CVE-2022-33315

Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions...

CVE-2022-33316

Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions...

CVE-2022-33316

The CVE-2022-33316 issue affects Mitsubishi Electric GENESIS64 and ICONICS suites (GENESIS64, ICONICS Suite, ICONICS Digital Solutions ICONICS Suite) and MC Works64, with a root cause of Deserialization of Untrusted Data. Versions affected include GENESIS64 10.97–10.97.1 and MC Works64 <= 4.04...

The vulnerability of the Red Database database management system lies in the return of an incorrect status code, allowing an attacker to trigger a service failure.

The vulnerability of the Red Database database management system is related to the return of incorrect code states. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by exhausting free space on the disk during backup operations...

The vulnerability of the Red Database database management system lies in the possibility of returning incorrect status codes, allowing attackers to deceive users.

The vulnerability of the RedBase database management system is related to the return of incorrect status codes. Exploiting this vulnerability can allow a malicious actor to deceive users by replacing the notification window...

Researchers Warn of New Variants of ChromeLoader Browser in the Wild

By Deeba Ahmed ChromeLoader malware is spread through pirated games, malicious QR codes, and cracked software that hijacks the victims web… This is a post from HackRead.com Read the original post: Researchers Warn of New Variants of ChromeLoader Browser in the Wild...

CVE-2022-24690

An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A PresAbs.php SQL Injection vulnerability allows unauthenticated users to taint database data and extract sensitive information via crafted HTTP requests. The type of SQL Injection is blind boolean based. An unauthenticated attacker...

CVE-2022-24690

An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A PresAbs.php SQL Injection vulnerability allows unauthenticated users to taint database data and extract sensitive information via crafted HTTP requests. The type of SQL Injection is blind boolean based. An unauthenticated attacker...

CVE-2022-24690

An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A PresAbs.php SQL Injection vulnerability allows unauthenticated users to taint database data and extract sensitive information via crafted HTTP requests. The type of SQL Injection is blind boolean based. An unauthenticated attacker...

WordPress WP OAuth2 Server plugin <= 1.0.1 - Authentication Bypass vulnerability

Authentication Bypass vulnerability discovered by Lana Codes in WordPress WP OAuth2 Server plugin versions = 1.0.1. Solution Deactivate and delete. This plugin has been closed as of June 23, 2022 and is not available for download. This closure is temporary, pending a full review...

Arbitrary Code Execution

xen is vulnerable to arbitrary code execution. The vulnerability exists in hw due to Mis-trained branch predictions for return instructions which allows an attacker to inject and execute arbitrary speculative codes under certain microarchitecture-dependent conditions...

nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

A regular expression denial of service ReDoS vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes...

nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

A regular expression denial of service ReDoS vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes...

Denial Of Service

kernel is vulnerable to denial of service. The vulnerability exists due to a race condition in perfeventopen which allows an attacker to gain root privileges and execute arbitrary codes and crash the system...

CVE-2022-1625

The New User Approve WordPress plugin before 2.4 does not have CSRF check in place when updating its settings and adding invitation codes, which could allow attackers to add invitation codes for bypassing the provided restrictions and to change plugin settings by tricking admin users into visitin...

CVE-2022-1625

The New User Approve WordPress plugin before 2.4 does not have CSRF check in place when updating its settings and adding invitation codes, which could allow attackers to add invitation codes for bypassing the provided restrictions and to change plugin settings by tricking admin users into visitin...

CVE-2022-1625

The New User Approve WordPress plugin before 2.4 does not have CSRF check in place when updating its settings and adding invitation codes, which could allow attackers to add invitation codes for bypassing the provided restrictions and to change plugin settings by tricking admin users into visitin...

Cross site request forgery (csrf)

The New User Approve WordPress plugin before 2.4 does not have CSRF check in place when updating its settings and adding invitation codes, which could allow attackers to add invitation codes for bypassing the provided restrictions and to change plugin settings by tricking admin users into visitin...

Remote Code Execution (RCE)

sixfabtool is vulnerable to remote code execution. When the package is installed, it opens a malicious backdoor in the package allowing an attacker to inject and execute arbitrary codes and gain access to sensitive user information and digital currency keys as well as escalate privileges...

Remote Code Execution (RCE)

texercise is vulnerable to remote code execution. When the package is installed, it opens a malicious backdoor in the package allowing an attacker to inject and execute arbitrary codes and gain access to sensitive user information and digital currency keys as well as escalate privileges...