Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to code execution.Read More ...
Continue Reading
June 06, 2022
Grafana 8.4.3 allows reading files via (for example) a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI.Read More ...
Continue Reading
June 06, 2022
In specific circumstances, trace file buffers in GitLab Runner versions up to 14.3.4, 14.4 to 14.4.2, and 14.5 to 14.5.2 would re-use the file descriptor 0 for multiple traces and mix the output of se ...
Continue Reading
June 06, 2022
An authenticated attacker can send a specially crafted route to the edit_route.cgi binary and have it execute shell commands. This vulnerability impacts products based on HID Mercury Intelligent C ...
Continue Reading
June 06, 2022
An unauthenticated attacker can send a specially crafted network packet to delete a user from the web interface. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501 ...
Continue Reading
June 06, 2022
An authenticated attacker can upload a file with a filename including .. and / to achieve the ability to upload the desired file anywhere on the filesystem. This vulnerability impacts products ...
Continue Reading
June 06, 2022
An unauthenticated attacker can send a specially crafted packets to update the notes section of the home page of the web interface. This vulnerability impacts products based on HID Mercury Intelli ...
Continue Reading
June 06, 2022
An unauthenticated attacker could arbitrarily upload firmware files to the target device, ultimately causing a Denial-of-Service (DoS). This vulnerability impacts products based on HID Mercury Intelli ...
Continue Reading
June 06, 2022
Back to Main
