CVE-2022-38192

A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS may allow a remote, authenticated attacker to pass and store malicious strings via crafted queries which when accessed could ...

Continue Reading

August 16, 2022

CVE-2022-29959

Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering environment for the ControlWave and Bristol Babcock line of RTUs. This environment provides access control functi ...

Continue Reading

August 16, 2022

CVE-2022-30264

The Emerson ROC and FloBoss RTU product lines through 2022-05-02 perform insecure filesystem operations. They utilize the ROC protocol (4000/TCP, 5000/TCP) for communications between a master terminal ...

Continue Reading

August 16, 2022

CVE-2021-30490

upsMonitor in ViewPower (aka ViewPowerHTML) 1.04-21012 through 1.04-21353 has insecure permissions for the service binary that enable an Authenticated User to modify files, allowing for privilege esca ...

Continue Reading

August 16, 2022

CVE-2022-36599

Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/model/delete URI via models Lists.Read More ...

Continue Reading

August 16, 2022

CVE-2022-36272

Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter.Read More ...

Continue Reading

August 16, 2022

CVE-2022-36273

Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg.Read More ...

Continue Reading

August 16, 2022

CVE-2022-36530

An issue was discovered in rageframe2 2.6.37. There is a XSS vulnerability in the user agent related parameters of the info.php page.Read More ...

Continue Reading

August 16, 2022

1 2,889 2,890 2,891 2,892 2,893 3,551

Back to Main
Subscribe for the latest news: