Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user “zabbix”) on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. Preprocessing/webhook/global script configuration and testing are only available to Administrative roles (Admin and Superadmin). Administrative privileges should be typically granted to users who need to perform tasks that require more control over the system. The security risk is limited because…
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Robert Heller WebLibrarian plugin <=Â 3.5.8.1 versions. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than…
The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image (both in terms of pixel width/height, and encoded size) to make the decoder decode large amounts of compressed data, consuming excessive memory and CPU. Zafiyet ile ilgili Genel Bilgi,…
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size (width * height) appearing to be zero. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Julien Crego Manager for Icomoon plugin <=Â 2.0 versions. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…
Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…