There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default…

An integer underflow in WhatsApp could have caused remote code execution when receiving a crafted video file. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri…

The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Title & Description values that can be added to…

The “LANDesk(R) Management Agentâ€� service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security…

The Wordfence Security – Firewall & Malware Scan plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 7.6.0 via…

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and…

A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.…

A heap out-of-bounds memory write exists in FFMPEG since version 5.1. The size calculation in `build_open_gop_key_points()` goes through all entries in the loop and adds…

There exists an arbitrary memory read within the Linux Kernel BPF – Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not…

Improper Input Validation vulnerability in Proxy component of Apache Pulsar allows an attacker to make TCP/IP connection attempts that originate from the Pulsar Proxy’s IP…