335 matches found
CVE-2025-3904
Technical details about CVE-2025-3904 are not publicly available in the provided documents; no affected versions, exploit details, or remediation are specified here. Monitor for updates.
GO-2025-3609 Mattermost Fails to Restrict Certain Operations on System Admins in github.com/mattermost/mattermost-server
Mattermost Fails to Restrict Certain Operations on System Admins in github.com/mattermost/mattermost-server...
BELL-CVE-2025-22040
Bulletin has no description...
BELL-CVE-2025-22042
Bulletin has no description...
BELL-CVE-2025-22086
Bulletin has no description...
GHSA-H4RR-F37J-4HH7 Mattermost Incorrect Authorization vulnerability
Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to check the "Allow Users to View Archived Channels" configuration when fetching channel metadata of a post from archived channels, which allows authenticated users to access such information when a channel is archived...
BIT-PHP-2025-1736 Stream HTTP wrapper header check might omit basic auth header
In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted...
BELL-CVE-2025-31344
Bulletin has no description...
CVE-2025-32464
HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one...
BELL-CVE-2025-22007
Bulletin has no description...
BIT-JOOMLA-2023-23750 [20230101] - Core - CSRF within post-installation messages
An issue was discovered in Joomla! 4.0.0 through 4.2.6. A missing token check causes a CSRF vulnerability in the handling of post-installation messages...
BELL-CVE-2025-21926
Bulletin has no description...
PT-2025-14728 · Unknown · Support Helpdesk Ticket System Lite
Name of the Vulnerable Software and Affected Versions: Support Helpdesk Ticket System Lite versions through 4.5.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS attacks...
GHSA-QCHR-8M24-7V66 Drupal Google Tag Cross-Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Drupal Google Tag allows Cross Site Request Forgery. This issue affects Google Tag: from 0.0.0 before 1.8.0, from 2.0.0 before 2.0.8...
CVE-2025-31675 Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2025-004
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Drupal core allows Cross-Site Scripting XSS.This issue affects Drupal core: from 8.0.0 before 10.3.14, from 10.4.0 before 10.4.5, from 11.0.0 before 11.0.13, from 11.1.0 before 11.1.5. It al...
CGA-RQ8R-7XWM-94FP
Bulletin has no description...
BELL-CVE-2025-21870
Bulletin has no description...
BELL-CVE-2023-53009
Bulletin has no description...
BELL-CVE-2023-53021
Bulletin has no description...
BELL-CVE-2023-52984
Bulletin has no description...