NotCVE - vendor:"Rocket.chat" product:"Rocket.chat" version:"

Page 2 of 40 results (0.002 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-32219

https://notcve.org/view.php?id=CVE-2022-32219

23 Sep 2022 — An information disclosure vulnerability exists in Rocket.Chat

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-30124

https://notcve.org/view.php?id=CVE-2022-30124

23 Sep 2022 — An improper authentication vulnerability exists in Rocket.Chat Mobile App <4.14.1.22788 that allowed an attacker with physical access to a mobile device to bypass local authentication (PIN code). Se presenta una vulnerabilidad de autenticación inapropiada en Rocket.Chat Mobile App versiones anteriores a 4.14.1.22788, que permitía a un atacante con acceso físico a un dispositivo móvil omitir la autenticación local (código PIN). • https://hackerone.com/reports/1126414 • CWE-287: Improper Authentication •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-32220

https://notcve.org/view.php?id=CVE-2022-32220

23 Sep 2022 — An information disclosure vulnerability exists in Rocket.Chat

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1

CVE-2022-35247

https://notcve.org/view.php?id=CVE-2022-35247

23 Sep 2022 — A information disclosure vulnerability exists in Rocket.chat

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1

CVE-2022-32218

https://notcve.org/view.php?id=CVE-2022-32218

23 Sep 2022 — An information disclosure vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 due to the actionLinkHandler method was found to allow Message ID Enumeration with Regex MongoDB queries. Se presenta una vulnerabilidad de divulgación de información en Rocket.Chat versiones anteriores a v5, versiones anteriores a v4.8.2 y versiones anteriores a v4.7.5, debido a que fue encontrado que el método actionLinkHandler permite la Enumeración de ID de mensajes con consultas Regex MongoDB. • https://hackerone.com/reports/1406953 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1