An attacker could obtain information using main in the middle techniques. IBM Spectrum Protect Plus 10.1.0 through 10.1.12 discloses sensitive information due to unencrypted data being used in the communication flow between Spectrum Protect Plus vSnap and its agents.
The associated identifier of this vulnerability is VDB-215443.įile upload vulnerability in function upload in action/ in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php.Ĭross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acme_certificate_edit.php page of the ACME package.ĭirectory Traversal vulnerability in easywebpack-cli before 4.5.2 allows attackers to obtain sensitive information via crafted GET request. It is recommended to upgrade the affected component. Upgrading to version 1.4.0 is able to address this issue. The manipulation of the argument url leads to buffer overflow.
Affected by this vulnerability is the function pacparser_find_proxy of the file src/pacparser.c. A vulnerability classified as problematic was found in pacparser up to 1.3.x.
0 kommentar(er)
