5 matches found
CVE-2025-62690
Mattermost versions 10.11.x = 10.11.4 fail to validate redirect URLs on the /error page, which allows an attacker to redirect a victim to a malicious site via a crafted link opened in a new tab...
Sentry 安全漏洞
Sentry is a developer-oriented bug tracking and performance monitoring platform from Sentry Open Source. A security vulnerability exists in Sentry versions 10.11.0 through prior to 10.27.0, which stems from the possibility of sending sensitive HTTP headers that could lead to elevated privileges...
Malicious code in search-result (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6ddb1c5d5505a20da7fa64201ed64cc4b487447debb5dfac4a7d1398b93bcb1a The OpenSSF Package Analysis project identified 'search-result' @ 10.11.0 npm as malicious. It is considered malicious because: - The package...
Directus 代码问题漏洞
Directus is a real-time Api and application dashboard. It is used to manage Sql database content. A code issue vulnerability exists in Directus versions prior to 10.11.0, which stems from a session token feature that does not expire upon logout...
Apple OS X Directory Utility Privilege Gain Vulnerability
Apple OS X is a specialized operating system developed by Apple for Mac computers. A security vulnerability exists in the Directory Utility in Apple OS X 10.11.0 and earlier versions, which arises from the program failing to properly handle authentication for new sessions. A local attacker could...