User interaction is not needed for exploitation.ProduĬVE-2021-22685 - An attacker may be able to use minify route with a relative path to view any file on the Cassia Networks Access Controller prior to 2.0.1.ĬVE-2021-27406 - An attacker can take leverage on PerFact OpenVPN-Client versions 1.4.1.0 and prior to send the config command from any application running on the local host machine to force the back-end server into initializing a new open-VPN instance with arbitrary openĬVE-2021-46839 - The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.ĬVE-2021-46840 - The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.ĬVE-2022-20397 - In SitRilClient_OnResponse of SitRilSe.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. Users performing signing operations with private ECC keys, such as in server-side TLS connections, might leak faulty ECC signaturĬVE-2021-0699 - In HTBLogKM of TBD, there is a possible out of bounds write due to a missing bounds check. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure. The manipulation of the argument Manage Remarks leadsĬVE-2022-42961 - An issue was discovered in wolfSSL before 5.5.0. Affected by this vulnerability is an unknown functionality of the component Quote Requests Tab. The manipulation of the argument First Name/Middle Name/Last Name leadsĬVE-2022-3519 - A vulnerability classified as problematic was found in SourceCodester Sanitization Management System 1.0. Affected is an unknown function of the component User Creation Handler. An attacker can use this vuĬVE-2022-3518 - A vulnerability classified as problematic has been found in SourceCodester Sanitization Management System 1.0. A remote and unauthenticated user can trigger the vulnerability by sending a crafted HTTP request. CVE-2017-20149 - The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |