CVE-2022-46101

AyaCMS v3.1.2 has a code flaw in ust_sql.inc.php that enables command execution via injected code. The vulnerability is described across multiple sources (e.g., Red Hat, CVE records, and PT-Security) with a CVSS v3.1 base score of 8.8 (HIGH) and an attack vector of NETWORK, requiring LOW privileg...

CVE-2022-46101

AyaCMS v3.1.2 was found to have a code flaw in the ustsql.inc.php file, which allows attackers to cause command execution by inserting malicious code...

The seller could stoln the Creator Royalties

Lines of code Vulnerability details Impact the seller could set their address to get the Creator Royalties Proof of Concept execute == executeFundsTransfer == transferFees for uint8 i = 0; i fees.length; i++ uint256 fee = price feesi.rate / INVERSEBASISPOINT; transferTopaymentToken, from,...

PT-2022-34688 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.259 Description: The issue is related to the addition of RC code in the cc2520 tx function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

CVE-2022-34177

A flaw was found in the Pipeline Input Step Plugin. This issue affects the code of the component Archive File Handler. The manipulation of the argument file with a malicious input leads to a directory traversal vulnerability...

MCK Smartlock 加密问题漏洞

MCK Smartlock is a smart combination lock. A security vulnerability exists in MCK Smartlock version 1.0, which stems from the use of an insecure rolling code algorithm. An attacker exploited the vulnerability to unlock the mechanism...

if user call addMerkleTree() of MerkleIdentity with priceIndex==0 by mistake or other uninitialized gates, then attacker can steal all the NFTs with 0 payment

Lines of code Vulnerability details Impact If treeAdder calls addMerkleTree with priceIndex==0 by mistake, then attackers can buy NFT's with price of 0 because gate Indexs in FixedPricePassThruGate or SpeedBumpPriceGate start from 1 and gates0 will be uninitialized and getCost0 will return 0. Thi...

Inconsistency behavior between bAsset tokens and the standard cw20 tokens

Lines of code Vulnerability details Impact The implementation of the send function of bAsset tokens is inconsistent with the standard cw20's implementation. In the standard implementation, the msg and the transfer amount are passed to the recipient contract as a regular message. However, in the...

Airspan Networks Mmp 代码问题漏洞

Airspan Networks Mmp is an advanced standalone network management software platform for Mimosa fixed wireless devices from Airspan Networks, U.S. Airspan Networks Mmp is vulnerable to a code issue that could be exploited by an attacker to pass specially crafted data to the application and create...

gpac 代码问题漏洞

GPAC is an open source multimedia framework. GPAC is vulnerable to a code issue that could be exploited by attackers to cause segmentation errors and application crashes...

Dell Emc Streaming Data Platform代码问题漏洞

Dell Emc Streaming Data Platform, a Dell platform for real-time ingestion, storage and analysis of continuous streaming data, is vulnerable to a code issue that could be exploited by a remote, unauthenticated attacker to reuse old session artifacts to emulate a legitimate user...

Ubuntu 16.04 ESM : Python vulnerabilities (USN-5083-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5083-1 advisory. It was discovered that Python incorrectly handled certain RFCs. An attacker could possibly use this issue to cause a denial of service. This issue only...

Ubuntu 16.04 ESM : Linux kernel vulnerability (USN-5062-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5062-1 advisory. Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in...

Github pcapture 代码问题漏洞

Github pcapture is the project uses Quarkus, the Supersonic Subatomic Java framework. A code issue vulnerability exists in pcapture that allows authenticated but unprivileged users to capture and download packets using the REST API without a capture filter and sufficient privileges...

OpenEMR 日志信息泄露漏洞

OpenEMR is an open source medical management system from the OpenEMR Openemr community. The system can be used for medical practice management, electronic medical records, prescription writing, and medical billing requests. A security vulnerability exists in OpenEMR 6.0.0 that originates from an...

EVlink City、EVlink Parking 和 EVlink Smart Wallbox 代码问题漏洞

Schneider Electric EVlink City and others are a charging solution for electric vehicle charging stations from Schneider Electric France. EVlink City, EVlink Parking, and EVlink Smart Wallbox are vulnerable to a code issue that The vulnerability stems from the fact that when carefully crafted...

Japan Total System GroupSession 代码问题漏洞

Japan Total System GroupSession is a groupware project from Japan Total System, Inc. that facilitates business and organizational communication and is designed to promote information sharing. Total System GroupSession is vulnerable to a code issue that could allow a user with access to the softwa...

Design/Logic Flaw

HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and earlier allows remote attackers to deny service via the delivery of many small messages within a single HTTP/2 frame, leading to Uncontrolled Recursion and stack consumption...

Medium: samba

Issue Overview: A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the...

Django SQL Injection Vulnerability (CNVD-2021-49046)

Django is an open source web application framework , written in Python . A SQL injection vulnerability exists in Django versions 3.2.x prior to 3.2.5 and 3.1.x prior to 3.1.13. The vulnerability is related to a code flaw. querySet.orderby does not perform strict validation of data when processing...