CVE-2022-47012

Use of uninitialized variable in function gen_eth_recv in GNS3 dynamips 0.2.21.

Source: CVE-2022-47012

CVE-2022-48152

SQL Injection vulnerability in RemoteClinic 2.0 allows attackers to execute arbitrary commands and gain sensitive information via the id parameter to /medicines/profile.php.

Source: CVE-2022-48152

CVE-2022-48120

SQL Injection vulnerability in kishan0725 Hospital Management System thru commit 4770d740f2512693ef8fd9aa10a8d17f79fad9bd (on March 13, 2021), allows attackers to execute arbitrary commands via the contact and doctor parameters to /search.php.

Source: CVE-2022-48120

CVE-2023-0101

A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10.0.0 through 10.4.1. An authenticated attacker could potentially execute a specially crafted file to obtain root or NT AUTHORITY / SYSTEM privileges on the Nessus host.

Source: CVE-2023-0101

CVE-2022-47015

MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.

Source: CVE-2022-47015

CVE-2022-45557

Cross site scripting (XSS) vulnerability in Hundredrabbits Left 7.1.5 for MacOS allows attackers to execute arbitrary code via file names.

Source: CVE-2022-45557

CVE-2022-45537

EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article publish component in cookie "ENV_LIST_URL".

Source: CVE-2022-45537

CVE-2022-45538

EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article publish component in cookie "ENV_GOBACK_URL".

Source: CVE-2022-45538

CVE-2022-45539

EyouCMS <= 1.6.0 was discovered a reflected-XSS in FileManager component in GET value "activepath" when creating a new file.

Source: CVE-2022-45539

CVE-2022-45540

EyouCMS <= 1.6.0 was discovered a reflected-XSS in article type editor component in POST value "name" if the value contains a malformed UTF-8 char.

Source: CVE-2022-45540