Lucene search
K

4 matches found

OSV
OSV
added 2025/06/11 11:15 a.m.7 views

CVE-2025-4128

Mattermost versions 10.5.x = 10.5.4, 9.11.x = 9.11.13 fail to properly restrict API access to team information, allowing guest users to bypass permissions and view information about public teams they are not members of via a direct API call to /api/v4/teams/teamid...

4.3CVSS5.8AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2017/09/01 12:0 a.m.8 views

The vulnerability of the GERAN API software interface of the Android operating system from the CAF repository allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the GERAN API software interface of the Android operating system from the CAF repository is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected...

10CVSS7.8AI score0.00805EPSS
Exploits0References3
0day.today
0day.today
added 2016/06/21 12:0 a.m.131 views

Microsoft Windows - Kernel ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=785 The Adobe Type Manager Font Driver ATMFD.DLL responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of communication with user-mode...

6.9CVSS6.8AI score0.06976EPSS
Exploits1
Drupal
Drupal
added 2009/11/04 12:0 a.m.16 views

SA-CONTRIB-2009-094 - NGP COO/CWP Integration (crmngp) - Multiple Vulnerabilities

The NGP COO/CWP Integration module provides Drupal integration with the NGP Software API for efficient campaign management. An administration page did not properly implement access control thereby allowing untrusted users to view module log information. User-supplied information was not filtered ...

5.5AI score
Exploits0References7
Rows per page
Query Builder