Norton Antivirus, Norton AntiVirus With Backup, Norton Security, Norton Security With Backup, Norton Internet Security, Norton 360 Security Vulnerabilities

CubeFS leaks users key in logs in github.com/cubefs/cubefs

CubeFS leaks users key in logs in...

Etcd auth Inaccurate logging of authentication attempts for users with CN-based auth only in go.etcd.io/etcd

Etcd auth Inaccurate logging of authentication attempts for users with CN-based auth only in...

1Panel set-cookie is missing the Secure keyword in github.com/1Panel-dev/1Panel

1Panel set-cookie is missing the Secure keyword in...

Etcd Gateway TLS endpoint validation only confirms TCP reachability in go.etcd.io/etcd

Etcd Gateway TLS endpoint validation only confirms TCP reachability in...

OpenFGA denial of service in github.com/openfga/openfga

OpenFGA denial of service in...

Go package github.com/notaryproject/notation configured with permissive trust policies potentially susceptible to rollback attack from compromised registry

Go package github.com/notaryproject/notation configured with permissive trust policies potentially susceptible to rollback attack from compromised...

Improper Validation of Array Index in github.com/greenpau/caddy-security

Improper Validation of Array Index in...

Mattermost post fetching without auditing in compliance export in github.com/mattermost/mattermost-server

Mattermost post fetching without auditing in compliance export in...

Minder trusts client-provided mapping from repo name to upstream ID in github.com/stacklok/minder

Minder trusts client-provided mapping from repo name to upstream ID in...

Open Redirect in github.com/greenpau/caddy-security

Open Redirect in...

APM Server vulnerable to Insertion of Sensitive Information into Log File in github.com/elastic/apm-server

APM Server vulnerable to Insertion of Sensitive Information into Log File in...

caddy-security plugin for Caddy vulnerable to reflected Cross-site Scripting in github.com/greenpau/caddy-security

caddy-security plugin for Caddy vulnerable to reflected Cross-site Scripting in...

Use of Insufficiently Random Values in github.com/greenpau/caddy-security

Use of Insufficiently Random Values in...

Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server

Mattermost viewing archived public channels permissions vulnerability in...

Apache Answer Race Condition vulnerability in github.com/apache/incubator-answer

Apache Answer Race Condition vulnerability in...

Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

Mattermost notified all users in the channel when using WebSockets to respond individually in...

Moby (Docker Engine) Insufficiently restricted permissions on data directory in github.com/docker/docker

Moby (Docker Engine) Insufficiently restricted permissions on data directory in...

Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server

Mattermost allows demoted guests to change group names in...

Teleport Access List owners can escalate their privileges in github.com/gravitational/teleport

Teleport Access List owners can escalate their privileges in...

Ingress-nginx code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation in k8s.io/ingress-nginx

Ingress-nginx code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation in...

Mattermost race condition in github.com/mattermost/mattermost-server

Mattermost race condition in...

Rancher permissions on 'namespaces' in any API group grants 'edit' permissions on namespaces in 'core' in github.com/rancher/rancher

Rancher permissions on 'namespaces' in any API group grants 'edit' permissions on namespaces in 'core' in...

Improper Restriction of Excessive Authentication Attempts in github.com/greenpau/caddy-security

Improper Restriction of Excessive Authentication Attempts in...

Etcd embed auto compaction retention negative value causing a compaction loop or a crash in go.etcd.io/etcd

Etcd embed auto compaction retention negative value causing a compaction loop or a crash in...

Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers in github.com/dexidp/dex

Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers in...

Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server

Mattermost Cross-site Scripting vulnerability in...

Mattermost allows attackers access to posts in channels they are not a member of in github.com/mattermost/mattermost-server

Mattermost allows attackers access to posts in channels they are not a member of in...

Server-Side Request Forgery in github.com/greenpau/caddy-security

Server-Side Request Forgery in...

Authentik vulnerable to PKCE downgrade attack in goauthentik.io

Authentik vulnerable to PKCE downgrade attack in...

Cross-site Scripting in github.com/greenpau/caddy-security

Cross-site Scripting in...

Grafana information disclosure in github.com/grafana/grafana

Grafana information disclosure in...

Apache ServiceComb Service-Center Server-Side Request Forgery vulnerability in github.com/apache/servicecomb-service-center

Apache ServiceComb Service-Center Server-Side Request Forgery vulnerability in...

Classic builder cache poisoning in github.com/docker/docker

Classic builder cache poisoning in...

Rancher 'Audit Log' leaks sensitive information in github.com/rancher/rancher

Rancher 'Audit Log' leaks sensitive information in...

Mattermost Jira Plugin does not properly check security levels in github.com/mattermost/mattermost-plugin-jira

Mattermost Jira Plugin does not properly check security levels in...

CubeFS leaks magic secret key when starting Blobstore access service in github.com/cubefs/cubefs

CubeFS leaks magic secret key when starting Blobstore access service in...

Minio unsafe default: Access keys inherit `admin` of root user, allowing privilege escalation in github.com/minio/minio

Minio unsafe default: Access keys inherit admin of root user, allowing privilege escalation in...

Mattermost fails to check the "invite_guest" permission in github.com/mattermost/mattermost-server

Mattermost fails to check the "invite_guest" permission in...

Improper Neutralization of HTTP Headers in github.com/greenpau/caddy-security

Improper Neutralization of HTTP Headers in...

Mattermost fails to properly restrict the access of files attached to posts in github.com/mattermost/mattermost-server

Mattermost fails to properly restrict the access of files attached to posts in...

Mattermost denial of service through long emoji value in github.com/mattermost/mattermost-server

Mattermost denial of service through long emoji value in...

CubeFS timing attack can leak user passwords in github.com/cubefs/cubefs

CubeFS timing attack can leak user passwords in...

SFTP is possible on the Proxy server for any user with SFTP access in github.com/gravitational/teleport

SFTP is possible on the Proxy server for any user with SFTP access in...

The DES/3DES cipher was used as part of the TLS protocol by installation tools in github.com/karmada-io/karmada

The DES/3DES cipher was used as part of the TLS protocol by installation tools in...

Insecure random string generator used for sensitive data in github.com/cubefs/cubefs

Insecure random string generator used for sensitive data in...

Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI

Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in...

Mattermost vulnerable to denial of service via large number of emoji reactions in github.com/mattermost/mattermost-server

Mattermost vulnerable to denial of service via large number of emoji reactions in...

Apache ServiceComb Service-Center Exposure of Sensitive Information to an Unauthorized Actor vulnerability in github.com/apache/servicecomb-service-center

Apache ServiceComb Service-Center Exposure of Sensitive Information to an Unauthorized Actor vulnerability in...

Authenticated users can crash the CubeFS servers with maliciously crafted requests in github.com/cubefs/cubefs

Authenticated users can crash the CubeFS servers with maliciously crafted requests in...

Insufficient Session Expiration in github.com/greenpau/caddy-security

Insufficient Session Expiration in...