A vulnerability has been found in GNU Mailman Postorius up to 1.3.4 (Mail Client Software) and classified as critical. Affected by this vulnerability is an unknown part of the file views/list.py of the component POST Request Handler. Upgrading to version 1.3.5 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at gitlab.com. The best possible mitigation is suggested to be upgrading to the latest version.
GNU Mailman Postorius up to 1.3.4 POST Request views/list.py access control
- Virtual Patching
- September 10, 2021
- 9:04 pm
Contact us to get started
CVE-2023-27982 : SCHNEIDER ELECTRIC IGSS DATA SERVER/IGSS DASHBOARD/CUSTOM REPORTS UP TO 16.0.0.23040 DASHBOARD FILE DATA AUTHENTICITY
Description A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause manipulation of dashboard
CVE-2023-1501 : ROCKOA 2.3.2 ACLOUDCOSACTION.PHP.SQL RUNACTION FILEID UNRESTRICTED UPLOAD
Description A vulnerability, which was classified as critical, was found in RockOA 2.3.2. This affects the function runAction of the
CVE-2023-28116 : CONTIKI-NG UP TO 4.8/4.9 BLE L2CAP MODULE PACKETBUF_SIZE BUFFER OVERFLOW
Description Contiki-NG is an open-source, cross-platform operating system for internet of things (IoT) devices. In versions 4.8 and prior, an