Delta Electronics DIAEnergie SQL Injection Vulnerability (CNVD-2022-36028)

Delta Electronics DIAEnergie is an industrial energy management system for monitoring and analyzing energy consumption in real time, calculating energy consumption and load characteristics, optimizing equipment performance, improving production processes and maximizing energy efficiency. Delta...

Design/Logic Flaw

OPA is an open source, general-purpose policy engine. Under certain conditions, pretty-printing an abstract syntax tree AST that contains synthetic nodes could change the logic of some statements by reordering array literals. Example of policies impacted are those that parse and compare web paths...

NULL Pointer Dereference

A NULL pointer dereference was discovered in cpp-peglib's peg::AstOptimizer::optimize located in peglib.h. It allows an attacker to cause a Denial of Service...

Wordpress plugin Controlled Admin Access 访问控制错误漏洞

WordPress Plugin is an open source application plugin for WordPress. A security vulnerability exists in multiple Wordpress plugins that allows an attacker to use this endpoint to add arbitrary data to predefined options in the wpoptions table. The following products and versions are affected: The...

SUSE-SU-2021:1023-1 Security update for xen

This update for xen fixes the following issues: - CVE-2021-3308: VUL-0: xen: IRQ vector leak on x86 bsc1181254, XSA-360 - CVE-2021-28687: VUL-0: xen: HVM soft-reset crashes toolstack bsc1183072, XSA-368 - CVE-2021-20257: VUL-0: xen: infinite loop issue in the e1000 NIC emulator bsc1182846 -...

The vulnerability of the can_optimize function in the Linux operating system’s kernel code (arch/x86/kernel/kprobes/opt.c) allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the canoptimize function in the Linux operating system’s kernel code arch/x86/kernel/kprobes/opt.c is related to improper code generation management. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...

WordPress Thrive Optimize premium plugin <= 1.4.13.2 - Unauthenticated Option Update vulnerability

Unauthenticated Option Update vulnerability discovered by WordFence in WordPress Thrive Optimize premium plugin versions = 1.4.13.2. Solution Update the WordPress Thrive Optimize premium plugin to the latest available version at least 1.4.13.3...

CVE-2020-29534

An issue was discovered in the Linux kernel before 5.9.3. iouring takes a non-refcounted reference to the filesstruct of the process that submitted a request, causing execve to incorrectly optimize unsharefd, aka CID-0f2122045b94...

UBUNTU-CVE-2020-27560

ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service...

Enterprise Threat Protector Now Includes One-Click Performance Optimization for Microsoft 365

Microsoft 365 is becoming the essential productivity suite for enterprises. Over 1 million companies have now signed up for the service, and every month there are more than 200 million active users. Microsoft Teams alone has 75 million active users every day. If your company already uses or is...

IOBit Advanced SystemCare Free Arbitrary File Deletion Vulnerability

IOBit Advanced SystemCare Free is a system management utility program from IOBit UK. The program is mainly used for scanning, repairing and optimizing your system, among other things. An arbitrary file deletion vulnerability exists in IOBit Advanced SystemCare Free version 13.5.0.263. A local...

CVE-2020-14990

IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges for file deletion by manipulating the Clean & Optimize feature with an NTFS junction and an Object Manager symbolic link...

Arbitrary file deletion

IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges for file deletion by manipulating the Clean & Optimize feature with an NTFS junction and an Object Manager symbolic link...

CVE-2020-14990

IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges for file deletion by manipulating the Clean & Optimize feature with an NTFS junction and an Object Manager symbolic link...

Chadha PHPKB Cross-Site Scripting Vulnerability (CNVD-2020-17938)

Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A reflected cross-site scripting vulnerability exists in admin/optimize-database.php in Chadha PHPKB Standard Multi-Language 9. The...

CVE-2020-10437

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/optimize-database.php by adding a question mark ? followed by the payload...

CVE-2020-10437

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/optimize-database.php by adding a question mark ? followed by the payload...

Cross site scripting

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/optimize-database.php by adding a question mark ? followed by the payload...

CVE-2020-10437

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/optimize-database.php by adding a question mark ? followed by the payload...

CVE-2020-10437

CVE-2020-10437 affects Chadha PHPKB Standard Multi-Language 9. The Red Hat records confirm that URIs handled in admin/header.php allow Reflected XSS by injecting a payload after a question mark, affecting admin/add-article.php, admin/trash-box.php, and admin/optimize-database.php via the same pat...