Güncel Güvenlik Açıkları

Cross Sie Scripting (XSS) vulnerability in Halo 0.4.3 via CommentAuthorUrl. Devamını Oku

Cross Sie Scripting (XSS) vulnerability in Halo 0.4.3 via CommentAuthorUrl. Devamını Oku

Remote Code Executon vulnerability in Halo 0.4.3 via the remoteAddr and themeName parameters. Devamını Oku

Remote Code Executon vulnerability in Halo 0.4.3 via the remoteAddr and themeName parameters. Devamını Oku

The fb_unserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could cause deserialization to recurse, leading to stack exhaustion. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0, 4.60.0, 4.61.0, 4.62.0. Devamını Oku

Cross Siste Scripting (XSS) vulnerablity in Halo 0.4.3 via the X-forwarded-for Header parameter. Devamını Oku

Cross Siste Scripting (XSS) vulnerablity in Halo 0.4.3 via the X-forwarded-for Header parameter. Devamını Oku

Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial of Service via the 'do_checksum' function in 'checksum.c'. It can be triggered by sending a crafted pcap file to the 'tcpreplay-edit' binary. This issue is different than CVE-2019-8381. Devamını Oku

Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147. Devamını Oku

Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'. Devamını Oku

Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'. Devamını Oku

Cross Site Request Forgery (CSRF) Vulnerability in ForestBlog latest version via the website Management background, which could let a remote malicious gain privileges. Devamını Oku