CVE-2022-28719

Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote unauthenticated attacker with some knowledge on the system configuration to upload a crafted configuration file to the managing server, which may result in the managed clients to execute arbitrary code...

HID Global OMNIKEY 跨站请求伪造漏洞

HID Global OMNIKEY is a hardware device from HID Global, Inc. It is used to read cards. A security vulnerability exists in the HID OMNIKEY 5427 and OMNIKEY 5127 readers, which can be exploited by a remote attacker to upload a configuration file by convincing an authenticated user to visit a...