Mattermost Code Issue Vulnerability (CNVD-2023-55039)

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost has a code issue vulnerability that can be exploited by an attacker with administrator privileges to maintain privileges by obtaining an oauth2 access token...

Open-Xchange App Suite 代码问题漏洞

Open-Xchange AppSuite is a set of Web cloud desktop environments from Open-Xchange Germany. The environment allows users to manage email, tasks, files, etc. more intuitively. A code issue vulnerability exists in Open-Xchange App Suite that stems from the ability to call file system and network...

Mattermost 代码问题漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost has a code issue vulnerability that can be exploited by an attacker with administrator privileges to maintain privileges by obtaining an oauth2 access token...

Supplier Management System 代码问题漏洞

Supplier Management System is a supplier management system. A code issue vulnerability exists in code-projects Supplier Management System version 1.0, which stems from not limiting the number of times a file can be uploaded...

Google Android 代码问题漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a code issue vulnerability that can be exploited by an attacker to cause a local elevation of privilege that requires no additional execute privileges...

Dahua Smart Parking Management 代码问题漏洞

Dahua Smart Parking Management is a parking solution from Dahua, China. A code issue vulnerability exists in Dahua Smart Parking Management 20230528 and prior versions, which stems from an issue with unknown code in the file /ipms/imageConvert/image, where manipulation of the parameter fileUrl ca...

GPAC 代码问题漏洞

GPAC is an open source multimedia framework. A code issue vulnerability exists in GPAC versions prior to 2.2.2 that stems from a null pointer dereference...

Filmora 代码问题漏洞

Filmora is a super simple and easy to use movie editing software from Filmora. Filmora 12 suffers from a code issue vulnerability that stems from being susceptible to an unquoted service path vulnerability that results in privilege escalation on affected systems...

TONGDA Office Anywhere 代码问题漏洞

TONGDA Office Anywhere is a collaborative office OA system. A code issue vulnerability exists in TONGDA Office Anywhere version 11.10, which stems from a problem with the function actionGetdata in the file GatewayController.php, which can lead to unrestricted uploads...

HID Global DigitalPersona FPSensor 代码问题漏洞

HID Global DigitalPersona is a new method of providing authentication services to users from HID Global. A code issue vulnerability exists in HID Global DigitalPersona FPSensor version 1.0.0.1, which stems from a problem with the file C:Program Files x86FPSensorinDpHost.exe, which results in an...

OpenProject 代码问题漏洞

OpenProject is an open source Web-based project management software . The software features project planning, task management, bug tracking and cost budgeting. A code issue vulnerability exists in OpenProject versions 7.4.0 through 12.5.4 that stems from an existing login session for a user accou...

IBM Cloud Pak System 代码问题漏洞

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing and moving application environments across hybrid clouds. A code issue vulnerability exists in IBM Cloud Pak...

Apache StreamPark 代码问题漏洞

Apache StreamPark is a streaming media application development framework from the Apache Foundation. Apache StreamPark suffers from a code issue vulnerability that stems from allowing any user to upload a jar as an application, but not forcing validation of the uploaded file type, leading to the...

Schneider Electric Easergy Builder Code Issue Vulnerability

Schneider Electric Easergy Builder is a set of configuration software for Easergy remote terminal units and controllers from Schneider Electric, France. A code issue vulnerability exists in Schneider Electric Easergy Builder version 1.7.23 and earlier, which stems from the presence of an...

Mozilla Firefox ESR code issue vulnerability (CNVD-2023-75346)

Mozilla Firefox ESR is an extended support release of Firefox web browser from the Mozilla Foundation in the United States. Mozilla Firefox ESR suffers from a code issue vulnerability that stems from an incorrect lowering instruction in the Ion compiler, which can be exploited by an attacker to...

Juniper Networks Junos OS 代码问题漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A code issue vulnerability exists in Juniper Networks Junos OS that stems from the fact that in a 6PE scenario, if...

MGASA-2023-0147 Updated thunderbird packages fix security vulnerability

Fullscreen notification obscured. CVE-2023-29533 Double-free in libwebp. MFSA-TMP-2023-0001 Potential Memory Corruption following Garbage Collector compaction. CVE-2023-29535 Invalid free from JavaScript code. CVE-2023-29536 Revocation status of S/Mime recipient certificates was not checked...

DataGear 代码问题漏洞

DataGear is an open source and free data visualization and analysis platform from DataGear, Inc. A code issue vulnerability exists in DataGear versions prior to 4.5.1, which stems from a problem with the component JDBC server handler that can lead to deserialization...

Froxlor 代码问题漏洞

Froxlor is a lightweight server management software from the Froxlor team. A code issue vulnerability exists in Froxlor versions prior to 2.0.14, which stems from the presence of unrestricted uploads of dangerous types of files...

Qualcomm Chipsets 代码问题漏洞

Qualcomm Chipsets are a series of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets. An attacker exploiting this vulnerability could cause a denial of service...