An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload…

The affected product is vulnerable to an improper access control, which may allow an authenticated user to gain unauthorized access to sensitive data. Devamını Oku

All versions of package realms-shim are vulnerable to Sandbox Bypass via a Prototype Pollution attack vector. Devamını Oku

All versions of package realms-shim are vulnerable to Sandbox Bypass via a Prototype Pollution attack vector. Devamını Oku

The affected product is vulnerable to an improper access control, which may allow an authenticated user to gain unauthorized access to sensitive data. Devamını Oku

SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows directory traversal (in conjunction with CVE-2019-14511) because the mysql client can be used for CALL SNIPPETS and…

In Spring Framework versions 5.3.0 – 5.3.13, 5.2.0 – 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to…

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload…

Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FIND_NODE_IN_RANGE frames, allowing a remote, unauthenticated attacker to…

A cross-site scripting (XSS) vulnerability has been reported to affect QTS, QuTS hero and QuTScloud. If exploited, this vulnerability allows remote attackers to inject malicious…