Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-30247

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.0025EPSS
Exploits0References5
OSV
OSV
added 2025/09/19 9:31 p.m.3 views

GHSA-F72G-52V7-MG3P Mattermost boards plugin fails to restrict download access to files

Mattermost versions 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate access controls which allows any authenticated user to download sensitive files via board file download endpoint using UUID enumeration...

3.1CVSS6.8AI score0.0025EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/08/21 9:30 a.m.8 views

Mattermost Fails to Sanitize Path Traversal Sequences

Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.9.x = 10.9.2 fails to sanitize path traversal sequences in template file destination paths, which allows a system admin to perform path traversal attacks via malicious path components, potentially enabling malicious file...

6.8CVSS7AI score0.0038EPSS
Exploits0References4Affected Software4
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.7 views

PT-2025-34201 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 10.8.x through 10.8.3 Mattermost versions 10.5.x through 10.5.8 Mattermost versions 9.11.x through 9.11.17 Mattermost versions 10.9.x through 10.9.2 Mattermost versions 10.10.x through 10.10.0 Description: The Mattermost...

6.8CVSS7.2AI score0.00281EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/08/21 12:0 a.m.5 views

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 10.8.3 and prior to 10.8.x, 10.5.8 and prior to 10.5.x, 9.11.17 and prior to 9.11.x, 10.10.0 and prior to 10.10.x, and 10.9.3 and prior to 10.9.x,...

4.9CVSS6.3AI score0.00299EPSS
Exploits0References2
OSV
OSV
added 2025/04/14 3:15 p.m.4 views

CVE-2025-2424

Mattermost versions 10.5.x = 10.5.1, 9.11.x = 9.11.9 fail to check if a file has been deleted when creating a bookmark which allows an attacker who knows the IDs of deleted files to obtain metadata of the files via bookmark creation...

4.3CVSS6.9AI score
Exploits0References1
OSV
OSV
added 2025/03/19 3:31 p.m.9 views

GHSA-FQRQ-XMXJ-V47X Mattermost Fails to Properly Perform Viewer Role Authorization

Mattermost versions 9.11.x = 9.11.8 fail to properly perform authorization of the Viewer role which allows an attacker with the Viewer role configured with No Access to Reporting to still view team and site statistics...

4.3CVSS6.7AI score0.00233EPSS
Exploits0References3
Rows per page
Query Builder