12646 matches found
CVE-2023-21457
Improper access control vulnerability in Bluetooth prior to SMR Mar-2023 Release 1 allows attackers to send file via Bluetooth without related permission...
CVE-2023-20071
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker coul...
CVE-2023-36934
In Progress MOVEit Transfer before 2020.1.11 12.1.11, 2021.0.9 13.0.9, 2021.1.7 13.1.7, 2022.0.7 14.0.7, 2022.1.8 14.1.8, and 2023.0.4 15.0.4, a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized...
CVE-2023-34362
In Progress MOVEit Transfer before 2021.0.6 13.0.6, 2021.1.4 13.1.4, 2022.0.4 14.0.4, 2022.1.5 14.1.5, and 2023.0.1 15.0.1, a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database...
CVE-2023-6218
In Progress MOVEit Transfer versions released before 2022.0.9 14.0.9, 2022.1.10 14.1.10, 2023.0.7 15.0.7, a privilege escalation path associated with group administrators has been identified. It is possible for a group administrator to elevate a group members permissions to the role of an...
CVE-2023-47251
In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the print function of the VNC service allows authenticated attackers with access to a VNC session to automatically transfer malicious PDF documents by moving them into the .spool directory, and then...
CVE-2022-25223
Money Transfer Management System Version 1.0 allows an authenticated user to inject SQL queries in 'mtms/admin/?page=transaction/viewdetails' via the 'id' parameter...
CVE-2022-29741
Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=deletefee...
CVE-2022-41796
Untrusted search path vulnerability in the installer of Content Transfer for Windows Ver.1.3 and prior allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2022-41577
The kernel server has a vulnerability of not verifying the length of the data transferred in the user space.Successful exploitation of this vulnerability may cause out-of-bounds read in the kernel, which affects the device confidentiality and availability...
CVE-2022-4331
An issue has been discovered in GitLab EE affecting all versions starting from 15.1 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. If a group with SAML SSO enabled is transferred to a new namespace as a child group, it's possible...
CVE-2022-29738
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=transaction/send=, id...
PT-2025-22800 · Unknown · Sipass Integrated Ac5102 +1
Name of the Vulnerable Software and Affected Versions: SiPass integrated AC5102 ACC-G2 All versions SiPass integrated ACC-AP All versions Description: A vulnerability has been identified where affected devices do not properly check the integrity of firmware updates. This could allow a local...
FreeFloat FTP Server 安全漏洞
FreeFloat FTP Server is an FTP service from FreeFloat. FreeFloat FTP Server suffers from a buffer overflow vulnerability that is caused by incorrect boundary checking in the component TYPE command handler. No detailed vulnerability details are provided at this time...
FreeFloat FTP Server 安全漏洞
FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the failure of the MGET command processing component to properly validate the length size of input data, no details of the vulnerability are provided at this time...
CVE-2022-42965
An exponential ReDoS Regular Expression Denial of Service can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented getfiletransfertype method...
CVE-2022-38986
The HIPP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of this vulnerability may cause out-of-bounds access to the HIPP module and page table tampering, affecting device confidentiality and availability...
CVE-2022-30270
The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations that are part of engineering software functionality. Access to this interface is controlled by 5...
CVE-2022-29745
Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=deletetransaction...
CVE-2022-29746
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/classes/Users.php?f=delete...