Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-31263PUBLISHED: 2022-05-24app/models/user.rb in Mastodon before 3.5.0 allows a bypass of e-mail restrictions.
CVE-2022-0734PUBLISHED: 2022-05-24
A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35 through 5.20, that could a...
CVE-2022-0910PUBLISHED: 2022-05-24
A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.32 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, and VPN series firmware versio...
CVE-2022-29305PUBLISHED: 2022-05-24imgurl v2.31 was discovered to contain a Blind SQL injection vulnerability via /upload/localhost.
CVE-2022-29309PUBLISHED: 2022-05-24mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery.
User Rank: Ninja
4/29/2019 | 10:29:16 PM