CVE-2021-33961
A Cross Site Scripting (XSS) vulnerabililty exists in enhanced-github v5.0.11 via the file name parameter.
Source: CVE-2021-33961
CVE-2021-33961
A Cross Site Scripting (XSS) vulnerabililty exists in enhanced-github v5.0.11 via the file name parameter.
Source: CVE-2021-33961
CVE-2022-26189
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the langType parameter in the login interface.
Source: CVE-2022-26189
CVE-2022-26188
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via /setting/NTPSyncWithHost.
Source: CVE-2022-26188
CVE-2022-26187
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the pingCheck function.
Source: CVE-2022-26187
CVE-2022-26186
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the exportOvpn interface at cstecgi.cgi.
Source: CVE-2022-26186
CVE-2022-1031
Use After Free in op_is_set_bp in GitHub repository radareorg/radare2 prior to 5.6.6.
Source: CVE-2022-1031
CVE-2022-26260
Simple-Plist v1.3.0 was discovered to contain a prototype pollution vulnerability via .parse().
Source: CVE-2022-26260
CVE-2022-25517
MyBatis plus v3.4.3 was discovered to contain a SQL injection vulnerability via the Column parameter in /core/conditions/AbstractWrapper.java.
Source: CVE-2022-25517
CVE-2021-41736
Faust v2.35.0 was discovered to contain a heap-buffer overflow in the function realPropagate() at propagate.cpp.
Source: CVE-2021-41736
CVE-2022-27228
In the vote (aka "Polls, Votes") module before 21.0.100 of Bitrix Site Manager, a remote unauthenticated attacker can execute arbitrary code.
Source: CVE-2022-27228