Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can…

All versions of package realms-shim are vulnerable to Sandbox Bypass via a Prototype Pollution attack vector. Devamını Oku

The package extend2 before 1.0.1 are vulnerable to Prototype Pollution via the extend function due to unsafe recursive merge. Devamını Oku

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload…

In Spring Framework versions 5.3.0 – 5.3.13, 5.2.0 – 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to…

SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows directory traversal (in conjunction with CVE-2019-14511) because the mysql client can be used for CALL SNIPPETS and…

The affected product is vulnerable to an improper access control, which may allow an authenticated user to gain unauthorized access to sensitive data. Devamını Oku

All versions of package realms-shim are vulnerable to Sandbox Bypass via a Prototype Pollution attack vector. Devamını Oku

All versions of package realms-shim are vulnerable to Sandbox Bypass via a Prototype Pollution attack vector. Devamını Oku

The affected product is vulnerable to an improper access control, which may allow an authenticated user to gain unauthorized access to sensitive data. Devamını Oku