5655 matches found
PT-2022-26529 · Unknown · House Rental System
Name of the Vulnerable Software and Affected Versions: House Rental System affected versions not specified Description: A critical issue was found in the House Rental System, affecting an unknown function of the file /view-property.php. The manipulation of the property id argument leads to sql...
Over a Dozen New BMC Firmware Flaws Expose OT and IoT Devices to Remote Attacks
Over a dozen security flaws have been discovered in baseboard management controller BMC firmware from Lanner that could expose operational technology OT and internet of things IoT networks to remote attacks. BMC refers to a specialized service processor, a system-on-chip SoC, that's found in serv...
PT-2022-25528 · Unknown · Yellow Tree Geolocation Ip Detection Plugin
Name of the Vulnerable Software and Affected Versions: Yellow Tree Geolocation IP Detection Plugin affected versions not specified Description: A vulnerability was found in the Yellow Tree Geolocation IP Detection Plugin, classified as problematic. It affects an unknown function of the component...
PT-2022-25502 · Unknown · Show Ip Address Plugin
Name of the Vulnerable Software and Affected Versions: Show IP Address Plugin affected versions not specified Description: A vulnerability was found in the Show IP Address Plugin, affecting the HTTP Header Handler component. The manipulation of the X-Forwarded-For argument leads to improper outpu...
CVE-2022-34318 IBM CICS TX clickjacking
IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM...
CVE-2022-3959
A vulnerability, which was classified as problematic, has been found in drogon up to 1.8.1. Affected by this issue is some unknown functionality of the component Session Hash Handler. The manipulation leads to small space of random values. The attack may be launched remotely. Upgrading to version...
Design/Logic Flaw
A vulnerability, which was classified as problematic, has been found in drogon up to 1.8.1. Affected by this issue is some unknown functionality of the component Session Hash Handler. The manipulation leads to small space of random values. The attack may be launched remotely. Upgrading to version...
Path traversal
A Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows remote attackers to read files...
CVE-2022-3878 Maxon ERP browse_data sql injection
A vulnerability classified as critical has been found in Maxon ERP. This affects an unknown part of the file /index.php/purchaseorder/browsedata. The manipulation of the argument tbsearch leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
PT-2022-24526 · Sourcecodester · Sourcecodester Sanitization Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Sanitization Management System affected versions not specified Description: A critical vulnerability has been found in the SourceCodester Sanitization Management System. The issue is related to an unknown function of the file...
CVE-2022-3732 seccome Ehoney set sql injection
A vulnerability was found in seccome Ehoney and classified as critical. Affected by this issue is some unknown functionality of the file /api/v1/bait/set. The manipulation of the argument Payload leads to sql injection. The attack may be launched remotely. VDB-212414 is the identifier assigned to...
CVE-2022-3524
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6renewoptions of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this...
CVE-2022-3523
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is an unknown function of the file mm/memory.c of the component Driver Handler. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to...
PT-2022-22299 · Sourcecodester · Sourcecodester Human Resource Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Human Resource Management System affected versions not specified Description: A critical issue was found in the SourceCodester Human Resource Management System, affecting an unknown function of the file getstatecity.php. The...
Security Bulletin: IBM QRadar SIEM and QRadar Risk Manager can be affected by three vulnerabilities in the IBM Java Runtime Environment (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)
Abstract CVE-2013-0440 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect availability via vectors related to JSSE. CVE- 2013-0443 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect confidentiality and integrity...
Security Bulletin: Potential security vulnerabilities in WebSphere Partner Gateway Advanced/Enterprise for the Oracle CPU April 2013.
Abstract The IBM WebSphere Partner Gateway is shipped with an IBM Java SDK that is based on the Oracle SDK. The April 2013 Oracle Critical Patch Updates CPU contained various security vulnerability fixes for the Oracle JDKs. The IBM Java SDK that WebSphere Partner Gateway ships is similarly...
Security Bulletin: Multiple JRE vulnerabilities addressed in IBM Sterling Secure Proxy (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)
Abstract The IBM JRE embedded in the IBM Sterling Secure Proxy Configuration Manager has security vulnerabilities that affect SSL connections to the configuration GUI. Content VULNERABILITY DETAILS CVE ID : CVE-2013-0440 DESCRIPTION: A vulnerability in Java Runtime Environment allows remote...
The vulnerability of the Mozilla Firefox browser, related to errors in information representation by the user interface, allows attackers to perform spear-phishing attacks.
The vulnerability of the Mozilla Firefox browser is related to errors in information representation by the user interface. Exploiting this vulnerability can allow a malicious actor to perform spear-phishing attacks remotely...
USN-5611-1: WebKitGTK vulnerability
Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...
CVE-2022-39824
Server-side JavaScript injection in Appsmith through 1.7.14 allows remote attackers to execute arbitrary JavaScript code from the server via the currentItem property of the list widget, e.g., to perform DoS attacks or achieve an information leak...