[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 251453 Download | Alert*

An issue was discovered in Mattermost Server before 4.8.1, 4.7.4, and 4.6.3. An e-mail invite accidentally included the team invite_id, which leads to unintended excessive invitation privileges.

An issue was discovered in Mattermost Server before 4.7.3. It allows attackers to cause a denial of service (application crash) via invalid LaTeX text.

An issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. An attacker could authenticate to a different user's account via a crafted SAML response.

An issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. It did not enforce the expiration date of a SAML response.

An issue was discovered in Mattermost Desktop App before 4.0.0. It mishandled the Same Origin Policy for setPermissionRequestHandler (e.g., video, audio, and notifications).

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none

The traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec() method, which is considered to be not entirely safe, is used. In particular, an OS command can be placed after a newline character.

checkpath in OpenRC through 0.42.1 might allow local users to take ownership of arbitrary files because a non-terminal path component can be a symlink.

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none


Pages:      Start    10639    10640    10641    10642    10643    10644    10645    10646    10647    10648    10649    10650    10651    10652    ..   25145

© SecPod Technologies