CVE-2022-26616
PKP Vendor Open Journal System v2.4.8 to v3.3.8 allows attackers to perform reflected cross-site scripting (XSS) attacks via crafted HTTP headers.
Source: CVE-2022-26616
[월:] 2022년 04월
CVE-2021-44138
CVE-2021-44138
There is a Directory traversal vulnerability in Caucho Resin, as distributed in Resin 4.0.52 – 4.0.56, which allows remote attackers to read files in arbitrary directories via a ; in a pathname within an HTTP request.
Source: CVE-2021-44138
CVE-2021-36775
CVE-2021-36775
a Improper Access Control vulnerability in SUSE Rancher allows users to keep privileges that should have been revoked. This issue affects: SUSE Rancher Rancher versions prior to 2.4.18; Rancher versions prior to 2.5.12; Rancher versions prior to 2.6.3.
Source: CVE-2021-36775
CVE-2021-36776
CVE-2021-36776
A Improper Access Control vulnerability in SUSE Rancher allows remote attackers impersonate arbitrary users. This issue affects: SUSE Rancher Rancher versions prior to 2.5.10.
Source: CVE-2021-36776
CVE-2021-33616
CVE-2021-33616
RSA Archer 6.x through 6.9 SP1 P4 (6.9.1.4) allows stored XSS.
Source: CVE-2021-33616
CVE-2022-1223
CVE-2022-1223
Improper Access Control in GitHub repository phpipam/phpipam prior to 1.4.6.
Source: CVE-2022-1223
CVE-2022-24191
CVE-2022-24191
In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow.
Source: CVE-2022-24191
CVE-2022-1225
CVE-2022-1225
Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6.
Source: CVE-2022-1225
CVE-2022-1224
CVE-2022-1224
Improper Authorization in GitHub repository phpipam/phpipam prior to 1.4.6.
Source: CVE-2022-1224
CVE-2022-0939
CVE-2022-0939
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18.
Source: CVE-2022-0939