‼ CVE-2017-20155 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in Sterc Google Analytics Dashboard for MODX up to 1.0.5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file core/components/analyticsdashboardwidget/elements/tpl/widget.analytics.tpl of the component Internal Search. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 1.0.6 is able to address this issue. The name of the patch is 855d9560d3782c105568eedf9b22a769fbf29cc0. It is recommended to upgrade the affected component. The identifier VDB-217069 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34673 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42256 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow in index validation may lead to denial of service, information disclosure, or data tampering.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34674 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42264 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-of-range pointer offset, which may lead to data tampering, data loss, information disclosure, or denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42270 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA distributions of Linux contain a vulnerability in nvdla_emu_task_submit, where unvalidated input may allow a local attacker to cause stack-based buffer overflow in kernel code, which may lead to escalation of privileges, compromised integrity and confidentiality, and denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42258 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service, data tampering, or information disclosure.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34678 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause a null-pointer dereference, which may lead to denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42255 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42266 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an unprivileged regular user can cause exposure of sensitive information to an actor that is not explicitly authorized to have access to that information, which may lead to limited information disclosure.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42259 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34680 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34675 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA Display Driver for Linux contains a vulnerability in the Virtual GPU Manager, where it does not check the return value from a null-pointer dereference, which may lead to denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2017-20159 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in rf Keynote up to 0.x. It has been rated as problematic. Affected by this issue is some unknown functionality of the file lib/keynote/rumble.rb. The manipulation of the argument value leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.0.0 is able to address this issue. The name of the patch is 05be4356b0a6ca7de48da926a9b997beb5ffeb4a. It is recommended to upgrade the affected component. VDB-217142 is the identifier assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2017-20158 ‼
📖 Read
via "National Vulnerability Database".
** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in vova07 Yii2 FileAPI Widget up to 0.1.8. It has been declared as problematic. Affected by this vulnerability is the function run of the file actions/UploadAction.php. The manipulation of the argument file leads to cross site scripting. The attack can be launched remotely. Upgrading to version 0.1.9 is able to address this issue. The name of the patch is c00d1e4fc912257fca1fce66d7a163bdbb4c8222. It is recommended to upgrade the affected component. The identifier VDB-217141 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.📖 Read
via "National Vulnerability Database".
👍1🤔1
‼ CVE-2014-125027 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability has been found in Yuna Scatari TBDev up to 2.1.17 and classified as problematic. Affected by this vulnerability is the function get_user_icons of the file usersearch.php. The manipulation of the argument n/r/r2/em/ip/co/ma/d/d2/ul/ul2/ls/ls2/dl/dl2 leads to cross site scripting. The attack can be launched remotely. Upgrading to version 2.1.18 is able to address this issue. The name of the patch is 0ba3fd4be29dd48fa4455c236a9403b3149a4fd4. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217147.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2017-20160 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in flitto express-param up to 0.x. It has been classified as critical. This affects an unknown part of the file lib/fetchParams.js. The manipulation leads to improper handling of extra parameters. It is possible to initiate the attack remotely. Upgrading to version 1.0.0 is able to address this issue. The name of the patch is db94f7391ad0a16dcfcba8b9be1af385b25c42db. It is recommended to upgrade the affected component. The identifier VDB-217149 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2014-125028 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in valtech IDP Test Client and classified as problematic. Affected by this issue is some unknown functionality of the file python-flask/main.py. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The name of the patch is f1e7b3d431c8681ec46445557125890c14fa295f. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217148.📖 Read
via "National Vulnerability Database".
‼ CVE-2018-25061 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in rgb2hex up to 0.1.5. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely. Upgrading to version 0.1.6 is able to address this issue. The name of the patch is 9e0c38594432edfa64136fdf7bb651835e17c34f. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217151.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2022-43813 ‼
📖 Read
via "National Vulnerability Database".
To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43810 ‼
📖 Read
via "National Vulnerability Database".
To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.📖 Read
via "National Vulnerability Database".