Description An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10.1.2228.15. Despite configuring complete
Description A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable
Description The “puhttpsniff” service, which runs by default, is susceptible to command injection due to improperly sanitized user input. An
Description Memory corruption in Core due to improper configuration in boot remapper. References https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin For More Information MITRE
Description A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to
Description Memory corruption in SPI buses due to improper input validation while reading address configuration from spi buses in Snapdragon
Description Unauthenticated remote arbitrary code execution. References https://support.citrix.com/article/CTX474995 For More Information MITRE
Description There is a command injection vulnerability that could lead to unauthenticated remote code execution by sending specially crafted packets
A New WAF Bypass hack has been identified by claroty team. This uses json based sql strings which is not conventionally been
Description A vulnerability was found in RainyGao DocSys. It has been declared as critical. This vulnerability affects the function getReposAllUsers
Description xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol
Description A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could
Description Unauth. Privilege Escalation vulnerability in ARMember premium plugin
Description Unauth. Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards premium plugin
Description PC Keyboard allows remote unauthenticated users to send instructions to the server to execute arbitrary code without any previous
Description An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Unauthenticated remote command
Description Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device. This could allow
Description In multiple products by Festo a remote unauthenticated attacker could use functions of an undocumented protocol which could lead
Description Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability in Asus NAS-M25 allows an
Description Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow authenticated users to execute arbitrary commands as root,
Description Improper Input Validation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series RJ71EN71 Firmware version “65” and prior and Mitsubishi
Description Purchase Order Management System v1.0 contains a file upload vulnerability via /purchase_order/admin/?page=system_info. References https://github.com/lcg-22266/bug_report/blob/main/vendors/oretnom23/Purchase%20Order%20Management%20System/UPLOAD-1.md For More Information MITRE
Description An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is
Description A specific file on the sERP server if Kyungrinara(ERP solution) has a fixed password with the SYSTEM authority. This