A use-after-free vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_mqtt_msg_get_publish_property() in the file mqtt_msg.c. This vulnerability is cau ...
Continue Reading
June 08, 2023
Gatsby is a free and open source framework based on React. The Gatsby framework prior to versions 4.25.7 and 5.9.1 contain a Local File Inclusion vulnerability in the `__file-code-frame` and `__origin ...
Continue Reading
June 08, 2023
Gradio is an open-source Python library that is used to build machine learning and data science. Due to a lack of path filtering Gradio does not properly restrict file access to users. Additionally Gr ...
Continue Reading
June 08, 2023
The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. This is due to insufficient encryption on the user being s ...
Continue Reading
June 08, 2023
D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor m ...
Continue Reading
June 08, 2023
An attacker with local access to the machine could record the traffic, which could allow them to resend requests without the server authenticating that the user or session are valid.Read More ...
Continue Reading
June 08, 2023
By changing the filename parameter in the request, an attacker could delete any file with the permissions of the Vuforia server account.Read More ...
Continue Reading
June 08, 2023
The local Vuforia web application does not support HTTPS, and federated credentials are passed via basic authentication.Read More ...
Continue Reading
June 08, 2023
Back to Main
