CVE-2022-40742

Mail SQR Expert system has a Local File Inclusion vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access and modify partial system information but does not affect service...

Design/Logic Flaw

Mail SQR Expert system has a Local File Inclusion vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access and modify partial system information but does not affect service...

CVE-2022-40742 SOFTNEXT TECHNOLOGIES CORP. Mail SQR Expert - Local File Inclusion

Mail SQR Expert system has a Local File Inclusion vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access and modify partial system information but does not affect service...

EulerOS Virtualization 2.9.0 : c-ares (EulerOS-SA-2022-2375)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A possible use-after-free and double-free in c-ares lib version 1.16.0 if aresdestroy is called prior to aresgetaddrinfo completin...

CVE-2022-2795

By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service...

PT-2022-16198 · Aruba · Arubaos-Cx Switches

Name of the Vulnerable Software and Affected Versions: ArubaOS-CX Switches versions 10.09.1010 and below ArubaOS-CX Switches versions 10.08.1050 and below ArubaOS-CX Switches versions 10.06.0190 and below Description: Multiple vulnerabilities exist in the processing of packet data by the LLDP...

CVE-2022-37006

Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service availability...

CVE-2022-37006

Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service availability...

CVE-2022-37006

Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service availability...

Design/Logic Flaw

Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service availability...

CVE-2022-37006

Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service availability...

CVE-2022-37006

Technical details (affected products, versions, root cause, or explicit fixes) are not publicly available in the provided connected documents. Monitor for updates from vendors and security advisories.

mariadb: server crash at Field::set_default via specially crafted SQL statements

A flaw was found in MariaDB. The component, Field::setdefault, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...

PT-2022-23751 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A permission control vulnerability exists in the network module. Successful exploitation of this issue may affect service availability. Recommendations: At the moment, there is no...

BSA-2022-1694

Security Advisory ID : BSA-2022-1694 Component : Oracle Java SE Revision : 1.0 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u311, 8u301; Oracle GraalVM Enterprise Edition: 20.3.3 an...

The vulnerability of the lrzip.c component: the initialise_control function of the Irzip software, which allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the lrzip.c component, specifically the initialisecontrol function of the Irzip software, arises due to an overflow in the dynamic memory buffer. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the...

EulerOS Virtualization 3.0.2.0 : libwebp (EulerOS-SA-2022-1670)

According to the versions of the libwebp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The...

Adiscon Rsyslog 安全漏洞

Adiscon Rsyslog is a library for collecting syslogs from the German company Adiscon. A security vulnerability exists in Adiscon Rsyslog version 8.2204.0 and earlier versions, which stems from a heap buffer overflow in the module used to receive TCP syslogs when using octet-counted frames, which c...

The vulnerability of the njs_function_frame_alloc() function in the njs interpreter of the nginx server allows attackers to compromise the confidentiality, integrity, and accessibility of information.

The vulnerability of the njsfunctionframealloc function in the njs interpreter of the nginx server is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of information...

The vulnerability of the Nginx Proxy Manager, a proxy server for managing hosts, arises from its lack of security measures to protect the structure of web pages. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Nginx web server proxy management server exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...