CVE-2020-28713
Incorrect access control in push notification service in Night Owl Smart Doorbell FW version 20190505 allows remote users to send push notification events via an…
Incorrect access control in push notification service in Night Owl Smart Doorbell FW version 20190505 allows remote users to send push notification events via an…
SilverStripe through 4.6.0-rc1 has an XXE Vulnerability in CSSContentParser. A developer utility meant for parsing HTML within unit tests can be vulnerable to XML External…
In SilverStripe through 4.6.0-rc1, a FormField with square brackets in the field name skips validation. Devamını Oku
An insufficiently protected credentials issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. The remember-me cookie (CB_LOGIN) issued by the application contains the encrypted…
A CSRF issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. Requests sent to the server that trigger actions do not contain a CSRF…
A cross-site scripting (XSS) issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. It is possible to perform XSS attacks through using the WebDAV…
A flaw was found in the machine-config-operator that causes an OpenShift node to become unresponsive when a container consumes a large amount of memory. An…
A flaw was found in Cloudforms. A role-based privileges escalation flaw where export or import of administrator files is possible. An attacker with a specific…
An insecure modification vulnerability flaw was found in containers using nmstate/kubernetes-nmstate-handler. An attacker with access to the container could use this flaw to modify /etc/passwd…
An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf. Devamını Oku