A flaw was found in keycloak where a brute force attack is possible even when the permanent lockout feature is enabled. This is due to…

There is a flaw in RPM’s signature functionality. OpenPGP subkeys are associated with a primary key via a “binding signature.” RPM does not check the…

A flaw was found in servicemesh-operator. The NetworkPolicy resources installed for Maistra do not properly specify which ports may be accessed, allowing access to all…

A flaw was found in Foreman project. A credential leak was identified which will expose Azure Compute Profile password through JSON of the API output.…

A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing…

A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection.…

Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WebbaPlugins Webba Booking plugin <= 4.2.21 at WordPress. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking plugin <= 1.10.5 at WordPress. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in wpshopmart Testimonial Builder plugin <= 1.6.1 at WordPress. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows attackers to execute system command as root via etc_ro/web/syscmd.asp. Zafiyet ile ilgili Genel…