14 matches found
EUVD-2021-8697
Malicious code in bioql PyPI...
EUVD-2024-24521
Malicious code in bioql PyPI...
EUVD-2024-19272
Malicious code in bioql PyPI...
Mattermost Access Control Error Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an Access Control Error vulnerability that stems from improper access control restrictions and can be exploited by an attacker to cause information disclosure...
Mattermost has an unspecified vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost has a security vulnerability that stems from the Wrangler plugin that can bypass AI access control. No details of the vulnerability are provided at this time...
Metasploit Wrap-Up 05/02/2025
Meterpreter Extended API Clipboard Monitoring Security is hard, and Open Source Security is a collaborative effort. This week, Metasploit released a fix for a vulnerability that was privately disclosed to us by long-time community member bcoles. The vulnerability in question impacted Metasploit...
CVE-2025-30368 Zulip allows the deletion of organization by administrators of a different organization
Zulip is an open-source team collaboration tool. The API for deleting an organization export is supposed to be restricted to organization administrators, but its handler failed to check that the field belongs to the same organization as the user. Therefore, an administrator of any organization wa...
Mattermost SQL Injection Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a SQL injection vulnerability that stems from the use of uncompiled statements, which can be exploited by an attacker to retrieve database data via a specially designed sorting...
Mattermost Information Disclosure Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an information disclosure vulnerability that stems from an inability to properly filter channel data, which can be exploited by an attacker to obtain private channel names using...
Mattermost File Upload Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a file upload vulnerability that stems from the application's lack of effective validation of uploaded files. An attacker can exploit this vulnerability to upload malicious file...
Mattermost Input Validation Error Vulnerability (CNVD-2023-55047)
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an input validation error vulnerability that stems from Mattermost's inability to validate all parameters when creating scripts that run through the /dialog API, which can be...
Mattermost Access Control Error Vulnerability (CNVD-2023-55043)
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an Access Control Error vulnerability that stems from not checking the identity of a channel member when accessing a message thread, which can be exploited by an attacker to...
Mattermost has an unspecified vulnerability (CNVD-2022-65346)
Mattermost is an open source collaboration platform from Mattermost, Inc. Guest is an application product. Mattermost 6.7.0 and earlier versions have a security vulnerability that stems from the guest account feature not properly restricting permissions, which could be exploited by an attacker to...
Open-Source Collaboration Framework: Dradis
Collaboration and reporting framework for InfoSec teams Some of the features: Platform independent Markup support for the notes: text styles, code blocks, images, links, etc. Integration with existing systems and tools: Brakeman Burp Suite MediaWiki Metasploit Nessus NeXpose Nikto Nmap OpenVAS...