Siemens SIMATIC S7-1500 Double Free (CVE-2021-22945)

When sending data to an MQTT server, libcurl = 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again. This plugin only works with Tenable.ot. Please visit...

Delta Electronics CNCSoft-G2 Stack Buffer Overflow Vulnerability (CNVD-2025-22945)

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 suffers from a stack buffer overflow vulnerability that originates from improperly restricted memory buffer operations and can be exploited by an attacker to...

CVE-2024-23923

Alpine Halo9 prhl2sardataind Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists...

CVE-2024-23923 Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution Vulnerability

Alpine Halo9 prhl2sardataind Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists...

CVE-2024-23923

CVE-2024-23923 concerns Alpine Halo9 devices, where the prh_l2_sar_data_ind function has a Use-After-Free flaw that allows remote code execution. The issue arises from not validating the existence of an object before operating on it, enabling a network-adjacent attacker with no authentication to ...

Fedora: Security Advisory for mediawiki (FEDORA-2023-30a7a812f0)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2023-22945

creationtimestamp| type| source ---|---|--- 2023-01-11 14:03:38+00:00| seen| https://t.me/cibsecurity/56333 2025-04-07 18:46:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10759...

CVE-2023-22945

In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users blocked in ApiManageMentorList to enroll as mentors or edit any of their mentorship-related properties...

CVE-2023-22945

The CVE-2023-22945 entry concerns MediaWiki’s GrowthExperiments extension (through version 1.39) where the growthmanagementorlist API permits blocked users (blocked via ApiManageMentorList) to enroll as mentors or edit any mentorship-related properties. This indicates an authorization check flaw ...

Western Digital My Cloud Multiple Products 5.x < 5.25.124 Multiple Vulnerabilities (WDC-22019)

Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...

[SECURITY] [DSA 5197-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5197-1 [email protected] https://www.debian.org/security/ Markus Koschany August 01, 2022 https://www.debian.org/security/faq -...

Slackware: Security Advisory (SSA:2021-258-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-22945 affecting package curl for versions less than 7.82.0-1

CVE-2021-22945 affecting package curl for versions less than 7.82.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-22945

creationtimestamp| type| source ---|---|--- 2022-02-16 20:36:17+00:00| seen| https://t.me/cibsecurity/37592 2022-02-21 14:04:00+00:00| published-proof-of-concept| https://t.me/truesecator/2654 2022-02-22 11:05:09+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/5466...

CVE-2022-22945

VMware NSX Edge contains a CLI shell injection vulnerability. A malicious actor with SSH access to an NSX-Edge appliance can execute arbitrary commands on the operating system as root...

CVE-2022-22945

CVE-2022-22945 affects VMware NSX Data Center for vSphere (NSX-V) in the NSX Edge appliance. A CLI shell injection exists that allows a user with SSH access to an NSX-Edge appliance to execute arbitrary commands as root on the underlying OS (local privilege escalation). Reported cause: improper i...

VMware Issues Security Patches for High-Severity Flaws Affecting Multiple Products

VMware on Tuesday patched several high-severity vulnerabilities impacting ESXi, Workstation, Fusion, Cloud Foundation, and NSX Data Center for vSphere that could be exploited to execute arbitrary code and cause a denial-of-service DoS condition. As of writing, there's no evidence that any of the...

VMSA-2022-0005:VMware NSX Data Center for vSphere update addresses CLI shell injection vulnerability

Advisory ID: VMSA-2022-0005.2 CVSSv3 Range: 8.8 Issue Date:2022-02-15 Updated On: 2022-04-07 CVEs: CVE-2022-22945 Synopsis: VMware NSX Data Center for vSphere update addresses CLI shell injection vulnerability CVE-2022-22945 RSS Feed Download PDF Download Text File Share this page on social media...

Amazon Linux 2 : curl (ALAS-2021-1724)

The version of curl installed on the remote host is prior to 7.79.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1724 advisory. A flaw was found in libcurl. When sending data to an MQTT server could in some situations lead to libcurl using already free...

Oracle MySQL Server <= 5.7.35 / 8.0 <= 8.0.26 Security Update (cpuoct2021) - Linux

Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...