Command injection

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList...

CVE-2022-36509

H3C GR3200 MiniGR1B0V100R014 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList...

PT-2022-23784 · H3C · H3C Gr-1200W

Name of the Vulnerable Software and Affected Versions: H3C GR-1200W version MiniGRW1A0V100R006 Description: A command injection issue was discovered via the param parameter at DelL2tpLNSList. Recommendations: For H3C GR-1200W version MiniGRW1A0V100R006, consider restricting access to the...

OSV-2022-538 Memcpy-param-overlap in FT_Stream_TryRead

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48749 Crash type: Memcpy-param-overlap Crash state: FTStreamTryRead bdfloadfont BDFFaceInit...

CVE-2022-32036

Tenda M3 V1.0.0.12 was discovered to contain multiple stack overflow vulnerabilities via the ssidList, storeName, and trademark parameters in the function formSetStoreWeb...

CVE-2022-32377

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/getexamtimetable.php?id=...

CVE-2022-33174

Power Distribution Units running on Powertek firmware multiple brands before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface /cgi/getparam.cgi with the tmpToken cookie set to an emp...

PT-2022-21724 · Unknown +1 · Power Distribution Units +1

Name of the Vulnerable Software and Affected Versions: Power Distribution Units running on Powertek firmware versions prior to 3.30.30 Description: The issue concerns an insecure permissions setting on the user.token field, which is accessible through the "/cgi/get param.cgi" HTTP API endpoint...

CVE-2021-41739

A OS Command Injection vulnerability was discovered in Artica Proxy 4.30.000000. Attackers can execute OS commands in cyrus.events.php with GET param logs and POST param rp...

Command injection

A OS Command Injection vulnerability was discovered in Artica Proxy 4.30.000000. Attackers can execute OS commands in cyrus.events.php with GET param logs and POST param rp...

OSV-2022-296 Negative-size-param in jxl::N_SSE4::BlendingStage::ProcessPaddingRow

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46243 Crash type: Negative-size-param Crash state: jxl::NSSE4::BlendingStage::ProcessPaddingRow jxl::LowMemoryRenderPipeline::RenderPadding jxl::LowMemoryRenderPipeline::ProcessBuffers...

The vulnerability of the legacy_parse_param function in the Linux operating system’s kernel, related to integer overflow, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the legacyparseparam function in the Linux operating system’s kernel is related to incorrect checking of the length of passed parameters. Exploiting this vulnerability allows attackers to access confidential data, compromise its integrity, and cause service failures...

Cross-site Scripting (XSS)

Overview johnpbloch/wordpress-core is a web software you can use to create a website or blog. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the isGlobalStylesUserThemeJSON parameter which is updatable via the post editor. An attacker can manipulate the conte...

A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.

...

AZL-8578 CVE-2022-0185 affecting package kernel for versions less than 5.15.26.1-1

A heap-based buffer overflow flaw was found in the way the legacyparseparam function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged in case of unprivileged user namespaces enabled, otherwise needs namespaced CAPSYSADMIN privile...

DEBIAN-CVE-2022-0185

A heap-based buffer overflow flaw was found in the way the legacyparseparam function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged in case of unprivileged user namespaces enabled, otherwise needs namespaced CAPSYSADMIN privile...

AlmaLinux 8 : libtiff (ALSA-2020:4634)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2020:4634 advisory. - tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer...

CVE-2021-44416

A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to a reboot. Disconnect param is not object. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2021-44406

A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to a reboot. GetAutoFocus param is not object. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2021-44410

A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to a reboot. UpgradePrepare param is not object. An attacker can send an HTTP request to trigger this vulnerability...