CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
An issue was discovered in OverIT Geocall before 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XSLT Injection vulnerability. Attackers could exploit this issue to achieve remote code execution.
An issue was discovered in Servisnet Tessa 0.0.2. An attacker can obtain sensitive information via a /js/app.js request.
An issue was discovered in Servisnet Tessa 0.0.2. Authorization data is available via an unauthenticated /data-service/users/ request.
An issue was discovered in Servisnet Tessa 0.0.2. An attacker can add a new sysadmin user via a manipulation of the Authorization HTTP header.
An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string.
Nessus, Appliance, Jira_cloud, Log_correlation_engine, Nessus_agent, Nessus_amazon_machine_image, Nessus_network_monitor, Plugin-set, Securitycenter, Tenable.io
2022-10-06
N/A
8.8 HIGH
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Nessus, Appliance, Jira_cloud, Log_correlation_engine, Nessus_agent, Nessus_amazon_machine_image, Nessus_network_monitor, Plugin-set, Securitycenter, Tenable.io
2022-10-06
N/A
8.8 HIGH
nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Nessus, Appliance, Jira_cloud, Log_correlation_engine, Nessus_agent, Nessus_amazon_machine_image, Nessus_network_monitor, Plugin-set, Securitycenter, Tenable.io
2022-10-06
N/A
8.8 HIGH
lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Nessus, Appliance, Jira_cloud, Log_correlation_engine, Nessus_agent, Nessus_amazon_machine_image, Nessus_network_monitor, Plugin-set, Securitycenter, Tenable.io
2022-10-06
N/A
9.8 CRITICAL
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Nessus, Appliance, Jira_cloud, Log_correlation_engine, Nessus_agent, Nessus_amazon_machine_image, Nessus_network_monitor, Plugin-set, Securitycenter, Tenable.io
2022-10-06
N/A
9.8 CRITICAL
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
