Güncel Güvenlik Açıkları

An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata. Devamını Oku

A remote code execution (RCE) vulnerability in /library/think/App.php of Twothink v2.0 allows attackers to execute arbitrary PHP code. Devamını Oku

A vulnerability in the Windows installer XML (WiX) toolset of TechSmith Snagit 19.1.1.2860 allows attackers to escalate privileges. Devamını Oku

An issue in the SeChangeNotifyPrivilege component of Abloy Key Manager Version 7.14301.0.0 allows attackers to escalate privileges via a change in permissions. Devamını Oku

TechSmith Snagit 19.1.0.2653 uses Object Linking and Embedding (OLE) which can allow attackers to obfuscate and embed crafted files used to escalate privileges. Devamını Oku

A code injection vulnerability in the SeDebugPrivilege component of Trezor Bridge 2.0.27 allows attackers to escalate privileges. Devamını Oku

A DLL injection vulnerability in 1password.dll of 1Password 7.3.712 allows attackers to execute arbitrary code. Devamını Oku

A process injection vulnerability in setup.exe of AutoHotkey 1.1.32.00 allows attackers to escalate privileges. Devamını Oku

Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,". Devamını Oku

Cross Site Scripting (XSS) vulnerability in Evolution CMS 2.0.2 via the Document Manager feature. Devamını Oku

Cross Site Scripting (XSS) vulnerability in Textpattern CMS 4.8.1 via Custom fields in the Menu Preferences feature. Devamını Oku

Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,". Devamını Oku