Elliptic 安全漏洞

Elliptic is a fast elliptic curve cryptographic library in javascript by the individual developer Fedor Indutny. A security vulnerability exists in Elliptic version 6.5.7, which stems from an inability to properly verify valid signatures in its ECDSA implementation...

WordPress Bit File Manager Plugin <= 6.5.7 is vulnerable to Arbitrary File Upload

Software Bit File Manager Type Plugin Vulnerable versions = 6.5.7 Fixed in 6.5.8 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-8743 Patch priority High CVSS severity High 6.8 Developer Claim ownership PSID c3b2ce42763f Credits TANG Cheuk Hei siunam Required privileg...

Parse Server Security Vulnerability

Parse Server is an open source backend from Parse Platform Open Source that can be deployed to any infrastructure that can run Node.js. A security vulnerability exists in Parse Server versions prior to 6.5.7 and 7.1.0 that stems from vulnerability to SQL injection attacks when configured to use a...

UBUNTU-CVE-2022-31043

Guzzle is an open source PHP HTTP client. In affected versions Authorization headers on requests are sensitive information. On making a request using the https scheme to a server which responds with a redirect to a URI with the http scheme, we should not forward the Authorization header on. This ...

CVE-2018-15608

Zoho ManageEngine ADManager Plus 6.5.7 allows HTML Injection on the "AD Delegation" "Help Desk Technicians" screen...