CVE-2022-47986 : IBM ASPERA FASPEX 4.4.1 YAML DESERIALIZATION
Description IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on
Description IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on
Description A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7,
Description Priority Web version 19.1.0.68, parameter manipulation on an unspecified end-point may allow authentication bypass. References https://www.gov.il/en/Departments/faq/cve_advisories For More Information
Description Windows iSCSI Discovery Service Remote Code Execution Vulnerability. References https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21803 For More Information MITRE
Description Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a
Description Sunlogin Sunflower Simplified (aka Sunflower Simple and Personal) 1.0.1.43315 is vulnerable to a path traversal issue. A remote and
Description Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user
Description Command injection in the administration interface in APSystems ECU-R version 5203 allows a remote unauthenticated attacker to execute arbitrary
Description An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users
Description Directory Traversal vulnerability in AdminLTE 3.1.0 allows remote attackers to gain escalated privilege and view sensitive information via /admin/index2.html,
Description A memory leak flaw and potential divide by zero and Integer overflow was found in the Linux kernel V4L2
Description All versions of the package create-choo-app3 are vulnerable to Command Injection via the devInstall function due to improper user-input
Description Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10. References https://huntr.dev/bounties/c2a84917-7ac0-4169-81c1-b61e617023de https://github.com/froxlor/froxlor/commit/0034681412057fef2dfe9cce9f8a6e3321f52edc For More Information MITRE
Description IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection (XXE) attack when
Description Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0.
Description Docker version 20.10.15, build fd82621 is vulnerable to Insecure Permissions. Unauthorized users outside the Docker container can access any
Description There is a logic error in io_uring’s implementation which can be used to trigger a use-after-free vulnerability leading to
Description The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions
Description D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the component /SetNetworkSettings/SubnetMask. This vulnerability allows attackers to
Description A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super administration privileges to the attacker.
Description SQL Injection vulnerability in LearnPress – WordPress LMS Plugin
Description Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2023-21796. References https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-21795 For More Information
Description A stack-based buffer overflow in ParseColors in libXm in Common Desktop Environment 1.6 can be exploited by local low-privileged
Description In ModSecurity before 2.9.7, FILES_TMP_CONTENT sometimes lacked the complete content. This can lead to a Web Application Firewall bypass.