CVE-2022-25050
rtl_433 21.12 was discovered to contain a stack overflow in the function somfy_iohc_decode(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. Devamını Oku Kaynak: NIST
Devamını oku
CVE-2022-25051
An Off-by-one Error occurs in cmr113_decode of rtl_433 21.12 when decoding a crafted file. Devamını Oku Kaynak: NIST
CVE-2022-0577
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1. Devamını Oku Kaynak: NIST
CVE-2021-44166
An improper access control vulnerability [CWE-284 ] in FortiToken Mobile (Android) external push notification 5.1.0 and below may allow a remote attacker having already obtained a user's password to access the protected system during the 2FA procedure, even though the deny button is clicked by the legitimate user. Devamını Oku Kaynak: NIST
CVE-2022-22301
An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in FortiAP-C console 5.4.0 through 5.4.3, 5.2.0 through 5.2.1 may allow an authenticated attacker to execute unauthorized commands by running CLI commands with specifically crafted arguments. Devamını Oku Kaynak: NIST
CVE-2021-44166
An improper access control vulnerability [CWE-284 ] in FortiToken Mobile (Android) external push notification 5.1.0 and below may allow a remote attacker having already obtained a user’s password to access the protected system during the 2FA procedure, even though the deny button is clicked by the legitimate user. Zafiyet ile ilgili Genel Bilgi, Etki ve…
CVE-2022-22303
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiManager versions prior to 7.0.2, 6.4.7 and 6.2.9 may allow a low privileged authenticated user to gain access to the FortiGate users credentials via the config conflict file. Devamını Oku Kaynak: NIST
CVE-2022-0824
Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990. Devamını Oku Kaynak: NIST
CVE-2022-0829
Improper Authorization in GitHub repository webmin/webmin prior to 1.990. Devamını Oku Kaynak: NIST
CVE-2022-23395
jQuery Cookie 1.4.1 is affected by prototype pollution, which can lead to DOM cross-site scripting (XSS). Devamını Oku Kaynak: NIST
CVE-2022-23779
Zoho ManageEngine Desktop Central before 10.1.2137.8 exposes the installed server name to anyone. The internal hostname can be discovered by reading HTTP redirect responses. Devamını Oku Kaynak: NIST
CVE-2022-24305
Zoho ManageEngine SharePoint Manager Plus before 4329 is vulnerable to a sensitive data leak that leads to privilege escalation. Devamını Oku Kaynak: NIST