Kategori: NIST-Güvenlik Açıkları

CVE-2023-38873

The commit 3730880 (April 2023) and v.0.9-beta1 of gugoan Economizzer is vulnerable to Clickjacking. Clickjacking, also known as a “UI redress attack”, is when an…

Devamını oku

CVE-2023-38874

A remote code execution (RCE) vulnerability via an insecure file upload exists in gugoan’s Economizzer v.0.9-beta1 and commit 3730880 (April 2023). A malicious attacker can…

Devamını oku

CVE-2023-38877

A host header injection vulnerability exists in gugoan’s Economizzer v.0.9-beta1 and commit 3730880 (April 2023). By sending a specially crafted host header in the reset…

Devamını oku

CVE-2023-38870

A SQL injection vulnerability exists in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1. The cash book has a feature to list accomplishments by category,…

Devamını oku

CVE-2023-33972

Scylladb is a NoSQL data store using the seastar framework, compatible with Apache Cassandra. Authenticated users who are authorized to create tables in a keyspace…

Devamını oku

CVE-2023-20186

A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker…

Devamını oku

CVE-2023-20187

A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow…

Devamını oku

CVE-2023-20202

A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to…

Devamını oku

CVE-2023-20226

A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to…

Devamını oku