Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2023-38041

A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an…

Devamını oku

CVE-2023-30912

A remote code execution issue exists in HPE OneView. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database

Devamını oku

CVE-2023-31580

light-oauth2 before version 2.1.27 obtains the public key without any verification. This could allow attackers to authenticate to the application with a crafted JWT token.…

Devamını oku

CVE-2023-31581

Dromara Sureness before v1.0.8 was discovered to use a hardcoded key. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability…

Devamını oku

CVE-2023-34048

vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an…

Devamını oku

CVE-2023-34056

vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data. Zafiyet…

Devamını oku

CVE-2023-26581

Unauthenticated SQL injection in the GetVisitors method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers. Zafiyet…

Devamını oku

CVE-2023-26582

Unauthenticated SQL injection in the GetExcursionDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers. Zafiyet…

Devamını oku