Security Advisory Description Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due to improper validation of the supportBigNumbers ...
Continue Reading20 мая, 2024
In lunary-ai/lunary version 1.2.2, the DELETE endpoint located at packages/backend/src/api/v1/datasets is vulnerable to unauthorized dataset deletion due to missing authorization and authentication me ...
Continue Reading20 мая, 2024
In lunary-ai/lunary version 1.2.2, the DELETE endpoint located at packages/backend/src/api/v1/datasets is vulnerable to unauthorized dataset deletion due to missing authorization and authentication me ...
Continue Reading20 мая, 2024
CVE-2022-22978-demo CVE-2022-22978漏洞示例代码 利用条件 虽然定为高危,但是利用条件还是比较苛刻的,个人感觉这个漏洞比较鸡肋。 1. 首先肯定是spring-securi ...
Continue Reading20 мая, 2024
This vulnerability allows remote attackers to make arbitrary changes to configuration on affected installations of QNAP TS-464 NAS devices. Authentication is not required to exploit this vulnerability ...
Continue Reading20 мая, 2024
This is a Next.js project bootstrapped with create-next-app. Getting Started First, run the development server: ```bash npm run dev or yarn dev or pnpm dev or bun dev ``` Open https://localhost:3000 wi ...
Continue Reading20 мая, 2024
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior. Easily exploitable vu ...
Continue Reading20 мая, 2024
The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the /w ...
Continue Reading18 мая, 2024
Back to Main