ChurchCRM has unauthenticated RCE in its Install Wizard

ChurchCRM CRM churchcrm churchcrm

Ultimate Member <= 2.11.0 - Authenticated (Subscriber+) Profile Privacy Setting Bypass

ultimatemember Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin

Live Composer – Free WordPress Website Builder <= 2.0.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting

livecomposer Live Composer – Free WordPress Website Builder

Ultimate Member <= 2.11.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'value'

ultimatemember Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin

Mattermost Desktop App fails to enable Hardened Runtime when packaged for Mac App Store

Mattermost Mattermost mattermost mattermost_desktop

Lack of Invalidation of Legacy Remote Cluster Invite Tokens After Confirmation

Mattermost Mattermost mattermost mattermost_server

Mattermost Desktop App logging sensitive information and fails to clear data on server deletion

Mattermost Mattermost mattermost mattermost_desktop

DoS in Calls plugin via malformed UTF-8 in WebSocket request

Mattermost Mattermost mattermost mattermost_server

Cisco Secure Email和Cisco Secure Email and Web Manager 安全漏洞

Cisco Cisco Secure Email Cisco Cisco Secure Email +43个

OpenBlue Mobile Web Application configuration issue for optional for OpenBlue Workplace (formerly FM Systems)

Johnson Controls OpenBlue Workplace (formerly FM Systems)

iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 - Authenticated web application command injection - setFaultDebounce

Johnson Control iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2

NGINX Ingress Controller vulnerability

F5 NGINX Ingress Controller f5 nginx_ingress_controller

An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create c...

smallstep Step-CA smallstep Step-CA

Ercom Cryptobox 安全漏洞

Ercom Cryptobox

iSTAR- Improper Validation of Certificate Expiration

Johnson Controls iSTAReX, iSTAR Edge, iSTAR Ultra LT, iSTAR Ultra , iSTAR Ultra SE

Remote Code Execution Vulnerability in Radiometer Products

Radiometer Medical Aps ABL90 FLEX and ABL90 FLEX PLUS Analyzers Radiometer Medical Aps ABL800 BASIC and ABL800 FLEX Analyzers +1个

Credential Disclosure vulnerability in Radiometer Products

Radiometer Medical Aps ABL90 FLEX and ABL90 FLEX PLUS Analyzers Radiometer Medical Aps ABL90 FLEX and ABL90 FLEX PLUS Analyzers +4个

Open redirect in error page when link opened in new tab

Mattermost Mattermost mattermost mattermost_server

Mattermost GitHub Plugin allows unauthorized GitHub reactions via reaction forwarding hijacking

Mattermost Mattermost mattermost mattermost_server

CSRF Allows Call Initiation and Message Delivery

Mattermost Mattermost mattermost mattermost_server