A memory leak flaw was found in the Linux kernel’s ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is…

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was…

A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created…

A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to…

A flaw was found in keycloak affecting versions 11.0.3 and 12.0.0. An expired certificate would be accepted by the direct-grant authenticator because of missing time…

The WAN configuration page “wan.htm” on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information…

All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users. Zafiyet ile…

The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks – per…

Fiserv Prologue through 2020-12-16 does not properly protect the database password. If an attacker were to gain access to the configuration file (specifically, the LogPassword…

HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a…