Day: Ocak 26, 2023

CVE-2022-26329

File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5 allows attacker to determine whether a file exists on the filesystem. This…

Devamını oku

CVE-2022-25962

All versions of the package vagrant.js are vulnerable to Command Injection via the boxAdd function due to improper input sanitization. Zafiyet ile ilgili Genel Bilgi,…

Devamını oku

CVE-2022-25927

Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via…

Devamını oku

CVE-2022-25908

All versions of the package create-choo-electron are vulnerable to Command Injection via the devInstall function due to improper user-input sanitization. Zafiyet ile ilgili Genel Bilgi,…

Devamını oku

CVE-2022-25894

All versions of the package com.bstek.uflo:uflo-core are vulnerable to Remote Code Execution (RCE) in the ExpressionContextImpl class via jexl.createExpression(expression).evaluate(context); functionality, due to improper user input…

Devamını oku

CVE-2022-25860

Versions of the package simple-git before 3.16.0 are vulnerable to Remote Code Execution (RCE) via the clone(), pull(), push() and listRemote() methods, due to improper…

Devamını oku