346 matches found
CVE-2022-38147
Silverstripe silverstripe/framework through 4.11 allows XSS issue 3 of 3...
CVE-2022-23347
BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks...
CVE-2022-42198
In Simple Exam Reviewer Management System v1.0 the User List function suffers from insecure file upload...
CVE-2022-0734
A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35 through 5.20, that coul...
CVE-2022-27249
An unrestricted file upload vulnerability in IdeaRE RefTree before 2021.09.17 allows remote authenticated users to execute arbitrary code by using UploadDwg to upload a crafted aspx file to the web root, and then visiting the URL for this aspx resource...
Linux Distros Unpatched Vulnerability : CVE-2022-50540
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong sizeof config in slaveconfig Fix broken slaveconfig function...
CVE-2022-50514
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: fix refcount leak on error path When failing to allocate reportdesc, opts-refcnt has already been incremented so it needs to be decremented to avoid leaving the options structure permanently locked...
EUVD-2023-42891
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-49916
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rose: Fix NULL pointer dereference in rosesendframe The syzkaller reported an issue: KASAN:...
RHEL 9 : ncurses (RHSA-2025:16414)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16414 advisory. The ncurses new curses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses...
Linux Distros Unpatched Vulnerability : CVE-2022-40735
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Diffie-Hellman Key Agreement Protocol allows use of long exponents that arguably make certain calculations unnecessarily expensive, because the 1996 van...
Linux Distros Unpatched Vulnerability : CVE-2022-23498
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including...
Linux Distros Unpatched Vulnerability : CVE-2022-41999
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service vulnerability exists in the DDS native tile reading functionality of OpenImageIO Project OpenImageIO v2.3.19.0 and v2.4.4.2. A...
Linux Distros Unpatched Vulnerability : CVE-2022-49899
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fscrypt: stop using keyrings subsystem for fscryptmasterkey The approach of fs/crypto/ internally managing the fscryptmasterkey structs as the payloads of struc...
Linux Distros Unpatched Vulnerability : CVE-2022-48882
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix macsec possible null dereference when updating MAC security entity SecY Upon...
Linux Distros Unpatched Vulnerability : CVE-2022-2585
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free...
Linux Distros Unpatched Vulnerability : CVE-2022-48860
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ethernet: Fix error handling in xemacliteofprobe This node pointer is returned by ofparsephandle with refcount incremented in this function. Calling ofnodeput t...
Linux Distros Unpatched Vulnerability : CVE-2022-50034
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: cdns3 fix use-after-free at workaround 2 BUG: KFENCE: use-after-free read in...
Linux Distros Unpatched Vulnerability : CVE-2022-50132
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: cdns3: change place of 'privep' assignment in cdns3gadgetepdequeue, cdns3gadgetepenable If 'ep' is NULL, result of eptocdns3epep is invalid pointer and its...
Linux Distros Unpatched Vulnerability : CVE-2022-49768
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 9p: transfd/p9conncancel: drop client lock earlier syzbot reported a double-lock here and we no longer need this lock after requests have been moved off to loca...