6611 matches found
CVE-2022-42462
CVE-2022-42462 corresponds to an Authenticated Stored Cross-Site Scripting (XSS) vulnerability in WordPress IP Blacklist Cloud plugin versions <= 5.00. Technical details across connected sources indicate the root cause is improper handling/sanitization of input by the plugin, enabling a privil...
CVE-2023-0122
A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmetsetupauth, allows an attacker to perform a Pre-Auth Denial of Service DoS attack on a remote machine. Affected versions v6.0-rc1 to v6.0-rc3, fixed in v6.0-rc4...
PT-2023-33462 · Linux · Ksmbd
Name of the Vulnerable Software and Affected Versions: ksmbd versions prior to v6.0.19 Description: The issue is related to the ksmbd decode ntlmssp auth blob function, where the nt len is not properly checked to be at least CIFS ENCPWD SIZE. This could potentially lead to security vulnerabilitie...
CVE-2023-0122
A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmetsetupauth, allows an attacker to perform a Pre-Auth Denial of Service DoS attack on a remote machine. Affected versions v6.0-rc1 to v6.0-rc3, fixed in v6.0-rc4...
Infokart 1.1 SQL Injection
==================================================================================================================================== | Title : Infokart v1.1 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | | Vendo...
Yuvan Education CRM 3.0 SQL Injection
==================================================================================================================================== | Title : Yuvan Education CRM v 3.0 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...
Global Infotech CMS 1.0 SQL Injection
==================================================================================================================================== | Title : Global Infotech cms v 1.0 Sql injectioin Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...
Infobool 3.0 SQL Injection
==================================================================================================================================== | Title : Infobool v 3.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | | Vend...
The vulnerability of the NVME driver (drivers/nvme/target/auth.c) in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the NVME driver drivers/nvme/target/auth.c in the Linux operating system is related to the assignment of a zero pointer. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
The vulnerability of the `ksmbddecode_ntlmsspauth_blob` function in the ksmbd module of the Linux operating system allows a hacker to induce a service failure.
The vulnerability of the ksmbddecodentlmsspauthblob function in the ksmbd module of the Linux operating system is related to a buffer overflow attack. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...
CVE-2022-42280
The CVE-2022-42280 issue affects NVIDIA DGX BMC SPX REST authorization. An unauthorized attacker could exploit a path traversal to escalate privileges on vulnerable BMC firmware. The NVIDIA advisory lists affected products (DGX Station A100/A800), and specifies a firmware update path with BMC Fir...
CVE-2022-39183
Moodle Plugin - SAML Auth may allow Open Redirect through unspecified vectors...
CVE-2022-39183
Moodle Plugin - SAML Auth may allow Open Redirect through unspecified vectors...
Open redirect
Moodle Plugin - SAML Auth may allow Open Redirect through unspecified vectors...
CVE-2022-39183 Moodle Plugin - SAML Auth Open Redirect
Moodle Plugin - SAML Auth may allow Open Redirect through unspecified vectors...
CVE-2022-39183
The CVE-2022-39183 entry concerns the Moodle Plugin - SAML Auth, with an Open Redirect flaw exploitable via unspecified vectors. Public documents consistently describe this as an Open Redirect issue affecting the Moodle SAML Auth plugin, but do not provide concrete product version ranges or vendo...
CVE-2022-39183 Moodle Plugin - SAML Auth Open Redirect
Moodle Plugin - SAML Auth may allow Open Redirect through unspecified vectors...
PT-2023-13706 · Moodle · Moodle Plugin - Saml Auth
Name of the Vulnerable Software and Affected Versions: Moodle Plugin - SAML Auth affected versions not specified Description: The issue may allow Open Redirect through unspecified vectors. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...
@cloud-carbon-footprint/client (>=0.0.0 <=0.2.0), @financial-times/ed-tech-auth (>=1.1.0 <=1.7.0) +5 more potentially affected by CVE-2022-3145 via @okta/oidc-middleware (>=0.0.2 <=4.5.1)
@okta/oidc-middleware NPM version =0.0.2, =0.0.0, =1.1.0, =0.0.1, =1.78.0, =0.1.0, =0.3.1 Source cves: CVE-2022-3145 Source advisory: OSV:GHSA-58H4-9M7M-J9M4...
CVE-2023-0122
A NULL pointer dereference vulnerability was found in nvmetsetupauth in the Linux kernel's NVMe functionality. This issue allows an attacker to perform a Pre-Auth Denial of Service DoS attack on a remote machine...