Teleport v3.2.2, Teleport v3.5.6-rc6, and Teleport v3.6.3-b2 was discovered to contain an information leak via the /user/get-role-list web interface.
LibreOffice and OpenOffice automatically open embedded content
Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word export feature.
Alpine Linux abuild through 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key.
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 specifies permissions for a security-critical resource which could lead to the exposure of sensitive information or the modification of that re...
An issue was discovered in Serpico before 1.3.3. The /admin/attacments_backup endpoint can be requested by non-admin authenticated users. This means that an attacker with a user account can retrieve a...
IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts.