An issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token.Read More ...
Continue Reading
August 17, 2023
A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function.Read More ...
Continue Reading
August 17, 2023
Oppia is an online learning platform. When comparing a received CSRF token against the expected token, Oppia uses the string equality operator (`==`), which is not safe against timing attacks. By repe ...
Continue Reading
August 16, 2023
Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element.Read More ...
Continue Reading
August 16, 2023
Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI ...
Continue Reading
August 16, 2023
A vulnerability, which was classified as problematic, has been found in tdevs Hyip Rio 2.1. Affected by this issue is some unknown functionality of the file /user/settings of the component Profile Set ...
Continue Reading
August 16, 2023
A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect exe ...
Continue Reading
August 16, 2023
Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a spe ...
Continue Reading
August 16, 2023
Back to Main
