CVE-2022-44751 HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView

HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in...

CVE-2021-39427

Cross site scripting vulnerability in 188Jianzhan 2.10 allows attackers to execute arbitrary code via the username parameter to /admin/reg.php...

Security Bulletin: Netcool Operations Insight v1.6.7 contains fixes for multiple security vulnerabilities.

Summary Netcool Operations Insight v1.6.7 contains fixes for multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2022-26612 DESCRIPTION: Apache Hadoop for Windows could allow a remote attacker to bypass security restrictions, caused by the use of an...

CVE-2022-45009

Online Leave Management System v1.0 was discovered to contain an arbitrary file upload vulnerability at /leavesystem/classes/SystemSettings.php?f=updatesettings. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

USN-5760-2: libxml2 vulnerabilities

USN-5760-1 fixed vulnerabilities in libxml2. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive...

CVE-2022-45477

Telepad allows remote unauthenticated users to send instructions to the server to execute arbitrary code without any previous authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H...

Ubuntu: Security Advisory (USN-5718-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-43192

An arbitrary file upload vulnerability in the component /dede/filemanagecontrol.php of Dedecms v5.7.101 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is related to an incomplete fix for CVE-2022-40886...

CVE-2022-43234

An arbitrary file upload vulnerability in the /attachments component of Hoosk v1.8 allows attackers to execute arbitrary code via a crafted PHP file...

Design/Logic Flaw

An arbitrary file upload vulnerability in the /attachments component of Hoosk v1.8 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-43234

An arbitrary file upload vulnerability in the /attachments component of Hoosk v1.8 allows attackers to execute arbitrary code via a crafted PHP file...

Oracle Linux 8 : gstreamer1-plugins-good (ELSA-2022-7618)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7618 advisory. - Add patches for matroskademux. CVE-2021-3497 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

CVE-2022-43265

An arbitrary file upload vulnerability in the component /pages/saveuser.php of Canteen Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-43439

A vulnerability has been identified in POWER METER SICAM Q100 7KG9501-0AA01-0AA1 All versions V2.50, POWER METER SICAM Q100 7KG9501-0AA01-2AA1 All versions V2.50, POWER METER SICAM Q100 7KG9501-0AA31-0AA1 All versions V2.50, POWER METER SICAM Q100 7KG9501-0AA31-2AA1 All versions V2.50, SICAM P850...

CVE-2022-43546

A vulnerability has been identified in POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, SICAM P850 All versions V3.10, SICAM P850 All versions V3.10, SICAM P850 All versions...

CVE-2022-43545

A vulnerability has been identified in POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, SICAM P850 All versions V3.10, SICAM P850 All versions V3.10, SICAM P850 All versions...

CVE-2022-37905

Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to execute arbitrary code during the boot sequence. Successful exploitation could allow an attacker to achieve permanent modification of the underlying operating system...

Security Bulletin: Multiple Vulnerabilities in base image packages affect IBM Voice Gateway

Summary Security Vulnerabilities in base image packages affect IBM Voice Gateway. Vulnerability Details CVEID:CVE-2020-10735 DESCRIPTION: Python is vulnerable to a denial of service, caused by the failure to limit amount of digits converting text to int by the int type in PyLongFromString. A remo...

CVE-2022-43083

An arbitrary file upload vulnerability in admin-add-vehicle.php of Vehicle Booking System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-43275

Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /youthappam/phpaction/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...