CVE-2022-30242

Honeywell Alerton Ascent Control Module (ACM) up to 2022-05-04 is affected by CVE-2022-30242, allowing unauthenticated configuration changes from remote users. The root issue is unprotected remote configuration access that can store altered configuration on the controller and implement it, creati...

Siemens PADS Standard/Plus Viewer Out-of-Bounds Reading Vulnerability (CNVD-2022-51619)

PADS Standard and Standard Plus provide PCB schematic design and layout functionality in an intuitive and easy-to-use environment.An out-of-bounds read vulnerability exists in Siemens PADS Standard/Plus Viewer, which could be exploited by an attacker to execute code in the context of the current...

Siemens PADS Standard/Plus Viewer Out-of-Bounds Writing Vulnerability (CNVD-2022-51623)

PADS Standard and Standard Plus provide PCB schematic design and layout functionality in an intuitive and easy-to-use environment.An out-of-bounds write vulnerability exists in Siemens PADS Standard/Plus Viewer, which could be exploited by an attacker to execute code in the context of the current...

Siemens PADS Standard/Plus Viewer Out-of-Bounds Reading Vulnerability (CNVD-2022-51620)

PADS Standard and Standard Plus provide PCB schematic design and layout functionality in an intuitive and easy-to-use environment.An out-of-bounds read vulnerability exists in Siemens PADS Standard/Plus Viewer, which could be exploited by an attacker to execute code in the context of the current...

Siemens PADS Standard/Plus Viewer堆栈损坏漏洞

PADS Standard and Standard Plus provide PCB schematic design and layout functionality in an intuitive and easy-to-use environment.A stack corruption vulnerability exists in Siemens PADS Standard/Plus Viewer, which can be exploited by an attacker to disclose information in the context of the curre...

Command Injection

codecov is vulnerable to command injection. The vulnerability exists due to the lack of sanitization in the gcov arguments in the main function of init.py, allowing an attacker to inject and execute malicious commands before being provided to the Popen functionality...

Buyout griefing can block almost all functionalities

Lines of code Vulnerability details Impact Everyone can start a Buyout for a vault by paying only 1 wei. For the next 4 days no other Buyout can start. If someone is fast enough, they can start another griefing buyout as soon as one finishes, meaning that it's possible to block the functionality ...

Plugins can be abused, custom FERC1155 Token can be abused

Lines of code Vulnerability details Impact HIGH - Assets can be stolen/compromised/lost directly. The creator of vault can add any functionality they want by plugins. Also they can bring any tokens for the vault. It can be used against users, or it will make exploits easier to execute. Proof of...

CVE-2022-34754

A CWE-269: Improper Privilege Management vulnerability exists that could allow elevated functionality when guessing credentials. Affected Products: Acti9 PowerTag Link C A9XELC10-A V1.7.5 and prior, Acti9 PowerTag Link C A9XELC10-B V2.12.0 and prior...

Privilege escalation

A CWE-269: Improper Privilege Management vulnerability exists that could allow elevated functionality when guessing credentials. Affected Products: Acti9 PowerTag Link C A9XELC10-A V1.7.5 and prior, Acti9 PowerTag Link C A9XELC10-B V2.12.0 and prior...

CVE-2022-34754

A CWE-269: Improper Privilege Management vulnerability exists that could allow elevated functionality when guessing credentials. Affected Products: Acti9 PowerTag Link C A9XELC10-A V1.7.5 and prior, Acti9 PowerTag Link C A9XELC10-B V2.12.0 and prior...

CVE-2017-20127

A vulnerability was found in KB Login Authentication Script 1.1 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack may be launched remotely. The exploit has...

[SECURITY] Fedora 36 Update: apptainer-1.0.2-2.fc36

Apptainer provides functionality to make portable containers that can be used across host environments...

CVE-2022-2262 Online Hotel Booking System Room edit_all_room.php sql injection

A vulnerability has been found in Online Hotel Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file editallroom.php of the component Room Handler. The manipulation of the argument id with the input...

CVE-2022-35412

Digital Guardian Agent 7.7.4.0042 allows an administrator who ordinarily does not have a supported way to uninstall the product to disable some of the agent functionality and then exfiltrate files to an external USB device...

Apple’s Lockdown Mode

Apple has introduced lockdown mode for high-risk users who are concerned about nation-state attacks. It trades reduced functionality for increased security in a very interesting way...

EUVD-2022-52756

Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a remote, unauthenticated attacker to bypass authentication and access admin functionality by sending a specially crafted HTTP request. This affects Roxywi version...

CVE-2022-31125

CVE-2022-31125: Roxy-WI authentication bypass vulnerability allowing remote, unauthenticated access to admin functionality via a crafted HTTP request. Affected: Roxy-WI before 6.1.1.0. Exploitation exists (exploit-db/poC references). Remediation: upgrade to version 6.1.1.0 or later; exploit examp...

[SECURITY] Fedora 36 Update: mingw-wavpack-5.4.0-5.fc36

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...

CVE-2022-28127

A data removal vulnerability exists in the webserver /action/remove/ API functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary file deletion. An attacker can send a sequence of requests to trigger this vulnerability...