54757 matches found
CVE-2022-37003
The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to files...
CVE-2022-37030
Weak permissions on the configuration file in the PAM module in Grommunio Gromox 0.5 through 1.x before 1.28 allow a local unprivileged user in the gromox group to have the PAM stack execute arbitrary code upon loading the Gromox PAM module...
CVE-2022-37001
The diag-router module has a vulnerability in intercepting excessive long and short instructions. Successful exploitation of this vulnerability will cause the diag-router module to crash...
CVE-2022-37006
Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service availability...
CVE-2022-31757
The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality...
CVE-2022-31856
Newsletter Module v3.x was discovered to contain a SQL injection vulnerability via the zemeznewsletteremail parameter at /index.php...
CVE-2022-31753
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability...
CVE-2022-31762
The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation...
CVE-2022-31758
The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality...
CVE-2022-31763
The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability...
CVE-2022-26355
Citrix Federated Authentication Service FAS 7.17 - 10.6 causes deployments that have been configured to store a registration authority certificate's private key in a Trusted Platform Module TPM to incorrectly store that key in the Microsoft Software Key Storage Provider MSKSP. This issue only...
CVE-2022-26320
The Rambus SafeZone Basic Crypto Module before 10.4.0, as used in certain Fujifilm formerly Fuji Xerox devices before 2022-03-01, Canon imagePROGRAF and imageRUNNER devices through 2022-03-14, and potentially many other devices, generates RSA keys that can be broken with Fermat's factorization...
CVE-2022-26313
A vulnerability has been identified in Mendix Forgot Password Appstore module All versions = V3.3.0 V3.5.1. In certain configurations of the affected product, a threat actor could use the sign up flow to hijack arbitrary user accounts...
CVE-2022-26596
Cross-site scripting XSS vulnerability in Journal module's web content display configuration page in Liferay Portal 7.1.0 through 7.3.3, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19, and 7.2 before fix pack 8, allows remote attackers to inject arbitrary web script or HTML via we...
CVE-2022-35914
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection...
CVE-2017-12795
OpenMRS openmrs-module-htmlformentry 3.3.2 is affected by: Improper Input Validation...
CVE-2017-18689
An issue was discovered on Samsung mobile devices with M6.0 and N7.0 Exynos5433, Exynos7420, or Exynos7870 chipsets software. An attacker can bypass a ko aka Kernel Module signature by modifying the count of kernel modules. The Samsung ID is SVE-2016-7466 January 2017...
CVE-2008-6836
Cross-site request forgery CSRF vulnerability in OpenID 5.x before 5x.-1.2, a module for Drupal, allows remote attackers to hijack the authentication of unspecified victims to delete OpenID identities via unknown vectors...
CVE-2019-18664
The Log module in SECUDOS DOMOS before 5.6 allows XSS...
CVE-2019-18665
The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion...