Kategori: NIST-Güvenlik Açıkları

CVE-2023-42261

** DISPUTED ** Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor’s position is that authentication is intentionally not implemented…

Devamını oku

CVE-2023-38344

An issue was discovered in Ivanti Endpoint Manager before 2022 SU4. A file disclosure vulnerability exists in the GetFileContents SOAP action exposed via /landesk/managementsuite/core/core.secure/OsdScript.asmx. The…

Devamını oku

CVE-2023-38343

An XXE (XML external entity injection) vulnerability exists in the CSEP component of Ivanti Endpoint Manager before 2022 SU4. External entity references are enabled in…

Devamını oku

CVE-2023-34576

SQL injection vulnerability in updatepos.php in PrestaShop opartfaq through 1.0.3 allows remote attackers to run arbitrary SQL commands via unspedified vector. Zafiyet ile ilgili Genel…

Devamını oku

CVE-2023-42280

mee-admin 1.5 is vulnerable to Directory Traversal. The download method in the CommonFileController.java file does not verify the incoming data, resulting in arbitrary file reading.…

Devamını oku