Cellopoint Secure Email Gateway Security Vulnerability

Cellopoint Secure Email Gateway Cellopoint SEG is a secure email gateway from Cellopoint China. A security vulnerability exists in Cellopoint Secure Email Gateway versions prior to 4.5.0, which originates from failure to properly validate user input, resulting in a buffer overflow vulnerability...

CVE-2023-50919

An issue was discovered on GL.iNet devices before version 4.5.0. There is an NGINX authentication bypass via Lua string pattern matching. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR30...

CVE-2023-47464

Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code via the upload API function...

CVE-2023-47463

Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code via a crafted script to the glnassys authentication function...

PT-2022-14565 · WordPress · Sensei Lms

Name of the Vulnerable Software and Affected Versions: Sensei LMS WordPress plugin versions prior to 4.5.0 Description: The issue allows unauthenticated users to access private messages sent to teachers due to improper permissions set in one of its REST endpoints. Recommendations: For versions...

Mattermost Server has mishandled webhook access control

An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, and 4.3.4. It mishandled webhook access control in the EnableOnlyAdminIntegrations case...

PYSEC-2021-121

An XML external entity XXE injection in PyWPS before 4.5.0 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected...