4 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-21720
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Prior to version 9.5.7, an entity administrator is capable of retrieving normally inaccessible data via...
PT-2025-2742 · Elspec · Elspec G5 Digital Fault Recorder
Name of the Vulnerable Software and Affected Versions: Elspec G5 digital fault recorder versions 1.2.1.12 and earlier Description: An issue was discovered that may allow an attacker to cause a Denial of Service DoS via a crafted XML payload due to an XML External Entity XXE vulnerability...
UBUNTU-CVE-2022-21720
GLPI is a free asset and IT management software package. Prior to version 9.5.7, an entity administrator is capable of retrieving normally inaccessible data via SQL injection. Version 9.5.7 contains a patch for this issue. As a workaround, disabling the Entities update right prevents exploitation...
PT-2022-1462 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 9.5.7 Description: The issue is related to a lack of protection against SQL query structure exploitation, allowing a remote attacker to execute arbitrary SQL queries. An entity administrator can retrieve normally...