Filtered by vendor Q-free
Subscribe
Total
41 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-26375 | 1 Q-free | 1 Maxtime | 2025-04-10 | N/A | 8.8 HIGH |
| A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated (low-privileged) attacker to create users with arbitrary privileges via crafted HTTP requests. | |||||