CVE-2022-26854
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access
Source: CVE-2022-26854
[월:] 2022년 04월
CVE-2021-36293
CVE-2021-36293
Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain elevated privileges.
Source: CVE-2021-36293
CVE-2021-36288
CVE-2021-36288
Dell VNX2 for File version 8.1.21.266 and earlier, contain a path traversal vulnerability which may lead unauthenticated users to read/write restricted files
Source: CVE-2021-36288
CVE-2022-26855
CVE-2022-26855
Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability, leading to a denial of service.
Source: CVE-2022-26855
CVE-2022-24821
CVE-2022-24821
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Simple users can create global SSX/JSX without specific rights: in theory only users with Programming Rights should be allowed to create SSX or JSX that are executed everywhere on a wiki. But a bug allow anyone with edit rights to actually create those. This issue has been patched in XWiki 13.10-rc-1, 12.10.11 and 13.4.6. There’s no easy workaround for this issue, administrators should upgrade their wiki.
Source: CVE-2022-24821
CVE-2022-1284
CVE-2022-1284
heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.
Source: CVE-2022-1284
CVE-2021-43498
CVE-2021-43498
An Access Control vulnerability exists in ATutor 2.2.4 in password_reminder.php when the g, id, h, form_password_hidden, and form_change HTTP POST parameters are set.
Source: CVE-2021-43498
CVE-2021-43503
CVE-2021-43503
A Remote Code Execution (RCE) vulnerability exists in h laravel 5.8.38 via an unserialize pop chain in (1) __destruct in RoutingPendingResourceRegistration.php, (2) __cal in QueueCapsuleManager.php, and (3) __invoke in mockerylibraryMockeryClosureWrapper.php.
Source: CVE-2021-43503
CVE-2022-1283
CVE-2022-1283
NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service (application crash).
Source: CVE-2022-1283
CVE-2022-27152
CVE-2022-27152
Roku devices running RokuOS v9.4.0 build 4200 or earlier that uses a Realtek WiFi chip is vulnerable to Arbitrary file modification.
Source: CVE-2022-27152