TestLink v1.9.20 was discovered to contain a stored cross-site scripting (XSS) vulnerability via /lib/inventory/inventoryView.php.Read More ...
Continue Reading16 сентября, 2022
Craft CMS 4.2.0.1 is vulnerable to stored a cross-site scripting (XSS) via /admin/settings/fields page.Read More ...
Continue Reading16 сентября, 2022
Craft CMS 4.2.0.1 is vulnerable to Cross Site Scripting (XSS) via Drafts.Read More ...
Continue Reading16 сентября, 2022
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the packageName variable in npm-convert.js.Read More ...
Continue Reading16 сентября, 2022
Tesla Model 3 V11.0(2022.4.5.1 6b701552d7a6) Tesla mobile app v4.23 is vulnerable to Authentication Bypass by spoofing. Tesla Model 3's Phone Key authentication is vulnerable to Man-in-the-middle atta ...
Continue Reading16 сентября, 2022
When logging in to a VBASE runtime project via Web-Remote, the product uses XOR with a static initial key to obfuscate login messages. An unauthenticated remote attacker with the ability to capture a ...
Continue Reading16 сентября, 2022
JasPer 3.0.6 allows denial of service via a reachable assertion in the function inttobits in libjasper/base/jas_image.c.Read More ...
Continue Reading16 сентября, 2022
A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoki ...
Continue Reading16 сентября, 2022
Back to Main