SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the sqlExpressions feature. An attacker can execute unauthorized commands on the system by chaining SQL Expressions with plugin functionality. Remediation Upgrade github.com/grafana/grafana/pkg/expr/sql to version...

CVE-2023-0126

Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory...

CVE-2023-0126

Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory...

CVE-2023-0126

Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory...

Path traversal

Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory...

SonicWALL SMA1000 series 路径遍历漏洞

The SonicWALL SMA1000 series is a family of secure mobile access solutions from SonicWALL, Inc. simplifies end-to-end secure remote access to enterprise resources hosted across local, cloud and hybrid data centers. A path traversal vulnerability exists in SonicWALL SMA1000 series version 12.4.2. ...

CVE-2023-0126

SMA1000 firmware 12.4.2 is affected by a pre-authentication path traversal vulnerability (LFI). The connected Nuclei template confirms unauthenticated access to arbitrary files and directories outside the web root, enabling read access to sensitive device data. No exploit vectors are detailed in ...

CVE-2020-28165

CVE-2020-28165 affects EasyCorp ZenTao PMS 12.4.2 with an arbitrary file upload vulnerability exposed through the downloadZipPackage() function, allowing upload of arbitrary webshells to the server. Connected sources corroborate the vulnerability description; no additional exploit details, affect...

About the security content of iOS 12.4.2 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

Denial of service

GitLab EE 12.4.2 through 12.8.1 allows Denial of Service. It was internally discovered that a potential denial of service involving permissions checks could impact a project home page...

PT-2020-11898 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 12.4.2 through 12.8.1 Description: The issue involves a potential denial of service related to permissions checks, which could impact a project home page. Recommendations: For GitLab EE versions 12.4.2 through 12.8.1, updat...

GitLab path traversal vulnerability (CNVD-2020-01911)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A path traversal vulnerability exists in Gitlab Enterpris...

Apple Releases Security Updates

Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Appl...

About the security content of iOS 12.4.2

About the security content of iOS 12.4.2 This document describes the security content of iOS 12.4.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

Apple Security Update: iOS 12.4.2

Apple recommends to install security update iOS 12.4.2 on devices iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPad touch 6th generation...

Apple iTunes < 12.4.2 Multiple Vulnerabilities (credentialed check)

The version of Apple iTunes installed on the remote Windows host is prior to 12.4.2. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist in the libxslt component due to improper validation of user-supplied input. An unauthenticated, remote attacker c...