CVE-2022-34639

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a treats non-standard fence instructions as illegal which can affect the function of the application...

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +2157 more potentially affected by CVE-2010-3700 via org.acegisecurity:acegi-security (>=1.0.0 <=1.0.7)

org.acegisecurity:acegi-security MAVEN version =1.0.0, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.1, =0.1.0, =1.0, =1.17.3 and more Source cves: CVE-2010-3700 Source advisory: OSV:GHSA-3295-H9QX-R82X...

UBUNTU-CVE-2022-21484

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

This is a PoC exploit for CVE-2021-26084, a pre-auth RCE injecti...

PT-2022-1515 · Microsoft · Windows Ui Immersive Server Api +1

Name of the Vulnerable Software and Affected Versions: Windows UI Immersive Server API affected versions not specified Description: The issue is related to insecure privilege management in the Windows UI Immersive Server API component of the Windows operating system. Exploitation of this issue ma...

PT-2022-1565 · Microsoft · Windows Hyper-V +1

Name of the Vulnerable Software and Affected Versions: Windows Hyper-V affected versions not specified Description: The issue is related to errors in security settings of the Windows Hyper-V hardware virtualization system, which can be exploited to bypass security restrictions. This allows an...

Input validation

Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper...

CVE-2021-35247 Improper Input Validation Vulnerability in Serv-U

Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper...

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

BELL-CVE-2021-37576 CVE-2021-37576 does not affect BellSoft software

Bulletin has no description...

CVE-2021-2458

Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: Identity Console. Supported versions that are affected are 11.1.2.2.0, 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

Command injection

A command injection vulnerability has been reported to affect certain versions of Video Station. If exploited, this vulnerability allows remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Video Station versions prior to 5.5.4 on QTS 4.5.2; versions prior to 5.5....

BELL-CVE-2021-22543 CVE-2021-22543 does not affect BellSoft software

Bulletin has no description...

aiproteomics (=0.2.1), alpharing (>=1.0.0 <=2.0.0) +26 more potentially affected by CVE-2021-29597 via tensorflow-cpu (>=1.15.0 <=2.1.0)

tensorflow-cpu PYPI version =1.15.0, =1.0.0, =0.0.1, =1.0.0.4, =0.1.0, =0.2.3, =0.0.5, =0.1.2, =1.0.0, =1.8.2, =1.6.1, =1.8.3 - netfl =1.5.0 and more Source cves: CVE-2021-29597 Source advisory: OSV:PYSEC-2021-525...

BELL-CVE-2021-2180 CVE-2021-2180 does not affect BellSoft software

Bulletin has no description...

CVE-2021-22307

There is a weak algorithm vulnerability in Mate 3010.0.0.203C00E201R7P2. The protection is insufficient for the modules that should be protected. Local attackers can exploit this vulnerability to affect the integrity of certain module...

PT-2021-8102 · Htmldoc +4 · Htmldoc +4

Name of the Vulnerable Software and Affected Versions: htmldoc versions 1.9.12 and earlier Description: The issue is related to a null pointer dereference in the file extension function, located in the file.c component of the htmldoc tool. This can lead to arbitrary code execution and denial of...

BELL-CVE-2020-27841 CVE-2020-27841 does not affect BellSoft software

Bulletin has no description...

BELL-CVE-2020-35702 CVE-2020-35702 does not affect BellSoft software

Bulletin has no description...

BELL-CVE-2020-27675 CVE-2020-27675 does not affect BellSoft software

Bulletin has no description...