Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

SQL Injection vulnerability in Projectworlds Online Doctor Appointment Booking System, allows attackers to gain sensitive information via the q parameter to the getuser.php endpoint. Zafiyet…

Infoblox BloxOne Endpoint for Windows through 2.2.7 allows DLL injection that can result in local privilege escalation. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri…

SQL Injection vulnerability in Simple Task Managing System version 1.0 in login.php in ‘username’ and ‘password’ parameters, allows attackers to execute arbitrary code and gain…

SQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in ‘phone’, ’email’, ‘deptType’ and ‘name’ parameters, allows attackers to execute arbitrary code and…

Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri…

The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites.…

bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to bleach.clean with an allowed tag with an allowed…

A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title,…

Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not…