Improper validation vulnerability in LSOItemData prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.

Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.

Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.

Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.

Improper input validation check logic vulnerability in SECRIL prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.

Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows local attackers to get SIM card information.

A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability.

A vulnerability classified as critical has been found in Demokratian. This affects an unknown part of the file install/install3.php. The manipulation leads to privilege escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Demokratian. It has been rated as critical. Affected by this issue is some unknown functionality of the file basicos_php/genera_select.php. The manipulation of the argument id_provincia with the input -1%20union%20all%20select%201,2,3,4,database() leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in Neetai Tech. Affected is an unknown function of the file /product.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

A vulnerability was found in Lógico y Creativo 1.0 and classified as critical. This issue affects some unknown processing. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely.

A vulnerability was found in Eatan CMS. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The attack can be launched remotely.

A vulnerability was found in Everywhere CMS. It has been classified as critical. Affected is an unknown function. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely.

A vulnerability was found in Brandbugle. It has been rated as critical. Affected by this issue is some unknown functionality of the file /main.php. The manipulation leads to sql injection. The attack may be launched remotely.

A vulnerability classified as critical has been found in MINMAX. This affects an unknown part of the file /newsDia.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely.

A vulnerability was found in easyii CMS. It has been classified as problematic. Affected is an unknown function of the file /admin/sign/out. The manipulation leads to cross site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

A vulnerability was found in Klapp App and classified as problematic. This issue affects some unknown processing of the JSON Web Token Handler. The manipulation leads to weak authentication. The attack may be initiated remotely.

A vulnerability has been found in Klapp App and classified as problematic. This vulnerability affects unknown code of the component Authorization. The manipulation leads to information disclosure (Credentials). The attack can be initiated remotely. It is recommended to upgrade the affected app.

A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. This issue affects the Device Manager Page. An injection leads to privilege escalation. The attack may be initiated remotely.

A vulnerability classified as critical was found in SevOne Network Management System up to 5.7.2.22. This vulnerability affects the Alert Summary. The manipulation leads to sql injection. The attack can be initiated remotely.