‼️CVE-2022-46486‼️
📖 Read more
Via "National Vulnerability Database"
A lack of pointervalidation logic in the sconedispatch component of SCONE before v5.8.0 for Intel SGX allows attackers to access sensitive information.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2022-46487‼️
📖 Read more
Via "National Vulnerability Database"
Improper initialization of x87 and SSE floatingpoint configuration registers in the sconeentry component of SCONE before 5.8.0 for Intel SGX allows a local attacker to compromise the execution integrity of floatingpoint operations in an enclave or access sensitive information via sidechannel analysis.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-38021‼️
📖 Read more
Via "National Vulnerability Database"
An issue was discovered in Fortanix EnclaveOS Confidential Computing Manager CCM Platform before 3.32 for Intel SGX. Lack of pointeralignment validation logic in entry functions allows a local attacker to access unauthorized information. This relates to the enclaveecall function and system call layer.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-38022‼️
📖 Read more
Via "National Vulnerability Database"
An issue was discovered in Fortanix EnclaveOS Confidential Computing Manager CCM Platform before 3.29 for Intel SGX. Insufficient pointer validation allows a local attacker to access unauthorized information. This relates to strlen and sgxiswithinuser.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-38023‼️
📖 Read more
Via "National Vulnerability Database"
An issue was discovered in SCONE Confidential Computing Platform before 5.8.0 for Intel SGX. Lack of pointeralignment logic in sconedispatch and other entry functions allows a local attacker to access unauthorized information, aka an "AEPIC Leak."📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-41544‼️
📖 Read more
Via "National Vulnerability Database"
SSTI injection vulnerability in jeecgboot version 3.5.3, allows remote attackers to execute arbitrary code via crafted HTTP request to the jmreportloadTableData component.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52252‼️
📖 Read more
Via "National Vulnerability Database"
Unified Remote 3.13.0 allows remote attackers to execute arbitrary Lua code because of a wildcarded AccessControlAllowOrigin for the Remote upload endpoint.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52257‼️
📖 Read more
Via "National Vulnerability Database"
LogoBee 0.2 allows updates.php?id XSS.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7172‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the component Admin Dashboard. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB249356.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2018-25096‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability was found in MdAlAminaol Own Health Record 0.1alpha0.2alpha0.3alpha0.3.1alpha. It has been rated as problematic. This issue affects some unknown processing of the file includeslogout.php. The manipulation leads to crosssite request forgery. The attack may be initiated remotely. Upgrading to version 0.4alpha is able to address this issue. The patch is named 58b413aa40820b49070782c786c526850ab7748f. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB249191.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7173‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability, which was classified as problematic, was found in PHPGurukul Hospital Management System 1.0. This affects an unknown part of the file registration.php. The manipulation of the argument First Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB249357 was assigned to this vulnerability.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7175‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability was found in Campcodes Online College Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file adminborrowadd.php of the component HTTP POST Request Handler. The manipulation of the argument student leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB249362 is the identifier assigned to this vulnerability.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-50550‼️
📖 Read more
Via "National Vulnerability Database"
layui up to v2.74 was discovered to contain a crosssite scripting XSS vulnerability via the datacontent parameter.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-50578‼️
📖 Read more
Via "National Vulnerability Database"
Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at contentlist.do.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-51133‼️
📖 Read more
Via "National Vulnerability Database"
TOTOLINK X2000R Gh v1.0.0B20230221.0948.web was discovered to contain a stack overflow via the function formRoute.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-51135‼️
📖 Read more
Via "National Vulnerability Database"
TOTOLINK X2000R Gh v1.0.0B20230221.0948.web was discovered to contain a stack overflow via the function formPasswordSetup.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-51136‼️
📖 Read more
Via "National Vulnerability Database"
TOTOLINK X2000R Gh v1.0.0B20230221.0948.web was discovered to contain a stack overflow via the function formRebootSchedule.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7176‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability classified as critical has been found in Campcodes Online College Library System 1.0. This affects an unknown part of the file adminreturnadd.php of the component HTTP POST Request Handler. The manipulation of the argument student leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB249363.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7177‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability classified as critical was found in Campcodes Online College Library System 1.0. This vulnerability affects unknown code of the file adminbookadd.php of the component HTTP POST Request Handler. The manipulation of the argument category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB249364.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-49299‼️
📖 Read more
Via "National Vulnerability Database"
Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server.This issue affects Apache DolphinScheduler until 3.1.9. Users are recommended to upgrade to version 3.1.9, which fixes the issue. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-50110‼️
📖 Read more
Via "National Vulnerability Database"
TestLink through 1.9.20 allows type juggling for authentication bypass because is not used.📖 Read more
Via "National Vulnerability Database"