| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-3864 | — | Hig | 0.46 | 7.0 | 0.01 | Aug 26, 2022 | A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value… | |
| CVE-2021-3859 | — | Hig | 0.42 | 7.5 | 0.01 | Aug 26, 2022 | A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks. | |
| CVE-2021-3703 | Hig | 0.49 | 7.5 | 0.01 | Aug 26, 2022 | It was found that the CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196 have been incorrectly mentioned as fixed in RHSA for Serverless 1.16.0 and Serverless client kn 1.16.0. These have been fixed with Serverless 1.17.0. | ||
| CVE-2021-3632 | Hig | 0.42 | 7.5 | 0.01 | Aug 26, 2022 | A flaw was found in Keycloak. This vulnerability allows anyone to register a new security device or key when there is not a device already registered for any user by using the WebAuthn password-less login flow. | ||
| CVE-2021-3563 | Hig | 0.48 | 7.4 | 0.01 | Aug 26, 2022 | A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and… | ||
| CVE-2021-3414 | Hig | 0.53 | 8.1 | 0.01 | Aug 26, 2022 | A flaw was found in satellite. When giving granular permission related to the organization, other permissions allowing a user to view and manage other organizations are also granted. The highest threat from this vulnerability is to data confidentiality. | ||
| CVE-2021-20260 | Hig | 0.51 | 7.8 | 0.00 | Aug 26, 2022 | A flaw was found in the Foreman project. The Datacenter plugin exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | ||
| CVE-2022-36521 | Hig | 0.49 | 7.5 | 0.01 | Aug 26, 2022 | Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add administrator accounts. | ||
| CVE-2022-37151 | Hig | 0.49 | 7.5 | 0.01 | Aug 26, 2022 | There is an unauthorized access vulnerability in Online Diagnostic Lab Management System 1.0. | ||
| CVE-2021-40285 | Hig | 0.53 | 8.1 | 0.01 | Aug 26, 2022 | htmly v2.8.1 was discovered to contain an arbitrary file deletion vulnerability via the component \views\backup.html.php. | ||
| CVE-2022-36226 | Hig | 0.47 | 7.2 | 0.01 | Aug 26, 2022 | SiteServerCMS 5.X has a Remote-download-Getshell-vulnerability via /SiteServer/Ajax/ajaxOtherService.aspx. | ||
| CVE-2022-36120 | Hig | 0.53 | 8.1 | 0.01 | Aug 26, 2022 | An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for the… | ||
| CVE-2022-35192 | Hig | 0.49 | 7.5 | 0.01 | Aug 26, 2022 | D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service (DoS) via the User parameter or Pwd parameter to Login.asp. | ||
| CVE-2022-30984 | Hig | 0.51 | 7.8 | 0.00 | Aug 26, 2022 | A buffer overflow vulnerability in the Rubrik Backup Service (RBS) Agent for Linux or Unix-based systems in Rubrik CDM 7.0.1, 7.0.1-p1, 7.0.1-p2 or 7.0.1-p3 before CDM 7.0.2-p2 could allow a local attacker to obtain root privileges by sending a crafted message to the RBS agent. | ||
| CVE-2022-29850 | Hig | 0.53 | 8.1 | 0.01 | Aug 26, 2022 | Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots. | ||
| CVE-2021-3020 | Hig | 0.00 | 8.8 | 0.01 | Aug 26, 2022 | An issue was discovered in ClusterLabs Hawk (aka HA Web Konsole) through 2.3.0-15. It ships the binary hawk_invoke (built from tools/hawk_invoke.c), intended to be used as a setuid program. This allows the hacluster user to invoke certain commands as root (with an attempt to… | ||
| CVE-2022-37318 | Hig | 0.46 | 7.0 | 0.00 | Aug 25, 2022 | Archer Platform 6.9 SP2 P2 before 6.11 P3 (6.11.0.3) contain a reflected XSS vulnerability. A remote unauthenticated malicious Archer user could potentially exploit this vulnerability by tricking a victim application user into supplying malicious JavaScript code to the… | ||
| CVE-2022-37317 | Hig | 0.49 | 7.6 | 0.01 | Aug 25, 2022 | Archer Platform 6.x before 6.11 P3 contain an HTML injection vulnerability. An authenticated remote attacker could potentially exploit this vulnerability by tricking a victim application user to execute malicious code in the context of the web application. 6.10 P4 (6.10.0.4) and… | ||
| CVE-2022-36119 | Hig | 0.57 | 8.8 | 0.02 | Aug 25, 2022 | An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for a domain authenticated user to send a crafted message to the Blue Prism Server and accomplish a remote code… | ||
| CVE-2022-36115 | Hig | 0.46 | 7.1 | 0.01 | Aug 25, 2022 | An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for unintended… | ||
| CVE-2022-36721 | Hig | 0.57 | 8.8 | 0.01 | Aug 25, 2022 | Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Textbook parameter at /admin/modify.php. | ||
| CVE-2022-36720 | Hig | 0.57 | 8.8 | 0.01 | Aug 25, 2022 | Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/modify1.php. | ||
| CVE-2022-31269 | Hig | 0.54 | 8.2 | 0.05 | Aug 25, 2022 | Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. (This occurs in situations where the CVE-2019-7271 default credentials have been changed.) | ||
| CVE-2022-36703 | Hig | 0.57 | 8.8 | 0.01 | Aug 25, 2022 | Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /stocks/manage_stockin.php. | ||
| CVE-2022-36701 | Hig | 0.57 | 8.8 | 0.01 | Aug 25, 2022 | Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/view_item.php. | ||
| CVE-2022-36700 | Hig | 0.57 | 8.8 | 0.01 | Aug 25, 2022 | Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/manage_item.php. | ||
| CVE-2022-36699 | Hig | 0.57 | 8.8 | 0.01 | Aug 25, 2022 | Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/manage_category.php. | ||
| CVE-2022-36698 | Hig | 0.57 | 8.8 | 0.01 | Aug 25, 2022 | Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/view_category.php. | ||
| CVE-2022-2997 | Hig | 0.45 | 8.0 | 0.01 | Aug 25, 2022 | Session Fixation in GitHub repository snipe/snipe-it prior to 6.0.10. | ||
| CVE-2022-2982 | Hig | 0.00 | 7.8 | 0.01 | Aug 25, 2022 | Use After Free in GitHub repository vim/vim prior to 9.0.0260. | ||
| CVE-2021-4112 | Hig | 0.57 | 8.8 | 0.00 | Aug 25, 2022 | A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment. | ||
| CVE-2021-3929 | Hig | 0.00 | 8.2 | 0.01 | Aug 25, 2022 | A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function nvme_ctrl_reset(), data structs will be freed leading to a use-after-free issue.… | ||
| CVE-2020-27801 | Hig | 0.51 | 7.8 | 0.00 | Aug 25, 2022 | A heap-based buffer over-read was discovered in the get_le64 function in bele.h in UPX 4.0.0 via a crafted Mach-O file. | ||
| CVE-2020-27800 | Hig | 0.51 | 7.8 | 0.00 | Aug 25, 2022 | A heap-based buffer over-read was discovered in the get_le32 function in bele.h in UPX 4.0.0 via a crafted Mach-O file. | ||
| CVE-2020-27799 | Hig | 0.51 | 7.8 | 0.00 | Aug 25, 2022 | A heap-based buffer over-read was discovered in the acc_ua_get_be32 function in miniacc.h in UPX 4.0.0 via a crafted Mach-O file. | ||
| CVE-2020-27796 | Hig | 0.51 | 7.8 | 0.00 | Aug 25, 2022 | A heap-based buffer over-read was discovered in the invert_pt_dynamic function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file. | ||
| CVE-2022-20921 | Hig | 0.57 | 8.8 | 0.01 | Aug 25, 2022 | A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator (MSO) could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit this… | ||
| CVE-2022-20824 | Hig | 0.57 | 8.8 | 0.00 | Aug 25, 2022 | A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This… | ||
| CVE-2022-20823 | Hig | 0.56 | 8.6 | 0.01 | Aug 25, 2022 | A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets.… | ||
| CVE-2022-32745 | Hig | 0.53 | 8.1 | 0.01 | Aug 25, 2022 | A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault. | ||
| CVE-2022-32744 | Hig | 0.57 | 8.8 | 0.01 | Aug 25, 2022 | A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover. | ||
| CVE-2022-2959 | Hig | 0.00 | 7.0 | 0.00 | Aug 25, 2022 | A race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a… | ||
| CVE-2022-2465 | Hig | 0.56 | 8.6 | 0.00 | Aug 25, 2022 | Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized… | ||
| CVE-2022-2464 | Hig | 0.50 | 7.7 | 0.00 | Aug 25, 2022 | Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an attacker to traverse the file system when opened by ISaGRAF Workbench. If successfully exploited, an attacker could… | ||
| CVE-2022-2255 | Hig | 0.42 | 7.5 | 0.01 | Aug 25, 2022 | A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing. | ||
| CVE-2022-2031 | Hig | 0.57 | 8.8 | 0.01 | Aug 25, 2022 | A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, can exploit this flaw to obtain and use… | ||
| CVE-2022-0135 | Hig | 0.51 | 7.8 | 0.00 | Aug 25, 2022 | An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution. | ||
| CVE-2021-43766 | Hig | 0.53 | 8.1 | 0.00 | Aug 25, 2022 | Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to use certificate Common Name for client authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL… | ||
| CVE-2021-42523 | Hig | 0.49 | 7.5 | 0.01 | Aug 25, 2022 | There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the 'err_msg' of 'sqlite3_exec' is not releasing after use, while libxml2 emphasizes that the caller needs to… | ||
| CVE-2021-42522 | Hig | 0.49 | 7.5 | 0.01 | Aug 25, 2022 | There is a Information Disclosure vulnerability in anjuta/plugins/document-manager/anjuta-bookmarks.c. This issue was caused by the incorrect use of libxml2 API. The vendor forgot to call 'g_free()' to release the return value of 'xmlGetProp()'. |
- risk 0.46cvss 7.0epss 0.01
A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value…
- risk 0.42cvss 7.5epss 0.01
A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks.
- risk 0.49cvss 7.5epss 0.01
It was found that the CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196 have been incorrectly mentioned as fixed in RHSA for Serverless 1.16.0 and Serverless client kn 1.16.0. These have been fixed with Serverless 1.17.0.
- risk 0.42cvss 7.5epss 0.01
A flaw was found in Keycloak. This vulnerability allows anyone to register a new security device or key when there is not a device already registered for any user by using the WebAuthn password-less login flow.
- risk 0.48cvss 7.4epss 0.01
A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and…
- risk 0.53cvss 8.1epss 0.01
A flaw was found in satellite. When giving granular permission related to the organization, other permissions allowing a user to view and manage other organizations are also granted. The highest threat from this vulnerability is to data confidentiality.
- risk 0.51cvss 7.8epss 0.00
A flaw was found in the Foreman project. The Datacenter plugin exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
- risk 0.49cvss 7.5epss 0.01
Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add administrator accounts.
- risk 0.49cvss 7.5epss 0.01
There is an unauthorized access vulnerability in Online Diagnostic Lab Management System 1.0.
- risk 0.53cvss 8.1epss 0.01
htmly v2.8.1 was discovered to contain an arbitrary file deletion vulnerability via the component \views\backup.html.php.
- risk 0.47cvss 7.2epss 0.01
SiteServerCMS 5.X has a Remote-download-Getshell-vulnerability via /SiteServer/Ajax/ajaxOtherService.aspx.
- risk 0.53cvss 8.1epss 0.01
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for the…
- risk 0.49cvss 7.5epss 0.01
D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service (DoS) via the User parameter or Pwd parameter to Login.asp.
- risk 0.51cvss 7.8epss 0.00
A buffer overflow vulnerability in the Rubrik Backup Service (RBS) Agent for Linux or Unix-based systems in Rubrik CDM 7.0.1, 7.0.1-p1, 7.0.1-p2 or 7.0.1-p3 before CDM 7.0.2-p2 could allow a local attacker to obtain root privileges by sending a crafted message to the RBS agent.
- risk 0.53cvss 8.1epss 0.01
Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots.
- risk 0.00cvss 8.8epss 0.01
An issue was discovered in ClusterLabs Hawk (aka HA Web Konsole) through 2.3.0-15. It ships the binary hawk_invoke (built from tools/hawk_invoke.c), intended to be used as a setuid program. This allows the hacluster user to invoke certain commands as root (with an attempt to…
- risk 0.46cvss 7.0epss 0.00
Archer Platform 6.9 SP2 P2 before 6.11 P3 (6.11.0.3) contain a reflected XSS vulnerability. A remote unauthenticated malicious Archer user could potentially exploit this vulnerability by tricking a victim application user into supplying malicious JavaScript code to the…
- risk 0.49cvss 7.6epss 0.01
Archer Platform 6.x before 6.11 P3 contain an HTML injection vulnerability. An authenticated remote attacker could potentially exploit this vulnerability by tricking a victim application user to execute malicious code in the context of the web application. 6.10 P4 (6.10.0.4) and…
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for a domain authenticated user to send a crafted message to the Blue Prism Server and accomplish a remote code…
- risk 0.46cvss 7.1epss 0.01
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for unintended…
- risk 0.57cvss 8.8epss 0.01
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Textbook parameter at /admin/modify.php.
- risk 0.57cvss 8.8epss 0.01
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/modify1.php.
- risk 0.54cvss 8.2epss 0.05
Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. (This occurs in situations where the CVE-2019-7271 default credentials have been changed.)
- risk 0.57cvss 8.8epss 0.01
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /stocks/manage_stockin.php.
- risk 0.57cvss 8.8epss 0.01
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/view_item.php.
- risk 0.57cvss 8.8epss 0.01
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/manage_item.php.
- risk 0.57cvss 8.8epss 0.01
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/manage_category.php.
- risk 0.57cvss 8.8epss 0.01
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/view_category.php.
- risk 0.45cvss 8.0epss 0.01
Session Fixation in GitHub repository snipe/snipe-it prior to 6.0.10.
- risk 0.00cvss 7.8epss 0.01
Use After Free in GitHub repository vim/vim prior to 9.0.0260.
- risk 0.57cvss 8.8epss 0.00
A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment.
- risk 0.00cvss 8.2epss 0.01
A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function nvme_ctrl_reset(), data structs will be freed leading to a use-after-free issue.…
- risk 0.51cvss 7.8epss 0.00
A heap-based buffer over-read was discovered in the get_le64 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
- risk 0.51cvss 7.8epss 0.00
A heap-based buffer over-read was discovered in the get_le32 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
- risk 0.51cvss 7.8epss 0.00
A heap-based buffer over-read was discovered in the acc_ua_get_be32 function in miniacc.h in UPX 4.0.0 via a crafted Mach-O file.
- risk 0.51cvss 7.8epss 0.00
A heap-based buffer over-read was discovered in the invert_pt_dynamic function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
- risk 0.57cvss 8.8epss 0.01
A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator (MSO) could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit this…
- risk 0.57cvss 8.8epss 0.00
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This…
- risk 0.56cvss 8.6epss 0.01
A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets.…
- risk 0.53cvss 8.1epss 0.01
A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.
- risk 0.57cvss 8.8epss 0.01
A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover.
- risk 0.00cvss 7.0epss 0.00
A race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a…
- risk 0.56cvss 8.6epss 0.00
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized…
- risk 0.50cvss 7.7epss 0.00
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an attacker to traverse the file system when opened by ISaGRAF Workbench. If successfully exploited, an attacker could…
- risk 0.42cvss 7.5epss 0.01
A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing.
- risk 0.57cvss 8.8epss 0.01
A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, can exploit this flaw to obtain and use…
- risk 0.51cvss 7.8epss 0.00
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.
- risk 0.53cvss 8.1epss 0.00
Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to use certificate Common Name for client authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL…
- risk 0.49cvss 7.5epss 0.01
There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the 'err_msg' of 'sqlite3_exec' is not releasing after use, while libxml2 emphasizes that the caller needs to…
- risk 0.49cvss 7.5epss 0.01
There is a Information Disclosure vulnerability in anjuta/plugins/document-manager/anjuta-bookmarks.c. This issue was caused by the incorrect use of libxml2 API. The vendor forgot to call 'g_free()' to release the return value of 'xmlGetProp()'.