Show filters
111 Total Results
Displaying 81-90 of 111
Sort by:
Attacker Value
Unknown

CVE-2022-40220

Disclosure Date: January 26, 2023 (last updated February 24, 2025)
An OS command injection vulnerability exists in the httpd txt/restore.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability.
Attacker Value
Unknown

CVE-2022-39045

Disclosure Date: January 26, 2023 (last updated February 24, 2025)
A file write vulnerability exists in the httpd upload.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability.
Attacker Value
Unknown

CVE-2022-38715

Disclosure Date: January 26, 2023 (last updated February 24, 2025)
A leftover debug code vulnerability exists in the httpd shell.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.
Attacker Value
Unknown

CVE-2022-38459

Disclosure Date: January 26, 2023 (last updated February 24, 2025)
A stack-based buffer overflow vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.
Attacker Value
Unknown

CVE-2022-38088

Disclosure Date: January 26, 2023 (last updated February 24, 2025)
A directory traversal vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.
Attacker Value
Unknown

CVE-2022-38066

Disclosure Date: January 26, 2023 (last updated February 24, 2025)
An OS command injection vulnerability exists in the httpd SNMP functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP response can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.
Attacker Value
Unknown

CVE-2022-36279

Disclosure Date: January 26, 2023 (last updated February 24, 2025)
A stack-based buffer overflow vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.
Attacker Value
Unknown

CVE-2022-27233

Disclosure Date: November 11, 2022 (last updated February 24, 2025)
XML injection in the Quartus(R) Prime Programmer included in the Intel(R) Quartus Prime Pro and Standard edition software may allow an unauthenticated user to potentially enable information disclosure via network access.
Attacker Value
Unknown

CVE-2022-27187

Disclosure Date: November 11, 2022 (last updated February 24, 2025)
Uncontrolled search path element in the Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std may allow an authenticated user to potentially enable escalation of privilege via local access.
Attacker Value
Unknown

CVE-2022-26633

Disclosure Date: May 20, 2022 (last updated February 23, 2025)
Simple Student Quarterly Result/Grade System v1.0 was discovered to contain a SQL injection vulnerability via /sqgs/Actions.php.