CVE-2020-36309
ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or…
Devamını oku
Kategori: NIST-Güvenlik Açıkları
CVE-2020-36284
Union Pay up to 3.4.93.4.9, for android, contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability, allows attackers to shop for free in merchants' websites…
CVE-2020-36285
Union Pay up to 3.3.12, for iOS mobile apps, contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability, allows attackers to shop for free in…
CVE-2020-23533
Union Pay up to 1.2.0, for web based versions contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability, allows attackers to shop for free in…
CVE-2019-25026
Redmine before 3.4.13 and 4.x before 4.0.6 mishandles markup data during Textile formatting. Devamını Oku
CVE-2020-36306
Redmine before 4.0.7 and 4.1.x before 4.1.1 has XSS via the back_url field. Devamını Oku
CVE-2020-36307
Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links. Devamını Oku
CVE-2020-36308
Redmine before 4.0.7 and 4.1.x before 4.1.1 allows attackers to discover the subject of a non-visible issue by performing a CSV export and reading time…
CVE-2019-25026 (redmine)
Redmine before 3.4.13 and 4.x before 4.0.6 mishandles markup data during Textile formatting. Devamını Oku
CVE-2020-36306 (redmine)
Redmine before 4.0.7 and 4.1.x before 4.1.1 has XSS via the back_url field. Devamını Oku