1601
|
- |
|
-
|
-
|
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the pe…
|
-
|
CVE-2024-5742
|
2024-09-17 09:15 |
2024-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1602
|
10.0 |
CRITICAL
Network
etictelecom
|
remote_access_server_firmware
|
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior is vulnerable to malicious file upload. An attacker could take advantage of this to store malicious files on the server, which …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2022-40981
|
2024-09-17 09:15 |
2022-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1603
|
5.3 |
MEDIUM
Network
solarwinds
|
sql_sentry
|
Sensitive information could be displayed when a detailed technical error message is posted. This information could disclose environmental details.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2022-38107
|
2024-09-17 09:15 |
2022-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1604
|
7.8 |
HIGH
Local
|
amd
|
enterprise_driver radeon_pro_software radeon_software radeon_rx_vega_56_firmware radeon_rx_vega_64_firmware ryzen_3_2200ge_firmware ryzen_3_2200g_firmware ryzen_5_2400ge_firmware…
|
Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.
|
NVD-CWE-Other
|
CVE-2020-12930
|
2024-09-17 09:15 |
2022-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1605
|
5.3 |
MEDIUM
Network
jumpdemand
|
activedemand
|
Broken Authentication vulnerability in JumpDEMAND Inc. ActiveDEMAND plugin <= 0.2.27 at WordPress allows unauthenticated post update/create/delete.
|
CWE-287
Improper Authentication
|
CVE-2022-36296
|
2024-09-17 09:15 |
2022-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1606
|
7.5 |
HIGH
Network
f5
|
big-ip_analytics big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_fraud_protection_servi…
|
In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when a BIG-IP LTM Client SSL profile is configured on a virtual server to perform …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2022-32455
|
2024-09-17 09:15 |
2022-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1607
|
9.4 |
CRITICAL
Network
inavitas
|
solar_log
|
Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.
|
CWE-89
SQL Injection
|
CVE-2022-1277
|
2024-09-17 09:15 |
2022-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1608
|
7.8 |
HIGH
Local
|
abb
|
mint_workbench automation_builder drive_composer
|
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already e…
|
CWE-59
Link Following
|
CVE-2022-31217
|
2024-09-17 09:15 |
2022-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1609
|
9.8 |
CRITICAL
Network
festo
|
controller_cecc-x-m1_firmware controller_cecc-x-m1-mv_firmware controller_cecc-x-m1-mv-s1_firmware controller_cecc-x-m1-ys-l1_firmware controller_cecc-x-m1-ys-l2_firmware controller_ce…
|
In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-refresh-request" POST request doesn’t check for port syntax. This can result in unauthorized execution of …
|
CWE-78 CWE-863
OS Command Incorrect Authorization
|
CVE-2022-30311
|
2024-09-17 09:15 |
2022-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1610
|
5.4 |
MEDIUM
Network
|
netdatasoft
|
divvy_drive
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NetDataSoft DivvyDrive allows Stored XSS.This issue affects DivvyDrive: from unspecified before v…
|
CWE-79
Cross-site Scripting
|
CVE-2022-0900
|
2024-09-17 09:15 |
2022-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|