NuytsTech Security

CVE-2022-45797

An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete...

CVE-2022-45562

Insecure permissions in Telos Alliance Omnia MPX Node v1.0.0 to v1.4.9 allow attackers to manipulate and access system settings with backdoor account low privilege, this can lead to change hardware settings and execute arbitrary...

CVE-2022-45050

A reflected XSS vulnerability has been found in Axiell Iguana CMS, allowing an attacker to execute code in a victim’s browser. The title parameter on the twitter.php endpoint does not properly neutralise user input,...

CVE-2022-43901

IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.3 could disclose sensitive information. An authenticated local attacker could exploit this vulnerability to possibly gain information to other IBM WebSphere Automation for IBM...

CVE-2022-43900

IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.2 could provide a weaker than expected security. A local attacker can create an outbound network connection to another system. IBM X-Force ID: 240827....

CVE-2022-43333

Telenia Software s.r.l TVox before v22.0.17 was discovered to contain a remote code execution (RCE) vulnerability in the component action_export_control.php. Date published : 2022-12-01 TVox 22.0.23

CVE-2022-43325

An unauthenticated command injection vulnerability in the product license validation function of Telos Alliance Omnia MPX Node 1.3.* – 1.4.* allows attackers to execute arbitrary commands via a crafted payload injected into the license...

CVE-2022-4257

A vulnerability was found in C-DATA Web Management System. It has been rated as critical. This issue affects some unknown processing of the file cgi-bin/jumpto.php of the component GET Parameter Handler. The manipulation of...