CVE-2022-32294

Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created password (from the "zmprove ca" command). It is visible in cleartext on port UDP 514 (aka the syslog port).R ...

Continue Reading

July 10, 2022

CVE-2022-35416

H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS.Read More ...

Continue Reading

July 10, 2022

CVE-2022-35414

softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash.Read More ...

Continue Reading

July 10, 2022

CVE-2022-29512

Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing ...

Continue Reading

July 10, 2022

CVE-2022-27168

Cross-site scripting vulnerability in LiteCart versions prior to 2.4.2 allows a remote attacker to inject an arbitrary script via unspecified vectors.Read More ...

Continue Reading

July 10, 2022

CVE-2022-31522

The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.Read More ...

Continue Reading

July 10, 2022

CVE-2022-31521

The Niyaz-Mohamed/mosaic repository through 1.0.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.Read More ...

Continue Reading

July 10, 2022

CVE-2022-31519

The Lukasavicus/WindMill repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.Read More ...

Continue Reading

July 10, 2022

1 98,789 98,790 98,791 98,792 98,793 102,522

Back to Main
Subscribe for the latest news: