liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.
Mattermost versions 10.7.x <= 10.7.0, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fail to properly enforce access controls for guest users accessing channel member information, allowing authenticated guest. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.
go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable, low attack complexity.
Mattermost versions 10.7.x <= 10.7.0, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fails to properly enforce access control restrictions for System Manager roles, allowing authenticated users with System. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.
Project AI is a platform designed to create AI agents. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Next.js is a React framework for building full-stack web applications. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. Rated low severity (CVSS 2.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.