CVE-2021-30070

An issue was discovered in HestiaCP before v1.3.5. Attackers are able to arbitrarily install packages due to values taken from the pgk [] parameter in the update request being transmitted to the opera ...

Continue Reading

August 18, 2022

CVE-2021-30071

A cross-site scripting (XSS) vulnerability in /admin/list_key.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.Read More ...

Continue Reading

August 18, 2022

CVE-2022-35153

FusionPBX 5.0.1 was discovered to contain a command injection vulnerability via /fax/fax_send.php.Read More ...

Continue Reading

August 18, 2022

CVE-2022-35154

Shopro Mall System v1.3.8 was discovered to contain a SQL injection vulnerability via the value parameter.Read More ...

Continue Reading

August 18, 2022

CVE-2022-35164

LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain.Read More ...

Continue Reading

August 18, 2022

CVE-2022-35165

An issue in AP4_SgpdAtom::AP4_SgpdAtom() of Bento4-1.6.0-639 allows attackers to cause a Denial of Service (DoS) via a crafted mp4 input.Read More ...

Continue Reading

August 18, 2022

CVE-2022-35166

libjpeg commit 842c7ba was discovered to contain an infinite loop via the component JPEG::ReadInternal.Read More ...

Continue Reading

August 18, 2022

CVE-2022-35198

Contract Management System v2.0 contains a weak default password which gives attackers to access database connection information.Read More ...

Continue Reading

August 18, 2022

1 2,868 2,869 2,870 2,871 2,872 3,551

Back to Main
Subscribe for the latest news: