CVE-2022-2896

Measuresoft ScadaPro Server (All Versions) allows use after free while processing a specific project file.

Source: CVE-2022-2896

CVE-2022-2894

Measuresoft ScadaPro Server (All Versions) uses unmaintained ActiveX controls. The controls may allow seven untrusted pointer deference instances while processing a specific project file.

Source: CVE-2022-2894

CVE-2022-2898

Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow a denial-of-service condition.

Source: CVE-2022-2898

CVE-2022-2897

Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow privilege escalation..

Source: CVE-2022-2897

CVE-2022-2892

Measuresoft ScadaPro Server (Versions prior to 6.8.0.1) uses an unmaintained ActiveX control, which may allow an out-of-bounds write condition while processing a specific project file.

Source: CVE-2022-2892

CVE-2022-36620

D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/addRouting.

Source: CVE-2022-36620

CVE-2022-36582

An arbitrary file upload vulnerability in the component /php_action/createProduct.php of Garage Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.

Source: CVE-2022-36582

CVE-2022-36571

Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the mask parameter at /goform/WanParameterSetting.

Source: CVE-2022-36571

CVE-2022-36580

An arbitrary file upload vulnerability in the component /admin/products/controller.php?action=add of Online Ordering System v2.3.2 allows attackers to execute arbitrary code via a crafted PHP file.

Source: CVE-2022-36580

CVE-2022-36581

Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via the user_email parameter at /admin/login.php.

Source: CVE-2022-36581