Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

CVE-2022-29587: Sandbox Escape with Root Access & Clear-text passwords in Konica Minolta bizhub MFP Printer Terminals

Konica Minolta bizhub MFP devices before 2022-04-14 have an internal Chromium browser that executes with root (aka superuser) access privileges.

CVE
#vulnerability#web#ios#linux#git#nginx#auth#chrome
CVE-2021-41965: SQL Injection Vulnerability in ChurchCRM (CVE-2021-41965)

A SQL injection vulnerability exists in ChurchCRM version 2.0.0 to 4.4.5 that allows an authenticated attacker to issue an arbitrary SQL command to the database through the unsanitized EN_tyid, theID and EID fields used when an Edit action on an existing record is being performed.

CVE-2021-41965: SQL Injection Vulnerability in ChurchCRM (CVE-2021-41965)

A SQL injection vulnerability exists in ChurchCRM version 2.0.0 to 4.4.5 that allows an authenticated attacker to issue an arbitrary SQL command to the database through the unsanitized EN_tyid, theID and EID fields used when an Edit action on an existing record is being performed.

CVE-2022-30367: bug_report/delet-file-1.md at main · k0xx11/bug_report

Air Cargo Management System v1.0 is vulnerable to file deletion via /acms/classes/Master.php?f=delete_img.

CVE-2022-30370: bug_report/SQLi-1.md at main · k0xx11/bug_report

Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo_type.

CVE-2022-30370: bug_report/SQLi-1.md at main · k0xx11/bug_report

Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo_type.

CVE-2022-30489: GitHub - badboycxcc/XSS-CVE-2022-30489

WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi.

CVE-2022-30489: GitHub - badboycxcc/XSS

WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi.

CVE-2022-1640: Chromium: CVE-2022-1640 Use after free in Sharing

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 101.0.1210.47 5/13/2022 101.0.4951.64

CVE-2022-1639: Chromium: CVE-2022-1639 Use after free in ANGLE

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 101.0.1210.47 5/13/2022 101.0.4951.64