Improper Authentication

github.com/mattermost/mattermost-server is vulnerable to improper authentication. The vulnerability is due to the failure to negotiate a new token when accepting an invite, which allows an attacker who intercepts both the invite and password to send synchronization payloads to the original server...

CVE-2019-14277

Axway SecureTransport 5.x through 5.3 or 5.x through 5.5 with certain API configuration is vulnerable to unauthenticated blind XML injection and XXE in the resetPassword functionality via the REST API. This vulnerability can lead to local file disclosure, DoS, or URI invocation attacks i.e., SSRF...

CVE-2024-42194

An improper handling of insufficient permissions or privileges affects HCL BigFix Inventory. An attacker having access via a read-only account can possibly change certain configuration parameters by crafting a specific REST API call...

Wordpress content injection vulnerability induced Super of 67,000 a site being black production use-vulnerability warning-the black bar safety net

! http://p7.qhimg.com/t0103be813526052f73.jpg From the latest WordPress vulnerability over 67,000 sites to be attacked If your website uses WordPress, and there is no timely update official last week released a patch, upgrade to v4. 7. 2 versions, then your site is likely to be this 4 a hacking...