GoBGP 数字错误漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Versions of GoBGP prior to 4.3.0 contained a numerical error vulnerability. This vulnerability stemmed from an integer underflow in the function parseRibEntry within the file pkg/packet/mrt/mrt.go, allowi...

TIS security vulnerabilities

TIS is an agile code development platform open source by Datavane. Versions of TIS prior to v4.3.0 contained security vulnerabilities, which were caused by an infinite loop in the program file ChangeDomainAction.Java that lacked proper exit conditions...

SUSE CVE-2017-18877

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS attacks could occur against an OAuth 2.0 allow/deny page...

Mautic 跨站脚本漏洞

Mautic is a marketing automation software. A cross-site scripting vulnerability exists in versions of Mautic prior to 4.3.0. The vulnerability stems from the failure of the installer logic to adequately filter the input of installation information, which could be exploited to inject executable...

GHSA-35C4-5QFP-WXJ6 Mattermost Server exposes team creator's e-mail address to other members

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It discloses the team creator's e-mail address to members...

PT-2020-15810 · Powerdns +1 · Powerdns Authoritative +2

Name of the Vulnerable Software and Affected Versions: PowerDNS Authoritative versions prior to 4.3.0 Description: A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG signature when th...

Unspecified vulnerability in wolfSSL (CNVD-2020-01645)

wolfSSL formerly known as CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. A security vulnerability exists in wolfSSL versions prior to 4.3.0, which can be exploited by an attacker to perform a side-channel atta...