-
CVE-2021-44482
•
published on April 15, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of input validation in calls to do_verify in sr_unix/do_verify.c allows attackers to attempt to jump to a NULL pointer by corrupting a function pointer.
-
CVE-2021-44482
•
published on April 15, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of input validation in calls to do_verify in sr_unix/do_verify.c allows attackers to attempt to jump to a NULL pointer by corrupting a function pointer.
-
CVE-2021-44481
•
published on April 15, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of parameter validation in calls to memcpy in check_and_set_timeout in sr_unix/ztimeoutroutines.c allows attackers to attempt to read from a NULL pointer.
-
CVE-2021-44481
•
published on April 15, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of parameter validation in calls to memcpy in check_and_set_timeout in sr_unix/ztimeoutroutines.c allows attackers to attempt to read from a NULL pointer.
-
CVE-2021-44481
•
published on April 15, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of parameter validation in calls to memcpy in check_and_set_timeout in sr_unix/ztimeoutroutines.c allows attackers to attempt to read from a NULL pointer.
-
CVE-2021-44481
•
published on April 15, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of parameter validation in calls to memcpy in check_and_set_timeout in sr_unix/ztimeoutroutines.c allows attackers to attempt to read from a NULL pointer.
-
CVE-2021-36205
•
published on April 15, 2022
Under certain circumstances the session token is not cleared on logout.
-
CVE-2021-36205
•
published on April 15, 2022
Under certain circumstances the session token is not cleared on logout.
-
CVE-2021-36205
•
published on April 15, 2022
Under certain circumstances the session token is not cleared on logout.
-
CVE-2021-36205
•
published on April 15, 2022
Under certain circumstances the session token is not cleared on logout.
-
CVE-2022-27852
•
published on April 15, 2022
Multiple Unauthenticated Stored Cross-Site Scripting (XSS) vulnerabilities in KB Support (WordPress plugin) = 1.5.5 versions.
-
CVE-2022-27852
•
published on April 15, 2022
Multiple Unauthenticated Stored Cross-Site Scripting (XSS) vulnerabilities in KB Support (WordPress plugin) = 1.5.5 versions.
-
CVE-2022-27852
•
published on April 15, 2022
Multiple Unauthenticated Stored Cross-Site Scripting (XSS) vulnerabilities in KB Support (WordPress plugin) = 1.5.5 versions.
-
CVE-2022-27852
•
published on April 15, 2022
Multiple Unauthenticated Stored Cross-Site Scripting (XSS) vulnerabilities in KB Support (WordPress plugin) = 1.5.5 versions.
-
CVE-2021-36828
•
published on April 15, 2022
Authenticated (admin+) Stored Cross-Site Scripting (XSS) in WP Maintenance plugin = 6.0.7 versions.
-
CVE-2021-36828
•
published on April 15, 2022
Authenticated (admin+) Stored Cross-Site Scripting (XSS) in WP Maintenance plugin = 6.0.7 versions.
-
CVE-2021-36828
•
published on April 15, 2022
Authenticated (admin+) Stored Cross-Site Scripting (XSS) in WP Maintenance plugin = 6.0.7 versions.
-
CVE-2021-36828
•
published on April 15, 2022
Authenticated (admin+) Stored Cross-Site Scripting (XSS) in WP Maintenance plugin = 6.0.7 versions.
-
CVE-2022-27851
•
published on April 15, 2022
Cross-Site Request Forgery (CSRF) in Use Any Font (WordPress plugin) = 6.1.7 allows an attacker to deactivate the API key.
-
CVE-2022-27851
•
published on April 15, 2022
Cross-Site Request Forgery (CSRF) in Use Any Font (WordPress plugin) = 6.1.7 allows an attacker to deactivate the API key.