Le-yan Personnel and Salary Management System has hard-coded database account and password within the website source code. An unauthenticated remote attacker can access, modify system data or disrupt ...
Continue Reading
August 30, 2022
OAKlouds Portal websites Meeting Room has insufficient validation for user input. A remote attacker with general user privilege can perform SQL-injection to access, modify, delete database, perform ...
Continue Reading
August 30, 2022
NVFLARE, versions prior to 2.1.4, contains a vulnerability that deserialization of Untrusted Data due to Pickle usage may allow an unprivileged network attacker to cause Remote Code Execution, Denial ...
Continue Reading
August 28, 2022
GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client. (CVE-2022-2469)Read More ...
Continue Reading
August 25, 2022
## Summary IBM Sterling Transformation Extender is impacted by Log4j2 security vulnerability, CVE-2021-44228, where an attacker can control log messages or log message parameters can execute arbitrary ...
Continue Reading
August 25, 2022
dotCMS ContentResource API contains an unrestricted upload of file with a dangerous type vulnerability that allows for directory traversal, in which the file is saved outside of the intended storage l ...
Continue Reading
August 25, 2022
php [7.4.19-4] - fix uninitialized array in pg_query_params() leading to RCE CVE-2022-31625Read More ...
Continue Reading
August 25, 2022
php [7.4.19-4] - fix uninitialized array in pg_query_params() leading to RCE CVE-2022-31625Read More ...
Continue Reading
August 25, 2022
Back to Main
