Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.Re ...
Continue Reading23 июня, 2022
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-20660. Reason: This candidate is a reservation duplicate of CVE-2021-20660. Notes: All CVE users should reference CVE-2021-20660 ins ...
Continue Reading23 июня, 2022
Cross Site Scripting (XSS) vulnerability in sourcecodester School File Management System 1.0 via the Lastname parameter to the Update Account form in student_profile.php.Read More ...
Continue Reading23 июня, 2022
LaiKetui v3.5.0 has SQL injection in the background through the menu management function, and sensitive data can be obtained.Read More ...
Continue Reading23 июня, 2022
A stored cross-site scripting (XSS) vulnerability exists in FlatPress 1.2.1 that allows for arbitrary execution of JavaScript commands through blog content.Read More ...
Continue Reading23 июня, 2022
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading23 июня, 2022
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading23 июня, 2022
A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value bi ...
Continue Reading23 июня, 2022
Back to Main