CVE-2022-42187

Hustoj 22.09.22 has a XSS Vulnerability in /admin/problemjudge.php...

CVE-2022-42187

Hustoj 22.09.22 has a XSS Vulnerability in /admin/problemjudge.php...

Cross site scripting

Hustoj 22.09.22 has a XSS Vulnerability in /admin/problemjudge.php...

CVE-2022-42187

Hustoj 22.09.22 has a XSS Vulnerability in /admin/problemjudge.php...

HUSTOJ 跨站脚本漏洞

HUSTOJ is a popular OJ system from the Chinese individual developer Zhang Haobin zhblue. A cross-site scripting vulnerability exists in HUSTOJ version 22.09.22, which stems from a cross-site scripting XSS vulnerability in /admin/problemjudge.php...

PT-2022-26301 · Hustoj · Hustoj

Name of the Vulnerable Software and Affected Versions: Hustoj version 22.09.22 Description: The issue is related to a XSS vulnerability in the /admin/problem judge.php endpoint. Recommendations: For Hustoj version 22.09.22, consider restricting access to the /admin/problem judge.php endpoint unti...

Buffer overflow

In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem that could be used by an attacker to cause SMRAM corruption and escalation of privileges The UsbCoreDxe module creates a working buffer for USB...

CVE-2021-42898

Technical details for CVE-2021-42898 are not publicly available in the provided documents. Monitor for updates as the Initial Description indicates the candidate is reserved.

CVE-2022-30283

In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem that could be used by an attacker to cause SMRAM corruption and escalation of privileges The UsbCoreDxe module creates a working buffer for USB...

CVE-2022-45081

CVE-2022-45081 is associated with a Missing Access Control vulnerability in WordPress plugin "Add Multiple Marker" (versions

PVS: Targets fail to boot since it attempts to boot from wrong PVS servers

PVS created a new PVS site and updated option 66 and 67 in the DHCP servers, but Targets failed to connect to the PVS servers in the new PVS site during boot, and it continued to use the PVS servers in old PVS Site...

Update 19.13 for Microsoft Dynamics 365 Business Central (on-premises) 2021 Release Wave 2 (Application Build 19.13.48486, Platform Build 19.0.48446)

None None...

PT-2025-26139

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential use-after-free issue exists in the Linux kernel due to the netfilter: nf tables allowing SET ID to refer to another table. When doing lookups for sets on the same batch by...

Apache Tomcat Environment Issue Vulnerability (CNVD-2022-74082)

Apache Tomcat is a lightweight Web application server from the Apache Foundation. The program implements support for Servlet and JavaServer Page JSP. Apache Tomcat has an environment problem vulnerability that stems from the fact that Tomcat may have a request smuggling problem Request Smuggling...

CVE-2021-045960

IBM Robotic Process Automation for Cloud Pak 21.0.2 is affected by multiple vulnerabilities tied to Expat/libexpat and related components, including CVE-2021-045960. The bulletin lists Expat-derived CVEs impacting the base container images and the .NET 6 runtime, with various CVSS details. Remedi...

GHSA-Q4QM-FV7M-8RF7 Duplicate Advisory: Cross-Site Request Forgery in easyii CMS

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-3x3w-vcjx-7796. This link is maintained to preserve external references. Original Description A vulnerability, which was classified as problematic, was found in easyii CMS. Affected is an unknown function of the...

Reflecting on Cybersecurity Awareness Month: At its Core, Cybersecurity is all about People

As Cybersecurity Awareness Month 2022 comes to a close, I’m grateful for the impact it has had in bringing cybersecurity to the forefront since it began in 2004. Though the month may be over, our work in cybersecurity is never done. Often, we think about cybersecurity as a complex technology...

CVE-2022-44705

Technical details for CVE-2022-44705 are not publicly available in the provided documents. There is no information on affected products, impact, vectors, or remediation. Monitor for future updates.

CVE-2022-24476

CVE-2022-24476 affects IBM WebSphere Application Server Liberty (and Open Liberty) within IBM Watson Assistant for IBM Cloud Pak for Data, version ranges 17.0.0.3–22.0.0.7 and Open Liberty with authenticated identity spoofing via a specially crafted request. IBM Clover: vulnerable products includ...

Maintenance Mode aims to keep phone data private during repairs

One of the biggest data related headaches youll face with a mobile device is what do to in the event of a repair. When you have to send your phone in for a fix, what happens to your data? In many cases, the repair technicians will simply scrub the phone by default unless you ask them not to. In...