A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization.…

A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for EnterpriseDB-supplied PostgreSQL does not lock down the ACL of the…

Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently capture the IAM role security token on the local host during initial linking of the…

A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for BigSQL-supplied PostgreSQL does not lock down the ACL of the…

IBM Resilient SOAR 40 and earlier could disclose sensitive information by allowing a user to enumerate usernames. Devamını Oku

IBM Resilient SOAR 40 and earlier could disclose sensitive information by allowing a user to enumerate usernames. Devamını Oku

An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP…

The IT-Recht Kanzlei plugin in Zen Cart 1.5.6c (German edition) allows itrk-api.php rechtstext_language SQL Injection. Devamını Oku

Zen Cart 1.5.6d allows reflected XSS via the main_page parameter to includes/templates/template_default/common/tpl_main_page.php or includes/templates/responsive_classic/common/tpl_main_page.php. Devamını Oku

Redash 8.0.0 is affected by LDAP Injection. There is an information leak through the crafting of special queries, escaping the provided template since the username…