4 matches found
CVE-2025-4128
Mattermost versions 10.5.x = 10.5.4, 9.11.x = 9.11.13 fail to properly restrict API access to team information, allowing guest users to bypass permissions and view information about public teams they are not members of via a direct API call to /api/v4/teams/teamid...
The vulnerability of the GERAN API software interface of the Android operating system from the CAF repository allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the GERAN API software interface of the Android operating system from the CAF repository is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected...
Microsoft Windows - Kernel ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)
Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=785 The Adobe Type Manager Font Driver ATMFD.DLL responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of communication with user-mode...
SA-CONTRIB-2009-094 - NGP COO/CWP Integration (crmngp) - Multiple Vulnerabilities
The NGP COO/CWP Integration module provides Drupal integration with the NGP Software API for efficient campaign management. An administration page did not properly implement access control thereby allowing untrusted users to view module log information. User-supplied information was not filtered ...