» 2022 » 8월

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/manage_category.php.

Source: CVE-2022-36699

CVE-2022-36700

Posted on 2022년 8월 26일2022년 8월 26일 by admin

CVE-2022-36700

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/manage_item.php.

Source: CVE-2022-36700

CVE-2022-2997

Posted on 2022년 8월 26일2022년 8월 26일 by admin

CVE-2022-2997

Session Fixation in GitHub repository snipe/snipe-it prior to 6.0.10.

Source: CVE-2022-2997

CVE-2022-36698

Posted on 2022년 8월 26일2022년 8월 26일 by admin

CVE-2022-36698

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/view_category.php.

Source: CVE-2022-36698

CVE-2021-35937

Posted on 2022년 8월 26일2022년 8월 26일 by admin

CVE-2021-35937

A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Source: CVE-2021-35937

CVE-2021-3914

Posted on 2022년 8월 26일2022년 8월 26일 by admin

CVE-2021-3914

It was found that the smallrye health metrics UI component did not properly sanitize some user inputs. An attacker could use this flaw to conduct cross-site scripting attacks.

Source: CVE-2021-3914

CVE-2021-4112

Posted on 2022년 8월 26일2022년 8월 26일 by admin

CVE-2021-4112

A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment.

Source: CVE-2021-4112