All Posts by: Prasad G

Description Uncontrolled search path for the Intel(R) AI Hackathon software before version 2.0.0 may allow an unauthenticated user to potentially

Description Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to privilege escalation. References https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08 For

Description Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow

Description SAP PowerDesigner – version 16.7, has improper access control which might allow an unauthenticated attacker to run arbitrary queries

Description A vulnerability classified as critical was found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by

Description LinuxASMCallGraph is software for drawing the call graph of the programming code. Linux ASMCallGraph before commit 20dba06bd1a3cf260612d4f21547c25002121cd5 allows attackers

Description A user is capable of assigning him/herself to arbitrary groups by reusing a POST request issued by an administrator.

Description A vulnerability has been discovered in Xiaomi routers that could allow command injection through an external interface. This vulnerability

Description An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14 before 16.0.8, all versions starting

Description ** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain

Description Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which

Description A vulnerability was found in SourceCodester Simple Online Mens Salon Management System 1.0. It has been classified as critical.

Description OS Command Injection in GitHub repository jgraph/drawio prior to 21.4.0. References https://github.com/jgraph/drawio/commit/9d6532de36496e77d872d91b1947bb696607d623 https://huntr.dev/bounties/ce75aa04-e4d6-4e0a-9db0-ae84c46ae9e2 For More Information CVERecord

Description The issue was addressed with improved memory handling. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura

Description On Ubuntu kernels carrying both c914c0e27eb0 and “UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs”, an unprivileged user

Description Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, through 11.10 allows remote attackers to obtain PII, add an administrative

Description vm2 is an open source vm/sandbox for Node.js. In vm2 for versions up to and including 3.9.19, Node.js custom

Description It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by lacking

Description Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability in HGiga iSherlock 4.5 (iSherlock-user

Description It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in

Description Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior

Description Emby Server is a user-installable home media server which stores and organizes a user’s media files of virtually any