. Issue Summary If within a project the 'Browse Project Archive' and 'Browse Project' permissions are granted to 'Group Custom Field' or to the 'Reporter' option within the permission scheme, the project will become available to search for any user with the 'Browse Project Archive' permission i...

6.6AI score
Exploits0Affected Software1
NVD
NVD
added 2021/04/22 8:15 p.m.18 views

CVE-2021-0235

On SRX1500, SRX4100, SRX4200, SRX4600, SRX5000 Series with SPC2/SPC3, vSRX Series devices using tenant services on Juniper Networks Junos OS, due to incorrect permission scheme assigned to tenant system administrators, a tenant system administrator may inadvertently send their network traffic to...

7.3CVSS0.00236EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/04/22 7:37 p.m.21 views

CVE-2021-0235 Junos OS: SRX1500, SRX4100, SRX4200, SRX4600, SRX5000 Series with SPC2/SPC3, vSRX Series: In a multi-tenant environment, a tenant host administrator may configure logical firewall isolation affecting other tenant networks

On SRX1500, SRX4100, SRX4200, SRX4600, SRX5000 Series with SPC2/SPC3, vSRX Series devices using tenant services on Juniper Networks Junos OS, due to incorrect permission scheme assigned to tenant system administrators, a tenant system administrator may inadvertently send their network traffic to...

7.3CVSS7.3AI score0.00236EPSS
Exploits0References1
Atlassian
Atlassian
added 2020/10/07 10:8 p.m.327 views

Jira Service Desk permissions error dialog allows Project Admins to upgrade the permission scheme

h3. Issue Summary For a specific use case, only some selected users may create issues using the Portal, so the permission to create issues by "Service Desk Customer - Portal" was removed. After the Permission change, Project Administrators, that should not have access to change the...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/10/04 11:52 a.m.21 views

Project administrator is able to migrate Permission Scheme

panel:title=Atlassian status update as of 12th July 2018 Hello Customers, We’ve addressed this bug and the fix is available on all version of Jira Service Desk 3.9 and above. For more information please refer to the documentation here...

6.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/10/04 11:52 a.m.18 views

Project administrator is able to migrate Permission Scheme

panel:title=Atlassian status update as of 12th July 2018 Hello Customers, We’ve addressed this bug and the fix is available on all version of Jira Service Desk 3.9 and above. For more information please refer to the documentation here...

1.7AI score
Exploits0
Atlassian
Atlassian
added 2013/02/15 3:28 p.m.44 views

Grant "Browse Project" permission to "Current Assignee" makes project visible to all users

h3. Summary This bug is related to closed bug ticket https://jira.atlassian.com/browse/JRA-8950 When the Current Assignee is given the Browse Project Permission, other users are able to view this Project. They can't necessarily view issues or create issues, but they can see the project from the...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/04/21 2:58 p.m.22 views

As a developer or release manager I want to be able to create and manage versions in JIRA without having to be given project admin permissions

Currently JIRA only allows a user to create, release and generally manage versions in a project if the user is a project admin. However there are numerous use cases where developers, release managers, project managers, etc. need to be able to perform this function but don't need full admin rights...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/04/21 2:58 p.m.17 views

As a developer or release manager I want to be able to create and manage versions in JIRA without having to be given project admin permissions

Currently JIRA only allows a user to create, release and generally manage versions in a project if the user is a project admin. However there are numerous use cases where developers, release managers, project managers, etc. need to be able to perform this function but don't need full admin rights...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/09/02 3:54 p.m.28 views

"User Custom Field Value" permission type incorrectly exposes JIRA project names to everyone

Problem: Project names are shown to users with no permission to see the project. Impact: Security hole! Recipe: it helps to have two browsers open one logged in as admin the other as the user I will create called dummy Add user dummy Add project blah Add custom field myuser of type user picker,...

6.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/07/30 6:32 p.m.18 views

"Current Assignee" on Browse Permission problem

I have created a permission scheme in Jira but I am experiencing an odd behaviour. I have 5 users in Jira and in the permission scheme, the Browse Projects is assigned to: - Project Lead - Project Role Administrators - Project Role Clients Among the 5 users, 3 fit these categories. One is a proje...

2.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/07/30 6:32 p.m.30 views

"Current Assignee" on Browse Permission problem

I have created a permission scheme in Jira but I am experiencing an odd behaviour. I have 5 users in Jira and in the permission scheme, the Browse Projects is assigned to: - Project Lead - Project Role Administrators - Project Role Clients Among the 5 users, 3 fit these categories. One is a proje...

2.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/07/30 6:32 p.m.22 views

"Current Assignee" on Browse Permission problem

I have created a permission scheme in Jira but I am experiencing an odd behaviour. I have 5 users in Jira and in the permission scheme, the Browse Projects is assigned to: - Project Lead - Project Role Administrators - Project Role Clients Among the 5 users, 3 fit these categories. One is a proje...

2.6AI score
Exploits0
Rows per page
Query Builder