» 2022 » 1월

CVE-2022-24071

Posted on 2022년 1월 28일2022년 1월 28일 by admin

CVE-2022-24071

A Built-in extension in Whale browser before 3.12.129.46 allows attackers to compromise the rendering process which could lead to controlling browser internal APIs.

Source: CVE-2022-24071

CVE-2022-21720

Posted on 2022년 1월 28일2022년 1월 28일 by admin

CVE-2022-21720

GLPI is a free asset and IT management software package. Prior to version 9.5.7, an entity administrator is capable of retrieving normally inaccessible data via SQL injection. Version 9.5.7 contains a patch for this issue. As a workaround, disabling the `Entities` update right prevents exploitation of this vulnerability.

Source: CVE-2022-21720

CVE-2022-0394

Posted on 2022년 1월 28일2022년 1월 28일 by admin

CVE-2022-0394

Cross-site Scripting (XSS) – Stored in Packagist remdex/livehelperchat prior to 3.93v.

Source: CVE-2022-0394

CVE-2022-21719

Posted on 2022년 1월 28일2022년 1월 28일 by admin

CVE-2022-21719

GLPI is a free asset and IT management software package. All GLPI versions prior to 9.5.7 are vulnerable to reflected cross-site scripting. Version 9.5.7 contains a patch for this issue. There are no known workarounds.

Source: CVE-2022-21719

CVE-2021-46549

Posted on 2022년 1월 28일2022년 1월 28일 by admin

CVE-2021-46549

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via parse_cval_type at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS).

Source: CVE-2021-46549

CVE-2021-46556

Posted on 2022년 1월 28일2022년 1월 28일 by admin

CVE-2021-46556

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_bcode_insert_offset at src/mjs_bcode.c. This vulnerability can lead to a Denial of Service (DoS).

Source: CVE-2021-46556

CVE-2021-46547

Posted on 2022년 1월 28일2022년 1월 28일 by admin

CVE-2021-46547

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x2c17e. This vulnerability can lead to a Denial of Service (DoS).

Source: CVE-2021-46547

CVE-2021-46548

Posted on 2022년 1월 28일2022년 1월 28일 by admin

CVE-2021-46548

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via add_lineno_map_item at src/mjs_bcode.c. This vulnerability can lead to a Denial of Service (DoS).

Source: CVE-2021-46548

CVE-2021-46550

Posted on 2022년 1월 28일2022년 1월 28일 by admin

CVE-2021-46550

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via free_json_frame at src/mjs_json.c. This vulnerability can lead to a Denial of Service (DoS).

Source: CVE-2021-46550

CVE-2021-46554

Posted on 2022년 1월 28일2022년 1월 28일 by admin

CVE-2021-46554

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_json_stringify at src/mjs_json.c. This vulnerability can lead to a Denial of Service (DoS).

Source: CVE-2021-46554