File upload vulnerability in ebCMS v.1.1.0 allows a remote attacker to execute arbitrary code via the upload type parameter. Zafiyet ile ilgili Genel Bilgi, Etki…

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best =…

Cloudflare WARP client for Windows (up to v2023.3.381.0) allowed a malicious actor to remotely access the warp-svc.exe binary due to an insufficient access control policy on…

Attackers with access to the “documentconverterws” API were able to inject serialized Java objects, that were not properly checked during deserialization. Access to this API…

It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents. Attackers could discover restricted network topology and…

When adding an external mail account, processing of POP3 “capabilities” responses are not limited to plausible sizes. Attacker with access to a rogue POP3 service…

When adding an external mail account, processing of IMAP “capabilities” responses are not limited to plausible sizes. Attacker with access to a rogue IMAP service…