CVE Security

An LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server in Apache CXF may allow an attacker to retrieve arbitrary certif...

Applications


                                    CVE-2026-44930

Lire l'article

medium 6.1

29/05/2026

Vulnérabilité medium détectée - CVE-2025-26483

Dell PowerFlex Manager, versions 4.6.2 and prior, contains an Open Redirect Vulnerability. An unauthenticated attacker could potentially exploit this ...

Applications


                                    CVE-2025-26483

Lire l'article

medium 4.2

29/05/2026

Vulnérabilité medium détectée - CVE-2025-32745

Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Improper Certificate Validation vulnerability. An unauthenticated attacker with adjacent net...

Applications


                                    CVE-2025-32745

Lire l'article

medium 6.5

28/05/2026

Vulnérabilité medium détectée - CVE-2026-5755

Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.2, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate the TIFF IFD offset i...

Applications


                                    CVE-2026-5755

Lire l'article

medium 5.9

28/05/2026

Vulnérabilité medium détectée - CVE-2026-3473

Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate file ownership and access control, whic...

Applications


                                    CVE-2026-3473

Lire l'article

medium 4.3

28/05/2026

Vulnérabilité medium détectée - CVE-2026-3636

Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to sanitize team member data when returned via API ...

Applications


                                    CVE-2026-3636

Lire l'article

medium 6.5

28/05/2026

Vulnérabilité medium détectée - CVE-2026-4635

Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to archive the channel before removing persistent n...

Applications


                                    CVE-2026-4635

Lire l'article

medium 4.3

28/05/2026

Vulnérabilité medium détectée - CVE-2026-4646

Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate user-supplied input in API request hand...

Applications


                                    CVE-2026-4646

Lire l'article

medium 4.9

28/05/2026

Vulnérabilité medium détectée - CVE-2026-5308

Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to enforce request body size limits on plugin HTTP ...

Applications


                                    CVE-2026-5308

Lire l'article

high 7.5

28/05/2026

Vulnérabilité high détectée - CVE-2026-5740

Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to properly validate msgpack-encoded WebSocket fram...

Applications


                                    CVE-2026-5740

Lire l'article

unknown

28/05/2026

Vulnérabilité unknown détectée - CVE-2026-25607

Use of a weak password encoding algorithm in STER software allows the value of the password to be guessed after analyzing how passwords with known val...

Applications


                                    CVE-2026-25607

Lire l'article

unknown

28/05/2026

Vulnérabilité unknown détectée - CVE-2026-25608

STER uses unencrypted TCP traffic to transmit data over the network. It allows an attacker to conduct a Man-In-The-Middle attack and obtain sensitive...

Applications


                                    CVE-2026-25608

Lire l'article

14 15 16 17 18