923 matches found
PT-2022-22285 · Nvidia · Nvidia Control Panel
Name of the Vulnerable Software and Affected Versions: NVIDIA Control Panel for Windows affected versions not specified Description: The issue allows an unauthorized user or an unprivileged regular user to compromise the security of the software by gaining privileges, reading sensitive informatio...
CVE-2022-3917
Improper access control of bootloader function was discovered in Motorola Mobility Motorola e20 prior to version RONS31.267-38-8 allows attacker with local access to read partition or RAM data...
CVE-2022-45936
A vulnerability has been identified in Mendix Email Connector All versions V2.0.0. Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read and manipulate sensitive information...
CVE-2022-41271
An unauthenticated user can attach to an open interface exposed through JNDI by the Messaging System of SAP NetWeaver Process Integration PI - version 7.50. This user can make use of an open naming and directory API to access services that could perform unauthorized operations. The vulnerability...
Mendix Workflow Commons 访问控制错误漏洞
Siemens Mendix Workflow Commons Module provides out-of-the-box content to help you get started building workflows in Mendix.A security vulnerability exists in Siemens Mendix Workflow Commons Module due to a failure of the affected module version to properly handle access control for certain modul...
Siemens Mendix Email Connector 安全漏洞
Siemens Mendix Email Connector Module allows email to be sent and received on its own email server and adds new features such as sending signed and encrypted emails.A security vulnerability exists in Siemens Mendix Email Connector Module due to a version of the affected module that fails to...
CVE-2022-37918
Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These vulnerabilities could allow a remote attacker with limited privileges to gain access to sensitive information and/or change network...
MediaWiki 安全漏洞
MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. MediaWiki suffers from a security vulnerability that stems from the fact that an attacker can...
Vulnerability fixed in FortiMail
FortiNet has fixed a vulnerability in FortiMail. A malicious person with admin rights in a private, possibly self-hosted configured domain is able to read and modify system information modify for a domain for which it is not authorized. FortiNet has released updates to fix the vulnerability in...
mysql: InnoDB unspecified vulnerability (CPU Jul 2022)
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of th...
mysql: Server: Security: Privileges unspecified vulnerability (CPU Oct 2021)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
UBUNTU-CVE-2022-21589
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 5.7.39 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromi...
CVE-2022-39404
Vulnerability in the MySQL Installer product of Oracle MySQL component: Installer: General. Supported versions that are affected are 1.6.3 and prior. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Installer executes to compromise MyS...
CVE-2022-21597
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaScript. Supported versions that are affected are Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
Oracle MySQL 安全漏洞
Oracle MySQL is an open source relational database management system from Oracle Corporation.MySQL Server is one of the database server components. A security vulnerability exists in Oracle MySQL's MySQL Server. A low-privileged attacker with network access over multiple protocols could compromis...
CVE-2022-41580
The HWKEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access...
Grafana 信息泄露漏洞
Grafana is Grafana Labs open source set of open source monitoring tools that provide a visual monitoring interface . The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. Grafana has an information disclosure vulnerability. An attacker exploiting this...
The vulnerability of the `cv::BmpDecoder::readData` function in the `modules/imgcodecs/src/grfmt_bmp.cpp` file of the Computer Vision Library (OpenCV), a freely available computer vision and image processing library for general-purpose numerical algorithms, allows a perpetrator to access confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the cv::BmpDecoder::readData function in the modules/imgcodecs/src/grfmtbmp.cpp file of the Computer Vision Library OpenSource Computer Vision Library – OpenCV involves copying buffers without checking the input data. Exploiting this vulnerability allows an attacker to gain...
mysql: InnoDB unspecified vulnerability (CPU Jul 2022)
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of th...
mysql: Server: Security: Roles unspecified vulnerability (CPU Oct 2021)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Roles. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...