Mattermost doesn't enforce slash command trigger-word uniqueness during command updates

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13, 11.4.x = 11.4.3 Fail to enforce slash command trigger-word uniqueness during command updates which allows an authenticated team member with Manage Own Slash Commands permission to hijack and impersonate existing system or custom slash...

EUVD-2019-11329

Malware in sbrugna...

MonetDB SQL注入漏洞

MonetDB is an open source column-oriented relational database management system from MonetDB Open Source. A SQL injection vulnerability exists in MonetDB version v11.49.1, which stems from an issue contained in the iscolumnunique component. An attacker exploiting this vulnerability could cause a...

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud has a security vulnerability that stems from an MD5 hash being used to check the uniqueness of background jobs. This increases the likelihood tha...

SUSE CVE-2019-20792

OpenSC before 0.20.0 has a double free in coolkeyfreeprivatedata because coolkeyaddobject in libopensc/card-coolkey.c lacks a uniqueness check...

Does not check uniqueness of ShareHolder

Handle hack3r-0m Vulnerability details does not check if there is already a shareholder before creating a new shareholder. this will cause an issue in findShareHolder since it will return the first shareholder in the array while there are more than one. --- The text was updated successfully, but...

Łukasz Magiera lotus 数据伪造问题漏洞

Łukasz Magiera lotus is an open source application by Łukasz Magiera.Filecoin distributed storage network implementation. Lotus has a security vulnerability. the Lotus block validation function performs a uniqueness check on the supplied block...

Double Free

opensc is vulnerable to double free. The vulnerability exists due to lack of uniqueness check in coolkeyfreeprivatedata because coolkeyaddobject in libopensc/card-coolkey.c...

CVE-2019-20792

OpenSC before 0.20.0 has a double free in coolkeyfreeprivatedata because coolkeyaddobject in libopensc/card-coolkey.c lacks a uniqueness check...

CVE-2019-20792

OpenSC before 0.20.0 has a double free in coolkeyfreeprivatedata because coolkeyaddobject in libopensc/card-coolkey.c lacks a uniqueness check...

UBUNTU-CVE-2019-20792

OpenSC before 0.20.0 has a double free in coolkeyfreeprivatedata because coolkeyaddobject in libopensc/card-coolkey.c lacks a uniqueness check...

Double free

OpenSC before 0.20.0 has a double free in coolkeyfreeprivatedata because coolkeyaddobject in libopensc/card-coolkey.c lacks a uniqueness check...

CVE-2019-20792

OpenSC before 0.20.0 has a double free in coolkeyfreeprivatedata because coolkeyaddobject in libopensc/card-coolkey.c lacks a uniqueness check...

CVE-2020-5300

Hydra (Go-based OAuth2/OpenID provider) before version 1.4.0+oryOS.17 is affected when using client authentication with private_key_jwt because it does not enforce uniqueness of the JWT jti value, enabling potential token replay within the token’s expiry window. A patch is published in v1.4.0+ory...