9 matches found
CVE-2022-31017
Zulip is an open-source team collaboration tool. Versions 2.1.0 through and including 5.2 are vulnerable to a logic error. A stream configured as private with protected history, where new subscribers should not be allowed to see messages sent before they were subscribed, when edited causes the...
EUVD-2022-52718
Malicious code in bioql PyPI...
CVE-2025-2311
CVE-2025-2311 affects Sechard Information Technologies’ SecHard prior to 3.3.0.20220411. The root causes cited are Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, and Insufficiently Protected Credentials. Exposed impacts include Authentication Bypass, Interface ...
CVE-2022-31017
Zulip is an open-source team collaboration tool. Versions 2.1.0 through and including 5.2 are vulnerable to a logic error. A stream configured as private with protected history, where new subscribers should not be allowed to see messages sent before they were subscribed, when edited causes the...
Input validation
Zulip is an open-source team collaboration tool. Versions 2.1.0 through and including 5.2 are vulnerable to a logic error. A stream configured as private with protected history, where new subscribers should not be allowed to see messages sent before they were subscribed, when edited causes the...
CVE-2022-31017 Expression Always True vulnerability in Zulip Server
Zulip is an open-source team collaboration tool. Versions 2.1.0 through and including 5.2 are vulnerable to a logic error. A stream configured as private with protected history, where new subscribers should not be allowed to see messages sent before they were subscribed, when edited causes the...
CVE-2022-31017 Expression Always True vulnerability in Zulip Server
Zulip is an open-source team collaboration tool. Versions 2.1.0 through and including 5.2 are vulnerable to a logic error. A stream configured as private with protected history, where new subscribers should not be allowed to see messages sent before they were subscribed, when edited causes the...
CVE-2022-31017
Zulip Server contains a logic error in versions 2.1.0 through 5.2 where a private stream with protected history, upon edits, erroneously causes an API event that includes the edited message to all current subscribers. The issue stems from the server sending the edited message via an API event to ...
DIALink cross-site scripting vulnerability (CNVD-2021-84840)
DIALink is an equipment networking platform from Delta Electronics that effectively manages CNC machines and PLC-controlled machines, collects on-site equipment data and connects it to the upper management platform through a unified interface, and at the same time provides visual information...