Cross site scripting

A vulnerability was found in Alinto SOGo up to 5.7.1. It has been classified as problematic. This affects an unknown part of the file SoObjects/SOGo/NSString+Utilities.m of the component Folder/Mail Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack...

UBUNTU-CVE-2022-4558

A vulnerability was found in Alinto SOGo up to 5.7.1. It has been classified as problematic. This affects an unknown part of the file SoObjects/SOGo/NSString+Utilities.m of the component Folder/Mail Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack...

CVE-2022-4558 Alinto SOGo Folder/Mail NSString+Utilities.m cross site scripting

A vulnerability was found in Alinto SOGo up to 5.7.1. It has been classified as problematic. This affects an unknown part of the file SoObjects/SOGo/NSString+Utilities.m of the component Folder/Mail Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack...

Apache Zeppelin 输入验证错误漏洞

Apache Zeppelin is a Web-based open source notebook application from the Apache Foundation that supports interactive data analysis and collaborative documentation. Apache Zeppelin is vulnerable to an input validation error that results from improper input validation in its Move folder to Trash...

CVE-2022-4558

A vulnerability was found in Alinto SOGo up to 5.7.1. It has been classified as problematic. This affects an unknown part of the file SoObjects/SOGo/NSString+Utilities.m of the component Folder/Mail Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack...

CVE-2022-43722

A vulnerability has been identified in SICAM PAS/PQS All versions V7.0. Affected software does not properly secure a folder containing library files. This could allow an attacker to place a custom malicious DLL in this folder which is then run with SYSTEM rights when a service is started that...

Siemens SICAM PAS/PQS 代码问题漏洞

Siemens SICAM PAS/PQS is a software from Siemens with an operating system for energy automation and power quality. A security vulnerability exists in Siemens SICAM PAS/PQS versions prior to V7.0 that stems from a failure to properly protect the containing folder. An attacker can exploit the...

Siemens Simcenter STAR-CCM+ 安全漏洞

Siemens Simcenter STAR-CCM is a complete multi-physics field solution from Siemens Germany that simulates products and designs working under real-world conditions. a security vulnerability exists in Siemens Simcenter STAR-CCM, which stems from improperly assigning file permissions to installation...

PT-2022-27016 · Unknown · Sicam Pas/Pqs

Name of the Vulnerable Software and Affected Versions: SICAM PAS/PQS versions prior to V7.0 Description: A vulnerability has been identified where the affected software does not properly secure a folder containing library files. This could allow an attacker to place a custom malicious DLL in this...

PT-2022-27576 · Alinto +2 · Alinto Sogo +2

Name of the Vulnerable Software and Affected Versions: Alinto SOGo versions up to 5.7.1 Description: A problematic issue has been found, affecting an unknown part of the file SoObjects/SOGo/NSString+Utilities.m of the component Folder/Mail Handler. The manipulation leads to cross site scripting. ...

CVE-2022-45968

Alist v3.4.0 is vulnerable to File Upload. A user with only file upload permission can upload any file to any folder even a password protected one...

CVE-2022-45968

Alist v3.4.0 is vulnerable to File Upload. A user with only file upload permission can upload any file to any folder even a password protected one...

PT-2022-27703 · Alist · Alist

Name of the Vulnerable Software and Affected Versions: Alist version 3.4.0 Description: The issue allows a user with only file upload permission to upload any file to any folder, including those that are password protected. Recommendations: For Alist version 3.4.0, update to version 3.5.1 to...

CVE-2022-45968

Alist v3.4.0 is vulnerable to File Upload. A user with only file upload permission can upload any file to any folder even a password protected one...

CVE-2022-39900

Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice Catch...

CVE-2022-39912

Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T13 allows local attackers to set some setting value in Secure folder...

CVE-2022-39912

Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T13 allows local attackers to set some setting value in Secure folder...

CVE-2022-39900

Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice Catch...

Improper access control

Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice Catch...

Design/Logic Flaw

Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T13 allows local attackers to set some setting value in Secure folder...