Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2021-21827

A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within `DecodeTreeBlock` which is called during the decompression…

Devamını oku

CVE-2021-21828

A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. In the default case of DecodeTreeBlock a label…

Devamını oku

CVE-2020-24130

A cross site request forgery (CSRF) vulnerability in the configure.html component of Ponzu 0.11.0 allows attackers to change user and administrator credentials, and add or…

Devamını oku

CVE-2020-25351

An information disclosure vulnerability in rConfig 3.9.5 has been fixed for version 3.9.6. This vulnerability allowed remote authenticated attackers to read files on the system…

Devamını oku

CVE-2020-25352

A stored cross-site scripting (XSS) vulnerability in the /devices.php function inrConfig 3.9.5 has been fixed for version 3.9.6. This vulnerability allowed remote attackers to perform…

Devamını oku

CVE-2020-25353

A server-side request forgery (SSRF) vulnerability in rConfig 3.9.5 has been fixed for 3.9.6. This vulnerability allowed remote authenticated attackers to open a connection to…

Devamını oku

CVE-2020-27461

A remote code execution vulnerability in SEOPanel 4.6.0 has been fixed for 4.7.0. This vulnerability allowed for remote code execution through an authenticated file upload…

Devamını oku

CVE-2020-27466

An arbitrary file write vulnerability in lib/AjaxHandlers/ajaxEditTemplate.php of rConfig 3.9.6 allows attackers to execute arbitrary code via a crafted file. Devamını Oku

Devamını oku