This article is contributed. See the original author and article here.

10web_social_photo_feed — 10web_social_photo_feed
  The 10Web Social Photo Feed WordPress plugin before 1.4.29 was affected by a reflected Cross-Site Scripting (XSS) vulnerability in the wdi_apply_changes admin page, allowing an attacker to perform such attack against any logged in users 2022-01-10 not yet calculated CVE-2021-25047
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44704
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44712
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in application denial of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44713
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Violation of Secure Design Principles that could lead to a Security feature bypass. Acrobat Reader DC displays a warning message when a user clicks on a PDF file, which could be used by an attacker to mislead the user. In affected versions, this warning message does not include custom protocols when used by the sender. User interaction is required to abuse this vulnerability as they would need to click ‘allow’ on the warning message of a malicious file. 2022-01-14 not yet calculated CVE-2021-44714
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a heap overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44709
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44715
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44707
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a heap overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44708
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44710
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44706
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-45063
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a stack buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44703
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44740
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44701
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44742
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-45060
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-45061
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-45062
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44741
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-45064
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-45067
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-45068
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44705
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44711
MISC adobe — acrobat_reader_dc_activex_control
  Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page. 2022-01-14 not yet calculated CVE-2021-44739
MISC adobe — acrobat_reader_dc_activex_control
  Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must visit an attacker controlled web page. 2022-01-14 not yet calculated CVE-2021-44702
MISC adobe — adobe_experience_manager
  AEM’s Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a dispatcher bypass vulnerability that could be abused to evade security controls. Sensitive areas of the web application may be exposed through exploitation of the vulnerability. 2022-01-13 not yet calculated CVE-2021-43762
MISC adobe — adobe_experience_manager
  AEM’s Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6.3.3.8 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. 2022-01-13 not yet calculated CVE-2021-43761
MISC adobe — bridge
  Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44743
MISC adobe — bridge
  Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an use-after-free vulnerability in the processing of Format event actions that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-45051
MISC adobe — bridge
  Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious TIF file. 2022-01-14 not yet calculated CVE-2021-45052
MISC adobe — experience_manager
  AEM Forms Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by an XML External Entity (XXE) injection vulnerability that could be abused by an attacker to achieve RCE. 2022-01-13 not yet calculated CVE-2021-40722
MISC adobe — illustrator
  Adobe Illustrator versions 25.4.2 (and earlier) and 26.0.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-43752
MISC adobe — illustrator
  Adobe Illustrator versions 25.4.2 (and earlier) and 26.0.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44700
MISC apache — dubbo
  A deserialization vulnerability existed in dubbo hessian-lite 3.2.11 and its earlier versions, which could lead to malicious code execution. Most Dubbo users use Hessian2 as the default serialization/deserialization protocol, during Hessian catch unexpected exceptions, Hessian will log out some imformation for users, which may cause remote command execution. This issue affects Apache Dubbo Apache Dubbo 2.6.x versions prior to 2.6.12; Apache Dubbo 2.7.x versions prior to 2.7.15; Apache Dubbo 3.0.x versions prior to 3.0.5. 2022-01-10 not yet calculated CVE-2021-43297
MISC arista — eos
  An issue has recently been discovered in Arista EOS where the incorrect use of EOS’s AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration. 2022-01-14 not yet calculated CVE-2021-28500
MISC arista — eos
  An issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL configured for OpenConfig gNOI and OpenConfig RESTCONF might be bypassed, which results in the denied requests being forwarded to the agent. 2022-01-14 not yet calculated CVE-2021-28507
MISC arista — eos
  An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device. 2022-01-14 not yet calculated CVE-2021-28506
MISC arista — eos
  An issue has recently been discovered in Arista EOS where the incorrect use of EOS’s AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration. 2022-01-14 not yet calculated CVE-2021-28501
MISC arm — mali_gpu_kernel_driver
  Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0) allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other processes. 2022-01-14 not yet calculated CVE-2021-44828
MISC asus — rt-ax56u
  ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate filtering for special characters in URL parameters, which allows an unauthenticated local area network attacker to access restricted system paths and download arbitrary files. 2022-01-14 not yet calculated CVE-2022-22054
MISC authzed — spicedb
  SpiceDB is a database system for managing security-critical application permissions. Any user making use of a wildcard relationship under the right hand branch of an `exclusion` or within an `intersection` operation will see `Lookup`/`LookupResources` return a resource as “accessible” if it is *not* accessible by virtue of the inclusion of the wildcard in the intersection or the right side of the exclusion. In `v1.3.0`, the wildcard is ignored entirely in lookup’s dispatch, resulting in the `banned` wildcard being ignored in the exclusion. Version 1.4.0 contains a patch for this issue. As a workaround, don’t make use of wildcards on the right side of intersections or within exclusions. 2022-01-11 not yet calculated CVE-2022-21646
MISC
MISC
CONFIRM
MISC bentley — contextcapture
  This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley ContextCapture 10.18.0.232. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14785. 2022-01-13 not yet calculated CVE-2021-34985
MISC
MISC bentley — contextcapture
  This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley ContextCapture 10.18.0.232. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14784. 2022-01-13 not yet calculated CVE-2021-34984
MISC
MISC bytecode_viewer — bytecode_viewer
  Bytecode Viewer (BCV) is a Java/Android reverse engineering suite. Versions of the package prior to 2.11.0 are vulnerable to Arbitrary File Write via Archive Extraction (AKA “Zip Slip”). The vulnerability is exploited using a specially crafted archive that holds directory traversal filenames (e.g. ../../evil.exe). The Zip Slip vulnerability can affect numerous archive formats, including zip, jar, tar, war, cpio, apk, rar and 7z. The attacker can then overwrite executable files and either invoke them remotely or wait for the system or user to call them, thus achieving remote command execution on the victim’s machine. The impact of a Zip Slip vulnerability would allow an attacker to create or overwrite existing files on the filesystem. In the context of a web application, a web shell could be placed within the application directory to achieve code execution. All users should upgrade to BCV v2.11.0 when possible to receive a patch. There are no recommended workarounds aside from upgrading. 2022-01-12 not yet calculated CVE-2022-21675
MISC
CONFIRM
MISC
MISC checkmk — checkmk
  A stored cross site scripting (XSS) vulnerability in Checkmk 1.6.0x prior to 1.6.0p19 allows an authenticated remote attacker to inject arbitrary JavaScript via a javascript: URL in a view title. 2022-01-15 not yet calculated CVE-2020-28919
MISC
MISC
MISC
MISC china_mobile — an_lianbao_wf-1_router
  China Mobile An Lianbao WF-1 router v1.0.1 is affected by an OS command injection vulnerability in the web interface /api/ZRUsb/pop_usb_device component. 2022-01-14 not yet calculated CVE-2021-33962
MISC
MISC
MISC
MISC china_mobile — an_lianbao_wf-1_router
  China Mobile An Lianbao WF-1 v1.0.1 router web interface through /api/ZRMacClone/mac_addr_clone receives parameters by POST request, and the parameter macType has a command injection vulnerability. An attacker can use the vulnerability to execute remote commands. 2022-01-15 not yet calculated CVE-2021-33963
MISC
MISC
MISC
MISC chronoforms — chronoforms
  ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files. 2022-01-12 not yet calculated CVE-2021-28376
MISC chronoforums — chronoforums
  ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files. 2022-01-12 not yet calculated CVE-2021-28377
MISC cisco — ip_phone_models
  A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks. 2022-01-14 not yet calculated CVE-2022-20660
CISCO
FULLDISC cisco — multiple_products
  A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. 2022-01-11 not yet calculated CVE-2021-1573
CISCO cisco — multiple_products
  A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. 2022-01-11 not yet calculated CVE-2021-34704
CISCO cisco — security_manager
  Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20643
CISCO cisco — security_manager
  Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20636
CISCO cisco — security_manager
  Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20635
CISCO cisco — security_manager
  Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20646
CISCO cisco — security_manager
  Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20645
CISCO cisco — security_manager
  Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20647
CISCO cisco — security_manager
  Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20642
CISCO cisco — security_manager
  Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20644
CISCO cisco — security_manager
  Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20640
CISCO cisco — security_manager
  Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20639
CISCO cisco — security_manager
  Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20637
CISCO cisco — security_manager
  Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20641
CISCO cisco — security_manager
  Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20638
CISCO clam_antivirus_software — vlam_antivirus_software
  A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper checks that may result in an invalid pointer read. An attacker could exploit this vulnerability by sending a crafted OOXML file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition. 2022-01-14 not yet calculated CVE-2022-20698
CISCO colors.js — colors.js
  The package colors after 1.4.0 are vulnerable to Denial of Service (DoS) that was introduced through an infinite loop in the americanFlag module. Unfortunately this appears to have been a purposeful attempt by a maintainer of colors to make the package unusable, other maintainers’ controls over this package appear to have been revoked in an attempt to prevent them from fixing the issue. Vulnerable Code js for (let i = 666; i < Infinity; i++;) { Alternative Remediation Suggested * Pin dependancy to 1.4.0 2022-01-14 not yet calculated CVE-2021-23567
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM commvault — commcell
  This vulnerability allows remote attackers to bypass authentication on affected installations of Commvault CommCell 11.22.22. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CVSearchService service. The issue results from the lack of proper validation prior to authentication. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-13706. 2022-01-13 not yet calculated CVE-2021-34993
MISC commvault — commcell
  This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the DataProvider class. The issue results from the lack of proper validation of a user-supplied string before executing it as JavaScript code. An attacker can leverage this vulnerability to escape the JavaScript sandbox and execute Java code in the context of NETWORK SERVICE. Was ZDI-CAN-13755. 2022-01-13 not yet calculated CVE-2021-34994
MISC commvault — commcell
  This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the DownloadCenterUploadHandler class. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this vulnerability to execute code in the context of NETWORK SERVICE. Was ZDI-CAN-13756. 2022-01-13 not yet calculated CVE-2021-34995
MISC commvault — commcell
  This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Demo_ExecuteProcessOnGroup workflow. By creating a workflow, an attacker can specify an arbitrary command to be executed. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-13889. 2022-01-13 not yet calculated CVE-2021-34996
MISC commvault — commcell
  This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the AppStudioUploadHandler class. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this vulnerability to execute code in the context of NETWORK SERVICE. Was ZDI-CAN-13894. 2022-01-13 not yet calculated CVE-2021-34997
MISC coreftp — server
  CoreFTP Server before 727 allows directory traversal (for file creation) by an authenticated attacker via ../ in an HTTP PUT request. 2022-01-10 not yet calculated CVE-2022-22836
MISC
MISC corenlp — corenlp
  corenlp is vulnerable to Improper Restriction of XML External Entity Reference 2022-01-13 not yet calculated CVE-2022-0198
MISC
CONFIRM cortex_xdr — cortex_xdr
  A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables an authenticated local user to execute programs with elevated privileges. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9. 2022-01-12 not yet calculated CVE-2022-0015
MISC cortex_xdr — cortex_xdr
  A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker to read the contents of arbitrary files on the system with elevated privileges when generating a support file. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2. 2022-01-12 not yet calculated CVE-2022-0013
MISC cortex_xdr — cortex_xdr
  An untrusted search path vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker with file creation privilege in the Windows root directory (such as C:) to store a program that can then be unintentionally executed by another local user when that user utilizes a Live Terminal session. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2. 2022-01-12 not yet calculated CVE-2022-0014
MISC cortex_xdr — cortex_xdr
  An improper link resolution before file access vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables a local user to delete arbitrary system files and impact the system integrity or cause a denial of service condition. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2. 2022-01-12 not yet calculated CVE-2022-0012
MISC crater — crater
  crater is vulnerable to Unrestricted Upload of File with Dangerous Type 2022-01-12 not yet calculated CVE-2021-4080
CONFIRM
MISC crestron — multiple_devices
  An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname and upassword fields. 2022-01-15 not yet calculated CVE-2022-23178
MISC crow — crow
  This affects the package Crow before 0.3+4. It is possible to traverse directories to fetch arbitrary files from the server. 2022-01-13 not yet calculated CVE-2021-23514
CONFIRM
CONFIRM
CONFIRM crow — crow
  This affects the package Crow before 0.3+4. When using attributes without quotes in the template, an attacker can manipulate the input to introduce additional attributes, potentially executing code. This may lead to a Cross-site Scripting (XSS) vulnerability, assuming an attacker can influence the value entered into the template. If the template is used to render user-generated content, this vulnerability may escalate to a persistent XSS vulnerability. 2022-01-13 not yet calculated CVE-2021-23824
MISC
MISC
MISC cyberark — endpoint_privilege_manager
  CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local user to gain elevated privileges via a Trojan horse Procmon64.exe in the user’s Temp directory. 2022-01-15 not yet calculated CVE-2021-44049
CONFIRM
MISC
MISC
MISC dahua — multiple_products
  Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords. 2022-01-13 not yet calculated CVE-2021-33046
MISC
CONFIRM
CONFIRM daybyday — crm
  In DayByDay CRM, versions 1.1 through 2.2.1 (latest) suffer from an application-wide Client-Side Template Injection (CSTI). A low privileged attacker can input template injection payloads in the application at various locations to execute JavaScript on the client browser. 2022-01-13 not yet calculated CVE-2022-22112
MISC
MISC discourse — discourse
  Discourse is an open source discussion platform. Versions prior to 2.7.13 in `stable`, 2.8.0.beta11 in `beta`, and 2.8.0.beta11 in `tests-passed` allow some users to log in to a community before they should be able to do so. A user invited via email to a forum with `must_approve_users` enabled is going to be automatically logged in, bypassing the check that does not allow unapproved users to sign in. They will be able to do everything an approved user can do. If they logout, they cannot log back in. This issue is patched in the `stable` version 2.7.13, `beta` version 2.8.0.beta11, and `tests-passed` version 2.8.0.beta11. One may disable invites as a workaround. Administrators can increase `min_trust_level_to_allow_invite` to reduce the attack surface to more trusted users. 2022-01-13 not yet calculated CVE-2022-21684
MISC
CONFIRM
MISC discourse — discourse
  Discourse is an open source discussion platform. Prior to version 2.8.0.beta11 in the `tests-passed` branch, version 2.8.0.beta11 in the `beta` branch, and version 2.7.13 in the `stable` branch, the bios of users who made their profiles private were still visible in the `<meta>` tags on their users’ pages. The problem is patched in `tests-passed` version 2.8.0.beta11, `beta` version 2.8.0.beta11, and `stable` version 2.7.13 of Discourse. 2022-01-13 not yet calculated CVE-2022-21678
MISC
CONFIRM
MISC discourse — discourse
  Discourse is an open source discussion platform. Discourse groups can be configured with varying visibility levels for the group as well as the group members. By default, a newly created group has its visibility set to public and the group’s members visibility set to public as well. However, a group’s visibility and the group’s members visibility can be configured such that it is restricted to logged on users, members of the group or staff users. A vulnerability has been discovered in versions prior to 2.7.13 and 2.8.0.beta11 where the group advanced search option does not respect the group’s visibility and members visibility level. As such, a group with restricted visibility or members visibility can be revealed through search with the right search option. This issue is patched in `stable` version 2.7.13, `beta` version 2.8.0.beta11, and `tests-passed` version 2.8.0.beta11 versions of Discourse. There are no workarounds aside from upgrading. 2022-01-14 not yet calculated CVE-2022-21677
MISC
CONFIRM django — django_cms
  Django CMS 3.7.3 does not validate the plugin_type parameter while generating error messages for an invalid plugin type, resulting in a Cross Site Scripting (XSS) vulnerability. The vulnerability allows an attacker to execute arbitrary JavaScript code in the web browser of the affected user. 2022-01-12 not yet calculated CVE-2021-44649
MISC
MISC dnslib — dnslib
  The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query. 2022-01-10 not yet calculated CVE-2022-22846
MISC docker — docker_desktop
  Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token or password) on the user’s machine during login. This only affects users if they are on Docker Desktop 4.3.0, 4.3.1 and the user has logged in while on 4.3.0, 4.3.1. Gaining access to this data would require having access to the user’s local files. 2022-01-12 not yet calculated CVE-2021-45449
MISC dolibarr — dolibarr
  dolibarr is vulnerable to Improper Neutralization of Special Elements used in an SQL Command 2022-01-14 not yet calculated CVE-2022-0224
MISC
CONFIRM dolibarr — dolibarr
  dolibarr is vulnerable to Business Logic Errors 2022-01-10 not yet calculated CVE-2022-0174
MISC
CONFIRM download_monitor — download_monitor
  Authenticated Reflected Cross-Site Scripting (XSS) vulnerability discovered in WordPress plugin Download Monitor (versions <= 4.4.6). 2022-01-14 not yet calculated CVE-2021-36920
CONFIRM
CONFIRM edgerover — desktop
  File and directory permissions have been corrected to prevent unintended users from modifying or accessing resources. 2022-01-13 not yet calculated CVE-2022-22988
MISC element-it — http_commander
  A cross-site scripting (XSS) vulnerability in the “Zip content” feature in Element-IT HTTP Commander 3.1.9 allows remote authenticated users to inject arbitrary web script or HTML via filenames. 2022-01-13 not yet calculated CVE-2021-40813
MISC
MISC elementor-pro — elementor-pro
  The Plus Addons for Elementor – Pro WordPress plugin before 5.0.7 does not validate the qvquery parameter of the tp_get_dl_post_info_ajax AJAX action, which could allow unauthenticated users to retrieve sensitive information, such as private and draft posts 2022-01-10 not yet calculated CVE-2021-24948
MISC
MISC elementor-pro — elementor-pro
  The “WP Search Filters” widget of The Plus Addons for Elementor – Pro WordPress plugin before 5.0.7 does not sanitise and escape the option parameter before using it in a SQL statement, which could lead to SQL injection 2022-01-10 not yet calculated CVE-2021-24949
MISC
MISC eyoucms — eyoucms
  eyouCMS V1.5.5-UTF8-SP3_1 suffers from Arbitrary file deletion due to insufficient filtering of the parameter filename. 2022-01-14 not yet calculated CVE-2021-46255
MISC fig2dev — fig2dev
  A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c. 2022-01-12 not yet calculated CVE-2021-37530
MISC fig2dev — fig2dev
  A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent). 2022-01-12 not yet calculated CVE-2021-37529
MISC flatpak — flatpak
  Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn’t properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the case that there’s a null byte in the metadata file of an app. Therefore apps can grant themselves permissions without the consent of the user. Flatpak shows permissions to the user during install by reading them from the “xa.metadata” key in the commit metadata. This cannot contain a null terminator, because it is an untrusted GVariant. Flatpak compares these permissions to the *actual* metadata, from the “metadata” file to ensure it wasn’t lied to. However, the actual metadata contents are loaded in several places where they are read as simple C-style strings. That means that, if the metadata file includes a null terminator, only the content of the file from *before* the terminator gets compared to xa.metadata. Thus, any permissions that appear in the metadata file after a null terminator are applied at runtime but not shown to the user. So maliciously crafted apps can give themselves hidden permissions. Users who have Flatpaks installed from untrusted sources are at risk in case the Flatpak has a maliciously crafted metadata file, either initially or in an update. This issue is patched in versions 1.12.3 and 1.10.6. As a workaround, users can manually check the permissions of installed apps by checking the metadata file or the xa.metadata key on the commit metadata. 2022-01-12 not yet calculated CVE-2021-43860
MISC
MISC
MISC
MISC
CONFIRM
MISC
MISC
MISC
FEDORA flatpak — flatpak
  Flatpak is a Linux application sandboxing and distribution framework. A path traversal vulnerability affects versions of Flatpak prior to 1.12.3 and 1.10.6. flatpak-builder applies `finish-args` last in the build. At this point the build directory will have the full access that is specified in the manifest, so running `flatpak build` against it will gain those permissions. Normally this will not be done, so this is not problem. However, if `–mirror-screenshots-url` is specified, then flatpak-builder will launch `flatpak build –nofilesystem=host appstream-utils mirror-screenshots` after finalization, which can lead to issues even with the `–nofilesystem=host` protection. In normal use, the only issue is that these empty directories can be created wherever the user has write permissions. However, a malicious application could replace the `appstream-util` binary and potentially do something more hostile. This has been resolved in Flatpak 1.12.3 and 1.10.6 by changing the behaviour of `–nofilesystem=home` and `–nofilesystem=host`. 2022-01-13 not yet calculated CVE-2022-21682
CONFIRM
MISC
MISC
FEDORA follow-redirects — follow-redirects
  follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor 2022-01-10 not yet calculated CVE-2022-0155
CONFIRM
MISC formpipe — lasernet
  Formpipe Lasernet before 9.13.3 allows file inclusion in Client Web Services (either by an authenticated attacker, or in a configuration that does not require authentication). 2022-01-10 not yet calculated CVE-2022-22847
CONFIRM gcc — gcc
  GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources. 2022-01-14 not yet calculated CVE-2021-46195
MISC gnome — gnome
  GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12. 2022-01-12 not yet calculated CVE-2021-44648
MISC
MISC gnu — recutils
  An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. 2022-01-14 not yet calculated CVE-2021-46021
MISC gnu — recutils
  An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. 2022-01-14 not yet calculated CVE-2021-46022
MISC gnu — recutils
  An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. 2022-01-14 not yet calculated CVE-2021-46019
MISC gnu_c_library — gnu_c_library
  The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. 2022-01-14 not yet calculated CVE-2022-23218
MISC gnu_c_library — gnu_c_library
  The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. 2022-01-14 not yet calculated CVE-2022-23219
MISC google — android
  In inotify_cb of events.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-202159709 2022-01-14 not yet calculated CVE-2021-39632
MISC google — android
  In sortSimPhoneAccountsForEmergency of CreateConnectionProcessor.java, there is a possible prevention of access to emergency calling due to an unhandled exception. In rare instances, this could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-208267659 2022-01-14 not yet calculated CVE-2021-39659
MISC google — android
  In mgm_alloc_page of memory_group_manager.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-201677538References: N/A 2022-01-14 not yet calculated CVE-2021-39682
MISC google — android
  In copy_from_mbox of sss_ice_util.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-202003354References: N/A 2022-01-14 not yet calculated CVE-2021-39683
MISC google — android
  In target_init of gs101/abl/target/slider/target.c, there is a possible allocation of RWX memory due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-203250788References: N/A 2022-01-14 not yet calculated CVE-2021-39684
MISC google — android
  In <TBD> of <TBD>, there is a possible bypass of Factory Reset Protection due to <TBD>. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-171742549References: N/A 2022-01-14 not yet calculated CVE-2021-39678
MISC google — android
  In init of vendor_graphicbuffer_meta.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188745089References: N/A 2022-01-14 not yet calculated CVE-2021-39679
MISC google — android
  In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-194695497 2022-01-14 not yet calculated CVE-2021-39626
MISC google — android
  In gre_handle_offloads of ip_gre.c, there is a possible page fault due to an invalid memory access. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150694665References: Upstream kernel 2022-01-14 not yet calculated CVE-2021-39633
MISC google — android
  In delete_protocol of main.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-200251074References: N/A 2022-01-14 not yet calculated CVE-2021-39681
MISC google — android
  In executeRequest of OverlayManagerService.java, there is a possible way to control fabricated overlays from adb shell due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-202768292 2022-01-14 not yet calculated CVE-2021-39630
MISC google — android
  In phTmlNfc_Init and phTmlNfc_CleanUp of phTmlNfc.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-197353344 2022-01-14 not yet calculated CVE-2021-39629
MISC google — android
  In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-185126549 2022-01-14 not yet calculated CVE-2021-39627
MISC google — android
  In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-185126319 2022-01-14 not yet calculated CVE-2021-39621
MISC google — android
  Hacker one bug ID: 1343975Product: AndroidVersions: Android SoCAndroid ID: A-204256722 2022-01-14 not yet calculated CVE-2021-1049
MISC google — android
  The broadcast that DevicePickerFragment sends when a new device is paired doesn’t have any permission checks, so any app can register to listen for it. This lets apps keep track of what devices are paired without requesting BLUETOOTH permissions.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-162951906 2022-01-14 not yet calculated CVE-2021-1037
MISC google — android
  In LocationSettingsActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-182812255 2022-01-14 not yet calculated CVE-2021-1036
MISC google — android
  In fs/eventpoll.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204450605References: Upstream kernel 2022-01-14 not yet calculated CVE-2021-39634
MISC google — android
  In sec_SHA256_Transform of sha256_core.c, there is a possible way to read heap data due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-197965864References: N/A 2022-01-14 not yet calculated CVE-2021-39680
MISC gpac — gpac
  GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_list_last(). This vulnerability allows attackers to cause a Denial of Service (DoS). 2022-01-14 not yet calculated CVE-2021-45760
MISC gpac — gpac
  GPAC 1.1.0 was discovered to contain an invalid memory address dereference via the function lsr_read_id(). This vulnerability can lead to a Denial of Service (DoS). 2022-01-14 not yet calculated CVE-2021-45767
MISC gpac — gpac
  A heab-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via media.c, which allows attackers to cause a denial of service or execute arbitrary code via a crafted file. 2022-01-10 not yet calculated CVE-2021-36414
MISC gpac — gpac
  A heap-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via the gp_rtp_builder_do_mpeg12_video function, which allows attackers to possibly have unspecified other impact via a crafted file in the MP4Box command, 2022-01-10 not yet calculated CVE-2021-36412
MISC gpac — gpac
  GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_sg_vrml_mf_reset(). This vulnerability allows attackers to cause a Denial of Service (DoS). 2022-01-14 not yet calculated CVE-2021-45762
MISC gpac — gpac
  GPAC v1.1.0 was discovered to contain an invalid call in the function gf_node_changed(). This vulnerability can lead to a Denial of Service (DoS). 2022-01-14 not yet calculated CVE-2021-45763
MISC gpac — gpac
  GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function shift_chunk_offsets.isra(). 2022-01-14 not yet calculated CVE-2021-45764
MISC h2database — h2databse
  The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited through various attack vectors, most notably through the H2 Console which leads to unauthenticated remote code execution. 2022-01-10 not yet calculated CVE-2021-42392
MISC
MISC halo — halo
  In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the article tag. An authenticated admin attacker can inject arbitrary javascript code that will execute on a victim’s server. 2022-01-13 not yet calculated CVE-2022-22125
MISC
MISC
MISC hermes — hermes
  By passing invalid javascript code where await and yield were called upon non-async and non-generator getter/setter functions, Hermes would invoke generator functions and error out on invalid await/yield positions. This could result in segmentation fault as a consequence of type confusion error, with a low chance of RCE. This issue affects Hermes versions prior to v0.10.0. 2022-01-15 not yet calculated CVE-2021-24044
CONFIRM hp — designjet_products
  Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job previews. 2022-01-14 not yet calculated CVE-2021-3965
MISC ibm — aix_and_vios
  IBM AIX 7.0, 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the lscore command which could lead to code execution. IBM X-Force ID: 212953. 2022-01-11 not yet calculated CVE-2021-38991
XF
CONFIRM ibm — extended_dynamic_remote_sql_server
  The IBM i 7.1, 7.2, 7.3, and 7.4 Extended Dynamic Remote SQL server (EDRSQL) could allow a remote authenticated user to send a specially crafted request and cause a denial of service. IBM X-Force ID: 214537. 2022-01-13 not yet calculated CVE-2021-39056
XF
CONFIRM ibm — multiple_products
  IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 as well as IBM Rational Team Concert 6.0.6 and 6.0.6.1 could allow an authenticated attacker to obtain sensitive information from build definitions that could aid in further attacks against the system. IBM X-Force ID: 200657. 2022-01-11 not yet calculated CVE-2021-29701
CONFIRM
XF ibm — planning analytics_and_planning_analytics_workspace
  IBM Planning Analytics 2.0 and IBM Planning Analytics Workspace 2.0 DQM API allows submitting of all control requests in unauthenticated sessions. This allows a remote threat actor who can access (without previous authentication) a valid PA endpoint to read and write files to the IBM Planning Analytics system. Depending on file system permissions up to path traversal and possibly remote code execution. IBM X-Force ID: 209511. 2022-01-12 not yet calculated CVE-2021-38892
XF
CONFIRM ibm — sterling_gentran:server_for_windows
  IBM Sterling Gentran:Server for Microsoft Windows 5.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 213962. 2022-01-14 not yet calculated CVE-2021-39032
XF
CONFIRM imperva — web_application_firewall
  Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use “Content-Encoding: gzip” to evade WAF security controls and send malicious HTTP POST requests to web servers behind the WAF. 2022-01-14 not yet calculated CVE-2021-45468
MISC jenkins — jenkins Jenkins Publish Over SSH Plugin 1.22 and earlier does not escape the SSH server name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission. 2022-01-12 not yet calculated CVE-2022-23110
CONFIRM
MLIST jenkins — jenkins
  Jenkins Docker Commons Plugin 1.17 and earlier does not sanitize the name of an image or a tag, resulting in an OS command execution vulnerability exploitable by attackers with Item/Configure permission or able to control the contents of a previously configured job’s SCM repository. 2022-01-12 not yet calculated CVE-2022-20617
CONFIRM
MLIST jenkins — jenkins
  Jenkins Metrics Plugin 4.0.2.8 and earlier stores an access key unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. 2022-01-12 not yet calculated CVE-2022-20621
CONFIRM
MLIST jenkins — jenkins
  Missing permission checks in Jenkins SSH Agent Plugin 1.23 and earlier allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins. 2022-01-12 not yet calculated CVE-2022-20620
CONFIRM
MLIST jenkins — jenkins
  A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 2022-01-12 not yet calculated CVE-2022-20619
CONFIRM
MLIST jenkins — jenkins
  A cross-site request forgery (CSRF) vulnerability in Jenkins 2.329 and earlier, LTS 2.319.1 and earlier allows attackers to trigger build of job without parameters when no security realm is set. 2022-01-12 not yet calculated CVE-2022-20612
CONFIRM
MLIST jenkins — jenkins
  Jenkins Active Directory Plugin 2.25 and earlier does not encrypt the transmission of data between the Jenkins controller and Active Directory servers in most configurations. 2022-01-12 not yet calculated CVE-2022-23105
CONFIRM
MLIST jenkins — jenkins
  Jenkins Configuration as Code Plugin 1.55 and earlier used a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token. 2022-01-12 not yet calculated CVE-2022-23106
CONFIRM
MLIST jenkins — jenkins
  Jenkins Warnings Next Generation Plugin 9.10.2 and earlier does not restrict the name of a file when configuring custom ID, allowing attackers with Item/Configure permission to write and read specific files with a hard-coded suffix on the Jenkins controller file system. 2022-01-12 not yet calculated CVE-2022-23107
CONFIRM
MLIST jenkins — jenkins
  Jenkins Badge Plugin 1.9 and earlier does not escape the description and does not check for allowed protocols when creating a badge, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-01-12 not yet calculated CVE-2022-23108
CONFIRM
MLIST jenkins — jenkins
  A cross-site request forgery (CSRF) vulnerability in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials. 2022-01-12 not yet calculated CVE-2022-23111
CONFIRM
MLIST jenkins — jenkins
  A missing permission check in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers with Overall/Read access to connect to an attacker-specified SSH server using attacker-specified credentials. 2022-01-12 not yet calculated CVE-2022-23112
CONFIRM
MLIST jenkins — jenkins
  A missing permission check in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins. 2022-01-12 not yet calculated CVE-2022-20618
CONFIRM
MLIST jenkins — jenkins
  Jenkins Publish Over SSH Plugin 1.22 and earlier performs a validation of the file name specifying whether it is present or not, resulting in a path traversal vulnerability allowing attackers with Item/Configure permission to discover the name of the Jenkins controller files. 2022-01-12 not yet calculated CVE-2022-23113
CONFIRM
MLIST jenkins — jenkins
  Jenkins HashiCorp Vault Plugin 3.7.0 and earlier does not mask Vault credentials in Pipeline build logs or in Pipeline step descriptions when Pipeline: Groovy Plugin 2.85 or later is installed. 2022-01-12 not yet calculated CVE-2022-23109
CONFIRM
MLIST jenkins — jenkins
  A cross-site request forgery (CSRF) vulnerability in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname. 2022-01-12 not yet calculated CVE-2022-20613
CONFIRM
MLIST jenkins — jenkins
  Jenkins Credentials Binding Plugin 1.27 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read access to validate if a credential ID refers to a secret file credential and whether it’s a zip file. 2022-01-12 not yet calculated CVE-2022-20616
CONFIRM
MLIST jenkins — jenkins
  Jenkins Debian Package Builder Plugin 1.6.11 and earlier implements functionality that allows agents to invoke command-line `git` at an attacker-specified path on the controller, allowing attackers able to control agent processes to invoke arbitrary OS commands on the controller. 2022-01-12 not yet calculated CVE-2022-23118
CONFIRM
MLIST jenkins — jenkins
  Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to retrieve all username/password credentials stored on the Jenkins controller. 2022-01-12 not yet calculated CVE-2022-23117
CONFIRM
MLIST jenkins — jenkins
  Jenkins Publish Over SSH Plugin 1.22 and earlier stores password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. 2022-01-12 not yet calculated CVE-2022-23114
CONFIRM
MLIST jenkins — jenkins
  Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another method. 2022-01-12 not yet calculated CVE-2022-23116
CONFIRM
MLIST jenkins — jenkins
  Jenkins Matrix Project Plugin 1.19 and earlier does not escape HTML metacharacters in node and label names, and label descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Agent/Configure permission. 2022-01-12 not yet calculated CVE-2022-20615
CONFIRM
MLIST jenkins — jenkins
  A missing permission check in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers with Overall/Read access to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname. 2022-01-12 not yet calculated CVE-2022-20614
CONFIRM
MLIST jenkins — jenkins
  Cross-site request forgery (CSRF) vulnerabilities in Jenkins batch task Plugin 1.19 and earlier allows attackers with Overall/Read access to retrieve logs, build or delete a batch task. 2022-01-12 not yet calculated CVE-2022-23115
CONFIRM
MLIST jerryscript — jerryscript
  An issue was discovered in JerryScript commit a6ab5e9. There is an Use-After-Free in lexer_compare_identifier_to_string in js-lexer.c file. 2022-01-14 not yet calculated CVE-2021-46170
MISC jpress — jpress
  jpress v4.2.0 admin panel provides a function through which attackers can modify the template and inject some malicious code. 2022-01-13 not yet calculated CVE-2021-45806
MISC
MISC
MISC jpress — jpress
  jpress v4.2.0 is vulnerable to command execution via io.jpress.web.admin._AddonController::doUploadAndInstall. 2022-01-13 not yet calculated CVE-2021-45807
MISC
MISC
MISC keystonejs — keystone
  keystone is vulnerable to Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 2022-01-12 not yet calculated CVE-2022-0087
CONFIRM
MISC le-yan — dental_management_system
  The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator’s privilege and control the system or disrupt service. 2022-01-14 not yet calculated CVE-2022-22056
MISC le-yan — dental_management_system
  The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator’s privilege and perform arbitrary operations on the system or disrupt service. 2022-01-14 not yet calculated CVE-2022-22055
MISC lens — lens
  In Lens prior to 5.3.4, custom helm chart configuration creates helm commands from string concatenation of provided arguments which are then executed in the user’s shell. Arguments can be provided which cause arbitrary shell commands to run on the system. 2022-01-10 not yet calculated CVE-2021-23154
MISC lens — lens
  Linux users running Lens 5.2.6 and earlier could be compromised by visiting a malicious website. The malicious website could make websocket connections from the victim’s browser to Lens and so operate the local terminal feature. This would allow the attacker to execute arbitrary commands as the Lens user. 2022-01-10 not yet calculated CVE-2021-44458
MISC libreswan — libreswan
  Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6. 2022-01-15 not yet calculated CVE-2022-23094
MISC
MISC
DEBIAN libtiff — libtiff
  LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. 2022-01-10 not yet calculated CVE-2022-22844
MISC
MISC linux — kernel
  kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. 2022-01-14 not yet calculated CVE-2022-23222
MISC
MLIST linux — linux_kernel
  nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a netfilter table expression in their own namespace. 2022-01-11 not yet calculated CVE-2021-46283
MISC
MISC
MISC livehelperchat — livehelperchat
  livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) 2022-01-14 not yet calculated CVE-2022-0226
CONFIRM
MISC livehelperchat — livehelperchat
  livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) 2022-01-14 not yet calculated CVE-2022-0231
MISC
CONFIRM lorensberg — connect
  ** DISPUTED ** Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go into the Wizard editor and enter an XSS payload within the Page title, Page Instructions, Text before, Text after, or Text on side box. Once this has been done, the administrator must click save and finally wait until any user of the application performs a booking for rental items in the booking area of the application, where the XSS triggers. NOTE: another perspective is that the administrator may require JavaScript to customize any aspect of the page rendering. There is no effective way for the product to defend users in the face of a malicious administrator. 2022-01-12 not yet calculated CVE-2021-43960
MISC
MISC lua — lua
  Lua 5.4.4 and 5.4.2 are affected by SEGV by type confusion in funcnamefromcode function in ldebug.c which can cause a local denial of service. 2022-01-11 not yet calculated CVE-2021-44647
MISC
MISC make-ca — make-ca
  make-ca is a utility to deliver and manage a complete PKI configuration for workstations and servers. Starting with version 0.9 and prior to version 1.10, make-ca misinterprets Mozilla certdata.txt and treats explicitly untrusted certificates like trusted ones, causing those explicitly untrusted certificates trusted by the system. The explicitly untrusted certificates were used by some CAs already hacked. Hostile attackers may perform a MIM attack exploiting them. Everyone using the affected versions of make-ca should upgrade to make-ca-1.10, and run `make-ca -f -g` as the `root` user to regenerate the trusted store immediately. As a workaround, users may delete the untrusted certificates from /etc/pki/tls and /etc/ssl/certs manually (or by a script), but this is not recommended because the manual changes will be overwritten next time running make-ca to update the trusted anchor. 2022-01-10 not yet calculated CVE-2022-21672
CONFIRM
MISC
MISC
MISC markdown-it — markdown-it
  markdown-it is a Markdown parser. Prior to version 1.3.2, special patterns with length greater than 50 thousand characterss could slow down the parser significantly. Users should upgrade to version 12.3.2 to receive a patch. There are no known workarounds aside from upgrading. 2022-01-10 not yet calculated CVE-2022-21670
MISC
CONFIRM markedjs — marked
  Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `block.def` may cause catastrophic backtracking against some strings and lead to a regular expression denial of service (ReDoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources. 2022-01-14 not yet calculated CVE-2022-21680
CONFIRM
MISC
MISC markedjs — marked
  Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `inline.reflinkSearch` may cause catastrophic backtracking against some strings and lead to a denial of service (DoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources. 2022-01-14 not yet calculated CVE-2022-21681
CONFIRM
MISC martdevelopers_inc — iresturant
  MartDevelopers Inc iResturant v1.0 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed. 2022-01-12 not yet calculated CVE-2021-43436
MISC
MISC mattermost — focalboard
  In Mattermost Focalboard, versions prior to v0.7.5, v0.8.4, v0.9.5, v0.10.1 and v0.11.0-rc1; as used respectively in Mattermost, versions prior to v5.37.6, v5.39.3, v6.0.4, v6.1.1 and v6.2.0, are vulnerable to Insufficient Session Expiration. When a user initiates a logout, their session is not invalidated properly. In addition, user sessions are stored in the browser’s local storage, which by default does not have an expiration time. This makes it possible for an attacker to steal and reuse the cookies using techniques such as XSS attacks, to completely take over a victim account. 2022-01-13 not yet calculated CVE-2022-22122
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC mcafee — techcheck
  Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from. 2022-01-11 not yet calculated CVE-2022-0129
CONFIRM micro_focus — arcsight_enterprise_security_manager
  Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS). 2022-01-14 not yet calculated CVE-2021-38126
MISC micro_focus — arcsight_enterprise_security_manager
  Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS). 2022-01-14 not yet calculated CVE-2021-38127
MISC microsoft — .net_framework
  .NET Framework Denial of Service Vulnerability. 2022-01-11 not yet calculated CVE-2022-21911
MISC microsoft — dynamics_365_customer_engagement
  Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability. 2022-01-11 not yet calculated CVE-2022-21932
MISC microsoft — dynamics_365_sales
  Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability. 2022-01-11 not yet calculated CVE-2022-21891
MISC microsoft — edge
  Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21930, CVE-2022-21931. 2022-01-11 not yet calculated CVE-2022-21929
MISC microsoft — edge
  Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21970. 2022-01-11 not yet calculated CVE-2022-21954
MISC microsoft — edge
  Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21929, CVE-2022-21931. 2022-01-11 not yet calculated CVE-2022-21930
MISC microsoft — edge
  Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21929, CVE-2022-21930. 2022-01-11 not yet calculated CVE-2022-21931
MISC microsoft — edge
  Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21954. 2022-01-11 not yet calculated CVE-2022-21970
MISC microsoft — exchange_server
  Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21846, CVE-2022-21855. 2022-01-11 not yet calculated CVE-2022-21969
MISC microsoft — hevc_video_extensions
  HEVC Video Extensions Remote Code Execution Vulnerability. 2022-01-11 not yet calculated CVE-2022-21917
MISC microsoft — windows Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21848, CVE-2022-21889, CVE-2022-21890. 2022-01-11 not yet calculated CVE-2022-21883
MISC microsoft — windows
  Windows GDI Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21903
MISC microsoft — windows
  DirectX Graphics Kernel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21912. 2022-01-11 not yet calculated CVE-2022-21898
MISC microsoft — windows
  Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21880. 2022-01-11 not yet calculated CVE-2022-21915
MISC microsoft — windows
  Windows Extensible Firmware Interface Security Feature Bypass Vulnerability. 2022-01-11 not yet calculated CVE-2022-21899
MISC
MISC microsoft — windows
  Windows Hyper-V Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-21905. 2022-01-11 not yet calculated CVE-2022-21900
MISC microsoft — windows
  Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21852, CVE-2022-21896. 2022-01-11 not yet calculated CVE-2022-21902
MISC microsoft — windows
  Windows Modern Execution Server Remote Code Execution Vulnerability. 2022-01-11 not yet calculated CVE-2022-21888
MISC microsoft — windows
  Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21885. 2022-01-11 not yet calculated CVE-2022-21914
MISC microsoft — windows
  Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass. 2022-01-11 not yet calculated CVE-2022-21913
MISC microsoft — windows
  DirectX Graphics Kernel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21898. 2022-01-11 not yet calculated CVE-2022-21912
MISC microsoft — windows
  Windows Geolocation Service Remote Code Execution Vulnerability. 2022-01-11 not yet calculated CVE-2022-21878
MISC microsoft — windows
  Microsoft Cluster Port Driver Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21910
MISC microsoft — windows
  Windows Installer Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21908
MISC microsoft — windows
  HTTP Protocol Stack Remote Code Execution Vulnerability. 2022-01-11 not yet calculated CVE-2022-21907
MISC
MISC
MISC microsoft — windows
  Windows GDI Information Disclosure Vulnerability. 2022-01-11 not yet calculated CVE-2022-21904
MISC microsoft — windows
  Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21916. 2022-01-11 not yet calculated CVE-2022-21897
MISC microsoft — windows
  Windows Kerberos Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21920
MISC microsoft — windows
  Storage Spaces Controller Information Disclosure Vulnerability. 2022-01-11 not yet calculated CVE-2022-21877
MISC
MISC microsoft — windows
  Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21848, CVE-2022-21883, CVE-2022-21889. 2022-01-11 not yet calculated CVE-2022-21890
MISC microsoft — windows
  Remote Procedure Call Runtime Remote Code Execution Vulnerability. 2022-01-11 not yet calculated CVE-2022-21922
MISC microsoft — windows
  Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21919. 2022-01-11 not yet calculated CVE-2022-21895
MISC
MISC microsoft — windows
  Windows Defender Credential Guard Security Feature Bypass Vulnerability. 2022-01-11 not yet calculated CVE-2022-21921
MISC microsoft — windows
  Secure Boot Security Feature Bypass Vulnerability. 2022-01-11 not yet calculated CVE-2022-21894
MISC microsoft — windows
  Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21852, CVE-2022-21902. 2022-01-11 not yet calculated CVE-2022-21896
MISC microsoft — windows
  Remote Desktop Protocol Remote Code Execution Vulnerability. 2022-01-11 not yet calculated CVE-2022-21893
MISC microsoft — windows
  Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963. 2022-01-11 not yet calculated CVE-2022-21892
MISC microsoft — windows
  Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21848, CVE-2022-21883, CVE-2022-21890. 2022-01-11 not yet calculated CVE-2022-21889
MISC microsoft — windows
  Windows BackupKey Remote Protocol Security Feature Bypass Vulnerability. 2022-01-11 not yet calculated CVE-2022-21925
MISC microsoft — windows
  Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21897. 2022-01-11 not yet calculated CVE-2022-21916
MISC microsoft — windows
  Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963. 2022-01-11 not yet calculated CVE-2022-21928
MISC microsoft — windows
  DirectX Graphics Kernel File Denial of Service Vulnerability. 2022-01-11 not yet calculated CVE-2022-21918
MISC microsoft — windows
  Windows Event Tracing Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21872
MISC microsoft — windows
  Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21963. 2022-01-11 not yet calculated CVE-2022-21962
MISC microsoft — windows
  Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21962, CVE-2022-21963. 2022-01-11 not yet calculated CVE-2022-21961
MISC microsoft — windows
  Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962. 2022-01-11 not yet calculated CVE-2022-21963
MISC microsoft — windows
  Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963. 2022-01-11 not yet calculated CVE-2022-21960
MISC microsoft — windows
  Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963. 2022-01-11 not yet calculated CVE-2022-21959
MISC microsoft — windows
  Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963. 2022-01-11 not yet calculated CVE-2022-21958
MISC microsoft — windows
  Windows Hyper-V Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-21900. 2022-01-11 not yet calculated CVE-2022-21905
MISC microsoft — windows
  Remote Desktop Licensing Diagnoser Information Disclosure Vulnerability. 2022-01-11 not yet calculated CVE-2022-21964
MISC microsoft — windows
  Clipboard User Service Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21869
MISC microsoft — windows
  Win32k Information Disclosure Vulnerability. 2022-01-11 not yet calculated CVE-2022-21876
MISC
MISC microsoft — windows
  Windows Storage Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21875
MISC microsoft — windows
  Windows Security Center API Remote Code Execution Vulnerability. 2022-01-11 not yet calculated CVE-2022-21874
MISC microsoft — windows
  Tile Data Repository Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21873
MISC microsoft — windows
  Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21895. 2022-01-11 not yet calculated CVE-2022-21919
MISC microsoft — windows
  Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21871
MISC microsoft — windows
  Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21915. 2022-01-11 not yet calculated CVE-2022-21880
MISC microsoft — windows
  Windows Defender Application Control Security Feature Bypass Vulnerability. 2022-01-11 not yet calculated CVE-2022-21906
MISC microsoft — windows
  Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21882. 2022-01-11 not yet calculated CVE-2022-21887
MISC microsoft — windows
  Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21887. 2022-01-11 not yet calculated CVE-2022-21882
MISC microsoft — windows
  Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21870
MISC microsoft — windows
  Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21879. 2022-01-11 not yet calculated CVE-2022-21881
MISC microsoft — windows
  Local Security Authority Subsystem Service Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21884
MISC microsoft — windows
  Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21881. 2022-01-11 not yet calculated CVE-2022-21879
MISC microsoft — windows
  Windows AppContracts API Server Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21860
MISC microsoft — windows
  Windows UI Immersive Server API Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21864
MISC microsoft — windows
  Connected Devices Platform Service Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21865
MISC microsoft — windows
  Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21914. 2022-01-11 not yet calculated CVE-2022-21885
MISC microsoft — windows
  Windows System Launcher Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21866
MISC microsoft — windows
  Windows Hyper-V Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21901
MISC microsoft — workstation
  Workstation Service Remote Protocol Security Feature Bypass Vulnerability. 2022-01-11 not yet calculated CVE-2022-21924
MISC mirantis — container_runtime
  When running with FIPS mode enabled, Mirantis Container Runtime 20.10.8 leaks memory during TLS Handshakes which could be abused to cause a denial of service. 2022-01-10 not yet calculated CVE-2021-23218
MISC mitre — caldera
  An issue was discovered in CALDERA 2.8.1. It does not properly segregate user privileges, resulting in non-admin users having access to read and modify configuration or other components that should only be accessible by admin users. 2022-01-12 not yet calculated CVE-2021-42562
MISC
MISC mitre — caldera
  An issue was discovered in CALDERA 2.8.1. It contains multiple reflected, stored, and self XSS vulnerabilities that may be exploited by authenticated and unauthenticated attackers. 2022-01-12 not yet calculated CVE-2021-42558
MISC
MISC mitre — caldera
  An issue was discovered in CALDERA 2.8.1. When activated, the Human plugin passes the unsanitized name parameter to a python “os.system” function. This allows attackers to use shell metacharacters (e.g., backticks ““” or dollar parenthesis “$()” ) in order to escape the current command and execute arbitrary shell commands. 2022-01-12 not yet calculated CVE-2021-42561
MISC
MISC mitre — caldera
  An issue was discovered in CALDERA 2.8.1. It contains multiple startup “requirements” that execute commands when starting the server. Because these commands can be changed via the REST API, an authenticated user can insert arbitrary commands that will execute when the server is restarted. 2022-01-12 not yet calculated CVE-2021-42559
MISC
MISC mitsubishi_electric — melsec_f_series_firmware
  Improper initialization vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.16 and prior, FX3U-ENET-L Firmware version 1.16 and prior and FX3U-ENET-P502 Firmware version 1.16 and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in communication function of the product by sending specially crafted packets. Control by MELSEC-F series PLC is not affected by this vulnerability, but system reset is required for recovery. 2022-01-14 not yet calculated CVE-2021-20613
MISC
MISC
MISC mitsubishi_electric — melsec_f_series_firmware
  Lack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.14 and prior, FX3U-ENET-L Firmware version 1.14 and prior and FX3U-ENET-P502 Firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in communication function of the product or other unspecified effects by sending specially crafted packets to an unnecessary opening of TCP port. Control by MELSEC-F series PLC is not affected by this vulnerability, but system reset is required for recovery. 2022-01-14 not yet calculated CVE-2021-20612
MISC
MISC
MISC modex — modex
  Modex v2.11 was discovered to contain an Use-After-Free vulnerability via the component tcache. 2022-01-14 not yet calculated CVE-2021-46169
MISC modex — modex
  Modex v2.11 was discovered to contain a NULL pointer dereference in set_create_id() at xtract.c. 2022-01-14 not yet calculated CVE-2021-46171
MISC mp4box-gpac — mp4box-gpac
  A Null pointer dereference vulnerability exits in MP4Box – GPAC version 0.8.0-rev177-g51a8ef874-master via the gf_isom_get_track_id function, which causes a denial of service. 2022-01-10 not yet calculated CVE-2020-25427
MISC
MISC mruby — mruby
  An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can lead to a segmentation fault or application crash. 2022-01-14 not yet calculated CVE-2021-46020
MISC my_cloud — os_5
  A limited authentication bypass vulnerability was discovered that could allow an attacker to achieve remote code execution and escalate privileges on the My Cloud devices. Addressed this vulnerability by changing access token validation logic and rewriting rule logic on PHP scripts. 2022-01-13 not yet calculated CVE-2022-22990
MISC my_cloud — os_5
  A malicious user on the same LAN could use DNS spoofing followed by a command injection attack to trick a NAS device into loading through an unsecured HTTP call. Addressed this vulnerability by disabling checks for internet connectivity using HTTP. 2022-01-13 not yet calculated CVE-2022-22991
MISC my_cloud — os_5
  My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP service. Addressed the vulnerability by adding defenses against stack overflow issues. 2022-01-13 not yet calculated CVE-2022-22989
MISC mzautomation — lib60870
  A NULL pointer dereference in CS104_IPAddress_setFromString at src/iec60870/cs104/cs104_slave.c of lib60870 commit 0d5e76e can lead to a segmentation fault or application crash. 2022-01-14 not yet calculated CVE-2021-45773
MISC mzautomation — libiec61870
  A NULL pointer dereference in AcseConnection_parseMessage at src/mms/iso_acse/acse.c of libiec61850 v1.5.0 can lead to a segmentation fault or application crash. 2022-01-14 not yet calculated CVE-2021-45769
MISC nanoid — nanoid
  The package nanoid before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated. 2022-01-14 not yet calculated CVE-2021-23566
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM netbiblio — webopac
  Cross-site Scripting (XSS) vulnerability in the search functionality of AlCoda NetBiblio WebOPAC allows an unauthenticated user to craft a reflected Cross-Site Scripting attack. This issue affects: AlCoda NetBiblio WebOPAC versions prior to 4.0.0.320; versions later than 4.0.0.328. This issue does not affect: AlCoda NetBiblio WebOPAC version 4.0.0.335 and later versions. 2022-01-14 not yet calculated CVE-2021-42551
CONFIRM netgear — r6260_routers
  This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. When parsing the SOAPAction header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13512. 2022-01-13 not yet calculated CVE-2021-34979
MISC
MISC netgear — r6260_routers
  This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setupwizard.cgi page. A crafted SOAP request can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13511. 2022-01-13 not yet calculated CVE-2021-34978
MISC
MISC netgear — r6260_routers
  This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setupwizard.cgi page. When parsing the SOAP_LOGIN_TOKEN environment variable, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14107. 2022-01-13 not yet calculated CVE-2021-34980
MISC
MISC netgear — r7000_routers
  This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7000 1.0.11.116_10.2.100 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP requests. The issue results from the lack of proper authentication verification before performing a password reset. An attacker can leverage this vulnerability to reset the admin password. Was ZDI-CAN-13483. 2022-01-13 not yet calculated CVE-2021-34977
MISC
MISC nocobd — nocobd
  In NocoDB, versions 0.9 to 0.83.8 are vulnerable to Observable Discrepancy in the password-reset feature. When requesting a password reset for a given email address, the application displays an error message when the email isn’t registered within the system. This allows attackers to enumerate the registered users’ email addresses. 2022-01-10 not yet calculated CVE-2022-22120
MISC
MISC nocobd — nocobd
  In NocoDB, versions 0.81.0 through 0.83.8 are affected by CSV Injection vulnerability (Formula Injection). A low privileged attacker can create a new table to inject payloads in the table rows. When an administrator accesses the User Management endpoint and exports the data as a CSV file and opens it, the payload gets executed. 2022-01-10 not yet calculated CVE-2022-22121
MISC
MISC nuuo — nvrmini2
  NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import_user.php authentication. When combined with another flaw (CVE-2011-5325), it is possible to overwrite arbitrary files under the web root and achieve code execution as root. 2022-01-14 not yet calculated CVE-2022-23227
MISC
MISC
MISC
MISC nvidia — nemo
  NVIDIA NeMo before 1.6.0 contains a vulnerability in ASR WebApp, in which ../ Path Traversal may lead to deletion of any directory when admin privileges are available. 2022-01-10 not yet calculated CVE-2022-22821
MISC october_cms — october_cms
  October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with access to the backend is able to execute PHP code by using the theme import feature. This will bypass the safe mode feature that prevents PHP execution in the CMS templates.The issue has been patched in Build 473 (v1.0.473) and v1.1.6. Those unable to upgrade may apply the patch to their installation manually as a workaround. 2022-01-14 not yet calculated CVE-2021-32650
CONFIRM
MISC october_cms — october_cms
  October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with “create, modify and delete website pages” privileges in the backend is able to execute PHP code by running specially crafted Twig code in the template markup. The issue has been patched in Build 473 (v1.0.473) and v1.1.6. Those unable to upgrade may apply the patch to their installation manually as a workaround. 2022-01-14 not yet calculated CVE-2021-32649
CONFIRM
MISC omron — cx-one
  Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based buffer overflow while processing specific project files, which may allow an attacker to execute arbitrary code. 2022-01-14 not yet calculated CVE-2022-21137
MISC open_design_alliance — drawings_sdk
  Open Design Alliance Drawings SDK before 2022.12.1 mishandles the loading of JPG files. Unchecked input data from a crafted JPG file leads to memory corruption. An attacker can leverage this vulnerability to execute code in the context of the current process. 2022-01-15 not yet calculated CVE-2022-23095
MISC opensuse — opensuse
  A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows local attackers to imitate the service leading to DoS or clients talking to an imposter service. This issue affects: openSUSE Factory parsec versions prior to 0.8.1-1.1. 2022-01-14 not yet calculated CVE-2021-36781
CONFIRM orchardcore — orchardcore
  orchardcore is vulnerable to Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 2022-01-12 not yet calculated CVE-2022-0159
CONFIRM
MISC owncloud — owncloud
  The files_antivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files (that have been uploaded to a public share) are supposed to be deleted upon detection. 2022-01-15 not yet calculated CVE-2021-33828
MISC
MISC owncloud — owncloud
  The files_antivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings. 2022-01-15 not yet calculated CVE-2021-33827
MISC
MISC owncloud — owncloud_client
  ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution. 2022-01-15 not yet calculated CVE-2021-44537
MISC panda_security — free_antivirus
  This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Free Antivirus 20.2.0.0. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the use of named pipes. The issue results from allowing an untrusted process to impersonate the client of a pipe. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-14208. 2022-01-13 not yet calculated CVE-2021-34998
MISC
MISC paritytech — frontier
  Frontier is Substrate’s Ethereum compatibility layer. Prior to commit number `8a93fdc6c9f4eb1d2f2a11b7ff1d12d70bf5a664`, a bug in Frontier’s MODEXP precompile implementation can cause an integer underflow in certain conditions. This will cause a node crash for debug builds. For release builds (and production WebAssembly binaries), the impact is limited as it can only cause a normal EVM out-of-gas. Users who do not use MODEXP precompile in their runtime are not impacted. A patch is available in pull request #549. 2022-01-14 not yet calculated CVE-2022-21685
CONFIRM
MISC
MISC partkeeper — partkeeper
  PartKeepr versions up to v1.4.0, loads attachments using a URL while creating a part and allows the use of the ‘file://’ URI scheme, allowing an authenticated user to read local files. 2022-01-10 not yet calculated CVE-2022-22701
MISC
MISC partkeepr — partkeepr
  PartKeepr versions up to v1.4.0, in the functionality to upload attachments using a URL when creating a part does not validate that requests can be made to local ports, allowing an authenticated user to carry out SSRF attacks and port enumeration. 2022-01-10 not yet calculated CVE-2022-22702
MISC
MISC peertube — peertube
  peertube is vulnerable to Improper Access Control 2022-01-11 not yet calculated CVE-2022-0170
CONFIRM
MISC pexip_infinity — pexip_infinity
  Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 1 of 2). 2022-01-15 not yet calculated CVE-2021-33498
MISC pexip_infinity — pexip_infinity
  Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 2 of 2). 2022-01-15 not yet calculated CVE-2021-33499
MISC pexip_infinity — pexip_infinity
  Pexip Infinity before 26.2 allows temporary remote Denial of Service (abort) because of missing call-setup input validation. 2022-01-15 not yet calculated CVE-2021-42555
CONFIRM pexip_infinity — pexip_infinity
  Pexip Infinity before 26 allows temporary remote Denial of Service (abort) because of missing call-setup input validation. 2022-01-15 not yet calculated CVE-2021-35969
MISC pexip_infinity — pexip_infinity
  Pexip Infinity before 26 allows remote denial of service because of missing RTMP input validation. 2022-01-15 not yet calculated CVE-2021-32545
MISC phoronix-test-suite — phoronix-test-suite
  phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) 2022-01-13 not yet calculated CVE-2022-0196
CONFIRM
MISC phoronix-test-suite — phoronix-test-suite
  phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) 2022-01-13 not yet calculated CVE-2022-0197
CONFIRM
MISC php_everywhere — php_everywhere
  Cross-Site Request Forgery (CSRF) vulnerability discovered in PHP Everywhere (WordPress plugin) versions (<= 2.0.2). 2022-01-13 not yet calculated CVE-2021-23227
CONFIRM
CONFIRM pillow — pillow
  PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. 2022-01-10 not yet calculated CVE-2022-22817
MISC pillow — pillow
  path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. 2022-01-10 not yet calculated CVE-2022-22816
MISC
MISC pillow — pillow
  path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. 2022-01-10 not yet calculated CVE-2022-22815
MISC
MISC publishpress_capabilities — publishpress_capabilities
  The PublishPress Capabilities WordPress plugin before 2.3.1, PublishPress Capabilities Pro WordPress plugin before 2.3.1 does not have authorisation and CSRF checks when updating the plugin’s settings via the init hook, and does not ensure that the options to be updated belong to the plugin. As a result, unauthenticated attackers could update arbitrary blog options, such as the default role and make any new registered user with an administrator role. 2022-01-10 not yet calculated CVE-2021-25032
CONFIRM
MISC puddingbot — puddingbot
  PuddingBot is a group management bot. In version 0.0.6-b933652 and prior, the bot token is publicly exposed in main.py, making it accessible to malicious actors. The bot token has been revoked and new version is already running on the server. As of time of publication, the maintainers are planning to update code to reflect this change at a later date. 2022-01-11 not yet calculated CVE-2022-21669
CONFIRM pypa — pipenv
  pipenv is a Python development workflow tool. Starting with version 2018.10.9 and prior to version 2022.1.8, a flaw in pipenv’s parsing of requirements files allows an attacker to insert a specially crafted string inside a comment anywhere within a requirements.txt file, which will cause victims who use pipenv to install the requirements file to download dependencies from a package index server controlled by the attacker. By embedding malicious code in packages served from their malicious index server, the attacker can trigger arbitrary remote code execution (RCE) on the victims’ systems. If an attacker is able to hide a malicious `–index-url` option in a requirements file that a victim installs with pipenv, the attacker can embed arbitrary malicious code in packages served from their malicious index server that will be executed on the victim’s host during installation (remote code execution/RCE). When pip installs from a source distribution, any code in the setup.py is executed by the install process. This issue is patched in version 2022.1.8. The GitHub Security Advisory contains more information about this vulnerability. 2022-01-10 not yet calculated CVE-2022-21668
MISC
CONFIRM
MISC qnap — multiple_nas_devices
  A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later 2022-01-14 not yet calculated CVE-2021-38691
CONFIRM qnap — multiple_nas_devices
  A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later 2022-01-14 not yet calculated CVE-2021-38692
CONFIRM qnap — multiple_nas_devices
  An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows attackers to redirect users to an untrusted page that contains malware. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later 2022-01-14 not yet calculated CVE-2021-38678
CONFIRM qnap — multiple_nas_devices
  A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later 2022-01-14 not yet calculated CVE-2021-38690
CONFIRM qnap — multiple_nas_devices
  A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later 2022-01-14 not yet calculated CVE-2021-38689
CONFIRM qnap — multiple_nas_devices
  A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 and later QTS 5.0.0: QVR Guard 2.1.3.0 and later 2022-01-14 not yet calculated CVE-2021-38682
CONFIRM qnap — qcalagent
  A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later 2022-01-14 not yet calculated CVE-2021-38677
CONFIRM qualcomm — multiple_products Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-01-13 not yet calculated CVE-2021-30313
CONFIRM qualcomm — multiple_products
  Possible buffer overflow while printing the HARQ memory partition detail due to improper validation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile 2022-01-13 not yet calculated CVE-2021-30308
CONFIRM qualcomm — multiple_products
  Improper validation of function pointer type with actual function signature can lead to assertion in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables 2022-01-13 not yet calculated CVE-2021-30353
CONFIRM qualcomm — multiple_products
  Lack of validation for third party application accessing the service can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables 2022-01-13 not yet calculated CVE-2021-30314
CONFIRM qualcomm — multiple_products
  Possible integer overflow due to improper validation of command length parameters while processing WMI command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music 2022-01-13 not yet calculated CVE-2021-30319
CONFIRM qualcomm — multiple_products
  Possible null pointer dereference due to improper validation of APE clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables 2022-01-13 not yet calculated CVE-2021-30330
CONFIRM qualcomm — multiple_products
  Possible heap overflow due to lack of index validation before allocating and writing to heap buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-01-13 not yet calculated CVE-2021-30311
CONFIRM qxip_sipcature — homer
  QXIP SIPCAPTURE homer-app before 1.4.28 for HOMER 7.x has the same 167f0db2-f83e-4baa-9736-d56064a5b415 JWT secret key across different customers’ installations. 2022-01-10 not yet calculated CVE-2022-22845
MISC
MISC
MISC
MISC radare2 — radare2
  radare2 is vulnerable to Out-of-bounds Read 2022-01-11 not yet calculated CVE-2022-0173
CONFIRM
MISC ray-ban — stories
  A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture duration limit to be modified through the Facebook View application. This issue affected versions of device software before 2107460.6810.0. 2022-01-14 not yet calculated CVE-2021-24046
CONFIRM repirse — license_manager
  Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability in the /goform/activate_process “count” parameter via GET. No authentication is required. 2022-01-13 not yet calculated CVE-2021-45422
MISC
MISC
MISC replit — crosis
  @replit/crosis is a JavaScript client that speaks Replit’s container protocol. A vulnerability that involves exposure of sensitive information exists in versions prior to 7.3.1. When using this library as a way to programmatically communicate with Replit in a standalone fashion, if there are multiple failed attempts to contact Replit through a WebSocket, the library will attempt to communicate using a fallback poll-based proxy. The URL of the proxy has changed, so any communication done to the previous URL could potentially reach a server that is outside of Replit’s control and the token used to connect to the Repl could be obtained by an attacker, leading to full compromise of that Repl (not of the account). This was patched in version 7.3.1 by updating the address of the fallback WebSocket polling proxy to the new one. As a workaround, a user may specify the new address for the polling host (`gp-v2.replit.com`) in the `ConnectArgs`. More information about this workaround is available in the GitHub Security Advisory. 2022-01-11 not yet calculated CVE-2022-21671
CONFIRM
MISC ropium — ropium
  ROPium v3.1 was discovered to contain an invalid memory address dereference via the find() function. 2022-01-14 not yet calculated CVE-2021-45761
MISC samba — samba
  All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. 2022-01-11 not yet calculated CVE-2021-43566
MISC
MISC
MISC samsung — android_applications
  A vulnerability using PendingIntent in Reminder prior to version 12.2.05.0 in Android R(11.0) and 12.3.02.1000 in Android S(12.0) allows attackers to execute privileged action by hijacking and modifying the intent. 2022-01-10 not yet calculated CVE-2022-22285
MISC samsung — android_applications
  A vulnerability using PendingIntent in Bixby Routines prior to version 3.1.21.8 in Android R(11.0) and 2.6.30.5 in Android Q(10.0) allows attackers to execute privileged action by hijacking and modifying the intent. 2022-01-10 not yet calculated CVE-2022-22286
MISC samsung — email
  Abitrary file access vulnerability in Samsung Email prior to 6.1.60.16 allows attacker to read isolated data in sandbox. 2022-01-10 not yet calculated CVE-2022-22287
MISC samsung — galaxy
  Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app installation of the allowlist. 2022-01-10 not yet calculated CVE-2022-22288
MISC samsung — health
  Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging out from Samsung Health App. 2022-01-10 not yet calculated CVE-2022-22283
MISC samsung — internet
  Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers to perform domain spoofing via a crafted HTML page. 2022-01-14 not yet calculated CVE-2022-22290
MISC samsung — internet
  Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication 2022-01-10 not yet calculated CVE-2022-22284
MISC samsung — s_assistant
  Improper access control vulnerability in S Assistant prior to version 7.5 allows attacker to remotely get senstive information. 2022-01-10 not yet calculated CVE-2022-22289
MISC sap — business+_one
  SAP Business One – version 10.0, extended log stores information that can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information. 2022-01-14 not yet calculated CVE-2021-44234
MISC
MISC sap — enterprise_threat_detection
  SAP Enterprise Threat Detection (ETD) – version 2.0, does not sufficiently encode user-controlled inputs which may lead to an unauthorized attacker possibly exploit XSS vulnerability. The UIs in ETD are using SAP UI5 standard controls, the UI5 framework provides automated output encoding for its standard controls. This output encoding prevents stored malicious user input from being executed when it is reflected in the UI. 2022-01-14 not yet calculated CVE-2022-22529
MISC
MISC sap — f0743_create_single_payment
  The F0743 Create Single Payment application of SAP S/4HANA – versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to inject dangerous content or malicious code which could result in critical information being modified or completely compromise the availability of the application. 2022-01-14 not yet calculated CVE-2022-22530
MISC
MISC sap — f0743_create_single_payment
  The F0743 Create Single Payment application of SAP S/4HANA – versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified. 2022-01-14 not yet calculated CVE-2022-22531
MISC
MISC sap — netweaver
  In SAP NetWeaver AS for ABAP and ABAP Platform – versions 701, 702, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 786, an attacker authenticated as a regular user can use the S/4 Hana dashboard to reveal systems and services which they would not normally be allowed to see. No information alteration or denial of service is possible. 2022-01-14 not yet calculated CVE-2021-42067
MISC
MISC sensormatics_electronics — videoedge
  Running a vulnerability scanner against VideoEdge NVRs can cause some functionality to stop. 2022-01-14 not yet calculated CVE-2021-36199
CERT
CONFIRM shelljs — shelljs
  shelljs is vulnerable to Improper Privilege Management 2022-01-11 not yet calculated CVE-2022-0144
CONFIRM
MISC siemens — cp-8000_master_module
  A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions < V16.20), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions < V16.20), CP-8021 MASTER MODULE (All versions < V16.20), CP-8022 MASTER MODULE WITH GPRS (All versions < V16.20). The web server of the affected system allows access to logfiles and diagnostic data generated by a privileged user. An unauthenticated attacker could access the files by knowing the corresponding download links. 2022-01-11 not yet calculated CVE-2021-45034
MISC siemens — cp-8000_master_module
  A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions < V16.20), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions < V16.20), CP-8021 MASTER MODULE (All versions < V16.20), CP-8022 MASTER MODULE WITH GPRS (All versions < V16.20). An undocumented debug port uses hard-coded default credentials. If this port is enabled by a privileged user, an attacker aware of the credentials could access an administrative debug shell on the affected device. 2022-01-11 not yet calculated CVE-2021-45033
MISC siemens — sicam_pq_analyzer
  A vulnerability has been identified in SICAM PQ Analyzer (All versions < V3.18). A service is started by an unquoted registry entry. As there are spaces in this path, attackers with write privilege to those directories might be able to plant executables that will run in place of the legitimate process. Attackers might achieve persistence on the system (“backdoors”) or cause a denial of service. 2022-01-11 not yet calculated CVE-2021-45460
MISC siemens — siprotec_5_multiple_devices
  A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MU85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7KE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SA86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ81 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SK82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SK85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SL86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SS85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7ST85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SX85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UM85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7UT85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VK87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 Compact 7SX800 devices (CPU variant CP050) (All versions < V8.83). An improper input validation vulnerability in the web server could allow an unauthenticated user to access device information. 2022-01-11 not yet calculated CVE-2021-41769
MISC smarty-php — smarty
  Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.43 and 4.0.3, template authors could run restricted static php methods. Users should upgrade to version 3.1.43 or 4.0.3 to receive a patch. 2022-01-10 not yet calculated CVE-2021-21408
MISC
MISC
CONFIRM
MISC smarty-php — smarty
  Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.42 and 4.0.2, template authors could run arbitrary PHP code by crafting a malicious math string. If a math string was passed through as user provided data to the math function, external users could run arbitrary PHP code by crafting a malicious math string. Users should upgrade to version 3.1.42 or 4.0.2 to receive a patch. 2022-01-10 not yet calculated CVE-2021-29454
MISC
CONFIRM
MISC
MISC
MISC
MISC snipe-it — snipe-it
  snipe-it is vulnerable to Improper Access Control 2022-01-13 not yet calculated CVE-2022-0178
CONFIRM
MISC socket.io — engine.io
  Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. This impacts all the users of the `engine.io` package starting from version `4.0.0`, including those who uses depending packages like `socket.io`. Versions prior to `4.0.0` are not impacted. A fix has been released for each major branch, namely `4.1.2` for the `4.x.x` branch, `5.2.1` for the `5.x.x` branch, and `6.1.1` for the `6.x.x` branch. There is no known workaround except upgrading to a safe version. 2022-01-12 not yet calculated CVE-2022-21676
CONFIRM
MISC
MISC
MISC
MISC
MISC
MISC sonicos — firmware
  A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions. 2022-01-10 not yet calculated CVE-2021-20048
CONFIRM sonicos — firmware
  A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions. 2022-01-10 not yet calculated CVE-2021-20046
CONFIRM sourcecodetester — printable_staff_id_card_creator_system
  In Sourcecodetester Printable Staff ID Card Creator System 1.0 after compromising the database via SQLi, an attacker can log in and leverage an arbitrary file upload vulnerability to obtain remote code execution. 2022-01-12 not yet calculated CVE-2021-45411
MISC
MISC sourceforge — salonerp
  In SalonERP 3.0.1, a SQL injection vulnerability allows an attacker to inject payload using ‘sql’ parameter in SQL query while generating a report. Upon successfully discovering the login admin password hash, it can be decrypted to obtain the plain-text password. 2022-01-14 not yet calculated CVE-2021-45406
MISC
MISC
MISC spin — spin
  Spin v6.5.1 was discovered to contain an out-of-bounds write in lex() at spinlex.c. 2022-01-14 not yet calculated CVE-2021-46168
MISC strukturag — libde265
  A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion.cc in function put_epel_hv_fallback when running program dec265. 2022-01-10 not yet calculated CVE-2021-36410
MISC strukturag — libde265
  An issue has been found in libde265 v1.0.8 due to incorrect access control. A SEGV caused by a READ memory access in function derive_boundaryStrength of deblock.cc has occurred. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service. 2022-01-10 not yet calculated CVE-2021-36411
MISC strukturag — libde265
  An Incorrect Access Control vulnerability exists in libde265 v1.0.8 due to a SEGV in slice.cc. 2022-01-10 not yet calculated CVE-2021-35452
MISC strukturag — libde265
  There is an Assertion `scaling_list_pred_matrix_id_delta==1′ failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file or possibly have unspecified other impact. 2022-01-10 not yet calculated CVE-2021-36409
MISC strukturag — libde265
  An issue was discovered in libde265 v1.0.8.There is a Heap-use-after-free in intrapred.h when decoding file using dec265. 2022-01-10 not yet calculated CVE-2021-36408
MISC suitecrm — suitecrm
  SuiteCRM through 7.11.21 is vulnerable to CSRF, with resultant remote code execution, via the UpgradeWizard functionality, if a PHP file is included in a ZIP archive. 2022-01-12 not yet calculated CVE-2021-41597
MISC
MISC
MISC
MISC
MISC sysaid — itil
  A SQL injection vulnerability in /mobile/SelectUsers.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to execute arbitrary SQL commands via the filterText parameter. 2022-01-11 not yet calculated CVE-2021-43971
MISC
MISC
MISC sysaid — itil
  An unrestricted file copy vulnerability in /UserSelfServiceSettings.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to copy arbitrary files on the server filesystem to the web root (with an arbitrary filename) via the tempFile and fileName parameters in the HTTP POST body. 2022-01-11 not yet calculated CVE-2021-43972
MISC
MISC
MISC sysaid — itil
  An unrestricted file upload vulnerability in /UploadPsIcon.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to upload an arbitrary file via the file parameter in the HTTP POST body. A successful request returns the absolute, server-side filesystem path of the uploaded file. 2022-01-11 not yet calculated CVE-2021-43973
MISC
MISC
MISC sysaid — itil
  An issue was discovered in SysAid ITIL 20.4.74 b10. The /enduserreg endpoint is used to register end users anonymously, but does not respect the server-side setting that determines if anonymous users are allowed to register new accounts. Configuring the server-side setting to disable anonymous user registration only hides the client-side registration form. An attacker can still post registration data to create new accounts without prior authentication. 2022-01-11 not yet calculated CVE-2021-43974
MISC
MISC
MISC teamviewer — teamviewer
  This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TVS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13606. 2022-01-13 not yet calculated CVE-2021-34858
MISC
MISC tenable.sc — tenable.sc
  Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. An attacker would first have to stage a specific file type in the web server root of the Tenable.sc host prior to remote exploitation. 2022-01-14 not yet calculated CVE-2022-0130
MISC tibco_software_inc — multiple products
  The Data Virtualization Server component of TIBCO Software Inc.’s TIBCO Data Virtualization, TIBCO Data Virtualization, TIBCO Data Virtualization, and TIBCO Data Virtualization for AWS Marketplace contains a difficult to exploit vulnerability that allows a low privileged attacker with local access to download arbitrary files outside of the scope of the user’s permissions on the affected system. Affected releases are TIBCO Software Inc.’s TIBCO Data Virtualization: versions 8.3.0 and below, TIBCO Data Virtualization: version 8.4.0, TIBCO Data Virtualization: version 8.5.0, and TIBCO Data Virtualization for AWS Marketplace: versions 8.5.0 and below. 2022-01-12 not yet calculated CVE-2021-35500
CONFIRM
CONFIRM tibco_software_inc — multiple_products
  The eFTL Server component of TIBCO Software Inc.’s TIBCO eFTL – Community Edition, TIBCO eFTL – Developer Edition, and TIBCO eFTL – Enterprise Edition contains an easily exploitable vulnerability that allows clients to inherit the permissions of the client that initially connected on the affected system. Affected releases are TIBCO Software Inc.’s TIBCO eFTL – Community Edition: versions 6.7.2 and below, TIBCO eFTL – Developer Edition: versions 6.7.2 and below, and TIBCO eFTL – Enterprise Edition: versions 6.7.2 and below. 2022-01-11 not yet calculated CVE-2021-43055
CONFIRM
CONFIRM tibco_software_inc — multiple_products
  The Realm Server component of TIBCO Software Inc.’s TIBCO FTL – Community Edition, TIBCO FTL – Developer Edition, and TIBCO FTL – Enterprise Edition contains an easily exploitable vulnerability that allows authentication bypass due to a hard coded secret used in the default realm server of the affected system. Affected releases are TIBCO Software Inc.’s TIBCO FTL – Community Edition: versions 6.7.2 and below, TIBCO FTL – Developer Edition: versions 6.7.2 and below, and TIBCO FTL – Enterprise Edition: versions 6.7.2 and below. 2022-01-11 not yet calculated CVE-2021-43052
CONFIRM
CONFIRM tibco_software_inc — multiple_products
  The Realm Server component of TIBCO Software Inc.’s TIBCO FTL – Community Edition, TIBCO FTL – Developer Edition, and TIBCO FTL – Enterprise Edition contains a difficult to exploit vulnerability that allows an unauthenticated attacker with network access to obtain the cluster secret of another application connected to the realm server. Affected releases are TIBCO Software Inc.’s TIBCO FTL – Community Edition: versions 6.7.2 and below, TIBCO FTL – Developer Edition: versions 6.7.2 and below, and TIBCO FTL – Enterprise Edition: versions 6.7.2 and below. 2022-01-11 not yet calculated CVE-2021-43053
CONFIRM
CONFIRM tibco_software_inc — multiple_products
  The eFTL Server component of TIBCO Software Inc.’s TIBCO eFTL – Community Edition, TIBCO eFTL – Developer Edition, and TIBCO eFTL – Enterprise Edition contains an easily exploitable vulnerability that allows a low privileged attacker with network access to generate API tokens that can access any other channel with arbitrary permissions. Affected releases are TIBCO Software Inc.’s TIBCO eFTL – Community Edition: versions 6.7.2 and below, TIBCO eFTL – Developer Edition: versions 6.7.2 and below, and TIBCO eFTL – Enterprise Edition: versions 6.7.2 and below. 2022-01-11 not yet calculated CVE-2021-43054
CONFIRM
CONFIRM trusted_firmware — trusted_firmware
  Trusted Firmware-M (TF-M) 1.4.0, when Profile Small is used, has incorrect access control. NSPE can access a secure key (held by the Crypto service) based solely on knowledge of its key ID. For example, there is no authorization check associated with the relationship between a caller and a key owner. 2022-01-13 not yet calculated CVE-2021-40327
MISC
MISC
CONFIRM ubiquiti — unifi_network
  An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53 and earlier (Log4J CVE-2021-44228) allows a malicious actor to control the application. 2022-01-14 not yet calculated CVE-2021-44530
MISC unisys — clearpath_mcp_tcp-icp_networking_services
  Unisys ClearPath MCP TCP/IP Networking Services 59.1, 60.0, and 62.0 has an Infinite Loop. 2022-01-12 not yet calculated CVE-2021-45445
MISC
MISC useful_simple_open-source_cms — useful_simple_open-source_cms
  Useful Simple Open-Source CMS (USOC) is a content management system (CMS) for programmers. Versions prior to Pb2.4Bfx3 allowed Sql injection in usersearch.php only for users with administrative privileges. Users should replace the file `admin/pages/useredit.php` with a newer version. USOC version Pb2.4Bfx3 contains a fixed version of `admin/pages/useredit.php`. 2022-01-10 not yet calculated CVE-2022-21666
MISC
MISC
CONFIRM vim — vim
  vim is vulnerable to Heap-based Buffer Overflow 2022-01-14 not yet calculated CVE-2022-0213
CONFIRM
MISC
MLIST wecon — levistudiou
  WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code. 2022-01-14 not yet calculated CVE-2021-23138
MISC wecon — levistudiou
  WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code. 2022-01-14 not yet calculated CVE-2021-23157
MISC weseek — growi
  growi is vulnerable to Authorization Bypass Through User-Controlled Key 2022-01-12 not yet calculated CVE-2021-3852
CONFIRM
MISC z-wave — multiple_devices
  Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FIND_NODE_IN_RANGE frames, allowing a remote, unauthenticated attacker to inject a FIND_NODE_IN_RANGE frame with an invalid random payload, denying service by blocking the processing of upcoming events. 2022-01-10 not yet calculated CVE-2020-10137
MISC
CERT-VN
MISC
MISC
CERT-VN z-wave — multiple_devices
  Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not likely limited to the SiLabs UZB-7 version 7.00, ZooZ ZST10 version 6.04, Aeon Labs ZW090-A version 3.95, and Samsung STH-ETH-200 version 6.04, are susceptible to denial of service via malformed routing messages. 2022-01-10 not yet calculated CVE-2020-9061
MISC
CERT-VN
MISC
MISC
CERT-VN z-wave — multiple_devices
  Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible to uncontrolled resource consumption leading to battery exhaustion. As an example, the Schlage BE468 version 3.42 door lock is vulnerable and fails open at a low battery level. 2022-01-10 not yet calculated CVE-2020-9059
MISC
CERT-VN
MISC
MISC
CERT-VN z-wave — multiple_devices
  Z-Wave devices based on Silicon Labs 500 series chipsets using S2, including but likely not limited to the ZooZ ZST10 version 6.04, ZooZ ZEN20 version 5.03, ZooZ ZEN25 version 5.03, Aeon Labs ZW090-A version 3.95, and Fibaro FGWPB-111 version 4.3, are susceptible to denial of service and resource exhaustion via malformed SECURITY NONCE GET, SECURITY NONCE GET 2, NO OPERATION, or NIF REQUEST messages. 2022-01-10 not yet calculated CVE-2020-9060
MISC
CERT-VN
MISC
MISC
CERT-VN z-wave — multiple_devices
  Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets do not support encryption, allowing an attacker within radio range to take control of or cause a denial of service to a vulnerable device. An attacker can also capture and replay Z-Wave traffic. Firmware upgrades cannot directly address this vulnerability as it is an issue with the Z-Wave specification for these legacy chipsets. One way to protect against this vulnerability is to use 500 or 700 series chipsets that support Security 2 (S2) encryption. As examples, the Linear WADWAZ-1 version 3.43 and WAPIRZ-1 version 3.43 (with 300 series chipsets) are vulnerable. 2022-01-10 not yet calculated CVE-2020-9057
MISC
CERT-VN
MISC
MISC
CERT-VN z-wave — multiple_devices
  Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but likely not limited to the Linear LB60Z-1 version 3.5, Dome DM501 version 4.26, and Jasco ZW4201 version 4.05, do not implement encryption or replay protection. 2022-01-10 not yet calculated CVE-2020-9058
MISC
CERT-VN
MISC
MISC
CERT-VN zabbix — zabbix
  In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default). 2022-01-13 not yet calculated CVE-2022-23131
MISC zabbix — zabbix
  During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level 2022-01-13 not yet calculated CVE-2022-23132
MISC zabbix — zabbix
  An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. When XSS is stored by an authenticated malicious actor and other users try to search for groups during new host creation, the XSS payload will fire and the actor can steal session cookies and perform session hijacking to impersonate users or take over their accounts. 2022-01-13 not yet calculated CVE-2022-23133
MISC zabbix — zabbix
  After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend. 2022-01-13 not yet calculated CVE-2022-23134
MISC zoho — manageengine_0365_manager_plus
  Zoho ManageEngine O365 Manager Plus before Build 4416 allows remote code execution via BCP file overwrite through the ChangeDBAPI component. 2022-01-12 not yet calculated CVE-2021-44652
MISC zoho — manageengine_applications_manager
  A vulnerability in the showReports module of Zoho ManageEngine Applications Manager before build 14550 allows authenticated attackers to execute a SQL injection via a crafted request. 2022-01-10 not yet calculated CVE-2020-28679
MISC zoho — manageengine_cloudsecurityplus
  Zoho ManageEngine CloudSecurityPlus before Build 4117 allows remote code execution through the updatePersonalizeSettings component due to an improper security patch for CVE-2021-40175. 2022-01-12 not yet calculated CVE-2021-44651
MISC zoho — mangeengine_m365_manager_plus
  Zoho ManageEngine M365 Manager Plus before Build 4419 allows remote command execution when updating proxy settings through the Admin ProxySettings and Tenant ProxySettings components. 2022-01-12 not yet calculated CVE-2021-44650
MISC

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.

%d bloggers like this: