Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.6 views

Drupal 10.5.x < 10.5.9 / 10.6.x < 10.6.7 / 11.2.x < 11.2.11 / 11.3.x < 11.3.7 Multiple Vulnerabilities (drupal-2026-04-15)

According to its self-reported version, the instance of Drupal running on the remote web server is 10.5.x prior to 10.5.9, 10.6.x prior to 10.6.7, 11.2.x prior to 11.2.11, or 11.3.x prior to 11.3.7. It is, therefore, affected by multiple vulnerabilities. - Drupal core's jQuery integration for AJA...

6.6CVSS6.1AI score0.00399EPSS
Exploits0References12
CNNVD
CNNVD
added 2025/11/27 12:0 a.m.48 views

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost that stems from insufficient validation of code exchange tokens, which could lead to account takeover. The following versions are affected: version 11.0.2...

9.9CVSS6.6AI score0.0031EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/17 9:42 a.m.14 views

CVE-2025-58073

Mattermost versions 10.11.x = 10.11.1, 10.10.x = 10.10.2, 10.5.x = 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server regardless of restrictions via manipulating the OAuth state...

8.1CVSS6.8AI score0.00379EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-30247

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.0025EPSS
Exploits0References5
OSV
OSV
added 2025/09/19 9:31 p.m.3 views

GHSA-F72G-52V7-MG3P Mattermost boards plugin fails to restrict download access to files

Mattermost versions 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate access controls which allows any authenticated user to download sensitive files via board file download endpoint using UUID enumeration...

3.1CVSS6.8AI score0.0025EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/09/15 10:22 a.m.4 views

CVE-2025-9084 Open redirect in OAuth login

Mattermost versions 10.5.x = 10.5.9 fail to properly validate redirect URLs which allows attackers to redirect users to malicious sites via crafted OAuth login URLs...

3.1CVSS6.4AI score0.00161EPSS
Exploits0References1
OSV
OSV
added 2025/04/14 3:15 p.m.4 views

CVE-2025-2424

Mattermost versions 10.5.x = 10.5.1, 9.11.x = 9.11.9 fail to check if a file has been deleted when creating a bookmark which allows an attacker who knows the IDs of deleted files to obtain metadata of the files via bookmark creation...

4.3CVSS6.9AI score
Exploits0References1
CNNVD
CNNVD
added 2024/06/12 12:0 a.m.2 views

Dell OS10 Networking Switches Authorization Issues Vulnerability

Dell OS10 Networking Switches is a switch from Dell USA. An authorization issue vulnerability exists in Dell OS10 Networking Switches versions 10.5.6.x, 10.5.5.x, 10.5.4.x, and 10.5.3.x, which stems from an elevation of privilege that allows an authenticated remote attacker...

8.8CVSS7AI score0.00444EPSS
Exploits0References2
Rows per page
Query Builder