[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256369

 
 

909

 
 

199183

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 254604 Download | Alert*

The initialization vector (IV) used by the secure engine (SE) for encrypting data stored in the SE flash memory is uninitialized.��

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. UEFI implementations do not correctly protect and validate information contained in the 'MeSetup' UEFI variable. On some systems, this variable can be overwritten using operating system APIs. Exploitation of this vulnerability could potentially lead to denial of service for the platform.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maui Marketing Update Image Tag Alt Attribute plugin <=��2.4.5 versions.

The Rockwell Automation Enhanced HIM software contains an API that the application uses that is not protected sufficiently and uses incorrect Cross-Origin Resource Sharing (CORS) settings and, as a result, is vulnerable to a Cross Site Request Forgery (CSRF) attack. To exploit this vulnerability, a malicious user would have to convince a user to click on an untrusted link through a social engine ...

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The client query handler of the affected application fails to check for proper permissions for specific read queries. This could allow authenticated remote attackers to access data they are not authorized for.

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The audit log form of affected applications is vulnerable to SQL injection. This could allow authenticated remote attackers to execute arbitrary SQL queries on the server database.

A vulnerability has been identified in Mendix Forgot Password (Mendix 7 compatible) (All versions < V3.7.1), Mendix Forgot Password (Mendix 8 compatible) (All versions < V4.1.1), Mendix Forgot Password (Mendix 9 compatible) (All versions < V5.1.1). The affected versions of the module contain an observable response discrepancy issue that could allow an attacker to retrieve sensitive information.

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Grant Kimball Simple Vimeo Shortcode plugin <=��2.9.1 versions.

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Teplitsa of social technologies Leyka plugin��<= 3.29.2 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wow-Company Button Generator ��� easily Button Builder plugin <=��2.3.3 versions.


Pages:      Start    25023    25024    25025    25026    25027    25028    25029    25030    25031    25032    25033    25034    25035    25036    ..   25460

© SecPod Technologies