Canteen Management System SQL注入漏洞

Canteen Management System is a cafeteria management system by Mayuri K. Individual developer. Canteen Management System v1.0 suffers from a SQL injection vulnerability, which stems from the discovery of an SQL injection vulnerability via the categoriesId parameter on...

libtiff: Denial of Service via crafted TIFF file

A flaw was found in libtiff where a NULL source pointer passed as an argument to the memcpy function within the TIFFFetchStripThing in tifdirread.c. This flaw allows an attacker with a crafted TIFF file to exploit this flaw, causing a crash and leading to a denial of service...

tiff: Null source pointer passed as an argument to memcpy in TIFFFetchNormalTag() in tif_dirread.c

A flaw was found in LibTIFF where a NULL source pointer passed as an argument to the memcpy function within the TIFFFetchNormalTag in tifdirread.c. This flaw allows an attacker with a crafted TIFF file to cause a crash that leads to a denial of service...

Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to loss of confidentiality due to CVE-2022-0235

Summary Node.js module node-fetch is used by IBM App Connect Enterprise Certified Container for HTTP communications. IBM App Connect Enterprise Certified Container operands may be vulnerable to loss of confidentiality. This bulletin provides patch information to address the reported vulnerability...

Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to denial of service due to CVE-2022-2596

Summary Node.js module node-fetch is used by IBM App Connect Enterprise Certified Container for some HTTP calls. IBM App Connect Enterprise Certified Container operands may be vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability...

Slack: Unauthorized access to GovSlack

An unauthorized user could create a workspace on GovSlack by copying and sending a fetch request payload from slack.com to slack-gov.com, which would bypass the disabled option to create a workspace for new users. This could result in unauthorized access to GovSlack...

CVE-2022-43232

Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the userid parameter at /phpaction/fetchOrderData.php...

CVE-2022-43276

Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the productId parameter at /phpaction/fetchSelectedfood.php...

Canteen Management System SQL注入漏洞

Canteen Management System is a cafeteria management system by Mayuri K. Individual developer. Canteen Management System version 1.0 suffers from a SQL injection vulnerability that stems from the userid parameter of /phpaction/fetchSelectedUser.php being susceptible to SQL injection...

SUSE: Security Advisory (SUSE-SU-2022:3767-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:3767-1 Recommended update for bind

This update for bind fixes the following issues: Update to release 9.16.33: - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations bsc1203614. - CVE-2022-3080: Fixed assertion failure when there was a stale CNAME in the cac...

Denial Of Service (DoS)

org.ini4j:ini4j is vulnerable to Denial of Service DoS attacks. The vulnerability is due to the fetch method in BasicProfile.java lacking circular dependency checks, which allows an attacker to cause a stack overflow exception resulting in Denial of Service. While the CVE claims that v0.5.4 is...

org.ini4j allows attackers to cause a Denial of Service (DoS)

An issue in the fetch method in the BasicProfile class of org.ini4j before v0.5.4 allows attackers to cause a Denial of Service DoS via unspecified vectors...

GHSA-JR6H-R7VG-F9MC org.ini4j allows attackers to cause a Denial of Service (DoS)

An issue in the fetch method in the BasicProfile class of org.ini4j before v0.5.4 allows attackers to cause a Denial of Service DoS via unspecified vectors...

CVE-2022-41404

An issue in the fetch method in the BasicProfile class of org.ini4j through version v0.5.4 allows attackers to cause a Denial of Service DoS via unspecified vectors...

DEBIAN-CVE-2022-41404

An issue in the fetch method in the BasicProfile class of org.ini4j through version v0.5.4 allows attackers to cause a Denial of Service DoS via unspecified vectors...

CVE-2022-41404

An issue in the fetch method in the BasicProfile class of org.ini4j through version v0.5.4 allows attackers to cause a Denial of Service DoS via unspecified vectors...

Design/Logic Flaw

An issue in the fetch method in the BasicProfile class of org.ini4j before v0.5.4 allows attackers to cause a Denial of Service DoS via unspecified vectors...

UBUNTU-CVE-2022-41404

An issue in the fetch method in the BasicProfile class of org.ini4j through version v0.5.4 allows attackers to cause a Denial of Service DoS via unspecified vectors...

CVE-2022-41404

The CVE-2022-41404 entry concerns the ini4j Java library. A flaw in the fetch() method of the BasicProfile class affects versions up to 0.5.4, allowing a Denial of Service (DoS) via unspecified vectors. Public references indicate remediation by upgrading ini4j to 0.5.4 (or later), with Debian LTS...