Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2023-31417

Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests…

Devamını oku

CVE-2023-31418

An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit…

Devamını oku

CVE-2023-31419

A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a…

Devamını oku

CVE-2020-17477

Incorrect LDAP ACLs in ucs-school-ldap-acls-master in UCS@school before 4.4v5-errata allow remote teachers, staff, and school administrators to read LDAP password hashes (sambaNTPassword, krb5Key, sambaPasswordHistory, and…

Devamını oku

CVE-2023-32116

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in TotalPress.Org Custom post types, Custom Fields & more plugin <= 4.0.12 versions. Zafiyet ile ilgili Genel Bilgi, Etki…

Devamını oku

CVE-2023-30492

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Vark Minimum Purchase for WooCommerce plugin <= 2.0.0.1 versions. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

Devamını oku

CVE-2023-30967

Gotham Orbital-Simulator service prior to 0.692.0 was found to be vulnerable to a Path traversal issue allowing an unauthenticated user to read arbitrary files on…

Devamını oku