CVSS: 6.3EPSS: %CPEs: 7EXPL: 0CVE-2021-25635 – libreoffice: Content Manipulation with Certificate Validation Attack
https://notcve.org/view.php?id=CVE-2021-25635
10 May 2022 — A flaw was found in LibreOffice, where it improperly validated signatures for algorithms that were not verified. This flaw leads to LibreOffice presenting a valid signature when the validity of the signature was not verified. The highest threat from this vulnerability is to confidentiality and integrity. libreoffice: Content Manipulation with Certificate Validation Attack • https://access.redhat.com/security/cve/CVE-2021-25635 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: %CPEs: 2EXPL: 0CVE-2022-219862
https://notcve.org/view.php?id=CVE-2022-219862
09 Feb 2022 — A vulnerability was found in dotnet’s ASP.NET Core Krestel when pooling HTTP/2 and HTTP/3 headers. This flaw allows a remote, unauthenticated attacker to cause a denial of service. •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2010-1701 – PHP Video Battle - SQL Injection
https://notcve.org/view.php?id=CVE-2010-1701
04 May 2010 — SQL injection vulnerability in browse.html in PHP Video Battle Script allows remote attackers to execute arbitrary SQL commands via the cat parameter. Vulnerabilidad de inyección SQL en browse.html en PHP Video Battle Script permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "cat". • https://www.exploit-db.com/exploits/12444 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2010-1705 – Modelbook - 'casting_view.php' SQL Injection
https://notcve.org/view.php?id=CVE-2010-1705
04 May 2010 — SQL injection vulnerability in casting_view.php in Modelbook allows remote attackers to execute arbitrary SQL commands via the adnum parameter. Vulnerabilidad de inyección SQL en asting_view.php en Modelbook permite a atacantes remotos ejecutar sentencias SQL de su elección a través del parámetro "adnum". • https://www.exploit-db.com/exploits/12443 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •