Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-2253PUBLISHED: 2022-07-01A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 may send OS commands to execute on the host server.
CVE-2014-3648PUBLISHED: 2022-07-01
The simplepush server iterates through the application installations and pushes a notification to the server provided by deviceToken. But this is user controlled. If a bogus applications is registered with bad deviceTokens, one can generate endless exceptions when those endpoints can't be reached or...
CVE-2014-3650PUBLISHED: 2022-07-01Multiple persistent cross-site scripting (XSS) flaws were found in the way Aerogear handled certain user-supplied content. A remote attacker could use these flaws to compromise the application with specially crafted input.
CVE-2022-2282PUBLISHED: 2022-07-01Improper Authorization in GitHub repository saltstack/salt prior to 3004.2.
CVE-2022-33099PUBLISHED: 2022-07-01An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs.
User Rank: Author
11/13/2019 | 10:30:46 AM