CVE-2022-20810 (ios_xe)
A vulnerability in the Simple Network Management Protocol (SNMP) of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an authenticated,…
Devamını oku
Day: Eylül 30, 2022
CVE-2022-20775 (sd-wan, sd-wan_vbond_orchestrator, sd-wan_vmanage, sd-wan_vsmart_controller)
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper…
CVE-2022-20769 (wireless_lan_controller_software)
A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of…
CVE-2022-20728 (aironet_1542d_firmware, aironet_1542i_firmware, aironet_1562d_firmware, aironet_1562e_firmware, aironet_1562i_firmware, aironet_1815i_firmware, aironet_1815m_firmware, aironet_1815t_firmware, aironet_1815w_firmware, aironet_1830_firmware, aironet_1840_firmware, aironet_1850e_firmware, aironet_1850i_firmware, aironet_2800e_firmware, aironet_2800i_firmware, aironet_3800e_firmware, aironet_3800i_firmware, aironet_3800p_firmware, aironet_4800_firmware, catalyst_9105ax_firmware, catalyst_9115ax_firmware, catalyst_9117ax_firmware, catalyst_9120ax_firmware, catalyst_9124ax_firmware, catalyst_9130ax_firmware, catalyst_iw6300_firmware)
A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native…
CVE-2022-20662 (duo)
A vulnerability in the smart card login authentication of Cisco Duo for macOS could allow an unauthenticated attacker with physical access to bypass authentication. This…
CVE-2021-36865 (quiz_and_survey_master)
Insecure direct object references (IDOR) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 at WordPress allows attackers to change the content of the…
CVE-2022-40944 (dairy_farm_shop_management_system)
Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via sales-report-ds.php file. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku…
CVE-2021-33354
Directory Traversal vulnerability in htmly before 2.8.1 allows remote attackers to perform arbitrary file deletions via modified file parameter. Zafiyet ile ilgili Genel Bilgi, Etki…
CVE-2022-40316 (extra_packages_for_enterprise_linux, fedora, moodle)
The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups…
CVE-2022-40315 (extra_packages_for_enterprise_linux, fedora, moodle)
A limited SQL injection risk was identified in the “browse list of users” site administration page. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…