JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path. For example, JoinPath(“https://go.dev”, “../go”) returns the URL “https://go.dev/../go”, despite the JoinPath…

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database

The typo3/html-sanitizer package is an HTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values. Due to…

Talos Linux is a Linux distribution built for Kubernetes deployments. Talos worker nodes use a join token to get accepted into the Talos cluster. Due…

In NLnet Labs Routinator 0.9.0 up to and including 0.11.2, due to a mistake in error handling, data in RRDP snapshot and delta files that…

An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the ‘id->name’ provided by the user did not end…

In SAP Business One application when a service is created, the executable path contains spaces and isn’t enclosed within quotes, leading to a vulnerability known…

An attacker with basic business user privileges could craft and upload a malicious file to SAP NetWeaver Application Server ABAP, which is then downloaded and…

Under certain conditions, the application SAP BusinessObjects Business Intelligence Platform (Version Management System) – versions 420, 430, exposes sensitive information to an actor over the…

SAP NetWeaver Enterprise Portal (KMC) – version 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability. KMC servlet is vulnerable to XSS…