This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue ReadingMay 30, 2022
VersionVault Express exposes sensitive information that an attacker can use to impersonate the server or eavesdrop on communications with the server.Read More ...
Continue ReadingMay 30, 2022
User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed.Read More ...
Continue ReadingMay 30, 2022
Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 contains a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the d ...
Continue ReadingMay 30, 2022
A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock ...
Continue ReadingMay 30, 2022
In ginadmin through 05-10-2022, the incoming path value is not filtered, resulting in arbitrary file reading.Read More ...
Continue ReadingMay 30, 2022
When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) returns error messages which may allow reflected cross-site scripting.Read More ...
Continue ReadingMay 30, 2022
Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) ...
Continue ReadingMay 30, 2022
Back to Main