9 matches found
Mattermost fails to sanitize team email addresses
Mattermost versions 11.0.x = 11.0.2, 10.12.x = 10.12.1, 10.11.x = 10.11.4, 10.5.x = 10.5.12 fail to sanitize team email addresses to be visible only to Team Admins, which allows any authenticated user to view team email addresses via the GET /api/v4/channels/channelid/commonteams endpoint...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the MSTeams plugin OAuth flow. An attacker can modify arbitrary posts by sending a crafted OAuth redirect URL. Remediation Upgrade...
CVE-2025-43484
A potential reflected cross-site scripting vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The website does not validate or sanitize the user input before rendering it in the response. HP has addressed the issue in the latest software update...
HP Poly Clariti Manager 安全漏洞
HP Poly Clariti Manager is a centralized management, control, and optimization software for video conferencing infrastructure from Hewlett-Packard HP in the United States. A security vulnerability exists in HP Poly Clariti Manager versions prior to 10.12.1, which stems from a vulnerability that...
CVE-2025-43489
CVE-2025-43489 affects Hewlett-Packard Poly Clariti Manager prior to 10.12.1. The issue is a deserialization of untrusted data without validation in Poly Clariti Manager. HP has addressed the issue in the latest software update (version 10.12.1 or later). Connected documents confirm the affected ...
CVE-2025-43486 Poly Clariti Manager - Multiple Security Vulnerabilities
A potential stored cross-site scripting vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The website allows user input to be stored and rendered without proper sanitization. HP has addressed the issue in the latest software update...
PT-2025-30501 · Poly · Poly Clariti Manager
Name of the Vulnerable Software and Affected Versions: Poly Clariti Manager versions prior to 10.12.1 Description: A security issue has been identified in Poly Clariti Manager that may allow the retrieval of hardcoded cryptographic keys. Recommendations: Update Poly Clariti Manager to version...
CVE-2016-4678
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "AppleSMC" component. It allows local users to gain privileges or cause a denial of service NULL pointer dereference via unspecified vectors...
Apple macOS Sierra Mail Denial of Service Vulnerability
Apple macOS Sierra is a dedicated operating system for Mac computers developed by Apple Inc. Mail is one of the mail modules. A denial of service vulnerability exists in Mail in Apple macOS Sierra versions prior to 10.12.1. An attacker can exploit this vulnerability to cause a denial of service v...