The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. The potential vulnerability impacts Splunk Enterprise instances before 8.1.7 when configured…

Stored Cross-Site Scripting (XSS) vulnerability in Andrea Pernici News Sitemap for Google plugin <= 1.0.16 on WordPress, attackers must have contributor or higher user role.…

A misconfiguration in the node default path allows for local privilege escalation from a lower privileged user to the Splunk user in Splunk Enterprise versions…

Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote…

IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned…

IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 prepares a structured message for communication with another component, but encoding or escaping of the data is…

Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions…

SQL Injection vulnerability in admin/group_list.php in piwigo v2.9.5, via the group parameter to delete. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku…

SQL Injection vulnerability in cat_move.php in piwigo v2.9.5, via the selection parameter to move_categories. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku…

SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=user_perm. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku…