GHSA-F6PR-83PG-GHH6 pygeoapi 0.23.x: Path Traversal in STAC FileSystemProvider

Impact A raw string path concatenation vulnerability in pygeoapi's STAC FileSystemProvider plugin can allow for requests to STAC collection based collections to expose directories without authentication. The issue manifests when pygeoapi is deployed without a proxy or web front end that would...

EUVD-2022-47495

Malicious code in bioql PyPI...

CVE-2022-44553

The HiView module has a vulnerability of not filtering third-party apps out when the HiView module traverses to invoke the system provider. Successful exploitation of this vulnerability may cause third-party apps to start periodically...

CVE-2022-44553

The HiView module has a vulnerability of not filtering third-party apps out when the HiView module traverses to invoke the system provider. Successful exploitation of this vulnerability may cause third-party apps to start periodically...

CVE-2022-44553

The HiView module has a vulnerability of not filtering third-party apps out when the HiView module traverses to invoke the system provider. Successful exploitation of this vulnerability may cause third-party apps to start periodically...

Denial of service

The HiView module has a vulnerability of not filtering third-party apps out when the HiView module traverses to invoke the system provider. Successful exploitation of this vulnerability may cause third-party apps to start periodically...

CVE-2022-44553

The HiView module has a vulnerability of not filtering third-party apps out when the HiView module traverses to invoke the system provider. Successful exploitation of this vulnerability may cause third-party apps to start periodically...

PT-2022-27238 · Hiview · Hiview

Name of the Vulnerable Software and Affected Versions: HiView module affected versions not specified Description: The HiView module has a vulnerability where it fails to filter out third-party apps when invoking the system provider. This could lead to third-party apps starting periodically if the...

CVE-2022-44553

CVE-2022-44553 affects the HiView module in HarmonyOS. Root cause: the HiView module does not filter third‑party apps when invoking the system provider, enabling potential abuse. Impact: successful exploitation may cause third‑party apps to start periodically. CVSSv3.1 base score 5.3 (I: Low, A: ...

SQL Injection Vulnerability in Network Video Surveillance System of Tianmai Technology

Zhengzhou Tianmai Technology Co., Ltd. was founded in 2004, is located in Zhengzhou City, National High-tech Industrial Development Zone, is specializing in public transportation intelligent system solutions provider, is the "city intelligent bus solutions" and "3G/4G video, Beidou/GPS monitoring...

Security Bulletin: GNU C library (glibc) vulnerability affects IBM SDN-VE Unified Controller and IBM SDN-VE Service Appliance (CVE-2015-0235)

Summary GNU C library glibc vulnerability that has been referred to as GHOST affects IBM SDN VE Unified Controller and IBM SDN VE Service Appliance. Vulnerability Details CVEID: CVE-2015-0235 DESCRIPTION:The gethostbyname functions of the GNU C Library glibc are vulnerable to a buffer overflow. B...

Security Bulletin: Vulnerabilities in Linux package OpenSSH may affect IBM Cloud Orchestrator (CVE-2016-0777, CVE-2016-0778)

Summary The following vulnerabilities affect the OpenSSH package distributed with the prerequisite Linux operating system upon which IBM Cloud Orchestrator runs. Vulnerability Details CVEID: CVE-2016-0777 DESCRIPTION: OpenSSH could allow a remote attacker to obtain sensitive information, caused b...