CVE-2022-24254
An unrestricted file upload vulnerability in the Backup/Restore Archive component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted ZIP…
Devamını oku
Kategori: NIST-Güvenlik Açıkları
CVE-2022-24255
Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to gain administrator privileges. Devamını Oku Kaynak: NIST
CVE-2022-24720
image_processing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the `#apply` method from image_processing to apply a series of…
CVE-2021-41652
Insecure permissions in the file database.sdb of BatFlat CMS v1.3.6 allows attackers to dump the entire database. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri…
CVE-2021-41282
diag_routes.php in pfSense 2.5.2 allows sed data injection. Authenticated users are intended to be able to view data about the routes set in the firewall.…
CVE-2022-24719
Fluture-Node is a FP-style HTTP and streaming utils for Node based on Fluture. Using `followRedirects` or `followRedirectsWith` with any of the redirection strategies built into…
CVE-2020-15936
A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker…
CVE-2021-32586
An improper input validation vulnerability in the web server CGI facilities of FortiMail before 7.0.1 may allow an unauthenticated attacker to alter the environment of…
CVE-2021-41193
wire-avs is the audio visual signaling (AVS) component of Wire, an open-source messenger. A remote format string vulnerability in versions prior to 7.1.12 allows an…
CVE-2021-43075
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.2 and below, version 8.5.2 and below,…