CVE-2022-45543

Cross site scripting XSS vulnerability in DiscuzX 3.4 allows attackers to execute arbitrary code via the datetline, title, tpp, or username parameters via the audit search...

LSN-0091-1: Kernel Live Patch Security Notice

It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2022-41222 Sönke...

PT-2023-1454 · Microsoft · Sql Server

Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server affected versions not specified Description: The issue is related to insufficient input validation in the database management system, which can be exploited to execute arbitrary code. This allows an attacker to potentiall...

CVE-2022-48077

Genymotion Desktop v3.3.2 was discovered to contain a DLL hijacking vulnerability that allows attackers to escalate privileges and execute arbitrary code via a crafted DLL...

Security Bulletin: IBM QRadar SIEM includes multiple components with known vulnerabilities

Summary The product includes multiple vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-31160 DESCRIPTION: jQuery UI is vulnerable to cross-site...

CVE-2023-24646

An arbitrary file upload vulnerability in the component /fos/admin/ajax.php of Food Ordering System v2.0 allows attackers to execute arbitrary code via a crafted PHP file...

Ubuntu: Security Advisory (USN-5858-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5863-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5844-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-45544

Insecure Permission vulnerability in Schlix Web Inc SCHLIX CMS 2.2.7-2 allows attacker to upload arbitrary files and execute arbitrary code via the tristao parameter. NOTE: this is disputed by the vendor because an admin is intentionally allowed to upload new executable PHP code, such as a theme...

CVE-2022-48021

A vulnerability in Zammad v5.3.0 allows attackers to execute arbitrary code or escalate privileges via a crafted message sent to the server...

Security Bulletin: IBM Aspera Orchestrator affected by vulnerability (CVE-2022-23943)

Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-23943 DESCRIPTION: Apache HTTP Server could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in modsed. By sending special...

CVE-2022-31364

Cypress : https://www.infineon.com/ Cypress Bluetooth Mesh SDK BSA010705.01.00-BX8-AMESH-08 is affected by: Buffer Overflow. The impact is: execute arbitrary code remote. The component is: affected function is lowertransportlayeronseg. ¶¶ In Cypress Bluetooth Mesh SDK, there is an out-of-bound...

CVE-2023-23135

An arbitrary file upload vulnerability in Ftdms v3.1.6 allows attackers to execute arbitrary code via uploading a crafted JPG file...

CVE-2022-31364

Cypress : https://www.infineon.com/ Cypress Bluetooth Mesh SDK BSA010705.01.00-BX8-AMESH-08 is affected by: Buffer Overflow. The impact is: execute arbitrary code remote. The component is: affected function is lowertransportlayeronseg. ¶¶ In Cypress Bluetooth Mesh SDK, there is an out-of-bound...

CVE-2022-31363

CVE-2022-31363 affects Cypress Bluetooth Mesh SDK version BSA0107_05.01.00-BX8-AMESH-08. The vulnerability is a buffer overflow caused by an out-of-bounds write during mesh provisioning, due to no check for mismatched SegN and TotalLength in the Transaction Start PDU. The affected component is th...

CVE-2022-31363

Cypress : https://www.infineon.com/ Cypress Bluetooth Mesh SDK BSA010705.01.00-BX8-AMESH-08 is affected by: Buffer Overflow. The impact is: execute arbitrary code remote. The component is: affected function is pbtransporthandlefrag. ¶¶ In Cypress Bluetooth Mesh SDK, there is an out-of-bound write...

CVE-2023-23135

An arbitrary file upload vulnerability in Ftdms v3.1.6 allows attackers to execute arbitrary code via uploading a crafted JPG file...

Tenda AC18 Buffer Overflow Vulnerability (CNVD-2023-21674)

Tenda AC18 is a router from Tenda. Tenda AC18 is vulnerable to a buffer overflow vulnerability that could be exploited by an attacker to submit a special request that could crash the program or execute arbitrary code in the context...

Tenda AC18 Buffer Overflow Vulnerability (CNVD-2023-21676)

Tenda AC18 is a router from Tenda. Tenda AC18 is vulnerable to a buffer overflow vulnerability that could be exploited by an attacker to submit a special request that could crash a program or execute arbitrary code in context...