Day: Eylül 13, 2022

CVE-2022-32555

Unisys Data Exchange Management Studio before 6.0.IC2 and 7.x before 7.0.IC1 doesn’t have an Anti-CSRF token to authenticate the POST request. Thus, a cross-site request…

Devamını oku

CVE-2022-32244

Under certain conditions an attacker authenticated as a CMS administrator access the BOE Commentary database and retrieve (non-personal) system data, modify system data but can’t…

Devamını oku

CVE-2022-3182

Improper Access Control vulnerability in the Duo SMS two-factor of Devolutions Remote Desktop Manager 2022.2.14 and earlier allows attackers to bypass the application lock. This…

Devamını oku

CVE-2022-20396

In SettingsActivity.java, there is a possible way to make a device discoverable over Bluetooth, without permission or user interaction, due to a permissions bypass. This…

Devamını oku