Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-16	CVE-2024-39772	Unspecified vulnerability in Mattermost Desktop Mattermost Desktop App versions <=5.8.0 fail to safeguard screen capture functionality which allows an attacker to silently capture high-quality screenshots via JavaScript APIs. network low complexity mattermost	5.3
2024-09-16	CVE-2024-45835	Unspecified vulnerability in Mattermost Desktop Mattermost Desktop App versions <=5.8.0 fail to sufficiently configure Electron Fuses which allows an attacker to gather Chromium cookies or abuse other misconfigurations via remote/local access. network low complexity mattermost	6.5
2024-06-14	CVE-2024-37182	Unspecified vulnerability in Mattermost Desktop Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for permission when opening external URLs which allows a remote attacker to force a victim over the Internet to run arbitrary programs on the victim's system via custom URI schemes. network low complexity mattermost	6.1
2023-11-02	CVE-2023-5875	Unspecified vulnerability in Mattermost Desktop Mattermost Desktop fails to correctly handle permissions or prompt the user for consent on certain sensitive ones allowing media exploitation from a malicious mattermost server network low complexity mattermost	5.3
2023-11-02	CVE-2023-5876	Unspecified vulnerability in Mattermost Desktop Mattermost fails to properly validate a RegExp built off the server URL path, allowing an attacker in control of an enrolled server to mount a Denial Of Service. network high complexity mattermost	5.3
2023-10-17	CVE-2023-5339	Information Exposure Through Log Files vulnerability in Mattermost Desktop Mattermost Desktop fails to set an appropriate log level during initial run after fresh installation resulting in logging all keystrokes including password entry being logged. local low complexity mattermost CWE-532	5.5
2023-05-02	CVE-2023-2000	Open Redirect vulnerability in Mattermost Desktop Mattermost Desktop App fails to validate a mattermost server redirection and navigates to an arbitrary website network low complexity mattermost CWE-601	5.4
2020-06-19	CVE-2018-21265	Incorrect Permission Assignment for Critical Resource vulnerability in Mattermost Desktop 3.4.0 An issue was discovered in Mattermost Desktop App before 4.0.0. network low complexity mattermost CWE-732	5.3
2020-06-19	CVE-2020-14455	Improper Authentication vulnerability in Mattermost Desktop An issue was discovered in Mattermost Desktop App before 4.4.0. network low complexity mattermost CWE-287	6.5
2020-06-19	CVE-2020-14454	Open Redirect vulnerability in Mattermost Desktop An issue was discovered in Mattermost Desktop App before 4.4.0. network low complexity mattermost CWE-601	6.1