In getNotificationTag of LegacyVoicemailNotifier.java, there is a possible leak of ICCID due to a permissions bypass. This could lead to local information disclosure with User…

Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain…

In NotificationStackScrollLayout of NotificationStackScrollLayout.java, there is a possible way to bypass Factory Reset Protections. This could lead to local escalation of privilege with no additional…

A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when…

An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if…

Cross-site Scripting (XSS) vulnerability in ArchivistaBox webclient allows an attacker to craft a malicious link, executing JavaScript in the context of a victim’s browser. This…

In maccms v10, an attacker can log in through /index.php/user/login in the “col” and “openid” parameters to gain privileges. Zafiyet ile ilgili Genel Bilgi, Etki…

There is a stored Cross Site Scripting (XSS) vulnerability in maccms v10 through adding videos. XSS code can be inserted at parameter positions including name…

A Server-Side Request Forgery (SSRF) attack in FUXA 1.1.3 can be carried out leading to the obtaining of sensitive information from the server’s internal environment…

An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via add_patient.php. Zafiyet ile ilgili Genel Bilgi,…