βΌ CVE-2022-46502 βΌ
π Read
via "National Vulnerability Database".
Online Student Enrollment System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at /student_enrollment/admin/login.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42286 βΌ
π Read
via "National Vulnerability Database".
DGX A100 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, or escalation of privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42281 βΌ
π Read
via "National Vulnerability Database".
NVIDIA DGX A100 contains a vulnerability in SBIOS in the FsRecovery, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23566 βΌ
π Read
via "National Vulnerability Database".
A 2-Step Verification problem in Axigen 10.3.3.52 allows an attacker to access a mailbox by bypassing 2-Step Verification when they try to add an account to any third-party webmail service (or add an account to Outlook or Gmail, etc.) with IMAP or POP3 without any verification code.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42287 βΌ
π Read
via "National Vulnerability Database".
NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure and data tampering.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3159 βΌ
π Read
via "National Vulnerability Database".
The APDFL.dll contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0237 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42288 βΌ
π Read
via "National Vulnerability Database".
NVIDIA BMC contains a vulnerability in IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid BMC username, which may lead to an information disclosure.π Read
via "National Vulnerability Database".
βΌ CVE-2022-48258 βΌ
π Read
via "National Vulnerability Database".
In Eternal Terminal 6.2.1, etserver and etclient have world-readable logfiles.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23559 βΌ
π Read
via "National Vulnerability Database".
In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42285 βΌ
π Read
via "National Vulnerability Database".
DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization (PEI)phase, where a privileged user can disable SPI flash protection, which may lead to denial of service, escalation of privileges, or data tampering.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42280 βΌ
π Read
via "National Vulnerability Database".
NVIDIA BMC contains a vulnerability in SPX REST auth handler, where an un-authorized attacker can exploit a path traversal, which may lead to authentication bypass.π Read
via "National Vulnerability Database".
βΌ CVE-2022-48256 βΌ
π Read
via "National Vulnerability Database".
Technitium DNS Server before 10.0 allows a self-CNAME denial-of-service attack in which a CNAME loop causes an answer to contain hundreds of records.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42274 βΌ
π Read
via "National Vulnerability Database".
NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-21191 βΌ
π Read
via "National Vulnerability Database".
Versions of the package global-modules-path before 3.0.0 are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the getPath function.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42277 βΌ
π Read
via "National Vulnerability Database".
NVIDIA DGX Station contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other components.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0287 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in ityouknow favorites-web. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-218294 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
π tcpdump 4.99.3 π
π Read
via "Packet Storm Security".
tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.π Read
via "Packet Storm Security".
Packetstormsecurity
tcpdump 4.99.3 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β€1
β S3 Ep117: The crypto crisis that wasnβt (and farewell forever to Win 7) [Audio + Text] β
π Read
via "Naked Security".
Tell us in the comments... What's the REAL reason there was no Windows 9? (No theory too far-fetched!)π Read
via "Naked Security".
Naked Security
S3 Ep117: The crypto crisis that wasnβt (and farewell forever to Win 7) [Audio + Text]
Tell us in the commentsβ¦ Whatβs the REAL reason there was no Windows 9? (No theory too far-fetched!)
π1
βΌ CVE-2023-0288 βΌ
π Read
via "National Vulnerability Database".
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0289 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository craigk5n/webcalendar prior to master.π Read
via "National Vulnerability Database".