Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and paste aspx pages in the end of the URL…

The web console for Mimosa B5, B5c, and C5x firmware through 2.8.0.2 is vulnerable to stored XSS in the set_banner() function of /var/www/core/controller/index.php. An unauthenticated…

The web console for Mimosa B5, B5c, and C5x firmware through 2.8.0.2 allows authenticated command injection in the Throughput, WANStats, PhyStats, and QosStats API classes.…

IBM Cloud Pak System 2.3 could allow a local user in some situations to view the artifacts of another user in self service console. IBM…

SQL injection vulnerability in PHPGurukul Employee Record Management System 1.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication. Devamını Oku

Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead…

When using XPLATFORM 9.2.2.270 or earlier versions ActiveX component, arbitrary commands can be executed due to improper input validation Devamını Oku

netCDF in GDAL 2.4.2 through 3.0.4 has a stack-based buffer overflow in nc4_get_att (called from nc4_get_att_tc and nc_get_att_text) and in uffd_cleanup (called from netCDFDataset::~netCDFDataset and…

objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list). Devamını Oku

matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble (called from ReadInt32Data and Mat_VarRead4). Devamını Oku