Mattermost Server 9.5.x < 9.5.9 / 9.10.x < 9.10.2 / 9.11.x < 9.11.1 Multiple Vulnerabilities

The version of Mattermost Server installed on the remote host is prior to 9.5.9, 9.10.2, or 9.11.1. It is, therefore, affected by multiple vulnerabilities. - Mattermost versions 9.10.x = 9.10.2, 9.11.x = 9.11.1, 9.5.x = 9.5.9 fail to sanitize user inputs in the frontend that are used for...

CVE-2024-47401

CVE-2024-47401 affects Mattermost Playbooks in versions 9.10.x up to 9.10.2, 9.11.x up to 9.11.1, and 9.5.x up to 9.5.9. The issue arises because the product does not prevent detailed error messages from being displayed, enabling an attacker to generate a large response and trigger an amplified G...

CVE-2018-19791

The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 does not correctly handle requests for byte sequences, allowing an attacker to amplify the response size by requesting the entire response body repeatedly, as demonstrated by an HTTP Range header value beginning with the "bytes=0-,0-" substri...

GameSpy 3D Based Games Spoofed UDP Response Amplification DDoS

The remote host is running a GameSpy server. This service is used to host a gaming server. Since it uses UDP as its transport layer and sends multiple UDP packets in response to one request, an attacker can abuse it to flood a third-party host with traffic by sending a spoofed UDP packet with the...