» 2022 » 8월

CVE-2022-36730

Posted on 2022년 8월 31일2022년 8월 31일 by admin

CVE-2022-36730

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at /librarian/delete.php.

Source: CVE-2022-36730

CVE-2022-37172

Posted on 2022년 8월 31일2022년 8월 31일 by admin

CVE-2022-37172

Incorrect access control in the install directory (C:msys64) of Msys2 v20220603 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.

Source: CVE-2022-37172

CVE-2022-36565

Posted on 2022년 8월 31일2022년 8월 31일 by admin

CVE-2022-36565

Incorrect access control in the install directory (C:Wamp64) of Wamp v3.2.6 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.

Source: CVE-2022-36565

CVE-2022-36735

Posted on 2022년 8월 31일2022년 8월 31일 by admin

CVE-2022-36735

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at /admin/delete.php.

Source: CVE-2022-36735

CVE-2022-36732

Posted on 2022년 8월 31일2022년 8월 31일 by admin

CVE-2022-36732

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /librarian/dele.php.

Source: CVE-2022-36732

CVE-2022-36733

Posted on 2022년 8월 31일2022년 8월 31일 by admin

CVE-2022-36733

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the M_Id parameter at /admin/del.php.

Source: CVE-2022-36733

CVE-2022-36734

Posted on 2022년 8월 31일2022년 8월 31일 by admin

CVE-2022-36734

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the RollNo parameter at /admin/delstu.php.

Source: CVE-2022-36734

CVE-2022-3037

Posted on 2022년 8월 31일2022년 8월 31일 by admin

CVE-2022-3037

Use After Free in GitHub repository vim/vim prior to 9.0.0321.

Source: CVE-2022-3037

CVE-2022-34368

Posted on 2022년 8월 31일2022년 8월 31일 by admin

CVE-2022-34368

Dell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper Handling of Insufficient Permissions or Privileges vulnerability. Authenticated non admin user could exploit this vulnerability and gain access to restricted resources.

Source: CVE-2022-34368

CVE-2022-33935

Posted on 2022년 8월 31일2022년 8월 31일 by admin

CVE-2022-33935

Dell EMC Data Protection Advisor versions 19.6 and earlier, contains a Stored Cross Site Scripting, an attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.

Source: CVE-2022-33935