2125 matches found
PT-2022-22285 · Nvidia · Nvidia Control Panel
Name of the Vulnerable Software and Affected Versions: NVIDIA Control Panel for Windows affected versions not specified Description: The issue allows an unauthorized user or an unprivileged regular user to compromise the security of the software by gaining privileges, reading sensitive informatio...
CVE-2022-20545
In bindArtworkAndColors of MediaControlPanel.java, there is a possible way to crash the phone due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2022-20545
CVE-2022-20545 affects Android 13 on Google Pixel devices. The issue resides in the MediaControlPanel.java function bindArtworkAndColors, where improper input validation can crash the phone, causing a remote denial of service with no additional execution privileges required. Exploitation does not...
PT-2022-14758 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to improper input validation in the bindArtworkAndColors function of MediaControlPanel.java. This could lead to a remote denial of service, where the phone may crash, with no...
NVIDIA Windows GPU Display Driver (Nov 2022)
A display driver installed on the remote Windows host is affected by multiple vulnerabilities, including the following: - NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can access or modify system files or other files that...
CVE-2022-43709
MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings...
MyBB SQL注入漏洞
MyBB MyBulletinBoard is a free and web-based forum software developed by MYBB team using PHP and MySQL. The software is easy to use, supports multiple languages, scalable and so on. A SQL injection vulnerability exists in MyBB version 1.8.31, which originates from a cross-site scripting...
CVE-2022-43709
MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings...
The vulnerability of the Cisco Umbrella security cloud service control panel allows attackers to carry out cross-site scripting attacks.
The vulnerability of the Cisco Umbrella security cloud service panel exists because measures are not taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...
CVE-2022-3967
A vulnerability, which was classified as critical, was found in Vesta Control Panel. Affected is an unknown function of the file func/main.sh of the component sed Handler. The manipulation leads to argument injection. An attack has to be approached locally. The name of the patch is...
CVE-2022-3967
A vulnerability, which was classified as critical, was found in Vesta Control Panel. Affected is an unknown function of the file func/main.sh of the component sed Handler. The manipulation leads to argument injection. An attack has to be approached locally. The name of the patch is...
Design/Logic Flaw
A vulnerability, which was classified as critical, was found in Vesta Control Panel. Affected is an unknown function of the file func/main.sh of the component sed Handler. The manipulation leads to argument injection. An attack has to be approached locally. The name of the patch is...
Vesta Control Panel 参数注入漏洞
Vesta Control Panel VestaCP is an open source web hosting control panel. A security vulnerability exists in Vesta Control Panel that originates in an unknown function in the func/main.sh file of the sed Handler component and suffers from parameter injection...
CVE-2022-3967
CVE-2022-3967 affects Vesta Control Panel, specifically the sed Handler component in func/main.sh. The vulnerability enables argument injection and requires local access to exploit. Patch 39561c32c12cabe563de48cc96eccb9e2c655e25 is identified as the fix; apply it to mitigate. Other details in con...
CVE-2022-3967 Vesta Control Panel sed main.sh argument injection
A vulnerability, which was classified as critical, was found in Vesta Control Panel. Affected is an unknown function of the file func/main.sh of the component sed Handler. The manipulation leads to argument injection. An attack has to be approached locally. The name of the patch is...
CVE-2022-3967 Vesta Control Panel sed main.sh argument injection
A vulnerability, which was classified as critical, was found in Vesta Control Panel. Affected is an unknown function of the file func/main.sh of the component sed Handler. The manipulation leads to argument injection. An attack has to be approached locally. The name of the patch is...
PT-2022-24985 · Unknown · Vesta Control Panel
Name of the Vulnerable Software and Affected Versions: Vesta Control Panel affected versions not specified Description: A critical issue was found in the sed Handler component of Vesta Control Panel, affecting an unknown function of the file func/main.sh. This issue leads to argument injection an...
Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion
A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon, a popular "malware-as-a-service" offering that helped paying customers steal passwords and financial data from millions of cybercrime victims...
CVE-2021-46850
myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel before 0.9.8-26 are vulnerable to command injection. An authenticated and remote administrative user can execute arbitrary commands via the vsftplicense parameter when sending HTTP POST requests to the /edit/server endpoint...
Command injection
myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel before 0.9.8-26 are vulnerable to command injection. An authenticated and remote administrative user can execute arbitrary commands via the vsftplicense parameter when sending HTTP POST requests to the /edit/server endpoint...