Kategori: NIST-Güvenlik Açıkları

CVE-2021-41752

Stack overflow vulnerability in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021 due to an unbounded recursive call to the new opt() function. Zafiyet ile…

Devamını oku

CVE-2021-30080

An issue was discovered in the route lookup process in beego through 2.0.1, allows attackers to bypass access control. Zafiyet ile ilgili Genel Bilgi, Etki…

Devamını oku

CVE-2021-27116

An issue was discovered in file profile.go in function MemProf in beego through 2.0.2, allows attackers to launch symlink attacks locally. Zafiyet ile ilgili Genel…

Devamını oku

CVE-2021-28428

File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and *.hello files using the Media Files upload functionality. The original file upload vulnerability…

Devamını oku

CVE-2021-27117

An issue was discovered in file profile.go in function GetCPUProfile in beego through 2.0.2, allows attackers to launch symlink attacks locally. Zafiyet ile ilgili Genel…

Devamını oku

CVE-2020-28847

Cross Site Scripting (XSS) vulnerability in xCss Valine v1.4.14 via the nick parameter to /classes/Comment. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

Devamını oku

CVE-2020-23349

An intent redirection issue was doscovered in Sina Weibo Android SDK 4.2.7 (com.sina.weibo.sdk.share.WbShareTransActivity), any unexported Activities could be started by the com.sina.weibo.sdk.share.WbShareTransActivity. Zafiyet ile ilgili…

Devamını oku

CVE-2020-19229

Jeesite 1.2.7 uses the apache shiro version 1.2.3 affected by CVE-2016-4437. Because of this version of the java deserialization vulnerability, an attacker could exploit the…

Devamını oku

CVE-2022-1243

CRHTLF can lead to invalid protocol extraction potentially leading to XSS in GitHub repository medialize/uri.js prior to 1.19.11. Zafiyet ile ilgili Genel Bilgi, Etki ve…

Devamını oku

CVE-2021-41245

Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.6 and 3.0.0, CSRF tokens generated by `privUITransactionFile` aren’t properly checked.…

Devamını oku