374 matches found
CVE-2021-38969
IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. IBM X-Force ID: 212609...
IBM Spectrum Virtualize 信任管理问题漏洞
IBM Spectrum Virtualize is a block storage virtualization system from IBM USA. It improves data value, security, and simplicity for new and existing storage infrastructures.An access control error vulnerability exists in IBM Spectrum Virtualize versions 8.2, 8.3, and 8.4. The vulnerability stems...
CVE-2022-0836
creationtimestamp| type| source ---|---|--- 2022-05-09 20:36:29+00:00| seen| https://t.me/cibsecurity/42182...
CVE-2022-28364
creationtimestamp| type| source ---|---|--- 2022-04-09 20:14:19+00:00| seen| https://t.me/cibsecurity/40430...
PT-2022-3899 · General Electric · Inet +1
Name of the Vulnerable Software and Affected Versions: General Electric Renewable Energy iNET and iNET II versions prior to 8.3.0 Description: The issue is related to inadequate encryption strength in the software of General Electric Renewable Energy's iNET and iNET II products. This could allow ...
CVE-2021-43077
A improper neutralization of special elements used in an sql command 'sql injection' in Fortinet FortiWLM version 8.6.2 and below, version 8.5.2 and below, version 8.4.2 and below, version 8.3.2 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests to the AP...
DEBIAN-CVE-2022-21664
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of the classes, there's potential for unintended SQL queries to be executed. This has been patched in WordPress version 5.8.3. Older affected...
WordPress plugin SQL注入漏洞
WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress has a SQL injection vulnerability in versions prior to 5.8.3, which stems from the lack of validation of externally...
PT-2022-10054 · Mcafee · Mcafee Application/Change Control
Name of the Vulnerable Software and Affected Versions: McAfee Application and Change Control MACC versions prior to 8.3.4 Description: A security issue allows a locally logged-in attacker to bypass application protection, enabling them to run applications that would normally be blocked. The...
CVE-2021-45425
Reflected Cross Site Scripting XSS in SAFARI Montage versions 8.3 and 8.5 allows remote attackers to execute JavaScript codes...
SAFARI Montage 跨站脚本漏洞
SAFARI Montage is a formative assessment tool from safarimontage that enables teachers to check students' understanding of topics or concepts during the course. A cross-site scripting vulnerability exists in SAFARI Montage versions 8.3 and 8.5, which can be exploited by an attacker to execute...
ZZCMS SQL注入漏洞
ZZCMS is a content management system CMS by China Zzcms team. A security vulnerability exists in ZZCMS 8.2, 8.3, 2020, 2021, which originates from a SQL injection when registering a regular user in dl/dlprint.php...
PYSEC-2021-317
The package pillow from 0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function...
CVE-2021-31000
A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.2 and iPadOS 15.2, watchOS 8.3, macOS Monterey 12.1, tvOS 15.2. A malicious application may be able to read sensitive contact information...
CVE-2021-30927
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. An application may be able to execute arbitrary code with kernel privileges...
PT-2021-18992 · Apple · Ipados +3
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.1 watchOS versions prior to 8.3 iOS versions prior to 15.2 iPadOS versions prior to 15.2 macOS Big Sur versions prior to 11.6.2 Description: A logic issue was addressed with improved restrictions, allowing a malicio...
PT-2021-19000 · Apple · Ipados +4
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.1 watchOS versions prior to 8.3 iOS versions prior to 15.2 iPadOS versions prior to 15.2 tvOS versions prior to 15.2 Description: A buffer overflow issue was addressed with improved memory handling. Processing a...
PT-2021-19037 · Apple · Ipados +4
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 15.2 iPadOS versions prior to 15.2 watchOS versions prior to 8.3 macOS Monterey versions prior to 12.1 tvOS versions prior to 15.2 Description: A permissions issue was addressed with improved validation, which may allow ...
CVE-2021-26994
Clustered Data ONTAP versions prior to 9.7P13 and 9.8P3 are susceptible to a vulnerability which could allow single workloads to cause a Denial of Service DoS on a cluster node...
CVE-2021-25162
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and...