CVE-2022-37835 Torguard has a vulnerability that allows an attacker to dump sensitive information, such as credentials and information about the server, without admin privileges.
The issue was discovered by researchers at Cisco Talos, and it affects all versions of Torguard, including the Windows and Mac versions. Depending on the
CVE-2022-36257 An SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands.
The vulnerability is due to insufficient validation of user input in the UserDAO method. An attacker can inject malicious code/data into the website and
CVE-2022-40324 SysAid Help Desk before 22.1.65 allows XSS via the Linked SRs field, aka FR# 67258.
SRs is a system field that allows end users to input the details of the software release they are experiencing. A search engine vulnerability in
CVE-2022-40323 SysAid Help Desk before 22.1.65 allows XSS in the Password Services module, aka FR# 67241.
This was addressed in 22.1.66.13 and later. Cisco WebEx Teams does not support the use of XSS in any of its components.
CVE-2021-40648 Man2html 1.6g can create a filename to overwrite the size parameter of the next chunk and the fd, bk, fd_nextsize, and bk_nextsize of the current chunk.
This flaw can be used to create a denial of service, or to overwrite arbitrary components of the hard drive. In man2html 1.6g, a
Episode
00:00:00
00:00:00