Open-Xchange OX App Suite 跨站脚本漏洞

Open-Xchange OX App Suite is an e-mail and productivity suite client software from the German company Open-Xchange. A security vulnerability exists in Open-Xchange OX App Suite version 7.10.6 and earlier, which stems from the fact that certain content such as E-Mail signatures are stored using a...

CVE-2022-36193

SQL injection in School Management System 1.0 allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries...

CVE-2022-36193

SQL injection in School Management System 1.0 allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries...

Moderate: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.1 security and bug fix update

OpenShift API for Data Protection OADP 1.1.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

PT-2022-23252 · Unknown · School Management System

Name of the Vulnerable Software and Affected Versions: School Management System version 1.0 Description: The issue allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries. Recommendations: For School...

CVE-2022-36193

CVE-2022-36193 affects School Management System (version 1.0). The vulnerability is a SQL injection that enables remote attackers to modify or delete data via malicious SQL queries, leading to persistent changes in application content/behavior. Concrete details across connected sources confirm th...

CVE-2022-4093 SQL Injection in dolibarr/dolibarr

SQL injection attacks can result in unauthorized access to sensitive data, such as passwords, credit card details, or personal user information. Many high-profile data breaches in recent years have been the result of SQL injection attacks, leading to reputational damage and regulatory fines. In...

High Severity Vulnerabilities Reported in F5 BIG-IP and BIG-IQ Devices

Multiple security vulnerabilities have been disclosed in F5 BIG-IP and BIG-IQ devices that, if successfully exploited, to completely compromise affected systems. Cybersecurity firm Rapid7 said the flaws could be abused to remote access to the devices and defeat security constraints. The issues...

CVE-2022-20826

A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance ASA Software or Cisco Firepower Threat Defense FTD Software could allow an unauthenticated attacker with physical access to the device to bypass the secure bo...

Design/Logic Flaw

A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance ASA Software or Cisco Firepower Threat Defense FTD Software could allow an unauthenticated attacker with physical access to the device to bypass the secure bo...

device-mapper-persistent-data bug fix and enhancement update

An update is available for device-mapper-persistent-data. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, se...

PT-2022-5688 · Cisco · Cisco Secure Firewalls 3100 Series +1

Name of the Vulnerable Software and Affected Versions: Cisco Secure Firewalls 3100 Series versions affected versions not specified Description: A vulnerability in the secure boot implementation could allow an unauthenticated attacker with physical access to the device to bypass the secure boot...

Malicious code in vulnerablbsusuendency (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96fab10f3a2d9c02f0a1da42123c2b402cdbdedeb87fd648026da5709bfbdac3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-43569

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can inject and store arbitrary scripts that can lead to persistent cross-site scripting XSS in the object name of a Data Model...

CVE-2022-43569 Persistent Cross-Site Scripting via a Data Model object name in Splunk Enterprise

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can inject and store arbitrary scripts that can lead to persistent cross-site scripting XSS in the object name of a Data Model...

Cross site scripting

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user that holds the “power” Splunk role can store arbitrary scripts that can lead to persistent cross-site scripting XSS. The vulnerability affects instances with Splunk Web enabled...

CVE-2022-43561 Persistent Cross-Site Scripting in “Save Table” Dialog in Splunk Enterprise

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user that holds the “power” Splunk role can store arbitrary scripts that can lead to persistent cross-site scripting XSS. The vulnerability affects instances with Splunk Web enabled...

XSS Stored inside Standard Interface Help Link href attribute

📜 Description Cross-site scripting XSS is a type of security vulnerability that can be found in some web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. The persistent or stored XSS vulnerability is a more devastating variant of a...

CVE-2022-32835

This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An app may be able to read a persistent device identifier...

CVE-2022-32835

This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An app may be able to read a persistent device identifier...