8 matches found
Drupal 10.5.x < 10.5.9 / 10.6.x < 10.6.7 / 11.2.x < 11.2.11 / 11.3.x < 11.3.7 Multiple Vulnerabilities (drupal-2026-04-15)
According to its self-reported version, the instance of Drupal running on the remote web server is 10.5.x prior to 10.5.9, 10.6.x prior to 10.6.7, 11.2.x prior to 11.2.11, or 11.3.x prior to 11.3.7. It is, therefore, affected by multiple vulnerabilities. - Drupal core's jQuery integration for AJA...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost that stems from insufficient validation of code exchange tokens, which could lead to account takeover. The following versions are affected: version 11.0.2...
CVE-2025-58073
Mattermost versions 10.11.x = 10.11.1, 10.10.x = 10.10.2, 10.5.x = 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server regardless of restrictions via manipulating the OAuth state...
EUVD-2025-30247
Malicious code in bioql PyPI...
GHSA-F72G-52V7-MG3P Mattermost boards plugin fails to restrict download access to files
Mattermost versions 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate access controls which allows any authenticated user to download sensitive files via board file download endpoint using UUID enumeration...
CVE-2025-9084 Open redirect in OAuth login
Mattermost versions 10.5.x = 10.5.9 fail to properly validate redirect URLs which allows attackers to redirect users to malicious sites via crafted OAuth login URLs...
CVE-2025-2424
Mattermost versions 10.5.x = 10.5.1, 9.11.x = 9.11.9 fail to check if a file has been deleted when creating a bookmark which allows an attacker who knows the IDs of deleted files to obtain metadata of the files via bookmark creation...
Dell OS10 Networking Switches Authorization Issues Vulnerability
Dell OS10 Networking Switches is a switch from Dell USA. An authorization issue vulnerability exists in Dell OS10 Networking Switches versions 10.5.6.x, 10.5.5.x, 10.5.4.x, and 10.5.3.x, which stems from an elevation of privilege that allows an authenticated remote attacker...