CVE-2024-1949

LOW Year: 2024
CVSS v3 Score
2.6
Low
Weakness Type
CWE-200
View all →

Vulnerability Description

A race condition in Mattermost versions 8.1.x before 8.1.9, and 9.4.x before 9.4.2 allows an authenticated attacker to gain unauthorized access to individual posts' contents via carefully timed post creation while another user deletes posts.

Related Vulnerabilities

CVE-2015-4961

LOW
CVSS:2.6(Low)

IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108 FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A be...

CWE-2002015

CVE-2017-0096

LOW
CVSS:2.6(Low)

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows gue...

CWE-2002017

CVE-2024-52513

LOW
CVSS:2.6(Low)

Nextcloud Server is a self hosted personal cloud system. After receiving a "Files drop" or "Password protected" share link a malicious user was able to download attachments that are referenced in Text...

CWE-2002024

CVE-2024-7391

LOW
CVSS:2.6(Low)

ChargePoint Home Flex Bluetooth Low Energy Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Cha...

CWE-2002024

CVE-2025-20030

LOW
CVSS:2.6(Low)

Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable information discl...

CWE-2002025

CVE-2016-0259

LOW
CVSS:2.5(Low)

runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass an intended +dsp authority requirement and obtain sensitive information via unspecified display commands.

CWE-2002016