EmpowerID before 7.205.0.1 allows an attacker to bypass an MFA (multi factor authentication) requirement if the first factor (username and password) is known, because the first factor is sufficient to ...
Continue Reading
August 11, 2023
Download of Code Without Integrity Check vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Malicious Software Update.This iss ...
Continue Reading
August 11, 2023
Mattermost fails to sanitize post metadata during audit logging resulting in permalinks contents being loggedRead More ...
Continue Reading
August 11, 2023
Mattermost fails to check if the requesting user is a guest before performing different actions to public playbooks, resulting a guest being able to view, join, edit, export and archive public play ...
Continue Reading
August 11, 2023
Mattermost fails to delete the attachments when deleting a message in a thread allowing a simple user to still be able to access and download the attachment of a deleted messageRead More ...
Continue Reading
August 11, 2023
GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439.Read More ...
Continue Reading
August 11, 2023
Mattermost fails to properly validate the requesting user permissions when updating a system admin, allowing a user manager to update a system admin's details such as email, first name and last name.R ...
Continue Reading
August 11, 2023
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider. Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in mal ...
Continue Reading
August 11, 2023
Back to Main
