Common Vulnerabilities and Exposures

Description Use after free in WebGPU in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap

Description In Veritas NetBackup, the NetBackup Client allows arbitrary command execution from any remote host that has access to a

Description A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a

Description The Unyson WordPress plugin before 2.7.27 does not sanitise and escape a parameter before outputting it back in the

Description A regular expression used in Apache MXNet (incubating) is vulnerable to a potential denial-of-service by excessive resource consumption. The

Description io_uring uses work_flags to determine which identity need to grab from the calling process to make sure it is

Description This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be

Description Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload

Description Vulnerability in the Oracle Solaris product of Oracle Systems (component: Remote Administration Daemon). The supported version that is affected

Description When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds. References https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-33656&packageName=kernel

Description The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter,

Description Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an

Description A memory leak vulnerability was found in the Linux kernel’s eBPF for the Simulated networking device driver in the

Description The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result

Description Windows Internet Information Services Cachuri Module Denial of Service Vulnerability. References https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-22025 For More Information MITRE

Description H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS. References https://github.com/Docker-droid/H3C_SSL_VPN_XSS For More Information MITRE

Description rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the “serializer: pickle” HTTP header is sent.

Description Dell PowerProtect Cyber Recovery, versions prior to 19.11, contain a privilege escalation vulnerability on virtual appliance deployments. A lower-privileged

Description OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset

Description Newsletter Module v3.x was discovered to contain a SQL injection vulnerability via the zemez_newsletter_email parameter at /index.php. References https://www.exploit-db.com/exploits/50942

Description An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a

Description HOME SPOT CUBE2 V102 contains an OS command injection vulnerability due to improper processing of data received from DHCP

Description An improper validation vulnerability in IBM InfoSphere Information Server 11.7 Pack for SAP Apps and BW Packs may lead

Description