The Slide Anything WordPress plugin before 2.3.44 does not sanitize and escape sliders’ description, which could allow high privilege users such as editor and above…

The Easily Generate Rest API Url WordPress plugin through 1.0.0 does not escape some of its settings, allowing high privilege users such as admin to…

The WPGraphQL WordPress plugin before 0.3.5 doesn’t properly restrict access to information about other users’ roles on the affected site. Because of this, a remote…

IBM Cloud Pak System 2.3.0 through 2.3.3.3 Interim Fix 1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive…

Users Account Pre-Takeover or Users Account Takeover. in GitHub repository microweber/microweber prior to 1.2.15. Victim Account Take Over. Since, there is no email confirmation, an…

Command injection vulnerability in Manual Ping Form (Web UI) in Shenzhen Ejoin Information Technology Co., Ltd. ACOM508/ACOM516/ACOM532 609-915-041-100-020 allows a remote attacker to inject arbitrary…

In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to…

NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers…

Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2. This vulnerabilities are capable of crashing software, modify memory, and possible remote…

ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_connects_remove_1 (called from stl_remove_degenerate) in connect.c in libadmesh.a. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri…