Aggregator

CVE-2022-38577 | ProcessMaker up to 3.5.3 User Profile Page permission (ID 168427)

8 months 3 weeks ago

A vulnerability, which was classified as critical, has been found in ProcessMaker up to 3.5.3. Affected by this issue is some unknown functionality of the component User Profile Page. The manipulation leads to permission issues. This vulnerability is handled as CVE-2022-38577. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2022-40712 | NOKIA 1350OMS 14.2 cross site scripting

Vuldb Updates

8 months 3 weeks ago

A vulnerability was found in NOKIA 1350OMS 14.2 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2022-40712. The attack may be initiated remotely. There is no exploit available.

vuldb.com

CVE-2022-23767 | HANSSAK SecureGate prior 3.5.6 Login sql injection (EUVD-2022-28703)

Vuldb Updates

8 months 3 weeks ago

A vulnerability was found in HANSSAK SecureGate. It has been declared as critical. This vulnerability affects unknown code of the component Login. The manipulation leads to sql injection. This vulnerability was named CVE-2022-23767. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2023-6830 | Formidable Forms Plugin up to 6.7 on WordPress cross site scripting

Vuldb Updates

8 months 3 weeks ago

A vulnerability was found in Formidable Forms Plugin up to 6.7 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to basic cross site scripting. The identification of this vulnerability is CVE-2023-6830. The attack may be initiated remotely. There is no exploit available.

vuldb.com

CVE-2024-22368 | Spreadsheet::ParseXLSX prior 0.28 on Perl XLSX Document resource consumption

Vuldb Updates

8 months 3 weeks ago

A vulnerability was found in Spreadsheet::ParseXLSX on Perl. It has been declared as problematic. This vulnerability affects unknown code of the component XLSX Document Handler. The manipulation leads to resource consumption. This vulnerability was named CVE-2024-22368. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2023-50585 | Tenda A18 15.13.07.09 formSetDeviceName devName stack-based overflow

Vuldb Updates

8 months 3 weeks ago

A vulnerability was found in Tenda A18 15.13.07.09. It has been rated as critical. This issue affects the function formSetDeviceName. The manipulation of the argument devName leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2023-50585. Access to the local network is required for this attack. There is no exploit available.

vuldb.com

CVE-2024-22164 | Splunk Enterprise Security up to 7.1.1 Attachment Endpoint resource consumption (SVD-2024-0101)

Vuldb Updates

8 months 3 weeks ago

A vulnerability classified as problematic was found in Splunk Enterprise Security up to 7.1.1. This vulnerability affects unknown code of the component Attachment Endpoint Handler. The manipulation leads to resource consumption. This vulnerability was named CVE-2024-22164. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2023-38827 | Follet School Solutions Destiny 20_0_1_AU4 presentonesearchresultsform.do cross site scripting

Vuldb Updates

8 months 3 weeks ago

A vulnerability was found in Follet School Solutions Destiny 20_0_1_AU4 and classified as problematic. This issue affects some unknown processing of the file presentonesearchresultsform.do. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2023-38827. The attack may be initiated remotely. There is no exploit available.

vuldb.com

【通知】全球拓展计划：征集英文版企业产品介绍

丁爸情报分析师的工具箱

8 months 3 weeks ago

为了实现中国企业与全球市场的无缝对接，我们启动了一项全面的计划，旨在将优秀的中国企业推广到东南亚、中东、非洲和南美洲等全球各地。

【资讯】全球特定国家每日动态

丁爸情报分析师的工具箱

8 months 3 weeks ago

全球特定国家每日动态。

CVE-2002-2357 | MailEnable 1.5015/1.5016/1.5017/1.5018 User memory corruption (EDB-22023 / XFDB-10652)

Vuldb Updates

8 months 3 weeks ago

A vulnerability classified as critical was found in MailEnable 1.5015/1.5016/1.5017/1.5018. Affected by this vulnerability is an unknown functionality. The manipulation of the argument User leads to memory corruption. This vulnerability is known as CVE-2002-2357. The attack can be launched remotely. Furthermore, there is an exploit available.

vuldb.com

Qilin

Dark Feed IO

8 months 3 weeks ago

You must login to view this content

cohenido

Stack Spoof-堆栈欺骗

先知技术社区

8 months 3 weeks ago

本文通过Window x86_32栈回溯机制，详细讲述了两种基本堆栈欺骗的方式，最后讲述了DEFCON中STACKMOONWALK巧妙的堆栈欺骗方式。

Deep Dive into Endpoint Security – Tools and Best Practices for 2025

Cyber Security News

8 months 3 weeks ago

The endpoint security landscape in 2025 represents a sophisticated ecosystem of integrated technologies designed to protect increasingly diverse device environments. Organizations must navigate a complex terrain of EDR, XDR, and EPP solutions while implementing Zero Trust architectures and managing unprecedented endpoint diversity. This comprehensive analysis examines cutting-edge tools, provides technical implementation guidance, and establishes best […]

The post Deep Dive into Endpoint Security – Tools and Best Practices for 2025 appeared first on Cyber Security News.

CISO Advisory

Safepay

Dark Feed IO

8 months 3 weeks ago

You must login to view this content

cohenido

Safepay

Dark Feed IO

8 months 3 weeks ago

You must login to view this content

cohenido

CVE-2023-45696 | HCL Sametime up to 12.0.1 FP1 Legacy Web Chat Client information disclosure (KB0109082 / EUVD-2023-49985)

Vuldb Updates

8 months 3 weeks ago

A vulnerability was found in HCL Sametime up to 12.0.1 FP1 and classified as problematic. This issue affects some unknown processing of the component Legacy Web Chat Client. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2023-45696. It is possible to launch the attack on the physical device. There is no exploit available.

vuldb.com

CVE-2023-37530 | HCL BigFix Platform up to 9.5.23/10.0.10 Web Reports cross site scripting (KB0110209 / EUVD-2023-41417)

Vuldb Updates

8 months 3 weeks ago

A vulnerability classified as problematic was found in HCL BigFix Platform up to 9.5.23/10.0.10. This vulnerability affects unknown code of the component Web Reports. The manipulation leads to cross site scripting. This vulnerability was named CVE-2023-37530. The attack can be initiated remotely. There is no exploit available.

vuldb.com

CVE-2023-37529 | HCL BigFix Platform up to 9.5.23/10.0.10 Web Reports cross site scripting (KB0110209 / EUVD-2023-41416)

Vuldb Updates

8 months 3 weeks ago

A vulnerability, which was classified as problematic, has been found in HCL BigFix Platform up to 9.5.23/10.0.10. This issue affects some unknown processing of the component Web Reports. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2023-37529. The attack may be initiated remotely. There is no exploit available.

vuldb.com

CVE-2024-3056 | podman up to 5.0.0-dev Shared IPC Namespace denial of service (EUVD-2024-2652)

Vuldb Updates

8 months 3 weeks ago

A vulnerability, which was classified as problematic, was found in podman up to 5.0.0-dev. Affected is an unknown function of the component Shared IPC Namespace Handler. The manipulation leads to denial of service. This vulnerability is traded as CVE-2024-3056. The attack needs to be initiated within the local network. There is no exploit available.

vuldb.com

Aggregator

Managed ad