Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.7 views

CVE-2022-0191

The Ad Invalid Click Protector AICP WordPress plugin before 1.2.7 does not have CSRF check deleting banned users, which could allow attackers to make a logged in admin remove arbitrary bans...

6.5CVSS6.8AI score0.00562EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:4 p.m.12 views

CVE-2024-25106

OpenObserve is a observability platform built specifically for logs, metrics, traces, analytics, designed to work at petabyte scale. A critical vulnerability has been identified in the "/api/orgid/users/emailid" endpoint. This vulnerability allows any authenticated user within an organization to...

9.1CVSS6.7AI score0.00486EPSS
Exploits1References1
NVD
NVD
added 2024/02/08 11:15 p.m.31 views

CVE-2024-25106

OpenObserve is a observability platform built specifically for logs, metrics, traces, analytics, designed to work at petabyte scale. A critical vulnerability has been identified in the "/api/orgid/users/emailid" endpoint. This vulnerability allows any authenticated user within an organization to...

9.1CVSS8.9AI score0.00486EPSS
Exploits1References1
CVE
CVE
added 2024/02/08 11:5 p.m.90 views

CVE-2024-25106

OpenObserve CVE-2024-25106 affects OpenObserve versions prior to 0.8.0. The issue is an Authorization flaw in the remove_user_from_org flow exposed at /api/{org_id}/users/{email_id}, allowing any authenticated organizational member to remove any other member (including Admin/Root), due to insuffi...

9.1CVSS6.3AI score0.00486EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder