GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: tofu-controller, secrets-store-csi-driver-provider-aws, volume-modifier-for-k8s, dgraph, kube-arangodb, telegraf, spicedb-operator, eksctl, mc, rabbitmq-messaging-topology-operator, dbmate, boring-registry, kserve-modelmesh-serving, kserve-rest-proxy, rancher-agent,...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: secrets-store-csi-driver-provider-aws, kubernetes-csi-external-snapshotter, infinispan-operator, kubernetes-dashboard-metrics-scraper, eksctl, mc, flux-operator, kserve-modelmesh-serving, newrelic-nri-statsd, gatekeeper, kubeflow-katib, sftpgo,...

GHSA-X4JJ-H2V8-HQQV vulnerabilities

Vulnerabilities for packages: trivy, datadog-agent, influxd, caddy, commercial-chainloop-backend, ingress-nginx-controller, elastic-agent, rabbitmq-messaging-topology-operator, kube-state-metrics, rclone-fips, snyk-cli, gatekeeper-fips, ko-fips, gitaly, juicefs, rke2-runtime, sonobuoy, kyverno,...

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: trivy, datadog-agent, influxd, caddy, commercial-chainloop-backend, ingress-nginx-controller, elastic-agent, rabbitmq-messaging-topology-operator, kube-state-metrics, rclone-fips, snyk-cli, gatekeeper-fips, ko-fips, gitaly, juicefs, rke2-runtime, sonobuoy, kyverno,...

CVE-2022-45326

An XML external entity XXE injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery SSRF attacks...

CVE-2022-45326

An XML external entity XXE injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery SSRF attacks...

Design/Logic Flaw

An XML external entity XXE injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery SSRF attacks...

CVE-2022-45326

An XML external entity XXE injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery SSRF attacks...

CVE-2022-45326

An XML external entity XXE injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery SSRF attacks...

CVE-2022-45326

CVE-2022-45326 affects Kwoksys Kwok Information Server — vulnerable component: XML processing (XXE) leading to server-side request forgery (SSRF). Affected: versions before 2.9.5.SP31; root cause is an XML external entity vulnerability. Impact as described: remote authenticated users can trigger ...

PT-2022-27466 · Kwoksys · Kwok Information Server

Name of the Vulnerable Software and Affected Versions: Kwoksys Kwok Information Server versions prior to 2.9.5.SP31 Description: An XML external entity XXE injection issue allows remote authenticated users to conduct server-side request forgery SSRF attacks. This enables attackers to manipulate t...

CVE-2013-5028

SQL injection vulnerability in IT/hardware-list.dll in Kwoksys Kwok Information Server before 2.8.5 allows remote authenticated users to execute arbitrary SQL commands via the 1 hardwareType, 2 hardwareStatus, or 3 hardwareLocation parameter in a search command...

Sql injection

SQL injection vulnerability in IT/hardware-list.dll in Kwoksys Kwok Information Server before 2.8.5 allows remote authenticated users to execute arbitrary SQL commands via the 1 hardwareType, 2 hardwareStatus, or 3 hardwareLocation parameter in a search command...

CVE-2013-5028

SQL injection vulnerability in IT/hardware-list.dll in Kwoksys Kwok Information Server before 2.8.5 allows remote authenticated users to execute arbitrary SQL commands via the 1 hardwareType, 2 hardwareStatus, or 3 hardwareLocation parameter in a search command...

CVE-2013-5028

Kwoksys Kwok Information Server vulnerable to SQL injection in IT/hardware-list.dll (versions before 2.8.5). Affected component is the search command handling (hardwareType, hardwareStatus, hardwareLocation) with remote-authenticated access leading to arbitrary SQL execution. Root cause is improp...

Kwok Information Server 2.7.3 / 2.8.4 SQL Injection Vulnerability

Kwok Information Server versions 2.7.3 and 2.8.4 suffer from a remote blind SQL injection vulnerability. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ || || || Advisory : Kwok Information Server Blind Sql Injection || || Affected Version : 2.7.3 & 2.8.4 || || Vendor :...

Kwok Information Server 2.7.3 / 2.8.4 SQL Injection

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ || || || Advisory : Kwok Information Server Blind Sql Injection || || Affected Version : 2.7.3 & 2.8.4 || || Vendor : http://www.kwoksys.com/index.php || || Risk : Medium || || CVE-ID : 2013-5028 || || Tested on Platform : Windows...

Kwok Information Server - Multiple SQL Injections

Kwok Information Server - Multiple SQL Injections source: https://www.securityfocus.com/bid/61728/info Kwok Information Server is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may...

Kwok Information Server - Multiple SQL Injections

source: https://www.securityfocus.com/bid/61728/info Kwok Information Server is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application,...