6262 matches found
The vulnerability of the system administration program Sudo in the Zimbra Collaboration Suite email management system allows a hacker to increase their privileges.
The vulnerability of the system administration program Sudo in the Zimbra Collaboration Suite email management system is related to deficiencies in access control when processing the binary file NGINX. Exploiting this vulnerability can allow attackers to enhance their privileges by loading...
Joomla JKassa ShoppingCart 2.0.0 SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Joomla MarvikShop ShoppingCart 3.4 SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Oracle Linux 7 : kubernetes (ELSA-2022-9855)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9855 advisory. - Resolve Kubernetes CVE-2022-3172 for version 1.21 - Resolve Kubernetes CVE-2022-3172 for version 1.22 - Resolve Kubernetes CVE-2022-3172 for version 1.23 -...
Joomla AdsManager 3.2.0 SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Joomla AdsManager 3.2.0 SQL Injection Vulnerability
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website : extensions.joomla.org │ │ Vendor : JULOA │ │ Software : AdsManager...
CVE-2022-41347
An issue was discovered in Zimbra Collaboration ZCS 8.8.x and 9.x e.g., 8.8.15. The Sudo configuration permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. As part of its intended functionality, NGINX can load a user-defined configuration file, which includes...
CVE-2022-41347
An issue was discovered in Zimbra Collaboration ZCS 8.8.x and 9.x e.g., 8.8.15. The Sudo configuration permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. As part of its intended functionality, NGINX can load a user-defined configuration file, which includes...
Default configuration
An issue was discovered in Zimbra Collaboration ZCS 8.8.x and 9.x e.g., 8.8.15. The Sudo configuration permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. As part of its intended functionality, NGINX can load a user-defined configuration file, which includes...
CVE-2022-41347
An issue was discovered in Zimbra Collaboration ZCS 8.8.x and 9.x e.g., 8.8.15. The Sudo configuration permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. As part of its intended functionality, NGINX can load a user-defined configuration file, which includes...
CVE-2022-41347
CVE-2022-41347 affects Zimbra Collaboration Suite (ZCS) 8.8.x and 9.x (e.g., 8.8.15). The issue arises from a sudo configuration that allows the zimbra user to execute the NGINX binary as root with arbitrary parameters. Since NGINX can load a user-defined configuration file that loads plugins as ...
CVE-2022-41347
An issue was discovered in Zimbra Collaboration ZCS 8.8.x and 9.x e.g., 8.8.15. The Sudo configuration permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. As part of its intended functionality, NGINX can load a user-defined configuration file, which includes...
Zimbra Collaboration Suite 安全漏洞
Zimbra Collaboration Suite ZCS is an open source collaboration suite from Synacor, USA. The product includes WebMail, Calendar, Address Book and more. A security vulnerability exists in Zimbra Collaboration Suite ZCS version 8.8.x, version 9.x. The vulnerability can be exploited by an attacker to...
Memberpress Downloads < 1.2.6 - Subscriber+ Arbitrary File Upload
The plugin does not properly check user capabilities in its file uploading AJAX endpoint, relying on WordPress nonces to do so. Unfortunately, the nonce can be leaked by any logged-in users, like subscribers. Since the Uploader library they use does not check file extensions at all, this may lead...
CVE-2022-38890
Nginx NJS v0.7.7 was discovered to contain a segmentation violation via njsutf8next at src/njsutf8.h...
CVE-2022-38890
Nginx NJS v0.7.7 was discovered to contain a segmentation violation via njsutf8next at src/njsutf8.h...
CVE-2022-38890
Nginx NJS v0.7.7 was discovered to contain a segmentation violation via njsutf8next at src/njsutf8.h...
Code injection
Nginx NJS v0.7.7 was discovered to contain a segmentation violation via njsutf8next at src/njsutf8.h...
CVE-2022-38890
Nginx NJS v0.7.7 was discovered to contain a segmentation violation via njsutf8next at src/njsutf8.h...
CVE-2022-38890
CVE-2022-38890 affects Nginx NJS 0.7.7. A segmentation violation is triggered by the njs_utf8_next function in src/njs_utf8.h. Public sources consistently describe the vulnerability as a segmentation fault in NJS, with NVD citing a CVSS v3.1 base score of 5.5 (Medium) and local attack vector, req...