CVE-2022-46502
Online Student Enrollment System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at /student_enrollment/admin/login.php.
Source: CVE-2022-46502
[월:] 2023년 01월
CVE-2022-42284
CVE-2022-42284
NVIDIA BMC stores user passwords in an obfuscated form in a database accessible by the host. This may lead to a credentials exposure.
Source: CVE-2022-42284
CVE-2022-42276
CVE-2022-42276
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other components.
Source: CVE-2022-42276
CVE-2022-42277
CVE-2022-42277
NVIDIA DGX Station contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other components.
Source: CVE-2022-42277
CVE-2022-46478
CVE-2022-46478
The RPC interface in datax-web v1.0.0 and v2.0.0 to v2.1.2 contains no permission checks by default which allows attackers to execute arbitrary commands via crafted Hessian serialized data.
Source: CVE-2022-46478
CVE-2022-48258
CVE-2022-48258
In Eternal Terminal 6.2.1, etserver and etclient have world-readable logfiles.
Source: CVE-2022-48258
CVE-2022-48257
CVE-2022-48257
In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp.
Source: CVE-2022-48257
CVE-2022-48256
CVE-2022-48256
Technitium DNS Server before 10.0 allows a self-CNAME denial-of-service attack in which a CNAME loop causes an answer to contain hundreds of records.
Source: CVE-2022-48256
CVE-2023-23559
CVE-2023-23559
In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
Source: CVE-2023-23559
CVE-2022-46471
CVE-2022-46471
Online Health Care System v1.0 was discovered to contain a SQL injection vulnerability via the consulting_id parameter at /healthcare/Admin/consulting_detail.php.
Source: CVE-2022-46471