ALPINE-CVE-2022-42719

A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers able to inject WLAN frames to crash the kernel and potentially execute code...

CVE-2022-34390

Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM...

Support Statement - Exchange Online Basic Authentication Deprecation

Purpose This article provides information on actions that must be taken to ensure Veeam Backup for Microsoft 365 will continue to function after the Basic Authentication Deprecation in Exchange Online. Associated Error Messages The following errors may be shown in Veeam Backup for Microsoft 365...

Bifrost Licensing Issue Vulnerability

Bifrost is a middleware package that synchronizes MySQL MariaDB binary log data to other types of databases.Bifrost 1.8.6-release and earlier versions are vulnerable to authorization issues, which stem from its vulnerability to authentication bypass when using HTTP basic authentication, which can...

GHSA-P6FH-XC6R-G5HW Brokercap Bifrost subject to authentication bypass when using HTTP basic authentication

Bifrost is a middleware package which can synchronize MySQL/MariaDB binlog data to other types of databases. Versions 1.8.6-release and prior are vulnerable to authentication bypass when using HTTP basic authentication. This may allow group members who only have read permissions to write requests...

Brokercap Bifrost subject to authentication bypass when using HTTP basic authentication

Bifrost is a middleware package which can synchronize MySQL/MariaDB binlog data to other types of databases. Versions 1.8.6-release and prior are vulnerable to authentication bypass when using HTTP basic authentication. This may allow group members who only have read permissions to write requests...

Authentication Bypass

github.com/brokercap/bifrost is vulnerable to authentication bypass. The vulnerability exists in common.go because the write permission limit for monitor group is not properly defined which allows an attacker to bypass permission using HTTP basic authentication...

CVE-2022-39219

Bifrost is a middleware package which can synchronize MySQL/MariaDB binlog data to other types of databases. Versions 1.8.6-release and prior are vulnerable to authentication bypass when using HTTP basic authentication. This may allow group members who only have read permissions to write requests...

Authentication flaw

Bifrost is a middleware package which can synchronize MySQL/MariaDB binlog data to other types of databases. Versions 1.8.6-release and prior are vulnerable to authentication bypass when using HTTP basic authentication. This may allow group members who only have read permissions to write requests...

CVE-2022-39219 Bifrost users using basic authntication can bypass write permission limit

Bifrost is a middleware package which can synchronize MySQL/MariaDB binlog data to other types of databases. Versions 1.8.6-release and prior are vulnerable to authentication bypass when using HTTP basic authentication. This may allow group members who only have read permissions to write requests...

CVE-2022-39219

Summary: CVE-2022-39219 affects the Bifrost middleware (used to synchronize MySQL/MariaDB binlogs to other databases). Versions 1.8.6-release and earlier are vulnerable to an authentication bypass when HTTP basic authentication is used, potentially allowing a user with read permissions to perform...

Bifrost 授权问题漏洞

Bifrost is a middleware package that synchronizes MySQL MariaDB binary log data to other types of databases.Bifrost 1.8.6-release and earlier versions are vulnerable to authorization issues, which stem from its vulnerability to authentication bypass when using HTTP basic authentication, which can...

PT-2022-24818 · Oracle +1 · Mysql Server +1

Name of the Vulnerable Software and Affected Versions: Bifrost versions 1.8.6-release and prior Description: Bifrost is a middleware package that synchronizes MySQL/MariaDB binlog data to other types of databases. The issue allows group members with only read permissions to write requests when th...

CVE-2022-40076

Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: fromSetWifiGusetBasic...

CVE-2022-35294

An attacker with basic business user privileges could craft and upload a malicious file to SAP NetWeaver Application Server ABAP, which is then downloaded and viewed by other users resulting in a stored Cross-Site-Scripting attack. This could lead to information disclosure including stealing...

CVE-2022-35294

An attacker with basic business user privileges could craft and upload a malicious file to SAP NetWeaver Application Server ABAP, which is then downloaded and viewed by other users resulting in a stored Cross-Site-Scripting attack. This could lead to information disclosure including stealing...

CVE-2022-37185

SQL injection vulnerability exists in the school information query interface repschoolproj.php of the EMS 6.2 system of the Office of the Thai Basic Education Commission, which can lead to data leakage...

CVE-2022-37185

SQL injection vulnerability exists in the school information query interface repschoolproj.php of the EMS 6.2 system of the Office of the Thai Basic Education Commission, which can lead to data leakage...

Sql injection

SQL injection vulnerability exists in the school information query interface repschoolproj.php of the EMS 6.2 system of the Office of the Thai Basic Education Commission, which can lead to data leakage...

CVE-2022-37185

CVE-2022-37185 refers to a SQL injection vulnerability in the EMS 6.2 system used by the Office of the Thai Basic Education Commission, specifically in the school information query interface (repschoolproj.php). The issue can be triggered remotely over the network (no authentication, no user inte...