SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
// weekly digest
// weekly digest
// weekly digest
2022-06-06 00:00 UTC 2022-06-12 23:59 UTC
// total
0
// critical
0
// high
0
// medium
0
// low
0
// new kev
38
// top critical
No CRITICAL CVEs published this week.
// top high
No HIGH CVEs published this week.
// new kev additions
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
SAP NetWeaver contains a vulnerability that allows unrestricted file upload.
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request.
Multiple NETGEAR devices contain a buffer overflow vulnerability that allows for authentication bypass and remote code execution.
Use-after-free vulnerability in Adobe Acrobat and Reader allows remote attackers to execute code via a crafted PDF file.
QNAP QTS contains an improper input validation vulnerability allowing remote attackers to inject code on the system.
Microsoft PowerPoint contains a buffer overflow vulnerability that alllows for remote code execution.
QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.
QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.
QNAP NAS devices running Photo Station contain an improper access control vulnerability allowing remote attackers to gain unauthorized access to the system.