CVE-2022-25634
Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory. Devamını Oku Kaynak: NIST
Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory. Devamını Oku Kaynak: NIST
Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990. Devamını Oku Kaynak: NIST
Improper Authorization in GitHub repository webmin/webmin prior to 1.990. Devamını Oku Kaynak: NIST
jQuery Cookie 1.4.1 is affected by prototype pollution, which can lead to DOM cross-site scripting (XSS). Devamını Oku Kaynak: NIST
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiManager versions prior to 7.0.2, 6.4.7 and 6.2.9 may allow a low privileged authenticated user to gain access to the FortiGate users credentials via the config conflict file. Devamını Oku Kaynak: NIST
An improper access control vulnerability [CWE-284 ] in FortiToken Mobile (Android) external push notification 5.1.0 and below may allow a remote attacker having already obtained a user's password to access the protected system during the 2FA procedure, even though the deny button is clicked by the legitimate user. Devamını Oku Kaynak: NIST
An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in FortiAP-C console 5.4.0 through 5.4.3, 5.2.0 through 5.2.1 may allow an authenticated attacker to execute unauthorized commands by running CLI commands with specifically crafted arguments. Devamını Oku Kaynak: NIST
An improper access control vulnerability [CWE-284 ] in FortiToken Mobile (Android) external push notification 5.1.0 and below may allow a remote attacker having already obtained a user’s password to access the protected system during the 2FA procedure, even though the deny button is clicked by the legitimate user. Zafiyet ile ilgili Genel Bilgi, Etki ve…
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1. Devamını Oku Kaynak: NIST
An integer overflow in DTSStreamReader::findFrame() of tsMuxer git-2678966 allows attackers to cause a Denial of Service (DoS) via a crafted file. Devamını Oku Kaynak: NIST
There is an Assertion `num <= INT_BIT' failed at BitStreamReader::skipBits in /bitStream.h:132 of tsMuxer git-c6a0277. Devamını Oku Kaynak: NIST
tsMuxer git-2678966 was discovered to contain a heap-based buffer overflow via the function HevcUnit::updateBits in hevc.cpp. Devamını Oku Kaynak: NIST