Güncel Güvenlik Açıkları

The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass. Devamını Oku

The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass. Devamını Oku

The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and IQ Engine through 10.0r8a allows attackers to execute PHP code as the root user via remote HTTP requests that insert this code into a log file and then traverse to that file. Devamını Oku

The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and IQ Engine through 10.0r8a allows attackers to execute PHP code as the root user via remote HTTP requests that insert this code into a log file and then traverse to that file. Devamını Oku

Out of bounds read in ANGLE allowed a remote attacker to obtain sensitive data via a crafted HTML page. Devamını Oku

Out of bounds read in ANGLE allowed a remote attacker to obtain sensitive data via a crafted HTML page. Devamını Oku

In s/qmail through 4.0.07, an active MitM can inject arbitrary plaintext commands into a STARTTLS encrypted session between an SMTP client and s/qmail. This allows e-mail messages and user credentials to be sent to the MitM attacker. Devamını Oku

eGain Chat 15.5.5 allows XSS via the Name (aka full_name) field. Devamını Oku

eGain Chat 15.5.5 allows XSS via the Name (aka full_name) field. Devamını Oku

An information disclosure vulnerability in Web Vulnerability Scan profile of Fortinet's FortiWeb version 6.2.x below 6.2.4 and version 6.3.x below 6.3.5 may allow a remote authenticated attacker to read the password used by the FortiWeb scanner to access the device defined in the scan profile. Devamını Oku

A path traversal vulnerability [CWE-22] in FortiClientEMS versions 6.4.1 and below; 6.2.8 and below may allow an authenticated attacker to inject directory traversal character sequences to add/delete the files of the server via the name parameter of Deployment Packages. Devamını Oku