Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2022-4361

Keycloak, an open-source identity and access management solution, has a cross-site scripting (XSS) vulnerability in the SAML or OIDC providers. The vulnerability can allow an…

Devamını oku

CVE-2023-20133

A vulnerability in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against…

Devamını oku

CVE-2023-20180

A vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on…

Devamını oku

CVE-2021-32494

Radare2 has a division by zero vulnerability in Mach-O parser’s rebase_buffer function. This allow attackers to create malicious inputs that can cause denial of service.…

Devamını oku

CVE-2021-32495

Radare2 has a use-after-free vulnerability in pyc parser’s get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service.…

Devamını oku

CVE-2021-39014

IBM Cloud Object System 3.15.8.97 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus…

Devamını oku

CVE-2021-33798

A null pointer dereference was found in libpano13, version libpano13-2.9.20. The flow allows attackers to cause a denial of service and potential code execute via…

Devamını oku

CVE-2023-25201

Cross Site Request Forgery (CSRF) vulnerability in MultiTech Conduit AP MTCAP2-L4E1 MTCAP2-L4E1-868-042A v.6.0.0 allows a remote attacker to execute arbitrary code via a crafted script…

Devamını oku