Vulnerability of the Server component: Security: Privileges of the MySQL Server database management system, allowing attackers to access, modify, add, or delete data.

The vulnerability of the MySQL Server component’s Security: Privileges section relates to insufficient validation of input data. Exploiting this vulnerability may allow an attacker to gain access to modify, add, or delete data using the MySQL network protocol...

The vulnerability of the Oracle Solaris operating system installer allows a hacker to gain access to modify, add, delete data, or cause partial service failure.

The vulnerability of the Oracle Solaris operating system installer, related to errors in the code. Exploiting this vulnerability can allow an attacker to gain access to modify, add, delete data, or cause partial service failure...

CVE-2022-26338

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in HandlerPagePKID.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

Vulnerability of the MySQL Server component: The Optimizer component of the MySQL database management system allows a hacker to cause service failures or gain access to modify, add, or delete data.

The vulnerability of the MySQL Server component involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures or gain access to modify, add, or delete data using the MySQL network protocol...

Hardcoded credentials

ALF-BanCO v8.2.5 and below was discovered to use a hardcoded password to encrypt the SQLite database containing the user's data. Attackers who are able to gain remote or local access to the system are able to read and modify the data...

CVE-2022-25577

ALF-BanCO vulnerable: v8.2.5 and earlier use a hardcoded password to encrypt the SQLite database, enabling read/modify access if an attacker gains remote or local system access. Root cause: hardcoded credentials in the application; affected component is the ALF-BanCO data encryption path for the ...

CVE-2021-27474 Rockwell Automation FactoryTalk AssetCentre Use of Potentially Dangerous Function

Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier does not properly restrict all functions relating to IIS remoting services. This vulnerability may allow a remote, unauthenticated attacker to modify sensitive data in FactoryTalk AssetCentre...

mysql: InnoDB unspecified vulnerability (CPU Oct 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.35 and prior and 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

Delta Electronics DIAEnergie SQL注入漏洞

Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency.Delta Electronics...

GARO Wallbox GLB/GTB/GTC 访问控制错误漏洞

The GARO Wallbox GLB/GTB/GTC is an electric vehicle charger from the Swedish company GARO. A security vulnerability exists in the GARO Wallbox GLB/GTB/GTC that stems from incorrect access control on the software web manager page. An attacker could use this vulnerability to view and modify...

CVE-2022-27250

The UNISOC chipset through 2022-03-15 allows attackers to obtain remote control of a mobile phone, e.g., to obtain sensitive information from text messages or the device's screen, record video of the device's physical environment, or modify data...

Open redirect

The UNISOC chipset through 2022-03-15 allows attackers to obtain remote control of a mobile phone, e.g., to obtain sensitive information from text messages or the device's screen, record video of the device's physical environment, or modify data...

UNISOC chipset 安全漏洞

The UNISOC chipset is an integrated circuit chipset from China's Unisplendour UNISOC. The UNISOC chipset contains a security vulnerability that could allow an attacker to gain remote control of a cell phone, such as obtaining sensitive information from text messages or the device screen, recordin...

Code injection

A vulnerability has been identified in RUGGEDCOM i800 All versions V4.3.8, RUGGEDCOM i801 All versions V4.3.8, RUGGEDCOM i802 All versions V4.3.8, RUGGEDCOM i803 All versions V4.3.8, RUGGEDCOM M2100 All versions V4.3.8, RUGGEDCOM M2200 All versions V4.3.8, RUGGEDCOM M969 All versions V4.3.8,...

CVE-2021-20319

An improper signature verification vulnerability was found in coreos-installer. A specially crafted gzip installation image can bypass the image signature verification and as a consequence can lead to the installation of unsigned content. An attacker able to modify the original installation image...

Linux kernel buffer overflow vulnerability (CNVD-2022-29295)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a buffer overflow vulnerability that can be exploited by an attacker to bypass Linux kernel access restrictions and read or modify data via bpf...

Oracle MySQL Server Input Validation Error Vulnerability (CNVD-2022-17683)

Oracle MySQL Server is a relational database from Oracle Corporation. Oracle MySQL Server is vulnerable to an input validation error that can be exploited by attackers to cause unauthorized creation, deletion, or modification of critical data or all MySQL Server-accessible data...

libarchive 后置链接漏洞

libarchive is a multi-format archive and compression library. A security vulnerability exists in libarchive, which can be exploited to modify data via symbolic link pattern timestamps. An attacker can exploit this vulnerability to bypass libarchive's access restrictions...

Insecure Serialization Data

corda-serialization is vulnerable to insecure serialization data. An attacker is able to use a CustomSerializer to modify the meaning of serialized data...

CVE-2019-25057

This CVE affects R3 Corda prior to version 4.1. The issue arises because the meaning of serialized data can be modified by an attacker-controlled CustomSerializer , enabling data manipulation at the serialization layer. The vulnerability pertains to the integrity of serialized data (per CVSS), wi...