CVE-2022-44560

The launcher module has an Intent redirection vulnerability. Successful exploitation of this vulnerability may cause launcher module data to be modified...

CVE-2022-44560

The CVE-2022-44560 entry concerns Huawei HarmonyOS launcher module with an Intent redirection vulnerability that may allow modification of launcher module data if exploited. The connected documents reiterate this vulnerability description but do not provide concrete technical details such as affe...

PT-2022-27246 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: Launcher module affected versions not specified Description: The issue concerns an Intent redirection vulnerability in the launcher module. This vulnerability can be exploited to modify launcher module data. Recommendations: At the moment,...

podman: possible information disclosure and modification

An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to...

buildah: possible information disclosure and modification

An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able t...

buildah: possible information disclosure and modification

An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able t...

PT-2022-25772 · Sap · Sap Financial Consolidation

Name of the Vulnerable Software and Affected Versions: SAP Financial Consolidation version 1010 Description: The issue is due to insufficient input validation, allowing an authenticated attacker to inject malicious script when running a common query in the Web Administration Console. On successfu...

CVE-2022-20867

A vulnerability in web-based management interface of the of Cisco Email Security Appliance and Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct SQL injection attacks as root on an affected system. The attacker must have the credentials of a high-privileg...

Sql injection

A vulnerability in web-based management interface of the of Cisco Email Security Appliance and Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct SQL injection attacks as root on an affected system. The attacker must have the credentials of a high-privileg...

PT-2022-5476 · Cisco · Cisco Email Security Appliance +1

Name of the Vulnerable Software and Affected Versions: Cisco Email Security Appliance affected versions not specified Cisco Secure Email and Web Manager affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker...

SUSE SLES15 / openSUSE 15 Security Update : podman (SUSE-SU-2022:3819-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3819-1 advisory. - CVE-2022-2989: Fixed possible information disclosure and modification bsc1202809. Tenable has extracted the preceding...

SUSE SLES15 / openSUSE 15 Security Update : podman (SUSE-SU-2022:3820-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3820-1 advisory. - CVE-2022-2989: Fixed possible information disclosure and modification bsc1202809. Tenable has extracted the preceding...

Vulnerability of the Installer component: The general installer for MySQL allows a perpetrator to gain access to read, modify, add, or delete data, or to trigger a crash.

Vulnerability of the Installer component: The MySQL Installer component is vulnerable due to insufficient validation of input data. Exploiting this vulnerability allows an attacker to gain access to read, modify, add, or delete data, or cause the installation process to terminate abnormally...

Simple Cold Storage Management System SQL注入漏洞

Simple Cold Storage Management System is a simple cold storage management system. A SQL injection vulnerability exists in Simple Cold Storage Management System. An attacker could use this vulnerability to view, add, modify, or delete information in a back-end database...

SUSE SLED15: buildah / libgpg-error-devel / libgpg-error-devel-32bit / etc (SUSE-SU-2022:3766-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3766-1 advisory. - CVE-2021-20206: Fixed an issue in libcni that could allow an attacker to execute arbitrary...

mysql: InnoDB unspecified vulnerability (CPU Oct 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.35 and prior and 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

mysql: InnoDB unspecified vulnerability (CPU Oct 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...