[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250108

 
 

909

 
 

196064

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 248915 Download | Alert*

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.

Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user.

The iframe plugin before 4.5 for WordPress does not sanitize a URL.

The direct_mail extension through 5.2.3 for TYPO3 allows Denial of Service via log entries.

The direct_mail extension through 5.2.3 for TYPO3 has Broken Access Control for newsletter subscriber tables.

The direct_mail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl.

The direct_mail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query.

Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier) allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during the pairing process.

UliCMS before 2020.2 has XSS during PackageController uninstall.

UliCMS before 2020.2 has PageController stored XSS.


Pages:      Start    13381    13382    13383    13384    13385    13386    13387    13388    13389    13390    13391    13392    13393    13394    ..   24891

© SecPod Technologies