Read Time:10 Second
Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
Category Archives: Advisories
CVE-2020-13590
Read Time:17 Second
Multiple exploitable SQL injection vulnerabilities exist in the ‘entities/fields’ page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities, this can be done either with administrator credentials or through cross-site request forgery.
CVE-2020-25163
Read Time:18 Second
A remote attacker with write access to PI ProcessBook files could inject code that is imported into OSIsoft PI Vision 2020 versions prior to 3.5.0. Unauthorized information disclosure, modification, or deletion is also possible if a victim views or interacts with the infected display. This vulnerability affects PI System data and other data accessible with victim’s user permissions.
CVE-2020-25167
Read Time:7 Second
OSIsoft PI Vision 2020 versions prior to 3.5.0 could disclose information to a user with insufficient privileges for an AF attribute.
CVE-2020-28602
Read Time:22 Second
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_vertex() Halfedge_of[].
CVE-2020-28603
Read Time:23 Second
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_hedge() e->set_prev().
CVE-2020-28604
Read Time:23 Second
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_hedge() e->set_next().
CVE-2011-1762
Read Time:12 Second
A flaw exists in WordPress related to the ‘wp-admin/press-this.php ‘script improperly checking user permissions when publishing posts. This may allow a user with ‘Contributor-level’ privileges to post as if they had ‘publish_posts’ permission.
CVE-2011-4917
Read Time:5 Second
In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat.
plantuml-1.2022.4-1.fc36
Read Time:7 Second
FEDORA-2022-930b54aa84
Packages in this update:
plantuml-1.2022.4-1.fc36
Update description:
notes=Security fix for [CVE-2022-1231]