CVE-2022-45134

Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 deserializes user input unsafely during skin import. A particularly structured XML file could cause code execution when being processed...

CVE-2024-45755

An issue was discovered in Centreon centreon-dsm-server 24.10.x before 24.10.0, 24.04.x before 24.04.3, 23.10.x before 23.10.1, 23.04.x before 23.04.3, and 22.10.x before 22.10.2. SQL injection can occur in the form to configure Centreon DSM slots. Exploitation is only accessible to authenticated...

CVE-2024-33854

Centreon Web contains a SQL Injection in the Graph Template component. Affected versions are 22.10.0–22.10.22, 23.04.0–23.04.18, 23.10.0–23.10.12, and 24.04.0–24.04.2; fixed in 22.10.23, 23.04.19, 23.10.13, and 24.04.3 respectively. Root cause is lack of protection of the SQL query structure. Rem...

PT-2023-14929 · Fp.Io · Fp.Io Vpp

Name of the Vulnerable Software and Affected Versions: FP.io VPP Vector Packet Processor versions 19.04 through 22.10 Description: The issue is related to the generation of a predictable IV with CBC mode. This affects a wide range of versions of the FP.io VPP Vector Packet Processor...

PT-2022-5945 · Avast +1 · Avast Antivirus +1

Name of the Vulnerable Software and Affected Versions: Avast Antivirus versions prior to 22.10 AVG Anti-Virus versions prior to 22.10 Description: The issue is related to insecure privilege management within the malware removal functionality of Avast and AVG Antivirus. An attacker with write acce...

CVE-2022-31687

VMware Workspace ONE Assist prior to 22.10 contains a Broken Access Control vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application...

CVE-2022-31686

VMware Workspace ONE Assist prior to 22.10 contains a Broken Authentication Method vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application...

VMware Warns of 3 New Critical Flaws Affecting Workspace ONE Assist Software

VMware has patched five security flaws affecting its Workspace ONE Assist solution, some of which could be exploited to bypass authentication and obtain elevated permissions. Topping the list are three critical vulnerabilities tracked as CVE-2022-31685, CVE-2022-31686, and CVE-2022-31687. All the...

VMware Workspace ONE Assist 授权问题漏洞

VMware Workspace ONE Assist is a real-time remote support solution from VMware, Inc. It allows VMware Workspace ONE UEM administrators to remotely access and troubleshoot devices in real-time while respecting end-user privacy. A security vulnerability exists in VMware Workspace ONE Assist prior t...

CVE-2022-42707

In Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0, embedded images are accessible without a sufficient permission check under certain conditions...

Mahara 安全漏洞

Mahara is a free open source web-based ePortfolio management system from Mahara. A security vulnerability exists in Mahara version 21.04 up to and including 21.04.7, 21.10 up to and including 21.10.5, 22.04 up to and including 22.04.3, and 22.10.0, which stems from a lack of privilege checking...

PT-2022-6323 · Canonical · Ubuntu

Name of the Vulnerable Software and Affected Versions: Mahara versions 21.04 through 21.04.6 Mahara versions 21.10 through 21.10.4 Mahara versions 22.04 through 22.04.2 Mahara version 22.10.0 Description: The vulnerability exists due to the lack of protection of the web page structure in the PDF...