CVE-2022-43019

CVE-2022-43019 : OpenCats/OpenCATS v0.9.6 has a remote code execution (RCE) flaw via the getDataGridPager AJAX function. The issue affects the OpenCATS web UI component and is described as a vulnerable path in the AJAX handling, leading to high-impact impact (CVE indicates CRITICAL, network acces...

CVE-2022-3582

A vulnerability has been found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument change password leads to cross-site request forgery. The attack can be launched...

CVE-2022-3067

An issue has been discovered in the Import functionality of GitLab CE/EE affecting all versions starting from 14.4 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1. It was possible for an authenticated user to read arbitrary projects'...

PT-2022-21317 · WordPress · Import All Xml

Name of the Vulnerable Software and Affected Versions: Import all XML, CSV & TXT WordPress plugin versions prior to 6.5.8 Description: The issue is related to the improper sanitization and escaping of imported data, which is then used in SQL statements. This leads to SQL injection, a type of atta...

CVE-2022-3067

CVE-2022-3067 affects GitLab CE/EE via the Import functionality, allowing an authenticated user to read arbitrary project contents. The flaw exists in versions: 14.4 up to 15.2.4, 15.3 up to 15.3.3, and 15.4 up to 15.4.0. The underlying cause, as described in the sources, is not fully disclosed h...

PT-2022-20228 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 14.4 through 15.2.5 GitLab CE/EE versions 15.3 through 15.3.4 GitLab CE/EE versions 15.4 through 15.4.1 Description: An issue in the Import functionality allows an authenticated user to read arbitrary projects' content...

[SECURITY] Fedora 36 Update: wavpack-5.5.0-2.fc36

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5667-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5667-1 advisory. Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading t...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2022-2487)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Standard policy price matching is flawed

Lines of code Vulnerability details Impact Already placed orders may be highly unlikely able to be matched and executed. An order has to be created specifically for an already existing order with the intent to match and execute it. This severely impedes the functionality of the exchange, wastes...

PT-2022-34726 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 5.14 through 5.19 Description: A NULL dereference issue was discovered in the bonding functionality. The issue was introduced in version v5.14 and is fixed in Linux Kernel version v6.0. Recommendations: For Linux Kernel...

[SECURITY] Fedora 36 Update: gitqlient-1.5.0-2.fc36

GitQlient, pronounced as git+client /g=EF=BF=BD=EF=BF=BDt=EF=BF=BD=EF=BF=BDk la=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BDnt/ is a multi-platform Git client originally forked from QGit. Nowadays it goes beyond of just a fork and adds a lot of new functionality. Some of the major feature you can find are...

Broken Access Controls in Patient Files

Description An authenticated user without document access has the ability to direct access any document in the system by using a url similar to this http://domain/openemr/controller.php?document&retrieve&patientid=2&documentid=19. The autoincrement identifier was also susceptible of being...

Cross-site Scripting (XSS)

Zinc is vulnerable to cross-site scripting. The vulnerability exists due to the delete template functionality in User.vue incorrectly escaping the id attribute before being rendered, allowing an attacker to inject and execute a malicious JavaScript payload...

GitLab 14.4 < 15.2.5 / 15.3 < 15.3.4 / 15.4 < 15.4.1 (CVE-2022-3067)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in the Import functionality of GitLab CE/EE affecting all versions starting from 14.4 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting...

Cross site scripting

In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete user functionality. When an authenticated user deletes a user having a XSS payload in the user id field, the javascript payload will be executed and allow an attacker to access the user’s...

CVE-2022-39279 Discourse-chat plugin susceptible to XSS in channel name and description

discourse-chat is a plugin for the Discourse message board which adds chat functionality. In versions prior to 0.9 some places render a chat channel's name and description in an unsafe way, allowing staff members to cause an cross site scripting XSS attack by inserting unsafe HTML into them...

Multiple vulnerabilities in Buffalo network devices

Overview Multiple network devices provided by Buffalo Inc. contain multiple vulnerabilities listed below. Hidden Functionality CWE-912 - CVE-2022-39044 Use of Hard-coded Credentials CWE-798 - CVE-2022-34840 Authentication Bypass CWE-288 - CVE-2022-4096 Chuya Hayakawa of 00One, Inc. reported these...

PT-2022-34642 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.68 Description: A potential security issue has been identified in the Linux Kernel, related to the debugfs functionality. The actual impact and attack plausibility have not yet been proven. Recommendations...

getOrCreatePosition doesn't work as expected

Lines of code Vulnerability details getOrCreatePosition doesn't work as expected Impact Function getOrCreatePosition doesn't assign any value to positions, it just return the value from some key, leading to incorrect expected values and wrong functionality Proof of Concept function...