Böngésszen szolgáltatóknak szóló tartalmaink között.
2024. szep. 21.
Riasztás
NA - CVE-2024-6786 - The vulnerability allows an attacker to craft...
The vulnerability allows an attacker to craft MQTT messages that include relative path traversal sequences, enabling them to read arbitrary files on the system. This could lead to the disclosure of...
NA - CVE-2024-6787 - This vulnerability occurs when an attacker...
This vulnerability occurs when an attacker exploits a race condition between the time a file is checked and the time it is used (TOCTOU). By exploiting this race condition, an attacker can write...
Medium - CVE-2024-8680 - The MC4WP: Mailchimp for WordPress plugin for...
The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.9.16 due to insufficient input...
NA - CVE-2024-9048 - A vulnerability was found in y_project RuoYi up...
A vulnerability was found in y_project RuoYi up to 4.7.9. It has been declared as problematic. Affected by this vulnerability is the function SysUserServiceImpl of the file...
NA - CVE-2024-42323 - SnakeYaml Deser Load Malicious xml rce...
SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat (incubating). This vulnerability can only be exploited by authorized attackers. This issue affects Apache HertzBeat...
NA - CVE-2024-47210 - Gladys Assistant before 4.45.1 allows Privilege...
Gladys Assistant before 4.45.1 allows Privilege Escalation (a user changing their own role) because req.body.role can be used in updateMySelf in server/api/controllers/user.controller.js.
NA - CVE-2024-9075 - A vulnerability was found in Stirling-Tools...
A vulnerability was found in Stirling-Tools Stirling-PDF up to 0.28.3. It has been declared as problematic. This vulnerability affects unknown code of the component Markdown-to-PDF. The...
