Vulnerability Updates

National Cyber Awareness System's Weekly Bulletins For The Month

CERT Vulnerability Notes

National Vulnerability Database

  • CVE-2022-3298: Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8.
  • CVE-2022-40098: Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_expense.php.
  • CVE-2022-40099: Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_expense_category.php.
  • CVE-2022-40097: Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_currency.php.
  • CVE-2022-40050: ZFile v4.1.1 was discovered to contain an arbitrary file upload vulnerability via the component /file/upload/1.
Symantec Vulnerabilities List An error occurred while parsing your RSS feed. Check that it’s a valid XML file.

Packet Storm’s Apple Vulnerability List

Packet Storm’s Windows Vulnerability List