4605 matches found
PT-2022-4788 · Microsoft · Windows Common Log File System Driver +1
Name of the Vulnerable Software and Affected Versions: Windows Common Log File System Driver versions prior to 10.0.10240.19444 Windows Common Log File System Driver versions prior to 10.0.14393.5356 Windows Common Log File System Driver versions prior to the fixed version Description: The issue ...
PT-2022-24559 · Transtek · Transtek Mojodat Fam
Name of the Vulnerable Software and Affected Versions: Transtek Mojodat FAM Fixed Asset Management version 2.4.6 Description: The issue allows remote attackers to bypass authorization in the mobile application. Recommendations: For version 2.4.6, consider restricting access to sensitive features...
CVE-2022-36097 XWiki Platform Attachment UI vulnerable to cross-site scripting in the move attachment form
XWiki Platform Attachment UI provides a macro to easily upload and select attachments for XWiki Platform, a generic wiki platform. Starting with version 14.0-rc-1 and prior to 14.4-rc-1, it's possible to store JavaScript in an attachment name, which will be executed by anyone trying to move the...
CVE-2022-36085 OPA Compiler: Bypass of WithUnsafeBuiltins using `with` keyword to mock functions
Open Policy Agent OPA is an open source, general-purpose policy engine. The Rego compiler provides a deprecated WithUnsafeBuiltins function, which allows users to provide a set of built-in functions that should be deemed unsafe — and as such rejected — by the compiler if encountered in the policy...
CVE-2022-36089 VelaUX APIServer vulnerable to Authentication Bypass by Capture-replay
KubeVela is an application delivery platform Users using KubeVela's VelaUX APIServer could be affected by an authentication bypass vulnerability. In KubeVela prior to versions 1.4.11 and 1.5.4, VelaUX APIServer uses the PlatformID as the signed key to generate the JWT tokens for users. Another AP...
CVE-2022-36039
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to out-of-bounds write when parsing DEX files. A user opening a malicious DEX file could be affected by this vulnerability, allowing an attacker to execute code on the user's...
Out-of-bounds
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to out-of-bounds write when parsing DEX files. A user opening a malicious DEX file could be affected by this vulnerability, allowing an attacker to execute code on the user's...
Remote code execution
CircuitVerse is an open-source platform which allows users to construct digital logic circuits online. A remote code execution RCE vulnerability in CircuitVerse allows authenticated attackers to execute arbitrary code via specially crafted JSON payloads. This issue may lead to Remote Code Executi...
CVE-2022-36039 Out-of-bounds write when parsing DEX files in Rizin
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to out-of-bounds write when parsing DEX files. A user opening a malicious DEX file could be affected by this vulnerability, allowing an attacker to execute code on the user's...
CVE-2022-36038 CircuitVerse potential RCE vulnerability via Oj.load
CircuitVerse is an open-source platform which allows users to construct digital logic circuits online. A remote code execution RCE vulnerability in CircuitVerse allows authenticated attackers to execute arbitrary code via specially crafted JSON payloads. This issue may lead to Remote Code Executi...
PT-2022-23488 · Tenda · Tenda G3
Name of the Vulnerable Software and Affected Versions: Tenda G3 version US G3V3.0br V15.11.0.67663 EN TDE Description: The issue is caused by a buffer overflow in the getsinglepppuser function due to sscanf. Recommendations: For Tenda G3 version US G3V3.0br V15.11.0.67663 EN TDE, as a temporary...
PT-2022-24109 · Totolink · Totolink A860R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A860R version 4.1.2cu.5182 B20201027 Description: The issue is related to a buffer overflow vulnerability in the main function of the downloadfile.cgi. Recommendations: For TOTOLINK A860R version 4.1.2cu.5182 B20201027, consider...
PT-2022-24107 · Totolink · Totolink A860R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A860R version 4.1.2cu.5182 B20201027 Description: The issue is related to a Buffer Overflow that can be triggered via the Cstecgi.cgi endpoint. This allows for potential exploitation. No information is provided about the estimated...
CVE-2022-29063
The Solr plugin of Apache OFBiz is configured by default to automatically make a RMI request on localhost, port 1099. In version 18.12.05 and earlier, by hosting a malicious RMI server on localhost, an attacker may exploit this behavior, at server start-up or on a server restart, in order to run...
CVE-2022-29063
The Solr plugin of Apache OFBiz is configured by default to automatically make a RMI request on localhost, port 1099. In version 18.12.05 and earlier, by hosting a malicious RMI server on localhost, an attacker may exploit this behavior, at server start-up or on a server restart, in order to run...
CVE-2022-28625
A local disclosure of sensitive information vulnerability was discovered in HPE OneView versions: Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability...
PT-2022-23854 · Vim · Gvim
Name of the Vulnerable Software and Affected Versions: gvim version 9.0.0000 Description: An issue in the installer of gvim allows authenticated attackers to execute arbitrary code via a binary hijacking attack on C:Program.exe. Recommendations: For gvim version 9.0.0000, consider restricting...
PT-2022-23590 · Unknown · Library Management System
Name of the Vulnerable Software and Affected Versions: Library Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the bookId parameter at the "/librarian/delete.php" API endpoint. Recommendations: For Library...
GHSA-CC99-WHM5-MMQ3 Openstack Keystone Incorrect Authorization vulnerability
A flaw was found in openstack-keystone, only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity. A patch is...
PT-2022-23808 · H3C · H3C H200
Name of the Vulnerable Software and Affected Versions: H3C H200 version H200V100R004 Description: A stack overflow issue was discovered via the function SetAPWifiorLedInfoById. Recommendations: For H3C H200 version H200V100R004, consider disabling the SetAPWifiorLedInfoById function as a temporar...