PT-2022-24059 · Libjpeg +1 · Libjpeg +1

Name of the Vulnerable Software and Affected Versions: libjpeg affected versions not specified Description: The issue allows attackers to cause a Denial of Service DoS via a crafted file, exploiting a segmentation fault in the HuffmanDecoder::Get function at huffmandecoder.hpp. Recommendations: A...

PT-2022-23950 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. It requires user interaction, such as visiting a malicious page or opening a...

The vulnerability of the MiUI mobile operating system in devices like Redmi Note 11 and Redmi Note 9T, related to writing beyond the buffer in memory, allows a hacker to trigger a service failure.

The vulnerability of the mobile operating system MIUI is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

编号已被CVE保留

No details are available at this time...

编号已被CVE保留

No details are available at this time...

masterfizikal.ba Cross Site Scripting vulnerability OBB-2834133

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-34702

Windows Secure Socket Tunneling Protocol SSTP Remote Code Execution Vulnerability...

Security Bulletin: Vulnerability in IBM WebSphere Liberty Profile affects IBM InfoSphere Identity Insight (CVE-2022-22475 and CVE-2022-22476)

Summary The IBM WebSphere Liberty Profile used in IBM InfoSphere Identity Insight is vulnerable to identity spoofing by an authenticated user. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions...

tunnetaitojalapselle.fi Cross Site Scripting vulnerability OBB-2830644

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

adicciones.barcelona Cross Site Scripting vulnerability OBB-2827172

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

编号已被CVE保留

No details are available at this time...

For months, JusTalk messages were accessible to everyone on the Internet

JusTalk, a popular mobile video calling and messaging app with 20 million global users, exposed a massive database of supposedly private messages to the public Internet for months. According to security researcher Anurag Sen, who discovered the open database, the messages were stored unencrypted,...

CVE-2022-27619

Cleartext transmission of sensitive information vulnerability in authentication management in Synology Note Station Client before 2.2.2-609 allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors...

CVE-2022-27619

Cleartext transmission of sensitive information vulnerability in authentication management in Synology Note Station Client before 2.2.2-609 allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors...

CVE-2022-27619

Cleartext transmission of sensitive information vulnerability in authentication management in Synology Note Station Client before 2.2.2-609 allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors...

CVE-2022-27619

CVE-2022-27619 affects Synology Note Station Client prior to 2.2.2-609. The issue is a cleartext transmission of sensitive information in authentication management, enabling man-in-the-middle attackers to obtain sensitive data via unspecified vectors. The connected PT Security entry confirms vers...

Synology Note Station 安全漏洞

Synology Note Station is a cloud-based note management application from China-based Synology Inc. A security vulnerability exists in Synology Note Station Client prior to version 2.2.2-609, which stems from the use of plaintext transmission of sensitive information in the authentication managemen...

PT-2022-18524 · Synology · Synology Note Station Client

Name of the Vulnerable Software and Affected Versions: Synology Note Station Client versions prior to 2.2.2-609 Description: The issue concerns a cleartext transmission of sensitive information vulnerability in authentication management. This allows man-in-the-middle attackers to obtain sensitive...

CVE-2022-27619

Cleartext transmission of sensitive information vulnerability in authentication management in Synology Note Station Client before 2.2.2-609 allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors...

CVE-2022-35629

Due to a bug in the handling of the communication between the client and server, it was possible for one client, already registered with their own client ID, to send messages to the server claiming to come from another client ID. This issue was resolved in Velociraptor 0.6.5-2...