MG Strategy+ - Foundation LogoSEC

MG Strategy+

Cybersecurity Data Services

Join Now-Sign Up
Log In

SEC

Editor Paper Extracts
Editor Picks Articles
Editor Picks Maps
Editor Picks Reports
MGS+ EPCM Workgroup
MGS+ ICS Workgroup
MGS+ Operational Efficiencies Workgroup
MGS+ Partners
Uncategorized

001 MGS Alerts Advisories

CVE-2021-3563 | OpenStack Keystone Application Secret stack-based overflow
A vulnerability was found in OpenStack Keystone. It has been rated as critical. Affected by this issue is some unknown functionality of the component Application Secret Handler. The manipulation leads ... read more
CVE-2021-3754 | Keycloak input validation
A vulnerability was found in Keycloak and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to improper input validation. This vulnerability is handled as ... read more
CVE-2022-0171 | Linux Kernel KVM SEV API cleanup
A vulnerability was found in Linux Kernel. It has been classified as critical. This affects an unknown part of the component KVM SEV API. The manipulation leads to incomplete cleanup. ... read more
CVE-2021-3735 | QEMU AHCI Controller Device ahci_reset_port locking
A vulnerability has been found in QEMU and classified as problematic. Affected by this vulnerability is the function ahci_reset_port of the component AHCI Controller Device. The manipulation leads to improper ... read more
CVE-2021-3703 | openshift-serverless prior 1.17.0 Privilege Escalation
A vulnerability, which was classified as problematic, was found in openshift-serverless. Affected is an unknown function. The manipulation leads to Privilege Escalation. This vulnerability is traded as CVE-2021-3703. The attack ... read more
CVE-2021-3632 | Keycloak WebAuthn improper authentication
A vulnerability, which was classified as critical, has been found in Keycloak. This issue affects some unknown processing of the component WebAuthn. The manipulation leads to improper authentication. The identification ... read more
CVE-2021-3574 | ImageMagick 7.0.11-5 Convert Command memory leak (ID 3540)
A vulnerability classified as problematic has been found in ImageMagick 7.0.11-5. This affects an unknown part of the component Convert Command Handler. The manipulation leads to memory leak. This vulnerability ... read more
CVE-2021-3585 | openstack-tripleo-heat-templates OSP13 Deployment information disclosure
A vulnerability classified as problematic was found in openstack-tripleo-heat-templates. This vulnerability affects unknown code of the component OSP13 Deployment. The manipulation leads to information disclosure. This vulnerability was named CVE-2021-3585. ... read more
90.0651000000
Modified (4)Android/Agent.CZB!trAndroid/Agent.DAJ!trAndroid/Obfus.ST!trRiskware/Application!Android ... read more
CVE-2021-3669 | Linux Kernel Shared Memory Page resource consumption
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is an unknown functionality of the component Shared Memory Page Handler. The manipulation leads to resource ... read more
CVE-2021-3864 | Linux Kernel SUID/GUID begin_new_exec permission
A vulnerability was found in Linux Kernel. It has been classified as critical. Affected is the function begin_new_exec of the component SUID/GUID. The manipulation leads to permission issues. This vulnerability ... read more
CVE-2021-3414 | Red Hat Satellite permissions
A vulnerability was found in Red Hat Satellite. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to preservation of permissions. This ... read more
CVE-2021-35939 | RPM link following
A vulnerability was found in RPM and classified as critical. This issue affects some unknown processing. The manipulation leads to link following. The identification of this vulnerability is CVE-2021-35939. The ... read more
CVE-2021-3856 | Keycloak path traversal
A vulnerability has been found in Keycloak and classified as problematic. This vulnerability affects the function ClassLoaderTheme/ClasspathThemeResourceProviderFactory. The manipulation leads to relative path traversal. This vulnerability was named CVE-2021-3856. The ... read more
CVE-2021-3644 | wildfly-core Management Interface information disclosure
A vulnerability, which was classified as problematic, was found in wildfly-core. This affects an unknown part of the component Management Interface. The manipulation leads to information disclosure. This vulnerability is ... read more
CVE-2022-42003
In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature ... read more
CVE-2022-42004
In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only ... read more
90.0650700000
Modified (2)Adware/Mobtool!AndroidAndroid/Agent.CZB!tr ... read more
CVE-2022-36681 | oretnom23 Simple Task Scheduling System 1.0 Master.php id sql injection
A vulnerability was found in oretnom23 Simple Task Scheduling System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=delete_account. The ... read more
CVE-2022-36683 | oretnom23 Simple Task Scheduling System 1.0 Master.php id sql injection
A vulnerability classified as critical was found in oretnom23 Simple Task Scheduling System 1.0. This vulnerability affects unknown code of the file /classes/Master.php?f=delete_payment. The manipulation of the argument id leads ... read more
CVE-2022-36521 | cskefu 7.0.1 permission (ID 724)
A vulnerability classified as critical has been found in cskefu 7.0.1. Affected is an unknown function. The manipulation leads to permission issues. This vulnerability is traded as CVE-2022-36521. The attack ... read more
CVE-2022-37151 | SourceCodester Online Diagnostic Lab Management System 1.0 access control
A vulnerability was found in SourceCodester Online Diagnostic Lab Management System 1.0. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to improper access ... read more
CVE-2021-39394 | mm-wiki 0.2.1 cross-site request forgery (ID 316)
A vulnerability was found in mm-wiki 0.2.1. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2021-39394. ... read more
CVE-2021-39393 | mm-wiki 0.2.1 Markdown Editor cross site scripting (ID 315)
A vulnerability was found in mm-wiki 0.2.1. It has been classified as problematic. This affects an unknown part of the component Markdown Editor. The manipulation leads to cross site scripting. ... read more
CVE-2022-37150 | SourceCodester Online Diagnostic Lab Management System 1.0 cross site scripting
A vulnerability has been found in SourceCodester Online Diagnostic Lab Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument ... read more
CVE-2022-37152 | SourceCodester Online Diagnostic Lab Management System 1.0 Users.php dob sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Online Diagnostic Lab Management System 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save_client. The manipulation ... read more
CVE-2022-36679 | oretnom23 Simple Task Scheduling System 1.0 id sql injection
A vulnerability, which was classified as critical, was found in oretnom23 Simple Task Scheduling System 1.0. Affected is an unknown function of the file /admin/?page=user/manage_user. The manipulation of the argument ... read more
CVE-2022-36682 | oretnom23 Simple Task Scheduling System 1.0 Master.php id sql injection
A vulnerability classified as critical has been found in oretnom23 Simple Task Scheduling System 1.0. This affects an unknown part of the file /classes/Master.php?f=delete_student. The manipulation of the argument id ... read more
90.0650600000
Modified (4)Adware/ScamApp!AndroidAndroid/Agent.GWO!trAndroid/Agent.JJV!trRiskware/Application!Android ... read more
Chrome for Android Update
Hi, everyone! We've just released Chrome 106 (106.0.5249.65) for Android: it'll become available on Google Play over the next few days.This release includes stability and performance improvements. You can see a ... read more
CVE-2022-36358 | SEO Scout Plugin up to 0.9.83 on WordPress Setting cross-site request forgery
A vulnerability classified as problematic was found in SEO Scout Plugin up to 0.9.83. This vulnerability affects unknown code of the component Setting Handler. The manipulation leads to cross-site request ... read more
CVE-2021-40285 | htmly 2.8.1 viewsbackup.html.php denial of service (ID 462)
A vulnerability was found in htmly 2.8.1 and classified as problematic. This issue affects some unknown processing of the file viewsbackup.html.php. The manipulation leads to denial of service. The identification ... read more
CVE-2022-36680 | oretnom23 Simple Task Scheduling System 1.0 Master.php id sql injection
A vulnerability was found in oretnom23 Simple Task Scheduling System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=delete_schedule. The ... read more
CVE-2021-42521 | VTK libxml2 API vtkXMLTreeReader.cxx xmlDocGetRootElement resource consumption (ID 17818)
A vulnerability has been found in VTK and classified as problematic. Affected by this vulnerability is the function xmlDocGetRootElement of the file IO/Infovis/vtkXMLTreeReader.cxx of the component libxml2 API. The manipulation ... read more
CVE-2021-43767 | Odyssey insufficiently protected credentials (ID 377)
A vulnerability classified as critical has been found in Odyssey. This affects an unknown part. The manipulation leads to insufficiently protected credentials. This vulnerability is uniquely identified as CVE-2021-43767. The ... read more
CVE-2022-20921 | Cisco ACI Multi-Site Orchestrator API improper authorization (cisco-sa-mso-prvesc-BPFp9cZs)
A vulnerability has been found in Cisco ACI Multi-Site Orchestrator and classified as critical. This vulnerability affects unknown code of the component API. The manipulation leads to improper authorization. This ... read more
CVE-2022-0135 | virglrenderer IOCTL out-of-bounds write
A vulnerability, which was classified as critical, was found in virglrenderer. Affected is an unknown function of the component IOCTL Handler. The manipulation leads to out-of-bounds write. This vulnerability is ... read more
CVE-2022-23235 | NetApp Active IQ Unified Manager up to 9.10 AutoSupport Telemetry information disclosure (ntap-20220324-0001)
A vulnerability, which was classified as problematic, was found in NetApp Active IQ Unified Manager up to 9.10. This affects an unknown part of the component AutoSupport Telemetry Handler. The ... read more
CVE-2022-36527 | Jfinal CMS 5.1.0 Blog Module cross site scripting (ID 45)
A vulnerability classified as problematic was found in Jfinal CMS 5.1.0. Affected by this vulnerability is an unknown functionality of the component Blog Module. The manipulation leads to cross site ... read more
CVE-2022-37952 | GE WorkstationST prior 07.09.15 iHistorian Data Display cross site scripting
A vulnerability, which was classified as problematic, has been found in GE WorkstationST. Affected by this issue is some unknown functionality of the component iHistorian Data Display. The manipulation leads ... read more
CVE-2022-23715 | Elastic Cloud Enterprise up to 3.3.x /api/v1/user log file
A vulnerability was found in Elastic Cloud Enterprise up to 3.3.x. It has been declared as problematic. This vulnerability affects unknown code of the file /api/v1/user. The manipulation leads to ... read more
CVE-2022-2255 | mod_wsgi Header Client-IP less trusted source (DLA 3111-1)
A vulnerability was found in mod_wsgi. It has been rated as critical. This issue affects some unknown processing of the component Header Handler. The manipulation of the argument Client-IP leads ... read more
CVE-2022-36678 | oretnom23 Simple Task Scheduling System 1.0 Master.php id sql injection
A vulnerability was found in oretnom23 Simple Task Scheduling System 1.0. It has been classified as critical. Affected is an unknown function of the file /classes/Master.php?f=delete_category. The manipulation of the ... read more
CVE-2021-42522 | GNOME anjuta libxml2 API anjuta-bookmarks.c xmlGetProp information disclosure (ID 12)
A vulnerability was found in GNOME anjuta and classified as problematic. Affected by this issue is the function xmlGetProp of the file anjuta/plugins/document-manager/anjuta-bookmarks.c of the component libxml2 API. The manipulation ... read more
CVE-2021-4022 | rizin Binarygets uninitialized pointer (ID 2015)
A vulnerability, which was classified as critical, has been found in rizin. This issue affects some unknown processing of the component Binarygets Handler. The manipulation leads to uninitialized pointer. The ... read more
90.0650500000
Modified (1)Adware/Agent!Android ... read more
Go Read a Research Paper
Where does much of the great innovation in our world come from? Basically, it is often built by the hands of many, and on amazing vision…Continue reading on ASecuritySite: When ... read more
CVE-2021-23159 | SoX File formats_i.c lsx_read_w_buf buffer overflow
A vulnerability, which was classified as critical, has been found in SoX. This issue affects the function lsx_read_w_buf of the file formats_i.c of the component File Handler. The manipulation leads ... read more
CVE-2022-29850 | Lexmark Product up to 2022-04-27 Configuration Setting input validation
A vulnerability has been found in Lexmark Product up to 2022-04-27 and classified as critical. This vulnerability affects unknown code of the component Configuration Setting Handler. The manipulation leads to ... read more
CVE-2021-3914 | smallrye-health-ui UI cross site scripting
A vulnerability was found in smallrye-health-ui. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component UI. The manipulation leads to cross site ... read more

MG Strategy+ Industrial Control Systems Group @2019

KAVI MGS iSTRACIN Platform v 02.25 Sunday, October 2, 2022

Disclaimer |
Terms |
Privacy
About-Services |
Blog-Reports
YouTube
Pinterest
LinkedIn
Twitter
LinkedIn
Twitter
Connect-Contact

Login

Login to integratus systems Exchange Platform Services

Forgot password?

Register Now

Hello

Your Account Type is
Your Mail Id is
Your Username is

PDF Library Search

Security Briefing Search

Foundation Logo Search

Reset Password

Reset Password

You have no permission to access this content