SUSE SLES15 / openSUSE 15 Security Update : buildah (SUSE-SU-2022:4350-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4350-1 advisory. Version update to 1.28.2. - CVE-2022-2990: Fixed a possible information disclosure and modification vulnerability...

CVE-2022-36193

SQL injection in School Management System 1.0 allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries...

PT-2022-23252 · Unknown · School Management System

Name of the Vulnerable Software and Affected Versions: School Management System version 1.0 Description: The issue allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries. Recommendations: For School...

CVE-2022-36193

SQL injection in School Management System 1.0 allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries...

Oracle Linux 9 : podman (ELSA-2022-8431)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8431 advisory. 4.2.0-7.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 2:4.2.0-7 - update to the latest content of...

PT-2022-25876 · Unknown · Record Management System +1

Name of the Vulnerable Software and Affected Versions: Record Management System using CodeIgniter version 1.0 Description: The issue allows attackers to access and modify user data due to an access control problem in the /Admin/dashboard.php endpoint. Recommendations: For Record Management System...

Oracle Linux 8 : container-tools:ol8 (ELSA-2022-7822)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7822 advisory. aardvark-dns 2:1.1.0-5 - fix 'Two aardvark-dns instances trying to use the same port on the same interface' - Resolves: 2130234 buildah 1:1.27.2-2 -...

Oracle Linux 9 : buildah (ELSA-2022-8008)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8008 advisory. - fix CVE-2022-2990 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

PT-2022-25232 · WordPress · Wp-Polls

Name of the Vulnerable Software and Affected Versions: WP-Polls plugin versions prior to 2.76.1 Description: A race condition issue exists in the WP-Polls plugin, affecting users with subscriber or higher permissions. This issue can be exploited due to improper synchronization, potentially leadin...

AlmaLinux 9 : podman (ALSA-2022:8431)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:8431 advisory. - An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data...

CVE-2022-42891

The CVE-2022-42891 issue affects Siemens syngo Dynamics (all versions

rubygem-nokogiri: Improper Handling of Unexpected Data Type in Nokogiri

A flaw was found in the rubygem-nokogiri package. This flaw allows malicious users to change partial contents or configurations on the system. Additionally, this vulnerability can also cause a limited denial of service in the form of interruptions in resource availability...

podman: possible information disclosure and modification

An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to...

buildah: possible information disclosure and modification

An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able t...

buildah: possible information disclosure and modification

An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able t...

podman: possible information disclosure and modification

An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to...

AlmaLinux 8 : container-tools:rhel8 (ALSA-2022:7822)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7822 advisory. podman: possible information disclosure and modification CVE-2022-2989 buildah: possible information disclosure and modification CVE-2022-2990 Tenable has...

CVE-2022-44560

The launcher module has an Intent redirection vulnerability. Successful exploitation of this vulnerability may cause launcher module data to be modified...

CVE-2022-44560

The launcher module has an Intent redirection vulnerability. Successful exploitation of this vulnerability may cause launcher module data to be modified...

Design/Logic Flaw

The launcher module has an Intent redirection vulnerability. Successful exploitation of this vulnerability may cause launcher module data to be modified...