423 matches found
CVE-2022-45766
Hardcoded credentials in Global Facilities Management Software GFMS Version 3 software distributed by Key Systems Management permits remote attackers to impact availability, confidentiality, accessibility and dependability of electronic key boxes...
Hardcoded credentials
Hardcoded credentials in Global Facilities Management Software GFMS Version 3 software distributed by Key Systems Management permits remote attackers to impact availability, confidentiality, accessibility and dependability of electronic key boxes...
CVE-2022-45766
Hardcoded credentials in Global Facilities Management Software GFMS Version 3 software distributed by Key Systems Management permits remote attackers to impact availability, confidentiality, accessibility and dependability of electronic key boxes...
CVE-2022-45766
The CVE-2022-45766 entry concerns Key Systems Management’s GFMS software, version 3. It states that hardcoded credentials exist in GFMS v3, which could allow remote attackers to impact the availability, confidentiality, accessibility and dependability of electronic key boxes. The provided referen...
CVE-2022-45766
Hardcoded credentials in Global Facilities Management Software GFMS Version 3 software distributed by Key Systems Management permits remote attackers to impact availability, confidentiality, accessibility and dependability of electronic key boxes...
Mozilla Firefox code issue vulnerability (CNVD-2023-05207)
Mozilla Firefox is an open source Web browser from the Mozilla Foundation, U.S. A code issue vulnerability exists in Mozilla Firefox, which stems from an error in the product's handling of JavaScript dialog boxes. A remote attacker could exploit the vulnerability to perform a spoofing attack...
EU Cookie Law <= 3.1.6 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Enter the setting page of this plugin. 2. In t...
Sharing Netflix, Disney+, other passwords is illegal, according to new guidance
The Intellectual Property Office IPO, the UK government body overseeing intellectual property rights in the UK, has quietly released new guidance on piracy and online counterfeit goods. This campaign is a joint effort between IPO and Meta, Facebooks parent company. The general issue on piracy is...
[SECURITY] Fedora 36 Update: freeradius-3.0.26-1.fc36
The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2.0 server. While FreeRADIUS started as a variant of the Cistron RADIUS server, they don't share a lot in common any more. It now has many...
Fedora: Security Advisory for freeradius (FEDORA-2022-98832b2cc2)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +98 more potentially affected by unknown CVE via tensorflow-cpu (>=1.15.0 <=2.7.4)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: unknown CVE Source advisory: OSV:GHSA-XF83-Q765-XM6M...
Livemesh Addons for Elementor < 7.2.4 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Enter the setting page of this plugin. 2. In t...
Fancier Author Box by ThematoSoup <= 1.4 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Open the setting page of this plugin. 2...
reCAPTCHA <= 1.6 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. On the setting page of this plugin, enter the...
reCAPTCHA <= 1.6 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. On the setting page of this plugin, enter...
Fancier Author Box by ThematoSoup <= 1.4 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Open the setting page of this plugin. 2. There...
a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +98 more potentially affected by CVE-2022-35988 via tensorflow-cpu (>=1.15.0 <=2.7.0)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-35988 Source advisory: OSV:GHSA-9VQJ-64PV-W55C...
a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +98 more potentially affected by CVE-2022-35966 via tensorflow-cpu (>=1.15.0 <=2.7.0)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-35966 Source advisory: OSV:GHSA-4W68-4X85-MJJ9...
a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +98 more potentially affected by CVE-2022-35992 via tensorflow-cpu (>=1.15.0 <=2.7.0)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-35992 Source advisory: OSV:GHSA-9V8W-XMR4-WGXP...
CVE-2022-36001 `CHECK` fail in `DrawBoundingBoxes` in TensorFlow
TensorFlow is an open source platform for machine learning. When DrawBoundingBoxes receives an input boxes that is not of dtype float, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit da0d65cdc1270038e72157ba35bf74b85d9bda11. The fix wi...