In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete template functionality. When an authenticated user deletes a template…

In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete user functionality. When an authenticated user deletes a user…

A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider…

Enabling and disabling installed H5P libraries did not include the necessary token to prevent a CSRF risk. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri…

RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker (link) state. The…

A vulnerability related to weak permissions was detected in Avaya Aura Application Enablement Services web application, allowing an administrative user to modify accounts leading to…

In affected versions of Octopus Server it was identified that the same encryption process was used for both encrypting session cookies and variables. Zafiyet ile…

In affected versions of Octopus Server it was identified that a session cookie could be used as the CSRF token Zafiyet ile ilgili Genel Bilgi,…

Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects: Hitachi Storage Plug-in…

The default privileges for the running service Normand License Manager in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows unprivileged users to overwrite and manipulate…