6 matches found
Mattermost Desktop < 6.0.0 (MMSA-2025-00520)
The version of Mattermost Desktop installed on the remote host is prior to 6.0.0. It is, therefore, affected by a vulnerability as referenced in the MMSA-2025-00520 advisory. - Mattermost Desktop App versions 6.0.0 fail to sanitize sensitive information from Mattermost logs and clear data on serv...
EUVD-2025-7665
Malicious code in bioql PyPI...
EUVD-2024-16585
Malicious code in bioql PyPI...
CVE-2024-10762 Missing Authorization in lunary-ai/lunary
In lunary-ai/lunary before version 1.5.9, the /v1/evaluators/ endpoint allows users to delete evaluators of a project by sending a DELETE request. However, the route lacks proper access control, such as middleware to ensure that only users with appropriate roles can delete evaluator data. This...
CVE-2024-5935 CSRF Vulnerability in imartinez/privategpt
A Cross-Site Request Forgery CSRF vulnerability in version 0.5.0 of imartinez/privategpt allows an attacker to delete all uploaded files on the server. This can lead to data loss and service disruption for the application's users...
CVE-2024-3761
In lunary-ai/lunary, version 1.2.2 contains an unauthorized deletion vulnerability on the DELETE endpoint at packages/backend/src/api/v1/datasets due to missing authorization/authentication. This allows any user (no token required) to delete a dataset, potentially causing data loss or service dis...