
CVE-2022-47767 : SOLAR-LOG GATEWAY UP TO 4.2.7/5.1.1 SLCORE BACKDOOR
Description A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super administration privileges to the attacker.
Description A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super administration privileges to the attacker.
Description SQL Injection vulnerability in LearnPress – WordPress LMS Plugin
Description Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2023-21796. References https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-21795 For More Information
Description A stack-based buffer overflow in ParseColors in libXm in Common Desktop Environment 1.6 can be exploited by local low-privileged
Description In ModSecurity before 2.9.7, FILES_TMP_CONTENT sometimes lacked the complete content. This can lead to a Web Application Firewall bypass.
Description Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. In affected versions Sofia-SIP **lacks both
Description In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR,
Web Application Firewalls (WAF) have existed for quite some time to safeguard web applications by inspecting HTTP traffic. Traditionally, on-premises WAFs
Description Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation
Description Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31. References https://huntr.dev/bounties/3fd606f7-83e1-4265-b083-2e1889a05e65 https://github.com/pyload/pyload/commit/7d73ba7919e594d783b3411d7ddb87885aea782d For More Information MITRE
Description Izanami is a shared configuration service well-suited for micro-service architecture implementation. Attackers can bypass the authentication in this application
Description Omniverse Kit contains a vulnerability in the reference applications Create, Audio2Face, Isaac Sim, View, Code, and Machinima. These applications
Description InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-284:
Description There exists a use-after-free vulnerability in the Linux kernel through io_uring and the IORING_OP_SPLICE operation. If IORING_OP_SPLICE is missing
Description Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. References https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-21674 For More Information MITRE
Description Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote. References https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin
Description The bootloader in the Nokia ASIK AirScale system module (versions 474021A.101 and 474021A.102) loads public keys for firmware verification
Description A vulnerability in the ClearPass OnGuard Windows agent could allow malicious users on a Windows instance to elevate their
Description Versions of the package window-control before 1.4.5 are vulnerable to Command Injection via the sendKeys function, due to improper
Description Apache Dubbo is a java based, open source RPC framework. Versions prior to 2.6.10 and 2.7.10 are vulnerable to
Description A heap-based buffer overflow vulnerability in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through
Description Out-of-bounds write vulnerability in Remote Desktop Functionality in Synology VPN Plus Server before 1.4.3-0534 and 1.4.4-0635 allows remote attackers
Description lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file
Description authentik is an open-source Identity Provider focused on flexibility and versatility. Versions prior to 2022.11.4 and 2022.10.4 are vulnerable