In Toll Tax Management System 1.0, the id parameter appears to be vulnerable to SQL injection attacks. Date published : 2022-05-17 https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Toll-Tax-Management-System
In Home Clean Service System 1.0, the password parameter is vulnerable to SQL injection attacks. Date published : 2022-05-17 https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/acetech/2022/Home-Clean-Service-System
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap out-of-bounds read. Date published : 2022-05-17 https://sourceforge.net/p/ezxml/bugs/29/
GXCMS V1.5 has a file upload vulnerability in the background. The vulnerability is the template management page. You can edit any template content and then rename to PHP suffix file, after calling PHP file...
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions....
Persistent Cross-Site Scripting (XSS) vulnerability in Alexander Stokmann’s Code Snippets Extended plugin
Cross-Site Request Forgery (CSRF) vulnerability in Alexander Stokmann’s Code Snippets Extended plugin
Remote Code Execution (RCE) in Alexander Stokmann’s Code Snippets Extended plugin
countly-server is the server-side part of Countly, a product analytics solution. Prior to versions 22.03.7 and 21.11.4, a malicious actor who knows an account email address/username and full name specified in the database is...
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec –cap` created processes with...
A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. Date published : 2022-05-17 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04278en_us
A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. Date published : 2022-05-17 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04278en_us
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where it may lead to a use-after-free, which in turn may cause denial of service. This attack is complex to carry out...
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where uncontrolled resource consumption can be triggered by an unprivileged regular user, which may lead to denial of service. Date published :...