Kategori: Güvenlik Açıkları

CVE-2019-9011

In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), an attacker can identify valid usernames. Zafiyet ile ilgili Genel Bilgi, Etki…

Devamını oku

CVE-2020-10650

A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory,…

Devamını oku

CVE-2020-11101

Sierra Wireless AirLink Mobility Manager (AMM) before 2.17 mishandles sessions and thus an unauthenticated attacker can obtain a login session with administrator privileges. Zafiyet ile…

Devamını oku

CVE-2021-4281

A vulnerability was found in Brave UX for-the-badge and classified as critical. Affected by this issue is some unknown functionality of the file .github/workflows/combine-prs.yml. The…

Devamını oku

CVE-2020-12069

In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), the password-hashing feature requires insufficient computational effort. Zafiyet ile ilgili Genel Bilgi,…

Devamını oku

CVE-2021-24942

The Menu Item Visibility Control WordPress plugin through 0.5 doesn’t sanitize and validate the “Visibility logic” option for WordPress menu items, which could allow highly…

Devamını oku

CVE-2021-30134

php-mod/curl (a wrapper of the PHP cURL extension) before 2.3.2 allows XSS via the post_file_path_upload.php key parameter and the POST data to post_multidimensional.php. Zafiyet ile…

Devamını oku

CVE-2021-35065

The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression. Zafiyet ile ilgili Genel Bilgi,…

Devamını oku