Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2016-11084

    An issue was discovered in Mattermost Server before 2.1.0. It allows XSS via CSRF.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.12
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-11083

    An issue was discovered in Mattermost Server before 2.2.0. It allows XSS because it configures files to be opened in a browser window.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.36
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-11082

    An issue was discovered in Mattermost Server before 2.2.0. It allows XSS via a crafted link.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.36
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-11081

    An issue was discovered in Mattermost Server before 2.2.0. It allows unintended access to information stored by a web browser.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.23
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-11080

    An issue was discovered in Mattermost Server before 3.0.0. It offers superfluous APIs for a Team Administrator to view account details.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.15
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-11079

    An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a redirect URL.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.36
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-11078

    An issue was discovered in Mattermost Server before 3.0.0. It potentially allows attackers to obtain sensitive information (credential fields within config.json) via the System Console UI.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.33
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2016-11077

    An issue was discovered in Mattermost Server before 3.0.0. It has a superfluous API in which the System Admin can change the account name and e-mail address of an LDAP account.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.18
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-11076

    An issue was discovered in Mattermost Server before 3.0.0. It does not ensure that a cookie is used over SSL.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.20
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-11075

    An issue was discovered in Mattermost Server before 3.0.0. It allows attackers to obtain sensitive information about team URLs via an API.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.24
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-11074

    An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.41
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-11073

    An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a Legal or Support setting.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.36
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-11072

    An issue was discovered in Mattermost Server before 3.0.2. The purposes of a session ID and a Session Token were mishandled.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.19
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-11071

    An issue was discovered in Mattermost Server before 3.1.0. It allows XSS because the noreferrer and noopener protection mechanisms were not in place.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.36
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-11070

    An issue was discovered in Mattermost Server before 3.1.0. It allows XSS via theme color-code values.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.34
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-11069

    An issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at password change.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.20
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-11068

    An issue was discovered in Mattermost Server before 3.2.0. Attackers could read LDAP fields via injection.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.35
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-11067

    An issue was discovered in Mattermost Server before 3.2.0. It allowed crafted posts that could cause a web browser to hang.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.38
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-11066

    An issue was discovered in Mattermost Server before 3.2.0. The initial_load API disclosed unnecessary personal information.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.32
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2016-11065

    An issue was discovered in Mattermost Server before 3.3.0. An attacker could use the WebSocket feature to send pop-up messages to users or change a post's appearance.... Read more

    Affected Products : mattermost_server
    • EPSS Score: %0.15
    • Published: Jun. 19, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291867 Results