CVE-2022-30119

XSS in /dashboard/reports/logs/view - old browsers only. When using Internet Explorer with the XSS protection disabled, insufficient sanitation where built urls are outputted can be exploited for Conc ...

Continue Reading

June 24, 2022

CVE-2022-30120

XSS in /dashboard/blocks/stacks/view_details/ - old browsers only. When using an older browser with built-in XSS protection disabled, insufficient sanitation where built urls are outputted can be expl ...

Continue Reading

June 24, 2022

CVE-2022-32209

# Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifie ...

Continue Reading

June 24, 2022

CVE-2021-40892

A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in validate-color v2.1.0 when handling crafted invalid rgb(a) strings.Read More ...

Continue Reading

June 24, 2022

CVE-2022-32990

An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS).Read More ...

Continue Reading

June 24, 2022

CVE-2022-2104

The www-data (Apache web server) account is configured to run sudo with no password for many commands (including /bin/sh and /bin/bash).Read More ...

Continue Reading

June 24, 2022

CVE-2022-2105

Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, including a “root” user level meant only for the vendor. Web server root level acce ...

Continue Reading

June 24, 2022

CVE-2022-2119

OFFIS DCMTK's (All versions prior to 3.6.7) service class provider (SCP) is vulnerable to path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. T ...

Continue Reading

June 24, 2022

1 3,312 3,313 3,314 3,315 3,316 3,551

Back to Main
Subscribe for the latest news: