Kategori: NIST-Güvenlik Açıkları

CVE-2022-26959

There are two full (read/write) Blind/Time-based SQL injection vulnerabilities in the Northstar Club Management version 6.3 application. The vulnerabilities exist in the userName parameter of…

Devamını oku

CVE-2022-27561

There is a reflected Cross-Site Scripting vulnerability in the HCL Traveler web admin (LotusTraveler.nsf). Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku…

Devamını oku

CVE-2022-29240

Scylla is a real-time big data database that is API-compatible with Apache Cassandra and Amazon DynamoDB. When decompressing CQL frame received from user, Scylla assumes…

Devamını oku

CVE-2022-3001

This vulnerability exists in Milesight Video Management Systems (VMS), all firmware versions prior to 40.7.0.79-r1, due to improper input handling at camera’s web-based management interface.…

Devamını oku

CVE-2022-29649

Qsmart Next v4.1.2 was discovered to contain a cross-site scripting (XSS) vulnerability. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National…

Devamını oku

CVE-2022-2471

Stack-based Buffer Overflow vulnerability in the EZVIZ Motion Detection component as used in camera models CS-CV248, CS-C6N-A0-1C2WFR, CS-DB1C-A0-1E2W2FR, CS-C6N-B0-1G2WF, CS-C3W-A0-3H4WFRL allows a remote attacker to…

Devamını oku

CVE-2022-2472

Improper Initialization vulnerability in the local server component of EZVIZ CS-C6N-A0-1C2WFR allows a local attacker to read the contents of the memory space containing the…

Devamını oku

CVE-2022-3211

Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.5.6. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National…

Devamını oku

CVE-2021-44076

An issue was discovered in CrushFTP 9. The creation of a new user through the /WebInterface/UserManager/ interface allows an attacker, with access to the administration…

Devamını oku