A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing a crash.…

A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command “adf” has no or wrong argument, anal_fcn_data (core, input + 1)…

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any…

Emerson Electric’s Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: ‘..Filename’, also known as a ZipSlip attack, through an upload…

Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx json parsing may lead to stack exhaustion…

IBM MQ 8.0, (9.0, 9.1, 9.2 LTS), and (9.1 and 9.2 CD) are vulnerable to an XML External Entity Injection (XXE) attack when processing XML…

Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx use of the Value class may lead…

Cross-site Scripting (XSS) – DOM in GitHub repository chatwoot/chatwoot prior to 2.7.0. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National…

Insecure Storage of Sensitive Information in GitHub repository chatwoot/chatwoot prior to 2.6.0. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National…

In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service via the package upload function. Zafiyet ile ilgili Genel…