5 matches found
CVE-2022-29059
CVE-2022-29059 concerns Fortinet FortiWeb SQL Injection. Connected data confirms an improper neutralization of special elements used in SQL commands (CWE-89) that could allow a privileged attacker to execute SQL commands on the log database. Affected product versions include FortiWeb 7.0.1 and be...
CVE-2023-28120
There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input...
CVE-2023-45002
CVE-2023-45002 concerns the WordPress plugin WP User Frontend (weDevs) with Missing Authorization via AJAX actions up to version 3.6.8. The issue originates from Inadequate access control (Broken Access Control) that can be exploited by users with low privileges to bypass configured security leve...
CVE-2021-0863
CVE-2021-0863 is listed in the Android 12 security release notes under Framework as an Information Disclosure (ID) vulnerability with Android bug ID A-118188362, Severity Moderate. It is addressed as part of the Android 12 release; no exploitation details are provided in the document.
CVE-2021-21158
Removed by vendor...