CVE-2022-38454
Cross-Site Request Forgery (CSRF) vulnerability in Kraken.io Image Optimizer plugin <= 2.6.5 at WordPress.
Source: CVE-2022-38454
[월:] 2022년 09월
CVE-2022-40105
CVE-2022-40105
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formWifiMacFilterGet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
Source: CVE-2022-40105
CVE-2022-40104
CVE-2022-40104
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDget function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
Source: CVE-2022-40104
CVE-2022-35893
CVE-2022-35893
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM memory corruption vulnerability in the FvbServicesRuntimeDxe driver allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
Source: CVE-2022-35893
CVE-2022-38439
CVE-2022-38439
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser. Exploitation of this issue requires low-privilege access to AEM.
Source: CVE-2022-38439
CVE-2022-40102
CVE-2022-40102
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDset function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
Source: CVE-2022-40102
CVE-2022-36340
CVE-2022-36340
Unauthenticated Optin Campaign Cache Deletion vulnerability in MailOptin plugin <= 1.2.49.0 at WordPress.
Source: CVE-2022-36340
CVE-2022-38704
CVE-2022-38704
Cross-Site Request Forgery (CSRF) vulnerability in SEO Redirection plugin <= 8.9 at WordPress, leading to deletion of 404 errors and redirection history.
Source: CVE-2022-38704
CVE-2022-40101
CVE-2022-40101
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formWifiMacFilterSet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
Source: CVE-2022-40101
CVE-2022-38438
CVE-2022-38438
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser. Exploitation of this issue requires low-privilege access to AEM.
Source: CVE-2022-38438