CVE-2021-43084
An SQL Injection vulnerability exists in Dreamer CMS 4.0.0 via the tableName parameter.
Source: CVE-2021-43084
[월:] 2022년 03월
CVE-2022-25568
CVE-2022-25568
MotionEye v0.42.1 and below allows attackers to access sensitive information via a GET request to /config/list. To exploit this vulnerability, a regular user password must be unconfigured.
Source: CVE-2022-25568
CVE-2022-21820
CVE-2022-21820
NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of error conditions without action, which may lead to limited code execution, some denial of service, escalation of privileges, and limited impacts to both data confidentiality and integrity.
Source: CVE-2022-21820
CVE-2022-0153
CVE-2022-0153
SQL Injection in GitHub repository forkcms/forkcms prior to 5.11.1.
Source: CVE-2022-0153
CVE-2022-26629
CVE-2022-26629
An Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in the Lock Screen Security Feature function due to insufficient permissions and privileges, which allows a malicious attacker bypass the lock screen function.
Source: CVE-2022-26629
CVE-2022-1058
CVE-2022-1058
Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5.
Source: CVE-2022-1058
CVE-2021-39491
CVE-2021-39491
A Cross Site Scripting (XSS) vulnerability exists in Yogesh Ojha reNgine v1.0 via the Scan Engine name file in the Scan Engine deletion confirmation modal box . .
Source: CVE-2021-39491
CVE-2022-0551
CVE-2022-0551
Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and CMC allows an authenticated attacker with admin or import manager roles to execute unattended commands on the appliance using web server user privileges. This issue affects: Nozomi Networks Guardian versions prior to 22.0.0. Nozomi Networks CMC versions prior to 22.0.0.
Source: CVE-2022-0551
CVE-2022-0550
CVE-2022-0550
Improper Input Validation vulnerability in custom report logo upload in Nozomi Networks Guardian, and CMC allows an authenticated attacker with admin or report manager roles to execute unattended commands on the appliance using web server user privileges. This issue affects: Nozomi Networks Guardian versions prior to 22.0.0. Nozomi Networks CMC versions prior to 22.0.0.
Source: CVE-2022-0550
CVE-2022-0955
CVE-2022-0955
Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/data-hub prior to 1.2.4.
Source: CVE-2022-0955