SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the sqlExpressions feature. An attacker can execute unauthorized commands on the system by chaining SQL Expressions with plugin functionality. Remediation Upgrade github.com/grafana/grafana/pkg/expr/sql to version...

CVE-2023-0126

Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory...

Path traversal

Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory...

SonicWALL SMA1000 series 路径遍历漏洞

The SonicWALL SMA1000 series is a family of secure mobile access solutions from SonicWALL, Inc. simplifies end-to-end secure remote access to enterprise resources hosted across local, cloud and hybrid data centers. A path traversal vulnerability exists in SonicWALL SMA1000 series version 12.4.2. ...

Apple iTunes < 12.4.2 Multiple Vulnerabilities (credentialed check)

The version of Apple iTunes installed on the remote Windows host is prior to 12.4.2. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist in the libxslt component due to improper validation of user-supplied input. An unauthenticated, remote attacker c...