IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 could allow a remote attacker to upload arbitrary files, caused by improper content validation. IBM X-Force ID: 211238.…

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a low level user to obtain sensitive information from the details of the ‘Cloud Storage’ page…

A local privilege escalation vulnerability was identified within the “luminati_net_updater_win_eagleget_com” service in EagleGet Downloader version 2.1.5.20 Stable. This issue allows authenticated non-administrative user to escalate…

Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could…

OFFIS DCMTK’s (All versions prior to 3.6.7) has a NULL pointer dereference vulnerability while processing DICOM files, which may result in a denial-of-service condition. Zafiyet…

OFFIS DCMTK’s (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into…

OFFIS DCMTK’s (All versions prior to 3.6.7) service class provider (SCP) is vulnerable to path traversal, allowing an attacker to write DICOM files into arbitrary…

Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, including a “rootâ€� user level meant only for the vendor. Web…

The www-data (Apache web server) account is configured to run sudo with no password for many commands (including /bin/sh and /bin/bash). Zafiyet ile ilgili Genel…

An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to…