CVE-2022-25399
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter. Devamını Oku Kaynak: NIST
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter. Devamını Oku Kaynak: NIST
Air Cargo Management System v1.0 was discovered to contain a SQL injection vulnerability via the ref_code parameter. Devamını Oku Kaynak: NIST
Simple Mobile Comparison Website v1.0 was discovered to contain a SQL injection vulnerability via the search parameter. Devamını Oku Kaynak: NIST
Bank Management System v1.o was discovered to contain a SQL injection vulnerability via the email parameter. Devamını Oku Kaynak: NIST
A flaw exists in tang, a network-based cryptographic binding server, which could result in leak of private keys. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBD_OPT_STRUCTURED_REPLY before proxying everything else a client sends to the server, potentially leading the client to terminate the NBD session. The highest threat from this vulnerability…
In DCE/RPC it is possible to share the handles (cookies for resource state) between multiple connections via a mechanism called ‘association groups’. These handles can reference connections to our sam.ldb database. However while the database was correctly shared, the user credentials state was only pointed at, and when one connection within that association group ended,…
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…
A flaw was found in htmldoc in v1.9.12 and before. Null pointer dereference in file_extension(),in file.c may lead to execute arbitrary code and denial of service. Devamını Oku Kaynak: NIST
A security issue was found in htmldoc v1.9.12 and before. A NULL pointer dereference in the function image_load_jpeg() in image.cxx may result in denial of service. Devamını Oku Kaynak: NIST
A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements. Devamını Oku Kaynak: NIST
A flaw was found in htmldoc in v1.9.12 and prior. A stack buffer overflow in parse_table() in ps-pdf.cxx may lead to execute arbitrary code and denial of service. Devamını Oku Kaynak: NIST