CVE-2023-28004 : SCHNEIDER ELECTRIC POWERLOGIC HDPM6000 ETHERNET REQUEST ARRAY INDEX
Description A CWE-129: Improper validation of an array index vulnerability exists where a specially crafted Ethernet request could result in
Description A CWE-129: Improper validation of an array index vulnerability exists where a specially crafted Ethernet request could result in
Description In affected versions, a path traversal exists when processing a message in Rockwell Automation’s ThinManager ThinServer. An unauthenticated remote
Description A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause manipulation of dashboard
Description The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could
Description Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. In affected versions Sofia-SIP **lacks both
Description Apache Dubbo is a java based, open source RPC framework. Versions prior to 2.6.10 and 2.7.10 are vulnerable to
Description A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 allows remote unauthenticated attackers to execute arbitrary
Description A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to
Description There is a command injection vulnerability that could lead to unauthenticated remote code execution by sending specially crafted packets
Description A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could
Description A remote code execution (RCE) vulnerability in Optica allows unauthenticated attackers to execute arbitrary code via specially crafted JSON
Description Azure RTOS USBx is a USB host, device, and on-the-go (OTG) embedded stack, fully integrated with Azure RTOS ThreadX
Description A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege
What is REST API? REST is the acronym of Representational State Transfer (REST). It is an architectural style or pattern
What is Session Hijacking? Session Hijacking is the type of attack in which the attacker takes over or hijacks a
What is DNS and how does it work? DNS is the abbreviation for Domain Name System. The task of the
GDPR (General data protection regulation) is regulation to provide uniform data protection by eliminating the inconsistencies in national laws of
What is Content Security Policy (CSP)? Content Security Policy (CSP) is an additional layer of security on the HTTP browser
What is Swagger? Swagger is the way of defining the structure of APIs (Application Programming Interface). Swagger is specifically developed
Description NVFLARE, versions prior to 2.1.4, contains a vulnerability that deserialization of Untrusted Data due to Pickle usage may allow
Description rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the “serializer: pickle” HTTP header is sent.
Are you having a Spring MVC or Spring WebFlux application running on JDK version 9 or higher? Then ensure that
Are you having a Spring MVC or Spring WebFlux application running on JDK version 9 or higher? Then ensure that
Zero-Day RCE Vulnerability CVE-2021-44228 aka Critical Apache Log4j Remote Code Execution Vulnerability(Log4Shell)Affects Java Background on Apache log4j Apache log4j 2