CVE-2022-23446
A improper control of a resource through its lifetime in Fortinet FortiEDR version 5.0.3 and earlier allows attacker to make the whole application unresponsive via changing its root directory access…
CVE-2022-24786
PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI (Reference Picture Selection Indication) packet,…
CVE-2022-24793
PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.12 and prior affects applications that uses PJSIP DNS resolution. It…
CVE-2022-24822
Podium is a library for building micro frontends. @podium/layout is a module for building a Podium layout server, and @podium/proxy is a module for proxying HTTP requests from a layout…
CVE-2022-26110
An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x before 9.0.10, and 9.1.x before 9.6.0. When a user authenticates to an HTCondor daemon via the CLAIMTOBE method, the user…
CVE-2022-26250
Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate privileges. Go to Source of this post Author Of this post:
CVE-2022-26251
The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges. Go to Source of this post Author Of this…
CVE-2022-26591
FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows unauthenticated attackers to access and download arbitrary files via a crafted GET request. Go to Source of this post Author Of this post:
CVE-2022-26605
eZiosuite v2.0.7 contains an authenticated arbitrary file upload via the Avatar upload functionality. Go to Source of this post Author Of this post:
CVE-2022-26607
A remote code execution (RCE) vulnerability in baigo CMS v3.0-alpha-2 was discovered to allow attackers to execute arbitrary code via uploading a crafted PHP file. Go to Source of this…