All Posts by: Prasad G

Description IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial

Description D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution (RCE) vulnerabilities in the msp_info_htm function via the

Description An arbitrary file upload vulnerability in the component /admin/friendlink_edit of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via

Description Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code.

Description Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Privilege Escalation.This issue affects upKeeper Instant Privilege

Description Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in django CMS Association django CMS

Description Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11 supported usage of OpenLDAP configurations that allowed

Description D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ip_position_asp function. References

Description A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an

Description IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 is vulnerable to SQL injection. A remote attacker could send specially

Description This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19

Description Tenda W9 v1.0.0.7(4456) was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in

Description StepSecurity’s Harden-Runner provides network egress filtering and runtime security for GitHub-hosted and self-hosted runners. Versions of step-security/harden-runner prior to

Description In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() Avoid a

Description Jpress until v5.1.1 has arbitrary file uploads on the windows platform, and the construction of non-standard file formats such

Description PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. The XmlScanner class has a scan method which

Description GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17,

Description An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management

Description Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability

Description A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All

Description A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management

Description Missing input validation in the SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 web-interface allows stored

Description McAfee Trial Installer 16.0.53 has Incorrect Access Control that leads to Local Escalation of Privileges. References https://www.mcafee.com/support/s/article/000002516?language=en_US For More

Description In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS