CVE-2021-22811

CVE-2021-22811 is a cross-site scripting vulnerability in Schneider Electric NMC/NMC2/NMC3 web interfaces. The issue could permit arbitrary script execution when a privileged user accesses a vulnerable web page or when a malicious URL crafted for the NMC is used. Affected products span multiple S...

SourceCodester Storage Unit Rental Management System SQL Injection Vulnerability

SourceCodester Storage Unit Rental Management System is a storage unit rental management system that helps manage storage unit rental business records and monitor their records. sourceCodester Storage Unit Rental Management A SQL injection vulnerability exists in the v1 version of the System. The...

DEBIAN-CVE-2022-23034

A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled. PV guests can request two forms of mappings. When both are in use for any individual mapping, unmapping of such a...

CVE-2021-40907

SQL injection vulnerability in Sourcecodester Storage Unit Rental Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter to /storage/classes/Login.php...

CVE-2021-40907

SQL injection vulnerability in Sourcecodester Storage Unit Rental Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter to /storage/classes/Login.php...

Sql injection

SQL injection vulnerability in Sourcecodester Storage Unit Rental Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter to /storage/classes/Login.php...

CVE-2021-40907

CVE-2021-40907 affects SourceCodester Storage Unit Rental Management System v1 by oretnom23. A SQL injection flaw arises from inadequate validation of externally entered SQL statements in the username parameter of /storage/classes/Login.php, allowing attackers to execute arbitrary SQL commands. N...

CVE-2021-40907

SQL injection vulnerability in Sourcecodester Storage Unit Rental Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter to /storage/classes/Login.php...

Sourcecodester Storage Unit Rental Management System SQL注入漏洞

SourceCodester Storage Unit Rental Management System is a storage unit rental management system that helps manage storage unit rental business records and monitor their records. sourceCodester Storage Unit Rental Management A SQL injection vulnerability exists in the v1 version of the System. The...

SUSE Linux Enterprise Server 后置链接漏洞

SUSE Linux Enterprise Server is an enterprise server edition of the Linux operating system from SUSE Germany. A security vulnerability exists in SUSE Linux Enterprise Server SLES that allows an attacker to create a symbolic link to change the file pointed to with Watchman privileges via a Socket...

CVE-2022-22265

An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution...

Samsung NPU driver 安全漏洞

Samsung NPU driver is a neural network processor from Samsung South Korea. A security vulnerability exists in Samsung Mobile's NPU driver prior to SMR Jan-2022 Release 1, which arises from improper checking or handling of exceptions in the NPU driver, allowing arbitrary memory writes and code...

PT-2025-8293

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel, specifically in the drm/panfrost component. This occurs because a job structure references panfrost priv to access the MMU context, eve...

com.github.marcelop3251:queues-manager (=1.2.0), net.oneandone.ioc-unit:ioc-unit-jms-rabbitmq (>=2.0.28 <=2.0.40) potentially affected by CVE-2020-36282 via com.rabbitmq.jms:rabbitmq-jms (=1.14.0)

com.rabbitmq.jms:rabbitmq-jms MAVEN version =1.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on com.rabbitmq.jms:rabbitmq-jms and may be impacted: - com.github.marcelop3251:queues-manager =1.2.0 - net.oneandone.ioc-unit:ioc-unit-jms-rabbitmq =2.0.2...

US Military’s Hacking Unit to take on ransomware gangs

By ghostadmin The Units boss Gen. Paul Nakasone said that the US military computer operatives are ready to target ransomware gangs and state actors, whoever poses a threat to critical US infrastructure. The US militarys hacking division called Cyber Command is taking aggressive steps to fight...

CVE-2021-44149

An issue was discovered in Trusted Firmware OP-TEE Trusted OS through 3.15.0. The OPTEE-OS CSU driver for NXP i.MX6UL SoC devices lacks security access configuration for wakeup-related registers, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write...

DEBIAN-CVE-2021-36133

The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...

NXP i.MX SoC安全漏洞

NXP i.MX SoC is nxp's multi-core solution for multimedia and display applications with scalable, secure and reliable high-performance and low-power features. nXP i.MX SoC devices have a security vulnerability that stems from the OPTEE-OS CSU driver for NXP i.MX SoC devices lacking secure access...

Hitachi Energy RTU500 OpenLDAP

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 Series Vulnerabilities: Type Confusion, Reachable Assertion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause a denial-of-service condition...

NICKEL targeting government organizations across Latin America and Europe

The Microsoft Threat Intelligence Center MSTIC has observed NICKEL, a China-based threat actor, targeting governments, diplomatic entities, and non-governmental organizations NGOs across Central and South America, the Caribbean, Europe, and North America. MSTIC has been tracking NICKEL since 2016...