Riasztások

SolarWinds Observability Self-Hosted was susceptible to a cross-site scripting (XSS) vulnerability due to an unsanitized field in the URL. The attack requires authentication using an...

GeoServer is an open source server that allows users to share and edit geospatial data. It is possible to bypass the default REST API security and access the index page. The REST API security...

GeoServer is an open source server that allows users to share and edit geospatial data. Malicious Jiffle scripts can be executed by GeoServer, either as a rendering transformation in WMS dynamic...

A vulnerability in the APIs of HPE Aruba Networking Private 5G Core could potentially expose sensitive information to unauthorized users. A successful exploitation could allow an attacker to...

The Panel Designer dashboard in Airleader Master and Easy before 6.36 allows remote attackers to execute arbitrary commands via a wizard/workspace.jsp unrestricted file upload. To exploit this, the...

A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the Autodesk Installer application....

A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL credentials.

A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.1), SCALANCE XC316-8 (6GK5324-8TS00-2AC2) (All versions < V3.1), SCALANCE XC324-4 (6GK5328-4TS00-2AC2)...

Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An...

Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low...