This vulnerability occurs when a web server fails to correctly process the Content-Length of POST requests. This can lead to HTTP request smuggling or XSS.…

Insecure method vulnerability in which allowed HTTP methods are disclosed. E.g., OPTIONS, DELETE, TRACE, and PUT Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

The application fails to prevent users from connecting to it over unencrypted connections. An attacker able to modify a legitimate user’s network traffic could bypass…

Apartment Visitor Management System v1.0 is vulnerable to SQL Injection via /avms/index.php. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National…

TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName parameter in the UploadFirmwareFile function. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the hostName parameter in the setOpModeCfg function. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the ussd parameter in the setUssd function. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

There is an infoleak vulnerability in the Linux kernel’s net/bluetooth/l2cap_core.c’s l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past…

There are use-after-free vulnerabilities in the Linux kernel’s net/bluetooth/l2cap_core.c’s l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via…

A denial-of-service vulnerability in the Mattermost allows an authenticated user to crash the server via multiple requests to one of the API endpoints which could…