GHSA-3m86-c9x3-vwm9: Graylog vulnerable to privilege escalation through API tokens

GHSA-3q26-f695-pp76: @cyanheads/git-mcp-server vulnerable to command injection in several tools

GHSA-6r2x-8pq8-9489: Electron vulnerable to Heap Buffer Overflow in NativeImage

GHSA-v8fr-vxmw-6mf6: Mattermost Incorrect Authorization vulnerability

GHSA-wgvp-jj4w-88hf: Mattermost Incorrect Authorization vulnerability

Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber. There has been a fix in commit 0d279ac81052ce7ee97c18c811a9b8e912189da0 that has not been released into main yet. It can be found on the dev branch.

**Microweber vulnerable to unrestricted malicious uploads**

Moderate severity GitHub Reviewed Published Dec 27, 2022 • Updated Dec 27, 2022

Headline

GHSA-8h43-xg5g-9cj7: Microweber vulnerable to unrestricted malicious uploads

Related news

ghsa: Latest News