Vulnerability Summary for the Week of October 24, 2022
10web — form_maker The Form Maker by 10Web WordPress plugin before 1.15.6 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a…
Security Information and News
10web — form_maker The Form Maker by 10Web WordPress plugin before 1.15.6 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a…
74cms — 74cmsse An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of 74cmsSE v3.13.0 allows attackers to execute arbitrary code via a crafted PHP file. 2022-10-17 9.8 CVE-2022-42154MISC acer…
adobe — acrobat_reader Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in…
actian — psql If folder security is misconfigured for Actian Zen PSQL BEFORE Patch Update 1 for Zen 15 SP1 (v15.11.005), Patch Update 4 for Zen 15 (v15.01.017), or Patch…
acer — altos_t110_f3 There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this…
10-strike — network_inventory_explorer 10-Strike Network Inventory Explorer v9.3 was discovered to contain a buffer overflow via the Add Computers function. 2022-09-23 not yet calculated CVE-2022-38573MISCMISC acer — multiple_products There is…
adobe — animate Adobe Animate version 21.0.11 (and earlier) and 22.0.7 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a…
apache — airflow In Apache Airflow versions 2.2.4 through 2.3.3, the `database` webserver session backend was susceptible to session fixation. 2022-09-02 not yet calculated CVE-2022-38054CONFIRMMLIST apache — airflow In Apache…
advancecomp — advancecomp Advancecomp v2.3 was discovered to contain a segmentation fault. 2022-08-29 not yet calculated CVE-2022-35019MISCMISC advancecomp — advancecomp Advancecomp v2.3 was discovered to contain a segmentation fault. 2022-08-29…
72crm — wukong_crm 72crm 9.0 has an Arbitrary file upload vulnerability. 2022-08-24 not yet calculated CVE-2022-37181MISC 72crm — wukong_crm An issue was discovered in 72crm 9.0. There is a SQL…