Kategori: Güvenlik Açıkları

CVE-2022-41946

pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either `PreparedStatement.setText(int, InputStream)` or `PreparedStatemet.setBytea(int, InputStream)` will create a temporary…

Devamını oku

CVE-2022-44140

Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability via the /Member/memberedit.html component. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku…

Devamını oku

CVE-2021-29334

An issue was discovered in JIZHI CMS 1.9.4. There is a CSRF vulnerability that can add an admin account via index, /admin.php/Admin/adminadd.html Zafiyet ile ilgili…

Devamını oku

CVE-2022-41875

A remote code execution (RCE) vulnerability in Optica allows unauthenticated attackers to execute arbitrary code via specially crafted JSON payloads. Specially crafted JSON payloads may…

Devamını oku

CVE-2022-41923

Grails Spring Security Core plugin is vulnerable to privilege escalation. The vulnerability allows an attacker access to one endpoint (i.e. the targeted endpoint) using the…

Devamını oku

CVE-2022-41924

A vulnerability identified in the Tailscale Windows client allows a malicious website to reconfigure the Tailscale daemon `tailscaled`, which can then be used to remotely…

Devamını oku

CVE-2022-41927

XWiki Platform is vulnerable to Cross-Site Request Forgery (CSRF) that may allow attackers to delete or rename tags without needing any confirmation. The problem has…

Devamını oku

CVE-2022-41928

XWiki Platform vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code (‘Eval Injection’) in AttachmentSelector.xml. The issue can also be reproduced by inserting the…

Devamını oku