Lucene search
K

719 matches found

Tenable Nessus
Tenable Nessus
added 2025/10/22 12:0 a.m.4 views

Mattermost Server 10.5.x < 10.5.11 / 10.11.x < 10.11.3 / 10.12.0 Multiple Vulnerabilities (MMSA-2025-00497, MMSA-2025-00496, MMSA-2025-00516)

The version of Mattermost Server installed on the remote host is affected by multiple vulnerabilities as referenced in the MMSA-2025-00497, MMSA-2025-00496, MMSA-2025-00516 advisories. - Mattermost versions 10.5.x = 10.5.10, 10.11.x = 10.11.2 fail to properly validate guest user permissions when...

4.3CVSS5.5AI score0.00306EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/10/21 12:0 a.m.6 views

PT-2025-42888

Name of the Vulnerable Software and Affected Versions Mbed TLS versions through 3.6.4 Description Mbed TLS contains an Observable Timing Discrepancy. This issue may allow for timing attacks. Recommendations Update to a version of Mbed TLS newer than 3.6.4...

5.3CVSS5.7AI score0.0024EPSS
Exploits0References57
RedhatCVE
RedhatCVE
added 2025/10/17 8:40 a.m.6 views

CVE-2025-54499

Mattermost versions 10.5.x = 10.5.10, 10.11.x = 10.11.2 fail to use constant-time comparison for sensitive string comparisons which allows attackers to exploit timing oracles to perform byte-by-byte brute force attacks via response time analysis on Cloud API keys and OAuth client secrets...

3.7CVSS6.8AI score0.00246EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/16 9:30 a.m.6 views

EUVD-2025-34730

Mattermost has an Observable Timing Discrepancy vulnerability...

3.1CVSS6.5AI score0.00246EPSS
Exploits0References4
NVD
NVD
added 2025/10/16 9:15 a.m.7 views

CVE-2025-54499

Mattermost versions 10.5.x = 10.5.10, 10.11.x = 10.11.2 fail to use constant-time comparison for sensitive string comparisons which allows attackers to exploit timing oracles to perform byte-by-byte brute force attacks via response time analysis on Cloud API keys and OAuth client secrets...

3.7CVSS0.00246EPSS
Exploits0References1
OSV
OSV
added 2025/10/16 8:17 a.m.5 views

CVE-2025-54499 Insecure string comparison enables timing attacks

Mattermost versions 10.5.x = 10.5.10, 10.11.x = 10.11.2 fail to use constant-time comparison for sensitive string comparisons which allows attackers to exploit timing oracles to perform byte-by-byte brute force attacks via response time analysis on Cloud API keys and OAuth client secrets...

3.1CVSS5.9AI score0.00246EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/16 8:17 a.m.10 views

CVE-2025-54499 Insecure string comparison enables timing attacks

Mattermost versions 10.5.x = 10.5.10, 10.11.x = 10.11.2 fail to use constant-time comparison for sensitive string comparisons which allows attackers to exploit timing oracles to perform byte-by-byte brute force attacks via response time analysis on Cloud API keys and OAuth client secrets...

3.1CVSS0.00246EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/16 8:17 a.m.4 views

CVE-2025-54499 Insecure string comparison enables timing attacks

Mattermost versions 10.5.x = 10.5.10, 10.11.x = 10.11.2 fail to use constant-time comparison for sensitive string comparisons which allows attackers to exploit timing oracles to perform byte-by-byte brute force attacks via response time analysis on Cloud API keys and OAuth client secrets...

3.1CVSS6.4AI score0.00246EPSS
Exploits0References1
CVE
CVE
added 2025/10/16 8:17 a.m.13 views

CVE-2025-54499

Mattermost CVE-2025-54499 affects Mattermost Server 10.5.x (≤10.5.10) and 10.11.x (≤10.11.2). The root cause is non-constant-time comparison for sensitive strings, enabling timing-based side-channel attacks that could reveal Cloud API keys and OAuth client secrets. Connected advisories also link ...

3.7CVSS6.4AI score0.00246EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-23243

Malware in sbrugna...

4.7CVSS4.6AI score0.00163EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-17177

Malware in sbrugna...

4.7CVSS6.5AI score0.03418EPSS
Exploits4References38
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-0707

Malware in sbrugna...

5.9CVSS5.9AI score0.02053EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2010-5038

Malware in sbrugna...

4.3CVSS6.1AI score0.00702EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-9898

Malware in sbrugna...

7CVSS8.2AI score0.0077EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-5073

Malware in sbrugna...

7.5CVSS7.5AI score0.01336EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-0110

Malware in sbrugna...

5.6CVSS5.8AI score0.00505EPSS
Exploits0References23
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-1963

Malware in sbrugna...

5.9CVSS7.1AI score0.05773EPSS
Exploits0References32
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2013-1653

Malware in sbrugna...

4CVSS6.1AI score0.02157EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-9430

Malware in sbrugna...

7.5CVSS7.5AI score0.01135EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-0922

Malware in sbrugna...

6.4CVSS6.4AI score0.01047EPSS
Exploits0References2
Rows per page
Query Builder