The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting in the title parameter. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku…

The Danfoss AK-EM100 web applications allow for Local File Inclusion in the file parameter. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku…

The Danfoss AK-EM100 web applications allow for OS command injection through the web application parameters. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

The webreport generation feature in the Danfoss AK-EM100 allows an unauthorized actor to generate a web report that discloses sensitive information such as the internal…

Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set() function and the current variable in…

schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute…

Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used…

A potential security vulnerability has been identified with a version of the HP Softpaq installer that can lead to arbitrary code execution. Zafiyet ile ilgili…

Vault and Vault Enterprise’s (Vault) key-value v2 (kv-v2) diff viewer allowed HTML injection into the Vault web UI through key values. This vulnerability, CVE-2023-2121, is…

The WP Activity Log for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.0. This is due to missing or…