Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-4257

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.0092EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/07/04 2:43 p.m.2 views

SUSE CVE-2025-3611

Mattermost versions 10.7.x = 10.7.0, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fails to properly enforce access control restrictions for System Manager roles, allowing authenticated users with System Manager privileges to view team details they should not have access to via direct API requests to team...

4.3CVSS6.8AI score0.00191EPSS
Exploits0References2
OSV
OSV
added 2025/05/30 3:15 p.m.3 views

CVE-2025-3611

Mattermost versions 10.7.x = 10.7.0, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fails to properly enforce access control restrictions for System Manager roles, allowing authenticated users with System Manager privileges to view team details they should not have access to via direct API requests to team...

4.3CVSS5.9AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/30 2:22 p.m.8 views

CVE-2025-3611 Improper Access Control in Mattermost allows System Managers to view team details despite role restrictions

Mattermost versions 10.7.x = 10.7.0, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fails to properly enforce access control restrictions for System Manager roles, allowing authenticated users with System Manager privileges to view team details they should not have access to via direct API requests to team...

3.1CVSS6.9AI score0.00191EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:20 p.m.12 views

CVE-2020-14457

An issue was discovered in Mattermost Server before 5.20.0. Non-members can receive broadcasted team details via the updateteam WebSocket event, aka MMSA-2020-0012...

5.3CVSS6.8AI score0.0092EPSS
Exploits0
OSV
OSV
added 2024/03/06 11:5 a.m.14 views

BIT-MATTERMOST-2020-14457

An issue was discovered in Mattermost Server before 5.20.0. Non-members can receive broadcasted team details via the updateteam WebSocket event, aka MMSA-2020-0012...

5.3CVSS5.1AI score0.0092EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.3 views

Mattermost Security Vulnerabilities

Mattermost is an open source collaboration platform from US-based Mattermost. Mattermost suffers from a security vulnerability that stems from an inability to properly authorize a request to obtain the AD/LLDAP group associated with a team, which could allow an attacker to obtain the details of t...

6.5CVSS5.1AI score0.00389EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/02 12:0 a.m.4 views

Mattermost Security Vulnerabilities

Mattermost is an open source collaboration platform from US-based Mattermost. Mattermost suffers from a security vulnerability that stems from a permission validation error that allows an attacker to obtain details of another team via the get/api/v4/teams//channels/deleted endpoint...

4.3CVSS6.7AI score0.00359EPSS
Exploits0References2
Prion
Prion
added 2020/06/19 2:15 p.m.20 views

Design/Logic Flaw

An issue was discovered in Mattermost Server before 5.20.0. Non-members can receive broadcasted team details via the updateteam WebSocket event, aka MMSA-2020-0012...

5CVSS5.2AI score0.0092EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/06/19 1:13 p.m.13 views

CVE-2020-14457

An issue was discovered in Mattermost Server before 5.20.0. Non-members can receive broadcasted team details via the updateteam WebSocket event, aka MMSA-2020-0012...

5.2AI score0.0092EPSS
Exploits0References1
Rows per page
Query Builder