βΌ CVE-2022-2870 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in laravel 5.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206501 was assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2849 βΌ
π Read
via "National Vulnerability Database".
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0219.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2547 βΌ
π Read
via "National Vulnerability Database".
A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35122 βΌ
π Read
via "National Vulnerability Database".
An access control issue in Ecowitt GW1100 Series Weather Stations <=GW1100B_v2.1.5 allows unauthenticated attackers to access sensitive information including device and local WiFi passwords.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35133 βΌ
π Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1748 βΌ
π Read
via "National Vulnerability Database".
Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1373 βΌ
π Read
via "National Vulnerability Database".
The Γ’β¬Εrestore configurationΓ’β¬οΏ½ feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. An attacker can craft a zip file to load an arbitrary dll and execute code. Using the "restore configuration" feature to upload a zip file containing a path traversal file may cause a file to be created and executed upon touching the disk.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2862 βΌ
π Read
via "National Vulnerability Database".
Use After Free in GitHub repository vim/vim prior to 9.0.0220.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23764 βΌ
π Read
via "National Vulnerability Database".
The vulnerability causing from insufficient verification procedures for downloaded files during WebCube update. Remote attackers can bypass this verification logic to update both digitally signed and unauthorized files, enabling remote code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1069 βΌ
π Read
via "National Vulnerability Database".
A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23747 βΌ
π Read
via "National Vulnerability Database".
In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback.π Read
via "National Vulnerability Database".
βΌ CVE-2021-26639 βΌ
π Read
via "National Vulnerability Database".
This vulnerability is caused by the lack of validation of input values for specific functions if WISA Smart Wing CMS. Remote attackers can use this vulnerability to leak all files in the server without logging in system.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2334 βΌ
π Read
via "National Vulnerability Database".
The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22.π Read
via "National Vulnerability Database".
βΌ CVE-2020-14394 βΌ
π Read
via "National Vulnerability Database".
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-36215 βΌ
π Read
via "National Vulnerability Database".
DedeBIZ v6 was discovered to contain a remote code execution vulnerability in sys_info.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-36216 βΌ
π Read
via "National Vulnerability Database".
DedeCMS v5.7.94 - v5.7.97 was discovered to contain a remote code execution vulnerability in member_toadmin.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35147 βΌ
π Read
via "National Vulnerability Database".
DoraCMS v2.18 and earlier allows attackers to bypass login authentication via a crafted HTTP request.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2335 βΌ
π Read
via "National Vulnerability Database".
A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23765 βΌ
π Read
via "National Vulnerability Database".
This vulnerability occured by sending a malicious POST request to a specific page while logged in random user from some family of IPTIME NAS. Remote attackers can steal root privileges by changing the password of the root through a POST request.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35121 βΌ
π Read
via "National Vulnerability Database".
Novel-Plus v3.6.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /service/impl/BookServiceImpl.java.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35516 βΌ
π Read
via "National Vulnerability Database".
DedeCMS v5.7.93 - v5.7.96 was discovered to contain a remote code execution vulnerability in login.php.π Read
via "National Vulnerability Database".