Kategori: NIST-Güvenlik Açıkları

CVE-2022-23236

E-Series SANtricity OS Controller Software versions 11.40 through 11.70.2 store the LDAP BIND password in plaintext within a file accessible only to privileged users. Zafiyet…

Devamını oku

CVE-2022-23237

E-Series SANtricity OS Controller Software 11.x versions through 11.70.2 are vulnerable to host header injection attacks that could allow an attacker to redirect users to…

Devamını oku

CVE-2022-24238

ACEweb Online Portal 3.5.065 was discovered to contain a cross-site scripting (XSS) vulnerability via the txtNmName1 parameter in person.awp. Zafiyet ile ilgili Genel Bilgi, Etki…

Devamını oku

CVE-2022-24239

ACEweb Online Portal 3.5.065 was discovered to contain an unrestricted file upload vulnerability via attachments.awp. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

Devamını oku

CVE-2022-24240

ACEweb Online Portal 3.5.065 was discovered to contain a SQL injection vulnerability via the criteria parameter in showschedule.awp. Zafiyet ile ilgili Genel Bilgi, Etki ve…

Devamını oku

CVE-2022-24241

ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name vulnerability via the txtFilePath parameter in attachments.awp. Zafiyet ile ilgili…

Devamını oku

CVE-2022-22767

Specific BD Pyxisâ„¢ products were installed with default credentials and may presently still operate with these credentials. There may be scenarios where BD Pyxisâ„¢ products…

Devamını oku