A directory permissions management vulnerability in Lenovo System Update may allow elevation of privileges. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku…

Apache StreamPark 1.0.0 before 2.0.0 When the user successfully logs in, to modify his profile, the username will be passed to the server-layer as a parameter,…

A certificate validation vulnerability exists in the Baiying Android application which could lead to information disclosure. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

A valid, authenticated XCC user with read only access may gain elevated privileges through a specifically crafted API call. Zafiyet ile ilgili Genel Bilgi, Etki…

Apache StreamPark 1.0.0 to 2.0.0 have a LDAP injection vulnerability. LDAP Injection is an attack used to exploit web based applications that construct LDAP statements…

Streampark allows any users to upload a jar as application, but there is no mandatory verification of the uploaded file type, causing users to upload…

A default password was reported in Lenovo Smart Clock Essential with Alexa Built In that could allow unauthorized device access to an attacker with local…

A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the…

A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Both io_install_fixed_file and its callers call fput in a file…

A heap out-of-bounds read/write vulnerability in the Linux Kernel traffic control (QoS) subsystem can be exploited to achieve local privilege escalation. The qfq_change_class function does not…