CVE-2022-33693

Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log...

EUVD-2022-28912

Malicious code in bioql PyPI...

CVE-2022-36844

A heap-based overflow vulnerability in HWR::EngJudgeModel::Construct in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault...

CVE-2024-8191

SQL injection in the management console of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution...

PT-2025-1134

Name of the Vulnerable Software and Affected Versions Ivanti EPM versions before 2024 January-2025 Security Update Ivanti EPM versions before 2022 SU6 January-2025 Security Update Description The issue is related to an absolute path traversal in Ivanti EPM, which can be exploited by a remote...

CVE-2024-32841

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution...

CVE-2024-34779

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution...

PT-2024-6216 · Ivanti · Ivanti Epm

Name of the Vulnerable Software and Affected Versions: Ivanti EPM versions prior to 2022 SU6 Ivanti EPM versions prior to the 2024 September update Description: The issue is related to a lack of authentication for a critical function in Ivanti EPM, specifically in Network Isolation. This allows a...

PT-2024-6301 · Ivanti · Ivanti Epm

Name of the Vulnerable Software and Affected Versions: Ivanti EPM versions before 2022 SU6 Ivanti EPM versions before the 2024 September update Description: The issue is related to an unspecified SQL injection in Ivanti EPM, which allows a remote authenticated attacker with admin privileges to...

PT-2024-8590

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2024 November Security Update Ivanti Endpoint Manager versions prior to 2022 SU6 November Security Update Description The issue is related to SQL injection in Ivanti Endpoint Manager, which allows a...

Ivanti EPM SQL注入漏洞

Ivanti EPM is a one-stop shop for managing user profiles and all client devices from Ivanti USA. An SQL injection vulnerability exists in Ivanti EPM 2022 SU5 and prior versions, which can be exploited by an attacker to execute arbitrary code...

PT-2024-1067 · Ivanti · Ivanti Endpoint Manager +2

Name of the Vulnerable Software and Affected Versions: Ivanti Endpoint Manager versions prior to 2022 SU 5 Description: The issue is related to a SQL injection vulnerability that can be exploited to execute arbitrary SQL queries and retrieve output without authentication. Under specific...

Ivanti Endpoint Manager Code Issue Vulnerability

Ivanti Endpoint Manager EPM is a suite of endpoint security managers from Ivanti Corporation, USA. A security vulnerability exists in Ivanti Endpoint Manager versions prior to 2022 SU4, which stems from the presence of XML External Entity Injection in the CSEP component, where external entity...

PT-2022-5635 · Microsoft · Sql Server +3

Name of the Vulnerable Software and Affected Versions: .NET Framework versions prior to the November 2022 update System.Data.SqlClient versions prior to 4.8.5 Microsoft.Data.SqlClient versions prior to 2.1.2 Description: A vulnerability in .NET Framework allows attackers to obtain sensitive...

Android Automotive OS Update Bulletin—October 2022Stay organized with collectionsSave and categorize content based on your preferences.

The Android Automotive OS AAOS Update Bulletin contains details of security vulnerabilities affecting the Android Automotive OS platform. The full AAOS update comprises the security patch level of 2022-10-05 or later from the October 2022 Android Security Bulletin in addition to all issues in thi...

Microsoft Visual Studio 代码注入漏洞

Microsoft Visual Studio is a family of development tool suites and a fundamentally complete set of development tools from Microsoft Corporation USA that includes most of the tools needed throughout the software life cycle. A code injection vulnerability exists in Microsoft Visual Studio. The...

Android Automotive OS Update Bulletin—July 2022Stay organized with collectionsSave and categorize content based on your preferences.

The Android Automotive OS AAOS Update Bulletin contains details of security vulnerabilities affecting the Android Automotive OS platform. The full AAOS update comprises the security patch level of 2022-07-05 or later from the July 2022 Android Security Bulletin in addition to all issues in this...

June 7, 2022, update for Office 2016 (KB5002182)

June 7, 2022, update for Office 2016 KB5002182 This article describes update 5002182 for Microsoft Office 2016 that was released on June 7, 2022.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply to Offi...

KB5014991: Authentication failures occur after the May 10, 2022 update is installed on domain controllers running Windows Server 2012

KB5014991: Authentication failures occur after the May 10, 2022 update is installed on domain controllers running Windows Server 2012 Summary This update includes improvements for the following issue: Addresses a known issue that might cause authentication failures for some services on a server o...

May 19, 2022—KB5015019 (OS Build 14393.5127) Out-of-band

May 19, 2022—KB5015019 OS Build 14393.5127 Out-of-band Note: To improve the information presented in the history pages and related KBs and make them more useful to our customers, we have created an anonymous survey for you to share your comments and feedback. 11/19/20 For information about Window...