CVE-2022-34874

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2022-2444

The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to deserialization of untrusted input via the 'remotedata' parameter in versions up to, and including 3.7.9. This makes it possible for authenticated attackers with contributor privileges and above to call...

CVE-2022-2444

The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to deserialization of untrusted input via the 'remotedata' parameter in versions up to, and including 3.7.9. This makes it possible for authenticated attackers with contributor privileges and above to call...

Deserialization of untrusted data

The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to deserialization of untrusted input via the 'remotedata' parameter in versions up to, and including 3.7.9. This makes it possible for authenticated attackers with contributor privileges and above to call...

WordPress plugin Visualizer 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2022-16697 · WordPress · The Visualizer: Tables/Charts Manager For Wordpress

Name of the Vulnerable Software and Affected Versions: The Visualizer: Tables and Charts Manager for WordPress versions up to, and including 3.7.9 Description: The issue concerns deserialization of untrusted input via the remote data parameter. This allows authenticated attackers with contributor...

The vulnerability of the IBM QRadar Network Security intrusion prevention system, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.

The vulnerability of the IBM QRadar Network Security intrusion prevention system is related to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

CVE-2022-33138

A vulnerability has been identified in SIMATIC MV540 H All versions V3.3, SIMATIC MV540 S All versions V3.3, SIMATIC MV550 H All versions V3.3, SIMATIC MV550 S All versions V3.3, SIMATIC MV560 U All versions V3.3, SIMATIC MV560 X All versions V3.3. Affected devices do not perform authentication f...

Visualizer: Tables and Charts Manager for WordPress < 3.7.10 - Contributor+ PHAR Deserialization

The plugin does not validate the ‘remotedata’ parameter allowing contributor and above roles to call files using a PHAR wrapper that will deserialize the data and call arbitrary PHP objects when a POP chain is present...

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Universal Banking system allows a perpetrator to gain access to data reading or cause a partial service disruption.

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Universal Banking system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain read access to data or cause partial service interruption...

The vulnerability of the My Links component of the PeopleSoft Enterprise Interaction Hub software, which allows a hacker to gain access to read data or modify data.

The vulnerability of the My Links component of the PeopleSoft Enterprise Interaction Hub content management software exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain read access to data or modify data using HTTP...

The vulnerability of the Wireless component of the Oracle Field Service software solution from the Oracle E-Business Suite allows a perpetrator to gain access to and modify data.

The vulnerability of the Wireless component of the Oracle Field Service software in the Oracle E-Business Suite exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to read, modify, add, or delete data...

PT-2022-3176 · Emerson · Emerson Deltav Distributed Control System

Name of the Vulnerable Software and Affected Versions: Emerson DeltaV Distributed Control System DCS versions prior to 14.3 Description: The issue is related to insufficient verification of firmware integrity, specifically an inadequate checksum approach and lack of signature. This could...

CVE-2022-33751

CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could allow a remote attacker to potentially access sensitive data...

CVE-2022-33756

CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data...

CVE-2022-33756

CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data...

CVE-2022-33751

CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could allow a remote attacker to potentially access sensitive data...

Broadcom CA Automic Automation 安全漏洞

Broadcom CA Automic Automation is an automation product from Broadcom, Inc. It provides a service orchestration and automation platform to automate complex applications, platforms, and technology environments. A security vulnerability exists in Broadcom CA Automic Automation versions 12.2 and 12....

Broadcom CA Automic Automation 安全特征问题漏洞

Broadcom CA Automic Automation is an automation product from Broadcom, Inc. It provides a service orchestration and automation platform to automate complex applications, platforms, and technology environments. A security vulnerability exists in Broadcom CA Automic Automation versions 12.2 and 12....

The vulnerability of the E-signatures sub-component of the Oracle E-Records component of the Oracle E-Business Suite system, which allows a violator to gain access to and modify data.

The vulnerability of the E-signatures sub-component of the Oracle E-Records component in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read, modify, add, or delete data...