CVE-2021-3574 An ASAN vulnerability was found in ImageMagick 7.0.11. An attacker can use the convert command to leak memory.
When an attacker provides a crafted file, ASAN is able to detect memory leaks. This can be exploited to cause a denial of service by
CVE-2022-36719 The Ok parameter of the Library Management System v1.0 was found to be vulnerable to SQL injection.
An attacker can inject arbitrary SQL queries that enable SQL injection and obtain access to internal database structures. Any system that uses this software, especially
CVE-2022-36720 The v1.0 Library Management System was found to have a SQL injection vulnerability.
An attacker can leverage this vulnerability to execute arbitrary SQL commands against the affected system. An attacker exploiting this vulnerability can install applications, view data,
CVE-2022-36697 The Stock Management System v1.0 had a SQL injection vulnerability.
The source of the attack was discovered to be the id parameter, which is not sanitized before being injected into a SQL query. This allowed
CVE-2022-36456 TOTOLink A720R V4.1.5cu.532_B20210610 has a command injection vulnerability via the username parameter in /cstecgi.cgi.
A remote attacker can exploit this flaw to execute arbitrary code on the system. This attack can be prevented by ensuring that input validation is
Episode
00:00:00
00:00:00