Lucene search
K

271 matches found

NVD
NVD
added 2026/03/02 2:16 p.m.13 views

CVE-2026-1628

Mattermost Desktop App versions =5.13.3 fail to attach listeners restricting navigation to external sites within the Mattermost app which allows a malicious server to expose preload script functionality to untrusted servers via having a user open an external link in their Mattermost server...

4.6CVSS0.00136EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/02 1:24 p.m.3 views

CVE-2026-1628 Mattermost allows external websites to open within the app, exposing preload functionality to non-trusted sites.

Mattermost Desktop App versions =5.13.3 fail to attach listeners restricting navigation to external sites within the Mattermost app which allows a malicious server to expose preload script functionality to untrusted servers via having a user open an external link in their Mattermost server...

4.6CVSS5.9AI score0.00136EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/02 1:24 p.m.26 views

CVE-2026-1628 Mattermost allows external websites to open within the app, exposing preload functionality to non-trusted sites.

Mattermost Desktop App versions =5.13.3 fail to attach listeners restricting navigation to external sites within the Mattermost app which allows a malicious server to expose preload script functionality to untrusted servers via having a user open an external link in their Mattermost server...

4.6CVSS0.00136EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/02 1:24 p.m.8 views

EUVD-2026-9174

Mattermost Desktop App versions =5.13.3 fail to attach listeners restricting navigation to external sites within the Mattermost app which allows a malicious server to expose preload script functionality to untrusted servers via having a user open an external link in their Mattermost server...

4.6CVSS5.9AI score0.00136EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/02 1:24 p.m.6 views

CVE-2026-1628

Mattermost Desktop App versions =5.13.3 fail to attach listeners restricting navigation to external sites within the Mattermost app which allows a malicious server to expose preload script functionality to untrusted servers via having a user open an external link in their Mattermost server...

4.6CVSS5.9AI score0.00136EPSS
Exploits0References2
CVE
CVE
added 2026/03/02 1:24 p.m.20 views

CVE-2026-1628

Mattermost Desktop App versions

4.6CVSS5.9AI score0.00136EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.9 views

PT-2026-22584

Mattermost Desktop App versions =5.13.3 fail to attach listeners restricting navigation to external sites within the Mattermost app which allows a malicious server to expose preload script functionality to untrusted servers via having a user open an external link in their Mattermost server...

4.6CVSS5.9AI score0.00136EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/02/16 9:33 p.m.9 views

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

8.9CVSS5.8AI score0.02667EPSS
Exploits0References6
OSV
OSV
added 2026/02/13 1:15 p.m.5 views

OESA-2026-1346 python-urllib3 security update

HTTP library with thread-safe connection pooling, file post support, sanity friendly, and more. Security Fixes: urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loadin...

8.9CVSS7.2AI score0.02667EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/02/03 7:25 a.m.4 views

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

8.9CVSS5.8AI score0.02667EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/02/02 3:49 p.m.4 views

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

8.9CVSS5.8AI score0.02667EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/02/02 2:17 p.m.8 views

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

8.9CVSS5.8AI score0.02667EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/02/02 1:10 p.m.4 views

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

8.9CVSS5.8AI score0.02667EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/02/02 11:50 a.m.4 views

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

8.9CVSS5.8AI score0.02667EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/02/02 6:47 a.m.7 views

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

8.9CVSS5.8AI score0.02667EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/01/26 6:9 p.m.14 views

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

8.9CVSS5.8AI score0.02667EPSS
Exploits0References6
CVE
CVE
added 2026/01/21 6:2 p.m.15 views

CVE-2026-23755

CVE-2026-23755 affects D-Link D-View 8 installer, versions 2.0.1.107 and below. The vulnerability is an uncontrolled search path leading to DLL preloading: during installation, the process loads version.dll from its execution directory when run with elevated privileges via UAC, enabling attacker-...

8.4CVSS5.8AI score0.00141EPSS
Exploits0References2Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/01/15 9:1 a.m.5 views

powerpc/64s/slb: Fix SLB multihit issue during SLB preload

...

7.8CVSS5.3AI score0.0012EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/14 11:45 p.m.7 views

CVE-2025-71078

A Segment Lookaside Buffer SLB multi-hit error vulnerability was found in the Linux kernel's PowerPC 64-bit hash MMU implementation. When a process migrates between CPUs without triggering switchmmucontext because prev and next mmstruct are the same, the hardware SLB and software preload cache ca...

5.5CVSS5.3AI score0.0012EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/01/14 12:25 a.m.5 views

SUSE CVE-2025-71078

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This preload cache is subject to period...

5.5CVSS6.3AI score0.0012EPSS
Exploits0References21
Rows per page
Query Builder