CVE-2021-43446
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Cross Site Scripting (XSS). The “macros” feature of the document editor allows malicious cross site scripting…
Devamını oku
Day: Ocak 23, 2023
CVE-2021-43445
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An attacker can authenticate with the web socket service of the ONLYOFFICE document…
CVE-2021-43444
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. Signed document download URLs can be forged due to a weak default URL…
CVE-2021-24881
The Passster WordPress plugin before 3.5.5.9 does not properly check for password, as well as that the post to be viewed is public, allowing unauthenticated…
CVE-2021-24837
The Passster WordPress plugin before 3.5.5.8 does not escape the area parameter of its shortcode, which could allow users with a role as low as…
CVE-2023-0440
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository healthchecks/healthchecks prior to v2.6. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…
CVE-2023-0438
Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability…
ALLSAFE Siber Güvenlik, ESAS EXPO | Ege Savunma Sanayi ve Tedarikçi Buluşmalarına Katılım Sağladı
ESAS Ege Savunma Sanayi Havacılık ve Uzay Kümelenmesi tarafından 18-20 Ocak 2023 tarihleri arasında İzmir Tepekule Kongre Sergi Merkezi’nde gerçekleştirilen “ESAS EXPO | Ege Savunma…
TR-23-0041 (Totolink Router Zafiyeti)
Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: USOM
CVE-2023-24068
Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to modify conversation attachments within the attachments.noindex directory. Client mechanisms fail to validate…