385 matches found
SUSE CVE-2025-24866
Mattermost versions 9.11.x = 9.11.8 fail to enforce proper access controls on the /api/v4/audits endpoint, allowing users with delegated granular administration roles who lack access to Compliance Monitoring to retrieve User Activity Logs...
GO-2025-3604 Mattermost Fails to Enforce Proper Access Controls on `/api/v4/audits` Endpoint in github.com/mattermost/mattermost-server
Mattermost Fails to Enforce Proper Access Controls on /api/v4/audits Endpoint in github.com/mattermost/mattermost-server...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization through the /api/v4/audits endpoint. An attacker can retrieve User Activity Logs by exploiting insufficient access controls, despite not having the required permissions for Compliance Monitoring. Remediation...
Incorrect Authorization
Overview github.com/mattermost/mattermost/server/channels/app is a private-cloud Slack alternative Affected versions of this package are vulnerable to Incorrect Authorization through the /api/v4/audits endpoint. An attacker can retrieve User Activity Logs by exploiting insufficient access control...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization through the /api/v4/audits endpoint. An attacker can retrieve User Activity Logs by exploiting insufficient access controls, despite not having the required permissions for Compliance Monitoring. Remediation...
CVE-2025-24866 Unauthorized Access to User Activity Logs API by delegated granular administration roles
Mattermost versions 9.11.x = 9.11.8 fail to enforce proper access controls on the /api/v4/audits endpoint, allowing users with delegated granular administration roles who lack access to Compliance Monitoring to retrieve User Activity Logs...
Stable Channel Update for Desktop
The Stable channel has been updated to 134.0.6998.117/.118 for Windows, Mac and 134.0.6998.117 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Extended stable channel has been updated to 134.0.6998.118 for Win/Mac and will ro...
Issuetrak 安全漏洞
Issuetrak is an issue tracking software from Issuetrak, Inc. A security vulnerability exists in Issuetrak v17.2.2 and prior versions, which stems from an insecure direct object reference in the auditing component that could lead to a low-privileged user accessing another user's audit results,...
openSUSE Security Advisory (openSUSE-SU-2025:0077-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2025:0077-1 Security update for chromium
This update for chromium fixes the following issues: Chromium 133.0.6943.141 boo1237699: This update includes 1 security fix. Various fixes from internal audits, fuzzing and other initiatives - fix build with qt6 and enable qt6 also for 15.x...
PT-2025-19433 · Opensuse +1 · Chromium
Name of the Vulnerable Software and Affected Versions: Chromium version 133.0.6943.141 Description: This update addresses a security issue identified through internal audits and fuzzing. The update includes fixes from these initiatives. Recommendations: Update to Chromium version 133.0.6943.141...
Securing Dynamic Cloud Environments: Best Practices for Comprehensive Scanning
As organizations increasingly adopt cloud-native development, the complexity of securing dynamic environments continues to grow. Vulnerability scanning remains a cornerstone of cloud security, enabling organizations to identify and address risks effectively. However, with the increasing prevalenc...
Stable Channel Update for Desktop
The Stable channel has been updated to 132.0.6834.159/160 for Windows, Mac and 132.0.6834.159 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. The extended stable channel has been updated to 132.0.6834.160 Windows, Mac and wil...
Malicious code in ig-lighthouse-security-audits (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 226acd90be6fefc4cd12da9d6b73604ee919205ed49e1e44f5d336b5576c3717 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-575 Malicious code in ig-lighthouse-security-audits (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 226acd90be6fefc4cd12da9d6b73604ee919205ed49e1e44f5d336b5576c3717 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Stable Channel Update for Desktop
The Stable channel has been updated to 131.0.6778.264/.265 for Windows, Mac and 131.0.6778.264 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept...
New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits
The United States Department of Health and Human Services' HHS Office for Civil Rights OCR has proposed new cybersecurity requirements for healthcare organizations with an aim to safeguard patients' data against potential cyber attacks. The proposal, which seeks to modify the Health Insurance...
PT-2024-9874 · Pwndoc · Pwndoc
Name of the Vulnerable Software and Affected Versions: PwnDoc versions up to and including 0.5.3 Description: The issue is related to insufficient input validation in the audits interface of the PwnDoc tool, which can be exploited by an authenticated user to crash the backend by raising an...
Stable Channel Update for Desktop
The Stable channel has been updated to 131.0.6778.139/.140 for Windows, Mac and 131.0.6778.139 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept...
Stable Channel Update for Desktop
The Stable channel has been updated to 131.0.6778.108/.109 for Windows, Mac and 131.0.6778.108 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept...