PT-2025-7102 · D Link · D-Link Dir-853

Name of the Vulnerable Software and Affected Versions: D-Link DIR-853 A1 version FW1.20B07 Description: A stack-based buffer overflow issue was discovered through the Password parameter in the SetDynamicDNSSettings module. This allows for potential exploitation. No information is provided about t...

Keycloak 安全漏洞

Keycloak is an open source identity and access management solution from Keycloak Open Source. A security vulnerability exists in Keycloak versions prior to 26.0.8 that stems from the presence of a denial-of-service vulnerability that could allow an administrative user with the privilege to change...

CVE-2020-20582

A server side request forgery SSRF vulnerability in /ApiAdminDomainSettings.php of MipCMS 5.0.1 allows attackers to access sensitive information...

CSRF Vulnerability Patched in GoDaddy Domain Settings

Domain registrar GoDaddy yesterday patched a cross-site request forgery vulnerability that could have allowed an attacker to change domain settings on a site registered with GoDaddy. The flaw was reported on Saturday and patched within 48 hours, according to Dylan Saccomanni, a web application...

Syneto Unified Threat Management 1.3.3/1.4.2 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/51597/info Syneto Unified Threat Management is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will...