Day: Aralık 9, 2022

CVE-2022-23510

cube-js is a headless business intelligence platform. In version 0.31.23 all authenticated Cube clients could bypass SQL row-level security and run arbitrary SQL via the…

Devamını oku

CVE-2022-23497

FreshRSS is a free, self-hostable RSS aggregator. User configuration files can be accessed by a remote user. In addition to user preferences, such configurations contain…

Devamını oku

CVE-2022-41299

IBM Cloud Transformation Advisor 2.0.1 through 3.3.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI…

Devamını oku

CVE-2022-4336

In BAOTA linux panel there exists a stored xss vulnerability attackers can use to obtain sensitive information via the log analysis feature. Zafiyet ile ilgili…

Devamını oku

CVE-2022-3259

Openshift 4.9 does not use HTTP Strict Transport Security (HSTS) which may allow man-in-the-middle (MITM) attacks. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

Devamını oku

CVE-2022-29839

Insufficiently Protected Credentials vulnerability in the remote backups application on Western Digital My Cloud devices that could allow an attacker who has gained access to…

Devamını oku