An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of an OAS user...
A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to remote code execution. An attacker can send...
A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive...
An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to arbitrary file read. An attacker can send...
An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of a custom Security...
A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to loss of communications. An attacker can send a...
TrueStack Direct Connect 1.4.7 has Incorrect Access Control. Date published : 2022-05-25 Support CVE-2022-23775 – Vulnerability Upgrade to 1.4.10 or higher to fix
Tableau is aware of a broken access control vulnerability present in Tableau Server affecting Tableau Server customers using Local Identity Store for managing users. The vulnerability allows a malicious site administrator to change passwords...
A Missing Encryption of Sensitive Data vulnerability in SUSE Rancher, Rancher allows attackers on the network to read and change network data due to missing encryption of data transmitted via the network when a...
SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0. Date published : 2022-05-25 https://huntr.dev/bounties/a25d15bd-cd23-487e-85cd-587960f1b9e7 https://github.com/camptocamp/terraboard/commit/2a5dbaac015dc0714b41a59995e24f5767f89ddc
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. Date published : 2022-05-25 https://huntr.dev/bounties/f8af901a-9a46-440d-942a-8f815b59394d https://github.com/vim/vim/commit/78d52883e10d71f23ab72a3d8b9733b00da8c9ad
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2. Date published : 2022-05-25 https://huntr.dev/bounties/6e856a25-9117-47c6-9375-52f78876902f https://github.com/jgraph/drawio/commit/c287bef9101d024b1fd59d55ecd530f25000f9d8
An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients. Date...
A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock....