Improper access control checks for Nextcloud Server
Overview : A missing check in Nextcloud Server 14.0.3 could give recipient the possibility to extend the expiration date of a share they received. Affected…
Cisco Linksys E4200 firmware suffers from cross site scripting and local file inclusion vulnerabilities
Overview : Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or…
Multiple Vulnerabilities on HashiCorp Consul
Overview : HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 Information Disclosure and DDoS Vulnerabilities Affected Product(s) : This vulnerability affects the following version of…
Denial of Service vuln in web UI of Cisco Small Business Switches
Overview : A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to cause a denial of service…
XSS in WordPress Elementor Plugin 2.8.4
Overview : The Elementor plugin before 2.8.5 for WordPress suffers from a reflected XSS vulnerability on the elementor-system-info page. These can be exploited by targeting…
Disclosure of Private Merge Requests and Issues via Elasticsearch integration
Overview : An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where…