CVE-2022-1451

Out-of-bounds Read in rbinjavaconstantvalueattrnew function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a...

CVE-2022-1452 Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function in radareorg/radare2

Out-of-bounds Read in rbinjavabootstrapmethodsattrnew function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a...

CVE-2022-1452

Out-of-bounds Read in rbinjavabootstrapmethodsattrnew function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a...

Cross site scripting

Stored Cross Site Scripting vulnerability in the checkedoutto parameter in GitHub repository snipe/snipe-it prior to 5.4.3. The vulnerability is capable of stolen the user Cookie...

CVE-2022-1445 Stored Cross Site Scripting vulnerability in the checked_out_to parameter in snipe/snipe-it

Stored Cross Site Scripting vulnerability in the checkedoutto parameter in GitHub repository snipe/snipe-it prior to 5.4.3. The vulnerability is capable of stolen the user Cookie...

CVE-2022-1444

heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. This vulnerability is capable of inducing denial of service...

CVE-2022-1444

heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. This vulnerability is capable of inducing denial of service...

CVE-2022-1444

heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. This vulnerability is capable of inducing denial of service...

CVE-2022-1427

Out-of-bounds Read in mrbobjiskindof in in GitHub repository mruby/mruby prior to 3.2. Impact: Possible arbitrary code execution if being exploited...

SQL Injection found in Pimcore

Pimcore is an open source data & experience management platform. A SQL injection was discovered in GridHelperService.php in GitHub repository pimcore/pimcore prior to 10.3.6...

Command injection in git-interface

A command injection vulnerability exists in git-interface in the GitHub repository yarkeev/git-interface prior to 2.1.2. If both the git remote and destination directory are provided by user input, then the use of an --upload-pack command-line argument feature of git is also supported for git...

GHSA-QFFW-8WG7-H665 Command injection in git-interface

A command injection vulnerability exists in git-interface in the GitHub repository yarkeev/git-interface prior to 2.1.2. If both the git remote and destination directory are provided by user input, then the use of an --upload-pack command-line argument feature of git is also supported for git...

Out-of-bounds Read in mrb_obj_is_kind_of in in mruby/mruby

Out-of-bounds Read in mrbobjiskindof in in GitHub repository mruby/mruby prior to 3.2. Impact: Possible arbitrary code execution if being exploited...

Fedora 35 : vim (2022-e304fffd34)

The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-e304fffd34 advisory. The newest upstream commit Security fixes for CVE-2022-1381, CVE-2022-1420 Tenable has extracted the preceding description block directly from the...

CVE-2022-1427

CVE-2022-1427 affects mruby/mruby prior to 3.2. The vulnerability is an out-of-bounds read in the function mrb_obj_is_kind_of, with impact described as possible arbitrary code execution if exploited. Several connected sources corroborate the affected product/version and the severity/impact. The d...

CVE-2022-1427 Out-of-bounds Read in mrb_obj_is_kind_of in in mruby/mruby

Out-of-bounds Read in mrbobjiskindof in in GitHub repository mruby/mruby prior to 3.2. Impact: Possible arbitrary code execution if being exploited...

CVE-2022-1427

Out-of-bounds Read in mrbobjiskindof in in GitHub repository mruby/mruby prior to 3.2. Impact: Possible arbitrary code execution if being exploited...

CVE-2022-1427

Out-of-bounds Read in mrbobjiskindof in in GitHub repository mruby/mruby prior to 3.2. Impact: Possible arbitrary code execution if being exploited...

Command injection

Command Injection vulnerability in email protected in GitHub repository yarkeev/git-interface prior to 2.1.2. If both are provided by user input, then the use of a --upload-pack command-line argument feature of git is also supported for git clone, which would then allow for any operating system...

CVE-2022-1439

Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber prior to 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that runs without user interaction...