1367 matches found
Mitel Networks MiCollab和Mitel Networks MiVoice Business Express 访问控制错误漏洞
Mitel Networks MiCollab and Mitel Networks MiVoice Business Express are both products of Mitel Networks, Inc. of Canada.Mitel Networks MiCollab is a voice, video, messaging, audio conferencing, and team collaboration for employees. Mitel Networks MiVoice Business Express is a real-time...
CVE-2022-24055
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-24055
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2021-46654
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
CVE-2021-46624
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
CVE-2021-46623
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
CVE-2021-46620
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
CVE-2021-46630
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
CVE-2021-46593
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
CVE-2021-46589
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
CVE-2022-0120
Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially leak cross-origin data via a malicious website...
PT-2022-4795 · Atftp +5 · Atftp +5
Name of the Vulnerable Software and Affected Versions: atftp versions prior to 0.7.5 Description: The issue is related to a buffer overflow in the options.c file of atftp, allowing a remote client to access sensitive server-side data, specifically /etc/group information. Recommendations: For...
OpenJDK: Incorrect access checks in XMLEntityManager (JAXP, 8270498)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...
Kron Single Connect 安全漏洞
Kron Single Connect is a comprehensive Privileged Access Management Pam software suite from Kron Turkey. Designed to create a flexible, centrally managed and layered defense security architecture against insider threats. A security vulnerability exists in Kron Single Connect that stems from. Sing...
PT-2022-1462 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 9.5.7 Description: The issue is related to a lack of protection against SQL query structure exploitation, allowing a remote attacker to execute arbitrary SQL queries. An entity administrator can retrieve normally...
CVE-2021-46385
https://gitee.com/mingSoft/MCMS MCMS =5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information remote. The component is: net.mingsoft.mdiy.action.FormDataActionqueryData. The attack vector is: 0 or sleep3. ¶¶ MCMS has a sql injection vulnerability through which attacker ca...
CVE-2021-46383
https://gitee.com/mingSoft/MCMS MCMS =5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information remote. The component is: net.mingsoft.mdiy.action.web.DictActionlist. The attack vector is: 0 or sleep3. ¶¶ MCMS has a sql injection vulnerability through which attacker can get...
OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...
Oracle MySQL 缓冲区错误漏洞
Oracle MySQL Server is a relational database from Oracle Corporation. A buffer error vulnerability exists in MySQL Server due to an input validation error in the Server:Optimizer component in MySQL Server. A remote attacker could exploit this vulnerability to corrupt or delete data...
Oracle Java SE和Oracle GraalVM 输入验证错误漏洞
Oracle GraalVM is a set of on-the-fly compilers written in the Java language from Oracle Corporation USA.GraalVM Enterprise Edition is the enterprise version of GraalVM.An input validation error vulnerability exists in Oracle GraalVM due to an Oracle GraalVM Enterprise Edition has incorrect input...