In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking attack. Attackers can overlay the toggle button to enable apps…

Cross Site Scripting (XSS) vulnerability in yapi 1.9.1 allows attackers to execute arbitrary code via the /interface/api edit page. Zafiyet ile ilgili Genel Bilgi, Etki…

Qlik NPrinting Designer through 21.14.3.0 creates a Temporary File in a Directory with Insecure Permissions. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

Qlik QlikView through 12.60.20100.0 creates a Temporary File in a Directory with Insecure Permissions. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku…

A buffer overflow in the ReadyBootDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code. Zafiyet ile…

Instructure Canvas LMS didn’t properly deny access to locked/unpublished files when the unprivileged user access the DocViewer based file preview URL (canvadoc_session_url). Zafiyet ile ilgili…

For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to…

An issue was discovered in HFish 0.5.1. When a payload is inserted where the name is entered, XSS code is triggered when the administrator views…

SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php. Zafiyet ile ilgili Genel…

uptimed before 0.4.6-r1 on Gentoo allows local users (with access to the uptimed user account) to gain root privileges by creating a hard link within…