easy-mock v1.5.0-v1.6.0 allows remote attackers to bypass the vm2 sandbox and execute arbitrary system commands through special js code. Zafiyet ile ilgili Genel Bilgi, Etki…

Weak Password Requirements in GitHub repository weseek/growi prior to v5.0.0. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database

Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National…

Affected versions of Atlassian Confluence Server and Data Center allow users with a valid account on a Confluence Data Center instance to execute arbitrary Java…

Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited. Zafiyet ile ilgili Genel Bilgi, Etki…

SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191 Zafiyet…

The HTTP client in MashZone NextGen through 10.7 GA deserializes untrusted data when it gets an HTTP response with a 570 status code. Zafiyet ile…

An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4., that allows attackers to escalate privileges within the application, since all permission checks are done client-side,…