Best Alternative To Stackpath On WAF And CDN For Web Security
When it comes to maintaining your online presence and increasing website performance, you need a robust WAF (Web Application Firewall)
CVE-2023-2163 : Linux Kernel 5.4 BPF kernel/bpf/verifier.c backtrack_insn calculation
Description Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe,
CVE-2023-2845 : CLOUDEXPLORER-LITE UP TO 1.0.X ACCESS CONTROL
Description Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0. References https://huntr.dev/bounties/ac10e81c-998e-4425-9d74-b985d9b0254c https://github.com/cloudexplorer-dev/cloudexplorer-lite/commit/d9f55a44e579d312977b02317b2020de758b763a For More Information MITRE
CVE-2023-2583 : JSREPORT UP TO 3.11.2 CODE INJECTION
Description Code Injection in GitHub repository jsreport/jsreport prior to 3.11.3. References https://huntr.dev/bounties/397ea68d-1e28-44ff-b830-c8883d067d96 https://github.com/jsreport/jsreport/commit/afaff3804b34b38e959f5ae65f9e672088de13d7 For More Information MITRE
CVE-2023-25655 : BASERCMS UP TO 4.7.4 UNRESTRICTED UPLOAD
Description baserCMS is a Content Management system. Prior to version 4.7.5, any file may be uploaded on the management system
CVE-2023-26477 : XWIKI PRIOR 13.10.10/14.4.6/14.9-RC-1 REQUEST PARAMETER NEWTHEMENAME NEUTRALIZATION OF DIRECTIVES
Description XWiki Platform is a generic wiki platform. Starting in versions 6.3-rc-1 and 6.2.4, it’s possible to inject arbitrary wiki
CVE-2023-0671 : FROXLOR UP TO 2.0.9 CODE INJECTION
Description Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10. References https://huntr.dev/bounties/c2a84917-7ac0-4169-81c1-b61e617023de https://github.com/froxlor/froxlor/commit/0034681412057fef2dfe9cce9f8a6e3321f52edc For More Information MITRE
CVE-2023-0240 : LINUX KERNEL UP TO 5.10.160 IO_URING IO_PREP_ASYNC_WORK USE AFTER FREE
Description There is a logic error in io_uring’s implementation which can be used to trigger a use-after-free vulnerability leading to
CVE-2022-25926 : WINDOW-CONTROL UP TO 1.4.4 SENDKEYS COMMAND INJECTION
Description Versions of the package window-control before 1.4.5 are vulnerable to Command Injection via the sendKeys function, due to improper
CVE-2022-20968 : CISCO IP PHONE 7800/IP PHONE 8800 CISCO DISCOVERY PROTOCOL OUT-OF-BOUNDS WRITE
Description A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could
CVE-2022-3910 : LINUX KERNEL LOCAL PRIVILEGE IO_URING USE AFTER FREE
Description Use After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference Count in io_uring leads
CVE-2022-39365 : PIMCORE UP TO 10.5.8 TWIG TEMPLATE CODE INJECTION
Description Pimcore is an open source data and experience management platform. Prior to version 10.5.9, the user controlled twig templates
CVE-2022-3649 : LINUX KERNEL BPF FS/NILFS2/INODE.C NILFS_NEW_INODE USE AFTER FREE
Description A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of
CVE-2022-42719 : LINUX KERNEL UP TO 5.19.14 MAC80211 STACK USE AFTER FREE
Description A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.14 could
CVE-2022-2977 : LINUX KERNEL TPM DEVICE USE AFTER FREE
Description A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized
CVE-2022-0168 : LINUX KERNEL COMMON INTERNET FILE SYSTEM FS/CIFS/SMB2OPS.C SMB2_IOCTL_QUERY_INFO NULL POINTER DEREFERENCE
Description A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet
CVE-2022-1671 : LINUX KERNEL NET/RXRPC/SERVER_KEY.C RXRPC_PREPARSE_S NULL POINTER DEREFERENCE
Description A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a
CVE-2022-30634 : GOOGLE GO UP TO 1.17.11/1.18.3 ON WINDOWS CRYPTO RAND INFINITE LOOP
Description Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an
CVE-2022-2380 : LINUX KERNEL SM712FB.C SMTCFB_READ OUT-OF-BOUNDS
Description The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result
Addressing Plugin up to 2.9.0 on GLPI os command injection [CVE-2021-43779]
A vulnerability has been found in Addressing Plugin up to 2.9.0 on GLPI and classified as critical. This vulnerability affects
LLK scratch-svg-renderer 0.2.0 sb3 File cross site scripting
A vulnerability, which was classified as problematic, has been found in LLK scratch-svg-renderer 0.2.0. Affected by this issue is an
livehelperchat Web Page Generation cross site scripting [CVE-2021-4132]
A vulnerability, which was classified as problematic, was found in livehelperchat (Chat Software) (the affected version unknown). This affects some
Convos-Chat prior 6.32 cross site scripting [CVE-2021-42584]
A vulnerability has been found in Convos-Chat (Chat Software) and classified as problematic. This vulnerability affects an unknown function. Upgrading
mruby null pointer dereference [CVE-2021-4110]
A vulnerability was found in mruby (Programming Language Software) (affected version unknown). It has been declared as problematic. Affected by