Riasztások

Out of bounds read in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

tianti v2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /user/ajax/save. This vulnerability allows attackers to execute arbitrary operations via a crafted GET or...

A stored cross-site scripting (XSS) vulnerability in tianti v2.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the coverImageURL parameter at...

tianti v2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /user/ajax/upd/status. This vulnerability allows attackers to execute arbitrary operations via a crafted...

Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.13, 3.0.14, and 3.1.12, `Rack::Static` can serve files under the specified `root:` even if `urls:` are...

Nintex Automation 5.6 and 5.7 before 5.8 has a stored XSS issue associated with the "Navigate to a URL" action.

Nintex Automation 5.6 and 5.7 before 5.8 has insecure deserialization of user input.

In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config) containing passwords that are readable by unauthorized users.

A vulnerability was found in AT Software Solutions ATSVD up to 3.4.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Esqueceu a senha. The...

A vulnerability, which was classified as problematic, has been found in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 7. This issue affects some unknown processing of the...