CVE-2022-1068
Modbus Tools Modbus Slave (versions 7.4.2 and prior) is vulnerable to a stack-based buffer overflow in the registration field. This may cause the program to crash when a long character string is used.
Source: CVE-2022-1068
[월:] 2022년 04월
CVE-2022-0922
CVE-2022-0922
The software does not perform any authentication for critical system functionality.
Source: CVE-2022-0922
CVE-2022-0425
CVE-2022-0425
A DNS rebinding vulnerability in the Irker IRC Gateway integration in all versions of GitLab CE/EE since version 7.9 allows an attacker to trigger Server Side Request Forgery (SSRF) attacks.
Source: CVE-2022-0425
CVE-2022-0390
CVE-2022-0390
Improper access control in Gitlab CE/EE versions 12.7 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1 allowed for project non-members to retrieve issue details when it was linked to an item from the vulnerability dashboard.
Source: CVE-2022-0390
CVE-2022-0741
CVE-2022-0741
Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed an attacker to steal environment variables via specially crafted email addresses.
Source: CVE-2022-0741
CVE-2022-0489
CVE-2022-0489
An issue has been discovered in GitLab CE/EE affecting all versions starting with 8.15 . It was possible to trigger a DOS by using the math feature with a specific formula in issue comments.
Source: CVE-2022-0489
CVE-2021-33657
CVE-2021-33657
There is a heap overflow problem in video/SDL_pixels.c in SDL (Simple DirectMedia Layer) 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service or Code execution.
Source: CVE-2021-33657
CVE-2021-32974
CVE-2021-32974
Improper input validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to execute commands.
Source: CVE-2021-32974
CVE-2021-33020
CVE-2021-33020
Philips Vue PACS versions 12.2.x.x and prior uses a cryptographic key or password past its expiration date, which diminishes its safety significantly by increasing the timing window for cracking attacks against that key.
Source: CVE-2021-33020
CVE-2021-33018
CVE-2021-33018
The use of a broken or risky cryptographic algorithm in Philips Vue PACS versions 12.2.x.x and prior is an unnecessary risk that may result in the exposure of sensitive information.
Source: CVE-2021-33018