GHSA-chr3-w547-85hw: Liferay Portal Commerce component has Incorrect Permission Assignment for Critical Resource

GHSA-qx3f-6vq3-8j8m: Mattermost Path Traversal vulnerability

GHSA-8c8v-r5jj-4425: Liferay Contacts Center widget has insecure direct object reference

GHSA-697h-3q6m-jwp4: Liferay Portal Cross-Site Request Forgery (CSRF) vulnerability

GHSA-36rr-ww3j-vrjv: The Keras `Model.load_model` method **silently** ignores `safe_mode=True` and allows arbitrary code execution when a `.h5`/`.hdf5` file is loaded.

Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm.

**Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm.**

Moderate severity GitHub Reviewed Published Feb 2, 2024 to the GitHub Advisory Database • Updated Feb 2, 2024

Headline

GHSA-v269-rrr6-cx6r: Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm.

ghsa: Latest News