» 2022 » 3월

CVE-2021-39624

Posted on 2022년 3월 17일2022년 3월 17일 by admin

CVE-2021-39624

In Package Manger, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-67862680

Source: CVE-2021-39624

CVE-2021-45787

Posted on 2022년 3월 16일2022년 3월 16일 by admin

CVE-2021-45787

There is a stored Cross Site Scripting (XSS) vulnerability in maccms v10 through adding videos. XSS code can be inserted at parameter positions including name and remarks.

Source: CVE-2021-45787

CVE-2021-45786

Posted on 2022년 3월 16일2022년 3월 16일 by admin

CVE-2021-45786

In maccms v10, an attacker can log in through /index.php/user/login in the "col" and "openid" parameters to gain privileges.

Source: CVE-2021-45786

CVE-2021-42552

Posted on 2022년 3월 16일2022년 3월 16일 by admin

CVE-2021-42552

Cross-site Scripting (XSS) vulnerability in ArchivistaBox webclient allows an attacker to craft a malicious link, executing JavaScript in the context of a victim’s browser. This issue affects all ArchivistaBox versions prior to 2022/I.

Source: CVE-2021-42552

CVE-2022-0986

Posted on 2022년 3월 16일2022년 3월 16일 by admin

CVE-2022-0986

Reflected Cross-site Scripting (XSS) Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.11.

Source: CVE-2022-0986

CVE-2022-0705

Posted on 2022년 3월 16일2022년 3월 16일 by admin

CVE-2022-0705

Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.4.0.

Source: CVE-2022-0705

CVE-2021-46705

Posted on 2022년 3월 16일2022년 3월 16일 by admin

CVE-2021-46705

A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1.

Source: CVE-2021-46705

CVE-2022-21946

Posted on 2022년 3월 16일2022년 3월 16일 by admin

CVE-2022-21946

A Improper Privilege Management vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any running cscreen seesion. This issue affects: openSUSE Factory cscreen version 1.2-1.3 and prior versions.

Source: CVE-2022-21946

CVE-2022-0704

Posted on 2022년 3월 16일2022년 3월 16일 by admin

CVE-2022-0704

Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.4.0.

Source: CVE-2022-0704

CVE-2021-45852

Posted on 2022년 3월 16일2022년 3월 16일 by admin

CVE-2021-45852

An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via add_patient.php.

Source: CVE-2021-45852