Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2020
CVE-2019-20851
An issue was discovered in Mattermost Mobile Apps before 1.26.0. An attacker can use directory traversal with the Video Preview feature to overwrite arbitrary files on a device.
CVSS Score
9.1
EPSS Score
0.008
Published
2020-06-19
CVE-2019-20852
An issue was discovered in Mattermost Mobile Apps before 1.26.0. Local logging is not blocked for sensitive information (e.g., server addresses or message content).
CVSS Score
7.5
EPSS Score
0.003
Published
2020-06-19
CVE-2019-20853
An issue was discovered in Mattermost Packages before 5.16.3. A Droplet could allow Internet access to a service that has a remote code execution problem.
CVSS Score
9.8
EPSS Score
0.023
Published
2020-06-19
CVE-2019-20854
An issue was discovered in Mattermost Server before 5.17.0. It allows remote attackers to cause a denial of service (client-side application crash) via a LaTeX message.
CVSS Score
7.5
EPSS Score
0.006
Published
2020-06-19
CVE-2019-20855
An issue was discovered in Mattermost Server before 5.16.1, 5.15.2, 5.14.5, and 5.9.6. It allows attackers to obtain sensitive information (local files) during legacy attachment migration.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-06-19
CVE-2019-20856
An issue was discovered in Mattermost Desktop App before 4.3.0 on macOS. It allows dylib injection.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-06-19
CVE-2019-20857
An issue was discovered in Mattermost Server before 5.16.0. It allows attackers to cause a denial of service (markdown renderer hang) via many backtick characters.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-06-19
CVE-2019-20858
An issue was discovered in Mattermost Server before 5.15.0. It allows attackers to cause a denial of service (CPU consumption) via crafted characters in a SQL LIKE clause to an APIv4 endpoint.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-06-19
CVE-2019-20859
An issue was discovered in Mattermost Server before 5.15.0. Login access control can be bypassed via crafted input.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-06-19
CVE-2019-20860
An issue was discovered in Mattermost Server before 5.14.0, 5.13.3, 5.12.6, and 5.9.4. It allows remote attackers to cause a denial of service (application hang) via a crafted SVG document.
CVSS Score
5.5
EPSS Score
0.002
Published
2020-06-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved