Kategori: Güvenlik Açıkları

CVE-2022-39275

Saleor is a headless, GraphQL commerce platform. In affected versions some GraphQL mutations were not properly checking the ID type input which allowed to access…

Devamını oku

CVE-2022-39274

LoRaMac-node is a reference implementation and documentation of a LoRa network node. Versions of LoRaMac-node prior to 4.7.0 are vulnerable to a buffer overflow. Improper…

Devamını oku

CVE-2022-39273

FlyteAdmin is the control plane for the data processing platform Flyte. Users who enable the default Flyte’s authorization server without changing the default clientid hashes…

Devamını oku

CVE-2022-39270

DiscoTOC is a Discourse theme component that generates a table of contents for topics. Users that can create topics in TOC-enabled categories (and have sufficient…

Devamını oku

CVE-2022-39269

PJSIP is a free and open source multimedia communication library written in C. When processing certain packets, PJSIP may incorrectly switch from using SRTP media…

Devamını oku

CVE-2022-39265

MyBB is a free and open source forum software. The _Mail Settings_ → Additional Parameters for PHP’s mail() function mail_parameters setting value, in connection with…

Devamını oku

CVE-2022-39237

syslabs/sif is the Singularity Image Format (SIF) reference implementation. In versions prior to 2.8.1the `github.com/sylabs/sif/v2/pkg/integrity` package did not verify that the hash algorithm(s) used are…

Devamını oku

CVE-2022-39222

Dex is an identity service that uses OpenID Connect to drive authentication for other apps. Dex instances with public clients (and by extension, clients accepting…

Devamını oku

CVE-2022-38709

IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 for Cloud Pak is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code…

Devamını oku