Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mattermost mattermost server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2016-11069
An issue exists in Mattermost Server prior to 3.2.0. It mishandles brute-force attempts at password change.
Mattermost Mattermost Server
7.5
CVSSv3
CVE-2017-18909
An issue exists in Mattermost Server prior to 3.9.0 when SAML is used. Encryption and signature verification are not mandatory.
Mattermost Mattermost Server
7.5
CVSSv3
CVE-2018-21248
An issue exists in Mattermost Server prior to 5.4.0. It mishandles possession of superfluous authentication credentials.
Mattermost Mattermost Server
7.5
CVSSv3
CVE-2018-21258
An issue exists in Mattermost Server prior to 5.1. It allows malicious users to cause a denial of service via the invite_people slash command.
Mattermost Mattermost Server
7.5
CVSSv3
CVE-2018-21262
An issue exists in Mattermost Server prior to 4.7.3. It allows malicious users to cause a denial of service (application crash) via invalid LaTeX text.
Mattermost Mattermost Server
7.5
CVSSv3
CVE-2017-18871
An issue exists in Mattermost Server prior to 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows malicious users to cause a denial of service (application crash) via an @ character before a JavaScript field name.
Mattermost Mattermost Server
Mattermost Mattermost Server 4.5.0
7.5
CVSSv3
CVE-2019-20880
An issue exists in Mattermost Server prior to 5.8.0, 5.7.2, 5.6.5, and 4.10.7. It allows malicious users to cause a denial of service (memory consumption) via OpenGraph.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.8.0
7.5
CVSSv3
CVE-2019-20885
An issue exists in Mattermost Server prior to 5.8.0. It does not always generate a robots.txt file.
Mattermost Mattermost Server
7.5
CVSSv3
CVE-2019-20886
An issue exists in Mattermost Server prior to 5.8.0. The first user is sometimes inadvertently a system admin.
Mattermost Mattermost Server
7.5
CVSSv3
CVE-2019-20888
An issue exists in Mattermost Server prior to 5.7, 5.6.3, 5.5.2, and 4.10.5. It allows malicious users to cause a denial of service (memory consumption) via an outgoing webhook or a slash command integration.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »