CVE-2022-25225

Network Olympus version 1.8.0 allows an authenticated admin user to inject SQL queries in '/api/eventinstance' via the 'sqlparameter' JSON parameter. It is also possible to achieve ...

Continue Reading

March 10, 2022

CVE-2022-24193

CasaOS before v0.2.7 was discovered to contain a command injection vulnerability via the component leave or join zerotier... ...

Continue Reading

March 10, 2022

CVE-2022-0507

Found a potential security vulnerability inside the Pandora API. Affected Pandora FMS version range: all versions of NG version, up to OUM 759. This vulnerability could allow an attacker with authenti ...

Continue Reading

March 10, 2022

CVE-2021-42857

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentDaServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/da/pcf& ...

Continue Reading

March 10, 2022

CVE-2021-42855

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the ".debug_command.config" file to store a json string that contains a list of IDs and pre-con ...

Continue Reading

March 10, 2022

CVE-2021-42853

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentDiagnosticServlet has directory traversal vulnerability at the "/api/appInternals/1.0/agent/diagn ...

Continue Reading

March 10, 2022

CVE-2022-24748

Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In versions prior to 6.4.8.2 it is possible to modify customers and to create orders without ...

Continue Reading

March 09, 2022

Regular expression denial of service in Rust’s regex crate

This is a cross-post of the official security advisory. The official advisory contains a signed version with our PGP key, as well. The Rust Security Response WG was notified that the regex crate did ...

Continue Reading

March 08, 2022

1 81,953 81,954 81,955 81,956 81,957 82,136

Back to Main
Subscribe for the latest news: