11 matches found
ECMAScript 安全漏洞
ECMAScript is a language library open-sourced by Ecma TC39. A security vulnerability exists in versions prior to ECMAScript 2022 through 2025 that stems from the presence of a JavaScript specification issue that leads to type confusion and pointer dereferencing in implementations...
PT-2024-4014 · Ivanti · Ivanti Endpoint Manager
Name of the Vulnerable Software and Affected Versions: Ivanti Endpoint Manager versions prior to 2022 SU5 Description: The issue is related to a SQL Injection vulnerability in the GetDBPatches method of Ivanti Endpoint Manager, which fails to properly protect the SQL query structure. This allows ...
Intel oneMKL Security Vulnerability
Intel oneMKL is Intel's Mathematical Kernel Library for developers to implement high-performance mathematical and statistical computations in a variety of computing tasks. A security vulnerability exists in IntelR oneMKL versions prior to 2022.0. An attacker can exploit the vulnerability to eleva...
Mobatime 安全漏洞
Mobatime is a time and frequency synchronization solution from Mobatime, Inc. A security vulnerability exists in versions prior to Mobatime 06.7.2022, which stems from misauthorization in a web application...
Intel Hyperscan 缓冲区错误漏洞
Intel Hyperscan is a high-performance multi-regular expression matching library from Intel Corporation USA. A security vulnerability exists in versions of Intel Hyperscan prior to 2022/4/29, which stems from improperly limiting buffers. An attacker could exploit the vulnerability to escalate...
CVE-2022-38339
Safe Software FME Server v2021.2.5, v2022.0.0.2 and below contains a cross-site scripting XSS vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the login page...
PT-2022-4116 · Cryptopro +3 · Cryptopro Secure Disk +3
Name of the Vulnerable Software and Affected Versions: CryptoPro Secure Disk versions before 2022-06-01 Description: A flaw was found in the bootloaders, allowing an attacker to bypass or tamper with Secure Boot protections. To load and execute arbitrary code in the pre-boot stage, an attacker...
PT-2022-4307 · Microsoft +3 · Windows +3
Name of the Vulnerable Software and Affected Versions: Eurosoft bootloaders versions prior to 2022-06-01 Description: A flaw was found in Eurosoft bootloaders that allows an attacker to bypass or tamper with Secure Boot protections. To load and execute arbitrary code in the pre-boot stage, an...
OnyxForum 路径遍历漏洞
OnyxForum is an open source forum repository for Space Station 13: Chaotic Onyx. A path traversal vulnerability exists in versions of OnyxForum prior to 2022-05-04, which stems from insecure use of the Flask sendfile function...
CVE-2021-42552
Cross-site Scripting XSS vulnerability in ArchivistaBox webclient allows an attacker to craft a malicious link, executing JavaScript in the context of a victim's browser. This issue affects all ArchivistaBox versions prior to 2022/I...
CVE-2021-42552
Cross-site Scripting XSS vulnerability in ArchivistaBox webclient allows an attacker to craft a malicious link, executing JavaScript in the context of a victim's browser. This issue affects all ArchivistaBox versions prior to 2022/I...