Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2022-31836

The leafInfo.match() function in Beego v2.0.3 and below uses path.join() to deal with wildcardvalues which can lead to cross directory risk. Zafiyet ile ilgili Genel…

Devamını oku

CVE-2022-2304

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database

Devamını oku

CVE-2022-26365

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and…

Devamını oku

CVE-2022-30290

In OpenCTI through 5.2.4, a broken access control vulnerability has been identified in the profile endpoint. An attacker can abuse the identified vulnerability in order…

Devamını oku

CVE-2022-30289

A stored Cross-site Scripting (XSS) vulnerability was identified in the Data Import functionality of OpenCTI through 5.2.4. An attacker can abuse the vulnerability to upload…

Devamını oku

CVE-2021-43702

ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker…

Devamını oku

CVE-2022-2097

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This…

Devamını oku

CVE-2022-2309

NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10…

Devamını oku

CVE-2022-2306

Old session tokens can be used to authenticate to the application and send authenticated requests. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

Devamını oku