CVE-2022-22577
An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses.
Source: CVE-2022-22577
[월:] 2022년 05월
CVE-2021-4232
CVE-2021-4232
A vulnerability classified as problematic has been found in Zoo Management System 1.0. Affected is an unknown function of the file admin/manage-ticket.php. The manipulation with the input <script>alert(1)</script> leads to cross site scripting. It is possible to launch the attack remotely.
Source: CVE-2021-4232
CVE-2022-21827
CVE-2022-21827
An improper privilege vulnerability has been discovered in Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows) <21.9.1.2 what could allow an attacker who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM.
Source: CVE-2022-21827
CVE-2021-33014
CVE-2021-33014
An attacker can gain VxWorks Shell after login due to hard-coded credentials on a KUKA KR C4 control software for versions prior to 8.7 or any product running KSS.
Source: CVE-2021-33014
CVE-2022-1882
CVE-2022-1882
A flaw use after free in the Linux kernel pipes functionality was found in the way user do some manipulations with pipe ex. with the post_one_notification() after free_pipe_info() already called. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
Source: CVE-2022-1882
CVE-2021-33016
CVE-2021-33016
An attacker can gain full access (read/write/delete) to sensitive folders due to hard-coded credentials on KUKA KR C4 control software for versions prior to 8.7 or any product running KSS.
Source: CVE-2021-33016
CVE-2022-1899
CVE-2022-1899
Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0.
Source: CVE-2022-1899
CVE-2022-1261
CVE-2022-1261
Matrikon, a subsidary of Honeywell Matrikon OPC Server (all versions) is vulnerable to a condition where a low privileged user allowed to connect to the OPC server to use the functions of the IPersisFile to execute operating system processes with system-level privileges.
Source: CVE-2022-1261
CVE-2022-30789
CVE-2022-30789
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.
Source: CVE-2022-30789
CVE-2022-30788
CVE-2022-30788
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.
Source: CVE-2022-30788