Search
Search Results (26 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-20856 | 2 Apple, Mattermost | 2 Macos, Mattermost Desktop | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Mattermost Desktop App before 4.3.0 on macOS. It allows dylib injection. | ||||
| CVE-2018-21265 | 1 Mattermost | 1 Mattermost Desktop | 2024-11-21 | 5.3 Medium |
| An issue was discovered in Mattermost Desktop App before 4.0.0. It mishandled the Same Origin Policy for setPermissionRequestHandler (e.g., video, audio, and notifications). | ||||
| CVE-2016-11064 | 1 Mattermost | 1 Mattermost Desktop | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Mattermost Desktop App before 3.4.0. Strings could be executed as code via injection. | ||||
| CVE-2024-45835 | 1 Mattermost | 1 Mattermost Desktop | 2024-11-01 | 2.5 Low |
| Mattermost Desktop App versions <=5.8.0 fail to sufficiently configure Electron Fuses which allows an attacker to gather Chromium cookies or abuse other misconfigurations via remote/local access. | ||||
| CVE-2024-39772 | 1 Mattermost | 1 Mattermost Desktop | 2024-11-01 | 3.7 Low |
| Mattermost Desktop App versions <=5.8.0 fail to safeguard screen capture functionality which allows an attacker to silently capture high-quality screenshots via JavaScript APIs. | ||||
| CVE-2024-39613 | 1 Mattermost | 1 Mattermost Desktop | 2024-09-20 | 5.3 Medium |
| Mattermost Desktop App versions <=5.8.0 fail to specify an absolute path when searching the cmd.exe file, which allows a local attacker who is able to put an cmd.exe file in the Downloads folder of a user's machine to cause remote code execution on that machine. | ||||