![]() Īn issue was discovered in the DBI module through 1.643 for Perl. This is because the cache was not ordered by creation time by the Select struct in src/core/trust/impl. In Ubuntu's trust-store, if a user revokes location access from an application, the location is still available to the application because the application will honour incorrect, cached permissions. 100 on Linux neglects to copy a device ID before an erase() call, which causes the erase operation to access data that that erase operation will destroy. It offers superfluous APIs for a Team Administrator to view account details.Ī postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.īrowser/extensions/api/dial/dial_ in Google Chrome before. ![]() It has a superfluous API in which the System Admin can change the account name and e-mail address of an LDAP account.Īn issue was discovered in Mattermost Server before 3.0.0. ![]() An attacker could use the WebSocket feature to send pop-up messages to users or change a post's appearance.Īn issue was discovered in Mattermost Server before 3.0.0. E-mail address verification can be bypassed.Īn issue was discovered in Mattermost Server before 3.3.0. Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass.Īn issue was discovered in Mattermost Server before 3.5.1. PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.Īpache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands. Viewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option. Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-16985. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |