‼ CVE-2022-22413 ‼
📖 Read
via "National Vulnerability Database".
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 223022.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21131 ‼
📖 Read
via "National Vulnerability Database".
Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29739 ‼
📖 Read
via "National Vulnerability Database".
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=user/manage_user&id=.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21128 ‼
📖 Read
via "National Vulnerability Database".
Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0126 ‼
📖 Read
via "National Vulnerability Database".
Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0005 ‼
📖 Read
via "National Vulnerability Database".
Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-33123 ‼
📖 Read
via "National Vulnerability Database".
Improper access control in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26780 ‼
📖 Read
via "National Vulnerability Database".
Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`'s `user_define_init` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29298 ‼
📖 Read
via "National Vulnerability Database".
SolarView Compact ver.6.00 allows attackers to access sensitive files via directory traversal.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26510 ‼
📖 Read
via "National Vulnerability Database".
A firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted HTTP request can lead to firmware update. An attacker can send a sequence of requests to trigger this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26085 ‼
📖 Read
via "National Vulnerability Database".
An OS command injection vulnerability exists in the httpd wlscan_ASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-33122 ‼
📖 Read
via "National Vulnerability Database".
Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29745 ‼
📖 Read
via "National Vulnerability Database".
Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=delete_transaction.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-33103 ‼
📖 Read
via "National Vulnerability Database".
Unintended intermediary in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24297 ‼
📖 Read
via "National Vulnerability Database".
Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24910 ‼
📖 Read
via "National Vulnerability Database".
A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21809 ‼
📖 Read
via "National Vulnerability Database".
A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can upload a malicious file to trigger this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29303 ‼
📖 Read
via "National Vulnerability Database".
SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30000 ‼
📖 Read
via "National Vulnerability Database".
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editPayment.php?recipt_no=.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26075 ‼
📖 Read
via "National Vulnerability Database".
An OS command injection vulnerability exists in the console infactory_wlan functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29307 ‼
📖 Read
via "National Vulnerability Database".
IonizeCMS v1.0.8.1 was discovered to contain a command injection vulnerability via the function copy_lang_content in application/models/lang_model.php.📖 Read
via "National Vulnerability Database".