59 matches found
CVE-2019-1010112
OECMS v4.3.R60321 and v4.3 later is affected by: Cross Site Request Forgery CSRF. The impact is: The victim clicks on adding an administrator account. The component is: admincp.php. The attack vector is: network connectivity. The fixed version is: v4.3...
CVE-2025-30000
A vulnerability has been identified in Siemens License Server SLS All versions V4.3. The affected application does not properly restrict permissions of the users. This could allow a lowly-privileged attacker to escalate their privileges...
GSD-2023-1002248 ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()
ipv4: prevent potential spectre v1 gadget in ipmetricsconvert This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.272 by commit...
GSD-2023-1001469 Input: elants_i2c - properly handle the reset GPIO when power is off
Input: elantsi2c - properly handle the reset GPIO when power is off This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...
GSD-2023-1001233 net: sched: disallow noqueue for qdisc classes
net: sched: disallow noqueue for qdisc classes This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...
CVE-2022-45914
The ESL Electronic Shelf Label protocol, as implemented by for example the OV80e934802 RF transceiver on the ETAG-2130-V4.3 20190629 board, does not use authentication, which allows attackers to change label values via 433 MHz RF signals, as demonstrated by disrupting the organization of a hospit...
GSD-2022-1006175 x86/pmem: Fix platform-device leak in error path
x86/pmem: Fix platform-device leak in error path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.256 by commit...
GSD-2022-1006130 spmi: trace: fix stack-out-of-bound access in SPMI tracing functions
spmi: trace: fix stack-out-of-bound access in SPMI tracing functions This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.256 by commit...
GSD-2022-1005901 x86/pmem: Fix platform-device leak in error path
x86/pmem: Fix platform-device leak in error path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.137 by commit...
GSD-2022-1005821 spmi: trace: fix stack-out-of-bound access in SPMI tracing functions
spmi: trace: fix stack-out-of-bound access in SPMI tracing functions This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.137 by commit...
GSD-2022-1004078 drm/msm/hdmi: check return value after calling platform_get_resource_byname()
drm/msm/hdmi: check return value after calling platformgetresourcebyname This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.318 by commit...
GSD-2022-1003918 drm/msm/hdmi: check return value after calling platform_get_resource_byname()
drm/msm/hdmi: check return value after calling platformgetresourcebyname This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.247 by commit...
CVE-2022-29380
Academy-LMS v4.3 was discovered to contain a stored cross-site scripting XSS vulnerability in the SEO panel...
Cross site scripting
Academy-LMS v4.3 was discovered to contain a stored cross-site scripting XSS vulnerability in the SEO panel...
CVE-2022-29380
Academy-LMS v4.3 was discovered to contain a stored cross-site scripting XSS vulnerability in the SEO panel...
CVE-2022-29380
The connected records confirm CVE-2022-29380 affects Creativeitem Academy-LMS v4.3, with a stored cross-site scripting (XSS) vulnerability in the SEO panel. The root cause is described as a lack of data validation/filtering of user-supplied data and output in the SEO panel, enabling injection of ...
GSD-2022-1001685 net: openvswitch: fix leak of nested actions
net: openvswitch: fix leak of nested actions This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.34 by commit...
GSD-2022-1000647 af_packet: fix data-race in packet_setsockopt / packet_setsockopt
afpacket: fix data-race in packetsetsockopt / packetsetsockopt This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.6 by commit...
GSD-2022-1000213 af_packet: fix data-race in packet_setsockopt / packet_setsockopt
afpacket: fix data-race in packetsetsockopt / packetsetsockopt This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.97 by commit...
GSD-2022-1000197 drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
drm/msm/dsi: invalid parameter check in msmdsiphyenable This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.96 by commit...