Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2022-06-17 CVE-2022-31296 SQL Injection vulnerability in Online Discussion Forum Project Online Discussion Forum 1.0
Online Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/view_post.php.
network
low complexity
online-discussion-forum-project CWE-89
7.5
2022-06-17 CVE-2022-33912 Incorrect Default Permissions vulnerability in Tribe29 Checkmk
A permission issue affects users that deployed the shipped version of the Checkmk Debian package.
local
low complexity
tribe29 CWE-276
7.2
2022-06-16 CVE-2022-33750 Improper Authentication vulnerability in Broadcom CA Automic Automation 12.2/12.3
CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary commands.
network
low complexity
broadcom CWE-287
7.5
2022-06-16 CVE-2022-33752 Improper Input Validation vulnerability in Broadcom CA Automic Automation 12.2/12.3
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code.
network
low complexity
broadcom CWE-20
7.5
2022-06-16 CVE-2022-33754 Improper Input Validation vulnerability in Broadcom CA Automic Automation 12.2/12.3
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code.
network
low complexity
broadcom CWE-20
7.5
2022-06-16 CVE-2022-27511 Incorrect Authorization vulnerability in Citrix Application Delivery Management
Corruption of the system by a remote, unauthenticated user.
network
low complexity
citrix CWE-863
7.8
2022-06-16 CVE-2022-31464 Improper Privilege Management vulnerability in Adaware Protect 1.2.439.4251
Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path.
local
low complexity
adaware CWE-269
7.2
2022-06-16 CVE-2021-41487 SQL Injection vulnerability in Nokia Vitalsuite 2020
NOKIA VitalSuite SPM 2020 is affected by SQL injection through UserName'.
network
low complexity
nokia CWE-89
7.5
2022-06-16 CVE-2022-31382 SQL Injection vulnerability in Directory Management System Project Directory Management System 1.0
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter in search-dirctory.php.
7.5
2022-06-16 CVE-2022-31383 SQL Injection vulnerability in Directory Management System Project Directory Management System 1.0
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in view-directory.php.
7.5