Day: Kasım 25, 2022

CVE-2022-39334

Nextcloud desktop is the desktop sync client for Nextcloud. Versions prior to 3.6.1 would incorrectly trust invalid TLS certificates. A Man-in-the-middle attack is possible in…

Devamını oku

CVE-2022-39331

Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application in the notifications.…

Devamını oku

CVE-2022-41712

Frappe version 14.10.0 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not correctly validate the information…

Devamını oku

CVE-2022-41706

Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the URL protocol…

Devamını oku

CVE-2022-41705

Badaso version 2.6.3 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application does not properly…

Devamını oku

CVE-2022-0698

Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the ‘select-file’ parameter. Zafiyet ile ilgili Genel Bilgi, Etki…

Devamını oku

CVE-2022-43984

Browsershot version 3.57.3 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the JS…

Devamını oku

CVE-2022-43983

Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the HTML…

Devamını oku