DotCMS 3.x < 5.3.8.10 / 21.x < 21.06.7 / 22.x < 22.03 Remote Code Execution

An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. Attackers can craft a multipart form request to post a file whose filename is not initially sanitized. This allows direc ...

Continue Reading
CVE-2022-26461

In vow, there is a possible undefined behavior due to an API misuse. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploi ...

Continue Reading
CVE-2022-23451

An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless ...

Continue Reading
CVE-2022-36042

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from dyld cache files. A user opening a ...

Continue Reading
CVE-2022-37771

IObit Malware Fighter v9.2 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privile ...

Continue Reading
CVE-2022-36670

PCProtect Endpoint prior to v5.17.470 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escal ...

Continue Reading
mematiane.ge Cross Site Scripting vulnerability OBB-2895310

Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...

Continue Reading
idiomas.uemanet.uema.br Cross Site Scripting vulnerability OBB-2895308

Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...

Continue Reading

Back to Main

Subscribe for the latest news: