5 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-41853
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote code execution...
PT-2024-29572 · Tracks · Tracks
Name of the Vulnerable Software and Affected Versions: Tracks versions prior to 2.7.1 Description: The issue allows for reflected cross-site scripting, which enables the execution of malicious JavaScript in the context of a user's browser if that user clicks on a malicious link. This can lead to...
CVE-2022-41853 Remote code execution in HyperSQL DataBase
Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can...
PT-2022-1721 · Mozilla · Vpn
Name of the Vulnerable Software and Affected Versions: Mozilla VPN versions prior to 2.7.1 Description: The issue is related to Mozilla VPN's ability to load an OpenSSL configuration file from an unsecured directory. This could allow a user or attacker with limited privileges to launch arbitrary...
PT-2017-14610
Name of the Vulnerable Software and Affected Versions PJSIP versions prior to 2.7.1 Description An issue was discovered in the ioqueue component of Teluu pjproject pjlib and pjlib-util in PJSIP. The ioqueue component may issue a double key unregistration after an attacker initiates a socket...