### Impact All unpatched versions of Argo CD starting with v1.3.0 are vulnerable to a path traversal bug, compounded by an improper access control bug, allowing a malicious user with read-only reposit ...
Continue Reading
23 мая, 2022
### Impact This vulnerability allows renderers to obtain access to a random bluetooth device via the [web bluetooth API](https://developer.mozilla.org/en-US/docs/Web/API/Web_Bluetooth_API) if the app ...
Continue Reading
23 мая, 2022
The package ungit before 1.5.20 are vulnerable to Remote Code Execution (RCE) via argument injection. The issue occurs when calling the /api/fetch endpoint. User controlled values (remote and ref) are ...
Continue Reading
23 мая, 2022
Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...
Continue Reading
23 мая, 2022
Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...
Continue Reading
23 мая, 2022
# Command Injection vulnerability in [email protected] `git-interface` describes itself as a Interface to work with a git repository in node.js Resources: * Project's GitHub source code: https://gi ...
Continue Reading
23 мая, 2022
# Description Privilege escalation occurs when a user gets access to more resources or functionality than they are normally allowed, and such elevation or changes should have been prevented by the app ...
Continue Reading
23 мая, 2022
One of the API in Mattermost version 6.4.1 and earlier fails to properly protect the permissions, which allows the authenticated members with restricted custom admin role to bypass the restrictions an ...
Continue Reading
23 мая, 2022
Back to Main
