CVE-2022-45611
An issue was discovered in Fresenius Kabi PharmaHelp 5.1.759.0 allows attackers to gain escalated privileges via via capture of user login information.
Source: CVE-2022-45611
[월:] 2023년 08월
CVE-2022-48064
CVE-2022-48064
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.
Source: CVE-2022-48064
CVE-2022-44730
CVE-2022-44730
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.
A malicious SVG can probe user profile / data and send it directly as parameter to a URL.
Source: CVE-2022-44730
CVE-2022-44729
CVE-2022-44729
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.
On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later.
Source: CVE-2022-44729
CVE-2022-44215
CVE-2022-44215
There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL.
Source: CVE-2022-44215
CVE-2022-43358
CVE-2022-43358
Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by attackers to cause a denial of service (DoS).
Source: CVE-2022-43358
CVE-2022-43357
CVE-2022-43357
Stack overflow vulnerability in ast_selectors.cpp in function Sass::CompoundSelector::has_real_parent_ref in libsass:3.6.5-8-g210218, which can be exploited by attackers to causea denial of service (DoS). Also affects the command line driver for libsass, sassc 3.6.2.
Source: CVE-2022-43357
CVE-2022-41444
CVE-2022-41444
Cross Site Scripting (XSS) vulnerability in Cacti 1.2.21 via crafted POST request to graphs_new.php.
Source: CVE-2022-41444
CVE-2022-40433
CVE-2022-40433
An issue was discovered in function ciMethodBlocks::make_block_at in Oracle JDK (HotSpot VM) 11, 17 and OpenJDK (HotSpot VM) 8, 11, 17, allows attackers to cause a denial of service.
Source: CVE-2022-40433
CVE-2022-40090
CVE-2022-40090
An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file.
Source: CVE-2022-40090