Riasztások

NVD: all CVE · 2022. szeptember 29.

CVE-2022-35137

DGIOT Lightweight industrial IoT v4.5.4 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities.
NVD: all CVE · 2022. szeptember 29.

CVE-2022-33880

hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter.
ECHO Network · 2022. szeptember 29.

CVE-2022-3323 (iview)

NVD: all CVE · 2022. szeptember 29.

CVE-2022-39266

isolated-vm is a library for nodejs which gives the user access to v8's Isolate interface. In versions 4.3.6 and prior, if the untrusted v8 cached data is passed to the API through CachedDataOptions, attackers can bypass the sandbox and run arbitrary code in the nodejs process. As of time of publication, there are no known fixed versions or workarounds.
NVD: all CVE · 2022. szeptember 29.

CVE-2022-40887

SourceCodester Best Student Result Management System 1.0 is vulnerable to SQL Injection.
NVD: all CVE · 2022. szeptember 29.

CVE-2022-40879

kkFileView v4.1.0 is vulnerable to Cross Site Scripting (XSS) via the parameter 'errorMsg.'