CVE-2021-41635

When installed as Windows service MELAG FTP Server 2.2.0.4 is run as SYSTEM user, which grants remote attackers to abuse misconfigurations or vulnerabilities with administrative access over the entire ...

Continue Reading

June 24, 2022

CVE-2021-41634

A user enumeration vulnerability in MELAG FTP Server 2.2.0.4 allows an attacker to identify valid FTP usernames.Read More ...

Continue Reading

June 24, 2022

CVE-2022-2121

OFFIS DCMTK's (All versions prior to 3.6.7) has a NULL pointer dereference vulnerability while processing DICOM files, which may result in a denial-of-service condition.Read More ...

Continue Reading

June 24, 2022

CVE-2022-21829

Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concrete_secure’ ...

Continue Reading

June 24, 2022

CVE-2022-23170

SysAid - Okta SSO integration - was found vulnerable to XML External Entity Injection vulnerability. Any SysAid environment that uses the Okta SSO integration might be vulnerable. An unauthenticated a ...

Continue Reading

June 24, 2022

CVE-2022-28619

A potential security vulnerability has been identified in the installer of HPE Version Control Repository Manager. The vulnerability could allow local escalation of privilege. HPE has made the followi ...

Continue Reading

June 24, 2022

CVE-2022-28620

A remote authentication bypass vulnerability was discovered in HPE Cray Legacy Shasta System Solutions; HPE Slingshot; and HPE Cray EX supercomputers versions: Prior to node controller firmware associ ...

Continue Reading

June 24, 2022

CVE-2022-30117

Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 allow traversal in /index.php/ccm/system/file/upload which could result in an Arbitrary File Delete exploit. This was remediated by sanit ...

Continue Reading

June 24, 2022

1 95,997 95,998 95,999 96,000 96,001 97,858

Back to Main
Subscribe for the latest news: