Riasztások

Lychee is a free photo-management tool. In versions starting from 6.6.6 to before 6.6.10, an attacker can leak local files including environment variables, nginx logs, other user's uploaded...

An authentication bypass vulnerability exists in KCM3100 Ver1.4.2 and earlier. If this vulnerability is exploited, an attacker may bypass the authentication of the product from within the LAN to...

The tarteaucitron.io WordPress plugin before 1.9.5 uses query parameters from YouTube oEmbed URLs without sanitizing these parameters correctly, which could allow users with the contributor role...

The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a...

Arbitrary file write as the OSV-SCALIBR user on the host system via a path traversal vulnerability when using OSV-SCALIBR's unpack() function for container images. Particularly, when using the...

In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vulnerability in Grafana. This issue affects...

Missing Authorization vulnerability in Cloudways Breeze allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze: from n/a through 2.2.13.

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma: Add missing locking Recent kernels complain about a missing lock in k3-udma.c when the lock validator...

In the Linux kernel, the following vulnerability has been resolved: net: mctp: Don't access ifa_index when missing In mctp_dump_addrinfo, ifa_index can be used to filter interfaces, but only...

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Add NULL check in uclogic_input_configured() devm_kasprintf() returns NULL when memory allocation fails....