Lucene search
K

335 matches found

CVE
CVE
added 2025/04/23 5:8 p.m.61 views

CVE-2025-3904

Technical details about CVE-2025-3904 are not publicly available in the provided documents; no affected versions, exploit details, or remediation are specified here. Monitor for updates.

7.3CVSS6.7AI score0.00243EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/04/22 4:56 p.m.3 views

GO-2025-3609 Mattermost Fails to Restrict Certain Operations on System Admins in github.com/mattermost/mattermost-server

Mattermost Fails to Restrict Certain Operations on System Admins in github.com/mattermost/mattermost-server...

4.9CVSS6.6AI score0.00216EPSS
Exploits0References4
OSV
OSV
added 2025/04/18 5:58 a.m.1 views

BELL-CVE-2025-22040

Bulletin has no description...

8.8CVSS7.5AI score0.00606EPSS
Exploits0References1
OSV
OSV
added 2025/04/18 5:58 a.m.1 views

BELL-CVE-2025-22042

Bulletin has no description...

5.5CVSS7.5AI score0.00178EPSS
Exploits0References1
OSV
OSV
added 2025/04/18 5:58 a.m.1 views

BELL-CVE-2025-22086

Bulletin has no description...

5.5CVSS7.4AI score0.00186EPSS
Exploits0References1
OSV
OSV
added 2025/04/16 9:32 a.m.3 views

GHSA-H4RR-F37J-4HH7 Mattermost Incorrect Authorization vulnerability

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to check the "Allow Users to View Archived Channels" configuration when fetching channel metadata of a post from archived channels, which allows authenticated users to access such information when a channel is archived...

4.3CVSS6.6AI score0.00239EPSS
Exploits0References9
OSV
OSV
added 2025/04/14 11:39 a.m.13 views

BIT-PHP-2025-1736 Stream HTTP wrapper header check might omit basic auth header

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted...

7.3CVSS6AI score0.00531EPSS
Exploits0References4
OSV
OSV
added 2025/04/10 6:0 a.m.1 views

BELL-CVE-2025-31344

Bulletin has no description...

7.3CVSS5.9AI score0.00232EPSS
Exploits0References1
NVD
NVD
added 2025/04/09 3:15 a.m.10 views

CVE-2025-32464

HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one...

6.8CVSS0.0072EPSS
Exploits0References2
OSV
OSV
added 2025/04/04 5:57 a.m.2 views

BELL-CVE-2025-22007

Bulletin has no description...

5.5CVSS7.5AI score0.00192EPSS
Exploits0References1
OSV
OSV
added 2025/04/03 2:15 p.m.9 views

BIT-JOOMLA-2023-23750 [20230101] - Core - CSRF within post-installation messages

An issue was discovered in Joomla! 4.0.0 through 4.2.6. A missing token check causes a CSRF vulnerability in the handling of post-installation messages...

6.3CVSS6.2AI score0.0023EPSS
Exploits0References2
OSV
OSV
added 2025/04/03 5:57 a.m.1 views

BELL-CVE-2025-21926

Bulletin has no description...

5.5CVSS7.4AI score0.002EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/03 12:0 a.m.6 views

PT-2025-14728 · Unknown · Support Helpdesk Ticket System Lite

Name of the Vulnerable Software and Affected Versions: Support Helpdesk Ticket System Lite versions through 4.5.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS attacks...

7.1CVSS7.1AI score0.00276EPSS
Exploits0References4
OSV
OSV
added 2025/04/01 12:30 a.m.9 views

GHSA-QCHR-8M24-7V66 Drupal Google Tag Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Drupal Google Tag allows Cross Site Request Forgery. This issue affects Google Tag: from 0.0.0 before 1.8.0, from 2.0.0 before 2.0.8...

6.8CVSS7.1AI score0.00167EPSS
Exploits0References3
OSV
OSV
added 2025/03/31 9:35 p.m.7 views

CVE-2025-31675 Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2025-004

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Drupal core allows Cross-Site Scripting XSS.This issue affects Drupal core: from 8.0.0 before 10.3.14, from 10.4.0 before 10.4.5, from 11.0.0 before 11.0.13, from 11.1.0 before 11.1.5. It al...

5.4CVSS6.1AI score0.00456EPSS
Exploits0References9
OSV
OSV
added 2025/03/31 4:6 p.m.5 views

CGA-RQ8R-7XWM-94FP

Bulletin has no description...

7.5CVSS7.3AI score0.00693EPSS
Exploits0
OSV
OSV
added 2025/03/30 5:59 a.m.2 views

BELL-CVE-2025-21870

Bulletin has no description...

5.5CVSS7.5AI score0.00177EPSS
Exploits0References1
OSV
OSV
added 2025/03/30 5:59 a.m.2 views

BELL-CVE-2023-53009

Bulletin has no description...

5.5CVSS6.7AI score0.00159EPSS
Exploits0References1
OSV
OSV
added 2025/03/28 5:57 a.m.1 views

BELL-CVE-2023-53021

Bulletin has no description...

7.8CVSS6.4AI score0.0018EPSS
Exploits0References1
OSV
OSV
added 2025/03/28 5:57 a.m.1 views

BELL-CVE-2023-52984

Bulletin has no description...

5.5CVSS6.2AI score0.00246EPSS
Exploits0References1
Rows per page
Query Builder