Lucene search
+L

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-1249

Malware in sbrugna...

6.5CVSS6.6AI score0.01278EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-34720

Malicious code in bioql PyPI...

2.7CVSS3.9AI score0.00693EPSS
Exploits0References3
OSV
OSV
added 2024/02/29 8:8 a.m.7 views

CVE-2024-1888 Existing server guests invited to the team by members without "invite_guest" permission

Mattermost fails to check the "inviteguest" permission when inviting guests of other teams to a team, allowing a member with permissions to add other members but not to add guests to add a guest to a team as long as the guest was already a guest in another team of the server...

4.3CVSS6AI score0.00331EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/05/19 8:44 p.m.9 views

CVE-2023-32677 Users who can send invitations can erroneously add users to streams during invitation in Zulip

Zulip is an open-source team collaboration tool with unique topic-based threading. Zulip administrators can configure Zulip to limit who can add users to streams, and separately to limit who can invite users to the organization. In Zulip Server 6.1 and below, the UI which allows a user to invite ...

3.1CVSS3.6AI score0.00563EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/04/19 8:26 p.m.6 views

CVE-2022-1385 Invitation Email is resent as a Reminder after invalidating pending email invites

Mattermost 6.4.x and earlier fails to properly invalidate pending email invitations when the action is performed from the system console, which allows accidentally invited users to join the workspace and access information from the public teams and channels...

3.7CVSS6.5AI score0.0083EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/03/18 6:0 p.m.9 views

CVE-2022-1002 HTML Injection while inviting Guests

Mattermost 6.3.0 and earlier fails to properly sanitize the HTML content in the email invitation sent to guest users, which allows registered users with special permissions to invite guest users to inject unescaped HTML content in the email invitations...

2CVSS5.6AI score0.00639EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.29 views

openSUSE Security Update : mailman (openSUSE-2019-495)

This update for mailman to version 2.1.27 fixes the following issues : This security issue was fixed : - CVE-2018-0618: Additional protections against injecting scripts into listinfo and error messages pages bsc1099510. These non-security issues were fixed : - The hash generated when...

5.4CVSS6.3AI score0.02048EPSS
Exploits0References2
Hacker One
Hacker One
added 2015/04/16 5:36 p.m.20 views

Shopify: Invitation issue

Only the the store owner is allowed to create new staff members, but staff members with full access can take over other invited staff members' accounts using the invitation link that was available in Settings - Account page. To resolve this, we changed the display of the Account page so only the...

4.6AI score
Exploits0
Rows per page
Query Builder