This article is contributed. See the original author and article here.
| adobe — indesign |
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-16 |
not yet calculated |
CVE-2022-30658
MISC |
| zzcms — zzcms |
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/dl_sendmail.php (when the attacker has admin authority) via the id parameter. |
2022-06-17 |
not yet calculated |
CVE-2019-12353
MISC |
1password — agilebits
|
An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. In specific circumstances, this issue allowed a malicious server to convince a 1Password app or integration it is communicating with the 1Password service. |
2022-06-15 |
not yet calculated |
CVE-2022-32550
MISC |
acunetix — sonatype_nexus_repository_manager
|
https://ossindex.sonatype.org/ Sonatype Nexus Repository Manager OSS 3.37.3-02 is affected by: Incorrect Access Control. The impact is: Authentication Bypass (remote). The component is: Admin Panel. The attack vector is: With the help of response manipulation Attacker can bypass the login panel and view the dashboard menus, No user interaction is required. ¶¶ 1. Go to https://nexus.e-goi.com 2. Click on the Sign In button. 3. Enter the password as admin:admin. 4. Intercept the request in Burp Suite. 5. Capture the Response of the Request. 6. Change the Status Code from 403 Forbidden to 200 OK. 7. You will see the dashboard which provides the admin access. |
2022-06-14 |
not yet calculated |
CVE-2022-31289
MISC
MISC |
adaware — protect
|
Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path. |
2022-06-16 |
not yet calculated |
CVE-2022-31464
MISC
MISC |
adobe — after_effects
|
Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2021-43755
MISC |
| adobe — bridge |
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-28843
MISC |
adobe — bridge
|
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-28847
MISC |
adobe — bridge
|
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-28844
MISC |
adobe — bridge
|
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-28850
MISC |
adobe — bridge
|
Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-28849
MISC |
adobe — bridge
|
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-28848
MISC |
adobe — bridge
|
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-28839
MISC |
adobe — bridge
|
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-28846
MISC |
adobe — bridge
|
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-28845
MISC |
adobe — bridge
|
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-28841
MISC |
adobe — bridge
|
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-28840
MISC |
adobe — bridge
|
Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-28842
MISC |
adobe — illustrator
|
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-30668
MISC |
adobe — illustrator
|
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-30669
MISC |
adobe — illustrator
|
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-30666
MISC |
adobe — illustrator
|
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-30667
MISC |
| adobe — indesign |
Access of Memory Location After End of Buffer (CWE-788 |
2022-06-15 |
not yet calculated |
CVE-2021-40727
MISC |
adobe — lightroom_classic
|
Adobe Lightroom Classic 10.3 (and earlier) are affected by a privilege escalation vulnerability in the Offline Lightroom Classic installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product installation to abuse this vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2021-40776
MISC |
adobe — media_encoder
|
Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file. |
2022-06-13 |
not yet calculated |
CVE-2021-46818
MISC |
adobe — media_encoder
|
Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file. |
2022-06-13 |
not yet calculated |
CVE-2021-46817
MISC |
adobe — photoshop
|
Adobe Photoshop version 22.5.1 (and earlier versions ) is affected by an Access of Memory Location After End of Buffer vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2021-42735
MISC |
adobe — prelude
|
Adobe Prelude version 22.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2021-43754
MISC |
adobe — premiere_pro
|
Adobe Premiere Pro version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file. |
2022-06-13 |
not yet calculated |
CVE-2021-46816
MISC |
adobe — animate
|
Adobe Animate version 22.0.5 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-16 |
not yet calculated |
CVE-2022-30664
MISC |
| adobe — illustrator |
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-30647
MISC |
| adobe — illustrator |
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-30649
MISC |
| adobe — illustrator |
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2022-30648
MISC |
| adobe — incopy |
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-16 |
not yet calculated |
CVE-2022-30656
MISC |
| adobe — incopy |
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-16 |
not yet calculated |
CVE-2022-30655
MISC |
| adobe — incopy |
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-16 |
not yet calculated |
CVE-2022-30652
MISC |
| adobe — incopy |
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-16 |
not yet calculated |
CVE-2022-30651
MISC |
adobe — incopy
|
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-16 |
not yet calculated |
CVE-2022-30653
MISC |
adobe — incopy
|
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-16 |
not yet calculated |
CVE-2022-30650
MISC |
adobe — incopy
|
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-16 |
not yet calculated |
CVE-2022-30657
MISC |
adobe — incopy
|
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-16 |
not yet calculated |
CVE-2022-30654
MISC |
| adobe — indesign |
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-16 |
not yet calculated |
CVE-2022-30665
MISC |
| adobe — indesign |
Access of Memory Location After End of Buffer (CWE-788) |
2022-06-15 |
not yet calculated |
CVE-2021-42732
MISC |
| adobe — indesign |
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-16 |
not yet calculated |
CVE-2022-30661
MISC |
| adobe — indesign |
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-16 |
not yet calculated |
CVE-2022-30663
MISC |
| adobe — indesign |
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-16 |
not yet calculated |
CVE-2022-30662
MISC |
adobe — indesign
|
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-16 |
not yet calculated |
CVE-2022-30660
MISC |
adobe — indesign
|
Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2021-39820
MISC |
adobe — indesign
|
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-16 |
not yet calculated |
CVE-2022-30659
MISC |
adobe — media_encoder
|
Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2022-06-15 |
not yet calculated |
CVE-2021-43756
MISC |
adsk — autodesk
|
A maliciously crafted TIF file in Autodesk 3ds Max 2022 and 2021 can be used to write beyond the allocated buffer while parsing TIF files. This vulnerability in conjunction with other vulnerabilities could lead to arbitrary code execution. |
2022-06-16 |
not yet calculated |
CVE-2022-27532
MISC |
adsk — autodesk
|
A maliciously crafted TIF file can be forced to read beyond allocated boundaries in Autodesk 3ds Max 2022, and 2021 when parsing the TIF files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. |
2022-06-16 |
not yet calculated |
CVE-2022-27531
MISC |
amazon — aws_apache_log4j
|
Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. This Hotpatch package is not a replacement for updating to a log4j version that mitigates CVE-2021-44228 or CVE-2021-45046; it provides a temporary mitigation to CVE-2021-44228 by hotpatching the local Java virtual machines. To do so, it iterates through all running Java processes, performs several checks, and executes the Java virtual machine with the same permissions and capabilities as the running process to load the hotpatch. A local user could cause the hotpatch script to execute a binary with elevated privileges by running a custom java process that performs exec() of an SUID binary after the hotpatch has observed the process path and before it has observed its effective user ID. |
2022-06-17 |
not yet calculated |
CVE-2022-33915
MISC
MISC |
amd — processors
|
A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure. |
2022-06-15 |
not yet calculated |
CVE-2022-23823
MISC |
| amodat — mobile_application_gateway |
attacker needs to craft a SQL payload. the vulnerable parameter is “agentid” must be authenticated to the admin panel. |
2022-06-13 |
not yet calculated |
CVE-2022-23169
MISC |
| amodat — mobile_application_gateway |
The attacker could get access to the database. The SQL injection is in the username parameter at the login panel: username: admin’– |
2022-06-13 |
not yet calculated |
CVE-2022-23168
MISC |
| amodat — mobile_application_gateway |
Attacker crafts a GET request to: /mobile/downloadfile.aspx? Filename =../.. /windows/boot.ini the LFI is UNAUTHENTICATED. |
2022-06-13 |
not yet calculated |
CVE-2022-23167
MISC |
| amozing — ariang |
AriaNg v0.1.0~v1.2.2 is affected by an incorrect access control vulnerability through not authenticating visitors’ access rights. |
2022-06-15 |
not yet calculated |
CVE-2021-41418
MISC |
android — windowmanager
|
In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when processing user input. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-157929241 |
2022-06-15 |
not yet calculated |
CVE-2021-39691
MISC |
android — closef
|
In closef of label_backends_android.c, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege during startup of servicemanager, if an attacker can trigger an initialization failure, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215387420 |
2022-06-15 |
not yet calculated |
CVE-2021-39806
MISC |
anker — eufy_homebase_2
|
A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to remote code execution. The device is exposed to attacks from the network. |
2022-06-17 |
not yet calculated |
CVE-2022-21806
MISC |
apache — hadoop
|
There is a potential heap buffer overflow in Apache Hadoop libhdfs native code. Opening a file path provided by user without validation may result in a denial of service or arbitrary code execution. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher. |
2022-06-13 |
not yet calculated |
CVE-2021-37404
CONFIRM |
apache — hadoop
|
In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher. |
2022-06-15 |
not yet calculated |
CVE-2021-33036
MISC
MLIST |
apache– flume
|
Apache Flume versions 1.4.0 through 1.9.0 are vulnerable to a remote code execution (RCE) attack when a configuration uses a JMS Source with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI to allow only the use of the java protocol or no protocol. |
2022-06-14 |
not yet calculated |
CVE-2022-25167
CONFIRM
CONFIRM
MLIST |
apache — nifi
|
The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of operating system commands on Linux and macOS platforms. The ShellUserGroupProvider is not included in the default configuration. Command injection requires ShellUserGroupProvider to be one of the enabled User Group Providers in the Authorizers configuration. Command injection also requires an authenticated user with elevated privileges. Apache NiFi requires an authenticated user with authorization to modify access policies in order to execute the command. Apache NiFi Registry requires an authenticated user with authorization to read user groups in order to execute the command. The resolution removes command formatting based on user-provided arguments. |
2022-06-15 |
not yet calculated |
CVE-2022-33140
MISC
MISC |
apple — mobaku-auction&flea_market
|
‘Mobaoku-Auction&Flea Market’ App for iOS versions prior to 5.5.16 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack. |
2022-06-14 |
not yet calculated |
CVE-2022-29482
MISC |
apple — swift-corelibs-foundation
|
A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability is caused by the interaction between a deserialization mechanism offered by the Swift standard library, the Codable protocol; and the JSONDecoder class offered by swift-corelibs-foundation, which can deserialize types that adopt the Codable protocol based on the content of a provided JSON document. When a type that adopts Codable requests the initialization of a field with an integer value, the JSONDecoder class uses a type-erased container with different accessor methods to attempt and coerce a corresponding JSON value and produce an integer. In the case the JSON value was a numeric literal with a floating-point portion, JSONDecoder used different type-eraser methods during validation than it did during the final casting of the value. The checked casting produces a deterministic crash due to this mismatch. The JSONDecoder class is often wrapped by popular Swift-based web frameworks to parse the body of HTTP requests and perform basic type validation. This makes the attack low-effort: sending a specifically crafted JSON document during a request to these endpoints will cause them to crash. The attack does not have any confidentiality or integrity risks in and of itself; the crash is produced deterministically by an abort function that ensures that execution does not continue in the face of this violation of assumptions. However, unexpected crashes can lead to violations of invariants in services, so it’s possible that this attack can be used to trigger error conditions that escalate the risk. Producing a denial of service may also be the goal of an attacker in itself. This issue is solved in Swift 5.6.2 for Linux and Windows. This issue was solved by ensuring that the same methods are invoked both when validating and during casting, so that no type mismatch occurs. Swift for Linux and Windows versions are not ABI-interchangeable. To upgrade a service, its owner must update to this version of the Swift toolchain, then recompile and redeploy their software. The new version of Swift includes an updated swift-corelibs-foundation package. Versions of Swift running on Darwin-based operating systems are not affected. |
2022-06-16 |
not yet calculated |
CVE-2022-1642
MISC |
argo_project — argo
|
The package github.com/argoproj/argo-events/sensors/artifacts before 1.7.1 are vulnerable to Directory Traversal in the (g *GitArtifactReader).Read() API in git.go. This could allow arbitrary file reads if the GitArtifactReader is provided a pathname containing a symbolic link or an implicit directory name such as … |
2022-06-17 |
not yet calculated |
CVE-2022-25856
CONFIRM
CONFIRM
CONFIRM |
argopro — argo_events
|
Argo Events is an event-driven workflow automation framework for Kubernetes. Prior to version 1.7.1, several `HandleRoute` endpoints make use of the deprecated `ioutil.ReadAll()`. `ioutil.ReadAll()` reads all the data into memory. As such, an attacker who sends a large request to the Argo Events server will be able to crash it and cause denial of service. A patch for this vulnerability has been released in Argo Events version 1.7.1. |
2022-06-13 |
not yet calculated |
CVE-2022-31054
CONFIRM
MISC
MISC
MISC |
| asg_technologies — asg-zena_cross_platform_server_enterprise |
ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to Cleartext Storage of Sensitive Information in a Cookie. |
2022-06-17 |
not yet calculated |
CVE-2021-45025
MISC
MISC
MISC |
| asg_technologies — asg-zena_cross_platform_server_enterprise |
ASG technologies ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to Cross Site Scripting (XSS). |
2022-06-17 |
not yet calculated |
CVE-2021-45026
MISC
MISC
MISC |
| asg_technologies — asg-zena_cross_platform_server_enterprise |
ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to XML External Entity (XXE). |
2022-06-17 |
not yet calculated |
CVE-2021-45024
MISC
MISC
MISC |
| asus — rt-n53 |
ASUS RT-N53 3.0.0.4.376.3754 has a command injection vulnerability in the SystemCmd parameter of the apply.cgi interface. |
2022-06-17 |
not yet calculated |
CVE-2022-31874
MISC |
| av1 — video_extension |
AV1 Video Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30167. |
2022-06-15 |
not yet calculated |
CVE-2022-30193
MISC |
| axis_communications — multiple_products |
A vulnerability, which was classified as critical, was found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. This affects an unknown part of the component CGI Script. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component. |
2022-06-15 |
not yet calculated |
CVE-2017-20049
N/A
N/A |
| axis_communications — multiple_products |
A vulnerability has been found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007 and classified as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to improper access controls. The attack can be initiated remotely. It is recommended to upgrade the affected component. |
2022-06-15 |
not yet calculated |
CVE-2017-20050
N/A
N/A |
| axis_communications — multiple_products |
A vulnerability, which was classified as critical, has been found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. Affected by this issue is some unknown functionality of the component Script Editor. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. |
2022-06-15 |
not yet calculated |
CVE-2017-20048
N/A
N/A
N/A |
axis_communications — multiple_products
|
A vulnerability classified as problematic has been found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. It is recommended to upgrade the affected component. |
2022-06-15 |
not yet calculated |
CVE-2017-20046
N/A
N/A |
axis_communications — multiple_products
|
A vulnerability classified as problematic was found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. |
2022-06-15 |
not yet calculated |
CVE-2017-20047
N/A
N/A
N/A |
bachmann_visutec — atvise
|
An information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. |
2022-06-17 |
not yet calculated |
CVE-2022-21184
MISC |
bestwebsoft — contact_form_plugin
|
A vulnerability classified as problematic has been found in BestWebSoft Contact Form Plugin 4.0.0. This affects an unknown part. The manipulation leads to basic cross site scripting (Stored). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.0.2 is able to address this issue. It is recommended to upgrade the affected component. |
2022-06-16 |
not yet calculated |
CVE-2017-20055
MISC
MISC
MISC |
biscuit — biscuit
|
Biscuit is an authentication and authorization token for microservices architectures. The Biscuit specification version 1 contains a vulnerable algorithm that allows malicious actors to forge valid ?-signatures. Such an attack would allow an attacker to create a token with any access level. The version 2 of the specification mandates a different algorithm than gamma signatures and as such is not affected by this vulnerability. The Biscuit implementations in Rust, Haskell, Go, Java and Javascript all have published versions following the v2 specification. There are no known workarounds for this issue. |
2022-06-13 |
not yet calculated |
CVE-2022-31053
CONFIRM
MISC |
bitmainer — antminer_monitor
|
A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server. Settings file has a predefined secret string, which would be randomly generated, however it is static. |
2022-06-17 |
not yet calculated |
CVE-2021-40903
MISC
MISC
MISC |
| blynk — blynk_library |
A stack-based buffer overflow vulnerability exists in the BlynkConsole.h runCommand functionality of Blynk -Library v1.0.1. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability. |
2022-06-17 |
not yet calculated |
CVE-2022-29496
MISC |
brackeen — brackeen
|
ok-file-formats master 2021-9-12 is affected by a buffer overflow in ok_jpg_convert_data_unit_grayscale and ok_jpg_convert_YCbCr_to_RGB. |
2022-06-15 |
not yet calculated |
CVE-2021-41413
MISC
MISC |
| broadcom — ca_automic_automation |
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. |
2022-06-16 |
not yet calculated |
CVE-2022-33752
MISC |
| broadcom — ca_automic_automation |
CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could allow a remote attacker to potentially access sensitive data. |
2022-06-16 |
not yet calculated |
CVE-2022-33751
MISC |
| broadcom — ca_automic_automation |
CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary commands. |
2022-06-16 |
not yet calculated |
CVE-2022-33750
MISC |
| broadcom — ca_automic_automation |
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. |
2022-06-16 |
not yet calculated |
CVE-2022-33754
MISC |
| broadcom — ca_automic_automation |
CA Automic Automation 12.2 and 12.3 contain an insecure input handling vulnerability in the Automic Agent that could allow a remote attacker to potentially enumerate users. |
2022-06-16 |
not yet calculated |
CVE-2022-33755
MISC |
| broadcom — ca_automic_automation |
CA Automic Automation 12.2 and 12.3 contain an insecure file creation and handling vulnerability in the Automic agent that could allow a user to potentially elevate privileges. |
2022-06-16 |
not yet calculated |
CVE-2022-33753
MISC |
broadcom — ca_automic_automation
|
CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data. |
2022-06-16 |
not yet calculated |
CVE-2022-33756
MISC |
broadcom — ca_clarity
|
CA Clarity 15.8 and below and 15.9.0 contain an insecure XML parsing vulnerability that could allow a remote attacker to potentially view the contents of any file on the system. |
2022-06-16 |
not yet calculated |
CVE-2022-33739
MISC |
checkmk — debian
|
A permission issue affects users that deployed the shipped version of the Checkmk Debian package. Packages created by the agent bakery (enterprise editions only) were not affected. Using the shipped version of the agents, the maintainer scripts located at /var/lib/dpkg/info/ will be owned by the user and the group with ID 1001. If such a user exists on the system, they can change the content of these files (which are then executed by root). This leads to a local privilege escalation on the monitored host. Version 1.6 through 1.6.9p29, version 2.0 through 2.0.0p26, version 2.1 through 2.1.0p3, and version 2.2.0i1 are affected. |
2022-06-17 |
not yet calculated |
CVE-2022-33912
MISC |
cisc0 — identity_services_engine
|
A vulnerability in the login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to log in without credentials and access all roles without any restrictions. This vulnerability is due to exposed sensitive Security Assertion Markup Language (SAML) metadata. An attacker could exploit this vulnerability by using the exposed SAML metadata to bypass authentication to the user portal. A successful exploit could allow the attacker to access all roles without any restrictions. |
2022-06-15 |
not yet calculated |
CVE-2022-20733
CISCO |
cisco — appdynamics_controller_software
|
A vulnerability in the web-based management interface of Cisco AppDynamics Controller Software could allow an unauthenticated, remote attacker to access a configuration file and the login page for an administrative console that they would not normally have authorization to access. This vulnerability is due to improper authorization checking for HTTP requests that are submitted to the affected web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected instance of AppDynamics Controller. A successful exploit could allow the attacker to access the login page for an administrative console. AppDynamics has released software updates that address this vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-20736
CISCO |
cisco — identity_servies_engine
|
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege levels for sensitive data are not properly enforced. An attacker with read-only privileges for the web-based management interface on an affected device could exploit this vulnerability by browsing to a page that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information about the system configuration. |
2022-06-15 |
not yet calculated |
CVE-2022-20819
CISCO |
cisco — small_business_routers
|
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient user input validation of incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device using root-level privileges. Cisco has not released software updates that address this vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-20825
CISCO |
cisco — unified_ip_phones
|
A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to impersonate another user’s phone if the Cisco Unified Communications Manager (CUCM) is in secure mode. This vulnerability is due to improper key generation during the manufacturing process that could result in duplicated manufactured keys installed on multiple devices. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on the secure communication between the phone and the CUCM. A successful exploit could allow the attacker to impersonate another user’s phone. This vulnerability cannot be addressed with software updates. There is a workaround that addresses this vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-20817
CISCO |
cisco –secure_email_and_web_manager
|
A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass authentication and log in to the web management interface of an affected device. This vulnerability is due to improper authentication checks when an affected device uses Lightweight Directory Access Protocol (LDAP) for external authentication. An attacker could exploit this vulnerability by entering a specific input on the login page of the affected device. A successful exploit could allow the attacker to gain unauthorized access to the web-based management interface of the affected device. |
2022-06-15 |
not yet calculated |
CVE-2022-20798
CISCO |
cisco –secure_email_and_web_manager
|
A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access Protocol (LDAP) external authentication server connected to an affected device. This vulnerability is due to a lack of proper input sanitization while querying the external authentication server. An attacker could exploit this vulnerability by sending a crafted query through an external authentication web page. A successful exploit could allow the attacker to gain access to sensitive information, including user credentials from the external authentication server. To exploit this vulnerability, an attacker would need valid operator-level (or higher) credentials. |
2022-06-15 |
not yet calculated |
CVE-2022-20664
CISCO |
| connx — connx |
In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the secure flag set. |
2022-06-14 |
not yet calculated |
CVE-2021-40650
MISC
MISC |
connx — connx
|
In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the HttpOnly flag set. |
2022-06-14 |
not yet calculated |
CVE-2021-40649
MISC
MISC |
| couchbase — couchbase_server |
Couchbase Server 5.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized Actor. |
2022-06-13 |
not yet calculated |
CVE-2022-32192
MISC
MISC |
| couchbase — couchbase_server |
Couchbase Server 6.6.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized Actor. |
2022-06-13 |
not yet calculated |
CVE-2022-32193
MISC
MISC |
| couchbase — couchbase_server |
An issue was discovered in Couchbase Server before 6.6.5 and 7.x before 7.0.4. Previous mitigations for CVE-2018-15728 were found to be insufficient when it was discovered that diagnostic endpoints could still be accessed from the network. |
2022-06-14 |
not yet calculated |
CVE-2022-32561
MISC
MISC
MISC |
| couchbase — couchbase_server |
An issue was discovered in Couchbase Server before 7.0.4. Sample bucket loading may leak internal user passwords during a failure. |
2022-06-13 |
not yet calculated |
CVE-2022-32558
MISC
MISC
MISC |
| couchbase — couchbase_server |
An issue was discovered in Couchbase Server before 7.0.4. Operations may succeed on a collection using stale RBAC permission. |
2022-06-13 |
not yet calculated |
CVE-2022-32562
MISC
MISC
MISC |
| couchbase — couchbase_server |
An issue was discovered in Couchbase Server before 7.0.4. XDCR lacks role checking when changing internal settings. |
2022-06-13 |
not yet calculated |
CVE-2022-32560
MISC
MISC
MISC |
| couchbase — couchbase_server |
An issue was discovered in Couchbase Server before 7.0.4. The Index Service does not enforce authentication for TCP/TLS servers. |
2022-06-14 |
not yet calculated |
CVE-2022-32557
MISC
MISC
MISC |
| couchbase — couchbase_server |
An issue was discovered in Couchbase Server before 7.0.4. Random HTTP requests lead to leaked metrics. |
2022-06-14 |
not yet calculated |
CVE-2022-32559
MISC
MISC
MISC |
couchbase — couchbase_server
|
An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted usernames and document ids. |
2022-06-13 |
not yet calculated |
CVE-2022-32565
MISC
MISC
MISC |
couchbase — couchbase_server
|
An issue was discovered in Couchbase Server before 7.0.4. In couchbase-cli, server-eshell leaks the Cluster Manager cookie. |
2022-06-13 |
not yet calculated |
CVE-2022-32564
MISC
MISC
MISC |
covesa — covesa
|
An issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets. |
2022-06-16 |
not yet calculated |
CVE-2022-31291
MISC |
d-link — dir-850l
|
An issue was discovered on D-Link DIR-850L 1.21WW devices. A partially completed WPA handshake is sufficient for obtaining full access to the wireless network. A client can access the network by sending packets on Data Frames to the AP without encryption. |
2022-06-16 |
not yet calculated |
CVE-2018-18907
MISC
MISC |
deno — deno
|
Deno <=1.14.0 file sandbox does not handle symbolic links correctly. When running Deno with specific write access, the Deno.symlink method can be used to gain access to any directory. |
2022-06-12 |
not yet calculated |
CVE-2021-41641
MISC
MISC |
devolutions — remote_desktop_manager
|
A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate attackers to observe sensitive data. A caching issue can cause sensitive fields to sometimes stay revealed when closing and reopening a panel, which could lead to involuntarily disclosing sensitive information. This issue affects: Devolutions Remote Desktop Manager 2022.1.24 version and prior versions. |
2022-06-15 |
not yet calculated |
CVE-2022-1342
MISC |
discordjs — opus
|
All versions of package @discordjs/opus are vulnerable to Denial of Service (DoS) when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash. |
2022-06-17 |
not yet calculated |
CVE-2022-25345
CONFIRM
CONFIRM |
discourse — calendar
|
Discourse Calendar is a calendar plugin for Discourse, an open-source messaging app. Prior to version 1.0.1, parsing and rendering of Event names can be susceptible to cross-site scripting (XSS) attacks. This vulnerability only affects sites which have modified or disabled Discourse’s default Content Security Policy. This issue is patched in version 1.0.1 of the Discourse Calendar plugin. As a workaround, ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks. |
2022-06-14 |
not yet calculated |
CVE-2022-31059
CONFIRM
MISC
MISC |
discourse — discourse
|
Discourse is an open-source discussion platform. Prior to version 2.8.4 in the `stable` branch and version `2.9.0.beta5` in the `beta` and `tests-passed` branches, banner topic data is exposed on login-required sites. This issue is patched in version 2.8.4 in the `stable` branch and version `2.9.0.beta5` in the `beta` and `tests-passed` branches of Discourse. As a workaround, one may disable banners. |
2022-06-14 |
not yet calculated |
CVE-2022-31060
MISC
CONFIRM
MISC |
| drive_composer — drive_composer |
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a “repair” operation on the product. |
2022-06-15 |
not yet calculated |
CVE-2022-31217
MISC |
drive_composer — drive_composer
|
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a “repair” operation on the product. |
2022-06-15 |
not yet calculated |
CVE-2022-31216
MISC |
drive_composer — drive_composer
|
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a “repair” operation on the product. |
2022-06-15 |
not yet calculated |
CVE-2022-31218
MISC |
drive_composer — drive_composer
|
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a “repair” operation on the product. |
2022-06-15 |
not yet calculated |
CVE-2022-31219
MISC |
edgex_foundry — edgex_foundry
|
EdgeX Foundry is an open source project for building a common open framework for Internet of Things edge computing. Prior to version 2.1.1, the /api/v2/config endpoint exposes message bus credentials to local unauthenticated users. In security-enabled mode, message bus credentials are supposed to be kept in the EdgeX secret store and require authentication to access. This vulnerability bypasses the access controls on message bus credentials when running in security-enabled mode. (No credentials are required when running in security-disabled mode.) As a result, attackers could intercept data or inject fake data into the EdgeX message bus. Users should upgrade to EdgeXFoundry Kamakura release (2.2.0) or to the June 2022 EdgeXFoundry LTS Jakarta release (2.1.1) to receive a patch. More information about which go modules, docker containers, and snaps contain patches is available in the GitHub Security Advisory. There are currently no known workarounds for this issue. |
2022-06-14 |
not yet calculated |
CVE-2022-31066
MISC
CONFIRM
MISC |
electron — electron
|
Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components. This kind of attack would require significant privileges in a potential victim’s own auto updating infrastructure and the ease of that attack entirely depends on the potential victim’s infrastructure security. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. There are no known workarounds. |
2022-06-13 |
not yet calculated |
CVE-2022-29257
CONFIRM |
electron — electron
|
Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows a renderer with JS execution to obtain access to a new renderer process with `nodeIntegrationInSubFrames` enabled which in turn allows effective access to `ipcRenderer`. The `nodeIntegrationInSubFrames` option does not implicitly grant Node.js access. Rather, it depends on the existing sandbox setting. If an application is sandboxed, then `nodeIntegrationInSubFrames` just gives access to the sandboxed renderer APIs, which include `ipcRenderer`. If the application then additionally exposes IPC messages without IPC `senderFrame` validation that perform privileged actions or return confidential data this access to `ipcRenderer` can in turn compromise your application / user even with the sandbox enabled. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. As a workaround, ensure that all IPC message handlers appropriately validate `senderFrame`. |
2022-06-13 |
not yet calculated |
CVE-2022-29247
CONFIRM |
electrum — electrum
|
paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request (e.g., within QR code data). On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename. |
2022-06-17 |
not yet calculated |
CVE-2022-31246
MISC
MISC |
elementor — website_builder
|
DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor’s Elementor Website Builder plugin <= 3.5.5 versions. |
2022-06-13 |
not yet calculated |
CVE-2022-29455
CONFIRM
CONFIRM
CONFIRM |
| employee_leaves_management_system — employee_leaves_management_system |
Employee Leaves Management System (ELMS) V 2.1 is vulnerable to Cross Site Request Forgery (CSRF) via /myprofile.php. |
2022-06-14 |
not yet calculated |
CVE-2022-30931
MISC
MISC |
en100 — ethernet_module
|
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). Affected applications contains a memory corruption vulnerability while parsing specially crafted HTTP packets to /txtrace endpoint. This could allow an attacker to crash the affected application leading to a denial of service condition. |
2022-06-14 |
not yet calculated |
CVE-2022-30937
MISC |
fast-string-search — fast-string-search
|
All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory. |
2022-06-17 |
not yet calculated |
CVE-2022-25872
CONFIRM
CONFIRM |
fast-string-search — fast-string-search
|
All versions of package fast-string-search are vulnerable to Denial of Service (DoS) when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation. |
2022-06-17 |
not yet calculated |
CVE-2022-22138
CONFIRM |
fedai — fate
|
An issue was discovered in function sync_tree in hetero_decision_tree_guest.py in WeBank FATE (Federated AI Technology Enabler) 0.1 through 1.4.2 allows attackers to read sensitive information during the training process of machine learning joint modeling. |
2022-06-16 |
not yet calculated |
CVE-2020-25459
MISC |
festo — controller
|
In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint “cecc-x-refresh-request” POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. |
2022-06-13 |
not yet calculated |
CVE-2022-30311
CONFIRM |
festo — controller
|
In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint “cecc-x-acknerr-request” POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. |
2022-06-13 |
not yet calculated |
CVE-2022-30310
CONFIRM |
festo — controller
|
In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint “cecc-x-web-viewer-request-on” POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. |
2022-06-13 |
not yet calculated |
CVE-2022-30308
CONFIRM |
festo — controller
|
In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint “cecc-x-web-viewer-request-off” POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. |
2022-06-13 |
not yet calculated |
CVE-2022-30309
CONFIRM |
| filecloud — filecloud |
A vulnerability classified as critical has been found in FileCloud. Affected is the NTFS handler which leads to improper access controls. It is possible to launch the attack remotely but it demands some form of authentication. Upgrading to version 21.3.5.18513 is able to address this issue. It is recommended to upgrade the affected component. |
2022-06-15 |
not yet calculated |
CVE-2022-1958
MISC
MISC
MISC |
finastra — nestjs_proxy
|
NestJS Proxy is a NestJS module to decorate and proxy calls. Prior to version 0.7.0, the nestjs-proxy library did not have a way to block sensitive cookies (e.g. session cookies) from being forwarded to backend services configured by the application developer. This could have led to sensitive cookies being inadvertently exposed to such services that should not see them. The patched version now blocks cookies from being forwarded by default. However developers can configure an allow-list of cookie names by using the `allowedCookies` config setting. This issue has been fixed in version 0.7.0 of `@finastra/nestjs-proxy`. Users of `@ffdc/nestjs-proxy` are advised that this package has been deprecated and is no longer being maintained or receiving updates. Such users should update their package.json file to use `@finastra/nestjs-proxy` instead. |
2022-06-15 |
not yet calculated |
CVE-2022-31070
MISC
CONFIRM |
finastra — nestjs_proxy
|
NestJS Proxy is a NestJS module to decorate and proxy calls. Prior to version 0.7.0, the nestjs-proxy library did not have a way to control when Authorization headers should should be forwarded for specific backend services configured by the application developer. This could have resulted in sensitive information such as OAuth bearer access tokens being inadvertently exposed to such services that should not see them. A new feature has been introduced in the patched version of nestjs-proxy that allows application developers to opt out of forwarding the Authorization headers on a per service basis using the `forwardToken` config setting. Developers are advised to review the README for this library on Github or NPM for further details on how this configuration can be applied. This issue has been fixed in version 0.7.0 of `@finastra/nestjs-proxy`. Users of `@ffdc/nestjs-proxy` are advised that this package has been deprecated and is no longer being maintained or receiving updates. Such users should update their package.json file to use `@finastra/nestjs-proxy` instead. |
2022-06-15 |
not yet calculated |
CVE-2022-31069
CONFIRM
MISC |
| flatcore — flatcore_cms |
flatCore-CMS v2.0.8 has a code execution vulnerability, which could let a remote malicious user execute arbitrary PHP code. |
2022-06-16 |
not yet calculated |
CVE-2021-41402
MISC |
| flatcore — flatcore_cms |
flatCore-CMS version 2.0.8 calls dangerous functions, causing server-side request forgery vulnerabilities. |
2022-06-15 |
not yet calculated |
CVE-2021-41403
MISC |
francoisjacquet — rosariosis
|
SQL Injection in GitHub repository francoisjacquet/rosariosis prior to 9.0. |
2022-06-13 |
not yet calculated |
CVE-2022-2067
MISC
CONFIRM |
fuji_electric — v-server
|
Out-of-bounds write vulnerability exists in V-Server v4.0.11.0 and earlier and V-Server Lite v4.0.13.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. |
2022-06-14 |
not yet calculated |
CVE-2022-29524
MISC
MISC
MISC |
| fuji_electric — v-sft |
Use after free vulnerability exists in the simulator module contained in the graphic editor ‘V-SFT’ versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. |
2022-06-14 |
not yet calculated |
CVE-2022-29522
MISC
MISC |
| fuji_electric — v-sft |
Out-of-bounds read vulnerability exist in the simulator module contained in the graphic editor ‘V-SFT’ v6.1.3.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. |
2022-06-14 |
not yet calculated |
CVE-2022-29506
MISC
MISC
MISC |
| fuji_electric — v-sft |
Heap-based buffer overflow exists in the simulator module contained in the graphic editor ‘V-SFT’ versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. |
2022-06-14 |
not yet calculated |
CVE-2022-26302
MISC
MISC |
fuji_electric — v-sft
|
Access of uninitialized pointer vulnerability exists in the simulator module contained in the graphic editor ‘V-SFT’ versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. |
2022-06-14 |
not yet calculated |
CVE-2022-29925
MISC
MISC |
| fujielectric — v-server |
Out-of-bounds read vulnerability exists in V-Server v4.0.11.0 and earlier and V-Server Lite v4.0.13.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. |
2022-06-16 |
not yet calculated |
CVE-2022-30549
MISC
MISC
MISC |
fujielectric — v-sft
|
Out-of-bounds write vulnerability exists in the simulator module contained in the graphic editor ‘V-SFT’ versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. |
2022-06-16 |
not yet calculated |
CVE-2022-30538
MISC
MISC |
fujielectric — v-sft
|
Out-of-bounds read vulnerability exists in the simulator module contained in the graphic editor ‘V-SFT’ versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. |
2022-06-16 |
not yet calculated |
CVE-2022-30546
MISC
MISC |
ge — voluson_s8
|
A vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the local network is required for this attack to succeed. |
2022-06-17 |
not yet calculated |
CVE-2020-36549
N/A
N/A |
ge — voluson_s8
|
A vulnerability classified as problematic has been found in GE Voluson S8. Affected is the file /uscgi-bin/users.cgi of the Service Browser. The manipulation leads to improper authentication and elevated access possibilities. It is possible to launch the attack on the local host. |
2022-06-17 |
not yet calculated |
CVE-2020-36548
N/A
N/A |
ge — voluson_s8
|
A vulnerability was found in GE Voluson S8. It has been rated as critical. This issue affects the Service Browser which itroduces hard-coded credentials. Attacking locally is a requirement. It is recommended to change the configuration settings. |
2022-06-17 |
not yet calculated |
CVE-2020-36547
N/A
N/A |
ghostscript — ghostscript
|
A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined for the device that uses it as a prototype that depends upon the number of bits per pixel. For bpp > 64, mem_x_device is used and does not have an init_device_procs defined. This flaw allows an attacker to parse a large number of bits (more than 64 bits per pixel), which triggers a NULL pointer dereference flaw, causing an application to crash. |
2022-06-16 |
not yet calculated |
CVE-2022-2085
MISC
MISC
MISC |
giflib — gif2rgb
|
A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file. |
2022-06-14 |
not yet calculated |
CVE-2021-40633
MISC |
| git.videolan — ffmpeg |
A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. |
2022-06-18 |
not yet calculated |
CVE-2014-125011
MISC
MISC |
| git.videolan — ffmpeg |
A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is the function intra_pred of the file libavcodec/hevcpred_template.c. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. |
2022-06-18 |
not yet calculated |
CVE-2014-125007
MISC
MISC |
git.videolan — ffmpeg
|
A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function add_yblock of the file libavcodec/snow.h. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. |
2022-06-18 |
not yet calculated |
CVE-2014-125009
MISC
MISC |
git.videolan — ffmpeg
|
A vulnerability classified as critical has been found in FFmpeg 2.0. Affected is the function read_var_block_data. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. |
2022-06-18 |
not yet calculated |
CVE-2014-125015
MISC
MISC |
git.videolan — ffmpeg
|
A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is an unknown functionality of the component HEVC Video Decoder. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. |
2022-06-18 |
not yet calculated |
CVE-2014-125014
MISC
MISC |
git.videolan — ffmpeg
|
A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function msrle_decode_frame of the file libavcodec/msrle.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. |
2022-06-18 |
not yet calculated |
CVE-2014-125013
MISC
MISC |
git.videolan — ffmpeg
|
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an unknown function of the file libavcodec/dxtroy.c. The manipulation leads to integer coercion error. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. |
2022-06-18 |
not yet calculated |
CVE-2014-125012
MISC
MISC |
git.videolan — ffmpeg
|
A vulnerability classified as critical was found in FFmpeg 2.0. This vulnerability affects the function rpza_decode_stream. The manipulation leads to memory corruption. The attack can be initiated remotely. The name of the patch is Fixes Invalid Writes. It is recommended to apply a patch to fix this issue. |
2022-06-18 |
not yet calculated |
CVE-2014-125017
MISC
MISC |
git.videolan — ffmpeg
|
A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function decode_slice_header of the file libavcodec/h64.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. |
2022-06-18 |
not yet calculated |
CVE-2014-125010
MISC
MISC |
git.videolan — ffmpeg
|
A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function get_siz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. |
2022-06-18 |
not yet calculated |
CVE-2014-125003
MISC
MISC |
git.videolan — ffmpeg
|
A vulnerability classified as problematic has been found in FFmpeg 2.0. Affected is the function vorbis_header of the file libavformat/oggparsevorbis.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. |
2022-06-18 |
not yet calculated |
CVE-2014-125008
MISC
MISC |
git.videolan — ffmpeg
|
A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function output_frame of the file libavcodec/h264.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. |
2022-06-18 |
not yet calculated |
CVE-2014-125006
MISC
MISC |
git.videolan — ffmpeg
|
A vulnerability was found in Ucweb UC Browser 11.2.5.932. It has been classified as critical. Affected is an unknown function of the component HTML Handler. The manipulation of the argument title leads to improper restriction of rendered ui layers (URL). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. |
2022-06-13 |
not yet calculated |
CVE-2017-20041
MISC
MISC |
git.videolan — ffmpeg
|
A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_vol_header of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. |
2022-06-18 |
not yet calculated |
CVE-2014-125005
MISC
MISC |
git.videolan — ffmpeg
|
A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. |
2022-06-18 |
not yet calculated |
CVE-2014-125004
MISC
MISC |
git.videolan — ffmpeg
|
A vulnerability was found in FFmpeg 2.0. It has been rated as problematic. This issue affects the function ff_init_buffer_info of the file utils.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. |
2022-06-18 |
not yet calculated |
CVE-2014-125016
MISC
MISC |
git.videolan — ffmpeg
|
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. |
2022-06-18 |
not yet calculated |
CVE-2014-125002
MISC
MISC |
google — android
|
The UE and the EMM communicate with each other using NAS messages. When a new NAS message arrives from the EMM, the modem parses it and fills in internal objects based on the received data. A bug in the parsing code could be used by an attacker to remotely crash the modem, which could lead to DoS or RCE.Product: AndroidVersions: Android SoCAndroid ID: A-228868888 |
2022-06-15 |
not yet calculated |
CVE-2022-20210
MISC |
google — android
|
In hme_add_new_node_to_a_sorted_array of hme_utils.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-207502397 |
2022-06-15 |
not yet calculated |
CVE-2022-20209
MISC |
google — android
|
In parseRecursively of cppbor_parse.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-192743373 |
2022-06-15 |
not yet calculated |
CVE-2022-20208
MISC |
google — android
|
In static definitions of GattServiceConfig.java, there is a possible permission bypass due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-185513714 |
2022-06-15 |
not yet calculated |
CVE-2022-20207
MISC |
google — android
|
In setPackageOrComponentEnabled of NotificationManagerService.java, there is a missing permission check. This could lead to local information disclosure about enabled notification listeners with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-220737634 |
2022-06-15 |
not yet calculated |
CVE-2022-20206
MISC |
google — android
|
In isFileUri of FileUtil.java, there is a possible way to bypass the check for a file:// scheme due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215212561 |
2022-06-15 |
not yet calculated |
CVE-2022-20205
MISC |
google — android
|
In getUniqueUsagesWithLabels of PermissionUsageHelper.java, there is a possible incorrect permission attribution due to a logic error in the code. This could lead to local escalation of privilege by conflating apps with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-212434116 |
2022-06-15 |
not yet calculated |
CVE-2022-20193
MISC |
google — android
|
In getAppSize of InstalldNativeService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-220733817 |
2022-06-15 |
not yet calculated |
CVE-2022-20201
MISC |
google — android
|
In registerRemoteBugreportReceivers of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-171495100 |
2022-06-15 |
not yet calculated |
CVE-2022-20204
MISC |
google — android
|
In ih264_resi_trans_quant_4x4_sse42 of ih264_resi_trans_quant_sse42.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-204704614 |
2022-06-15 |
not yet calculated |
CVE-2022-20202
MISC |
google — android
|
In onCreate of ChooseLockGeneric.java, there is a possible permission bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-222684510 |
2022-06-15 |
not yet calculated |
CVE-2022-20194
MISC |
google — android
|
In updateApState of SoftApManager.java, there is a possible leak of hotspot state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-212695058 |
2022-06-15 |
not yet calculated |
CVE-2022-20200
MISC |
google — android
|
In llcp_dlc_proc_connect_pdu of llcp_dlc.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure from the NFC stack with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-221851879 |
2022-06-15 |
not yet calculated |
CVE-2022-20198
MISC |
google — android
|
In recycle of Parcel.java, there is a possible way to start foreground activity from background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-208279300 |
2022-06-15 |
not yet calculated |
CVE-2022-20197
MISC |
google — android
|
In gallery3d and photos, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-201535148 |
2022-06-15 |
not yet calculated |
CVE-2022-20196
MISC |
google — android
|
In the keystore library, there is a possible prevention of access to system Settings due to unsafe deserialization. This could lead to local denial of service with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-213172664 |
2022-06-15 |
not yet calculated |
CVE-2022-20195
MISC |
google — android
|
In param_find_digests_internal and related functions of the Titan-M source, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222472803References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20233
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-207116951References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20173
MISC |
google — android
|
In grantEmbeddedWindowFocus of WindowManagerService.java, there is a possible way to change an input channel for embedded hierarchy due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215912712 |
2022-06-15 |
not yet calculated |
CVE-2022-20192
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-209324757References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20191
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-210594998References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20168
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-208744915References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20190
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-207254598References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20188
MISC |
google — android
|
In kbase_mem_alias of mali_kbase_mem_linux.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-215001024References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20186
MISC |
google — android
|
In TBD of TBD, there is a possible use after free bug. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-208842348References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20185
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-209153114References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20184
MISC |
google — android
|
In hypx_create_blob_dmabuf of faceauth_hypx.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188911154References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20183
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-210936609References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20181
MISC |
google — android
|
In onbind of ShannonRcsService.java, there is a possible access to protect data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-206987222References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20172
MISC |
google — android
|
In ioctl_dpm_qos_update and ioctl_event_control_set of (TBD), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-224932775References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20178
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-211162353References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20169
MISC |
google — android
|
In auth_store of sjtag-driver.c, there is a possible read of uninitialized memory due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-197787879References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20176
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-209252491References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20175
MISC |
google — android
|
In exynos_secEnv_init of mach-gs101.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210847407References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20174
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-215565667References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20171
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-211683760References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20179
MISC |
google — android
|
In multiple locations of the nanopb library, there is a possible way to corrupt memory when decoding untrusted protobuf files. This could lead to local escalation of privilege,with no additional execution privileges needed. User interaction is not needed for exploitation. |
2022-06-15 |
not yet calculated |
CVE-2022-20203
MISC |
google — android
|
In handle_ramdump of pixel_loader.c, there is a possible way to create a ramdump of non-secure memory due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222348453References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20182
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-209906686References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20177
MISC |
google — android
|
In registerPhoneAccount of PhoneAccountRegistrar.java, there is a possible way to prevent the user from selecting a phone account due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-217934478 |
2022-06-15 |
not yet calculated |
CVE-2022-20129
MISC |
google — android
|
In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode without user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-203431023 |
2022-06-15 |
not yet calculated |
CVE-2022-20126
MISC |
google — android
|
In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221862119 |
2022-06-15 |
not yet calculated |
CVE-2022-20127
MISC |
google — android
|
In multiple functions of AvatarPhotoController.java, there is a possible access to content owned by system content providers due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-187702830 |
2022-06-15 |
not yet calculated |
CVE-2022-20144
MISC |
google — android
|
In deletePackageX of DeletePackageHelper.java, there is a possible way for a Guest user to reset pre-loaded applications for other users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-170646036 |
2022-06-15 |
not yet calculated |
CVE-2022-20124
MISC |
google — android
|
In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221856662 |
2022-06-15 |
not yet calculated |
CVE-2022-20131
MISC |
google — android
|
In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188677105References: Upstream kernel |
2022-06-15 |
not yet calculated |
CVE-2022-20132
MISC |
google — android
|
In setDiscoverableTimeout of AdapterService.java, there is a possible bypass of user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-206807679 |
2022-06-15 |
not yet calculated |
CVE-2022-20133
MISC |
google — android
|
In writeToParcel of GateKeeperResponse.java, there is a possible parcel format mismatch. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220303465 |
2022-06-15 |
not yet calculated |
CVE-2022-20135
MISC |
google — android
|
In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220735360 |
2022-06-15 |
not yet calculated |
CVE-2022-20143
MISC |
google — android
|
In createFromParcel of GeofenceHardwareRequestParcelable.java, there is a possible arbitrary code execution due to parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-216631962 |
2022-06-15 |
not yet calculated |
CVE-2022-20142
MISC |
google — android
|
In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel |
2022-06-15 |
not yet calculated |
CVE-2022-20141
MISC |
google — android
|
In readArguments of CallSubjectDialog.java, there is a possible way to trick the user to call the wrong phone number due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-218341397 |
2022-06-15 |
not yet calculated |
CVE-2022-20134
MISC |
google — android
|
In ACTION_MANAGED_PROFILE_PROVISIONED of DevicePolicyManagerService.java, there is a possible way for unprivileged app to send MANAGED_PROFILE_PROVISIONED intent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-210469972 |
2022-06-15 |
not yet calculated |
CVE-2022-20138
MISC |
google — android
|
In read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-227618988 |
2022-06-15 |
not yet calculated |
CVE-2022-20140
MISC |
google — android
|
In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-206986392 |
2022-06-15 |
not yet calculated |
CVE-2022-20137
MISC |
google — android
|
In TBD of TBD, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-219513976References: Upstream kernel |
2022-06-15 |
not yet calculated |
CVE-2022-20148
MISC |
google — android
|
In GBoard, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-194402515 |
2022-06-15 |
not yet calculated |
CVE-2022-20125
MISC |
google — android
|
In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224314979 |
2022-06-15 |
not yet calculated |
CVE-2022-20130
MISC |
google — android
|
In rcu_cblist_dequeue of rcu_segcblist.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222091980References: Upstream kernel |
2022-06-15 |
not yet calculated |
CVE-2022-20153
MISC |
google — android
|
In uploadFile of FileUploadServiceImpl.java, there is a possible incorrect file access due to a confused deputy. This could lead to local information disclosure of private files with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-211757677References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20146
MISC |
google — android
|
In nfa_dm_check_set_config of nfa_dm_main.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221216105 |
2022-06-15 |
not yet calculated |
CVE-2022-20147
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-209421931References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20170
MISC |
google — android
|
In startLegacyVpnPrivileged of Vpn.java, there is a possible way to retrieve VPN credentials due to a protocol downgrade attack. This could lead to remote escalation of privilege if a malicious Wi-Fi AP is used, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-201660636 |
2022-06-15 |
not yet calculated |
CVE-2022-20145
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-210712565References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20151
MISC |
google — android
|
In the TitanM chip, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-202006198References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20152
MISC |
google — android
|
In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221852424 |
2022-06-15 |
not yet calculated |
CVE-2022-20123
MISC |
google — android
|
In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174846563References: Upstream kernel |
2022-06-15 |
not yet calculated |
CVE-2022-20154
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-211685939References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20149
MISC |
google — android
|
In ipu_core_jqs_msg_transport_kernel_write_sync of ipu-core-jqs-msg-transport.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-176754369References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20155
MISC |
google — android
|
In asn1_ec_pkey_parse of acropora/crypto/asn1_common.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210971465References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20159
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-210083655References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20160
MISC |
google — android
|
In asn1_p256_int of crypto/asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223492713References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20162
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-204891956References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20164
MISC |
google — android
|
In asn1_parse of asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-220868345References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20165
MISC |
google — android
|
In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182388481References: Upstream kernel |
2022-06-15 |
not yet calculated |
CVE-2022-20166
MISC |
google — android
|
Product: AndroidVersions: Android kernelAndroid ID: A-204956204References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20167
MISC |
google — android
|
In unflatten of GraphicBuffer.cpp, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-212803946References: N/A |
2022-06-15 |
not yet calculated |
CVE-2022-20156
MISC |
google — kctf
|
kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect. |
2022-06-13 |
not yet calculated |
CVE-2022-31055
MISC
CONFIRM
MISC |
got — got
|
The got package before 12.1.0 for Node.js allows a redirect to a UNIX socket. |
2022-06-18 |
not yet calculated |
CVE-2022-33987
MISC
MISC |
gpac — mp4box
|
In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability. |
2022-06-16 |
not yet calculated |
CVE-2021-41458
MISC |
| grafana — grafana |
** DISPUTED ** Grafana 8.4.3 allows unauthenticated access via (for example) a /dashboard/snapshot/*?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability. |
2022-06-17 |
not yet calculated |
CVE-2022-32276
MISC
MISC |
| haraj — haraj |
A cross-site scripting vulnerability in the ads comment section of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. |
2022-06-16 |
not yet calculated |
CVE-2022-31298
MISC
MISC
MISC |
| haraj — haraj |
A cross-site scripting vulnerability in the DM Section component of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. |
2022-06-16 |
not yet calculated |
CVE-2022-31300
MISC
MISC
MISC |
| haraj — haraj |
Haraj v3.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Post Ads component. |
2022-06-16 |
not yet calculated |
CVE-2022-31301
MISC
MISC
MISC |
haraj — haraj
|
Haraj v3.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the User Upgrade Form. |
2022-06-16 |
not yet calculated |
CVE-2022-31299
MISC
MISC
MISC |
harmonyos — bone_voice_id_ta
|
The bone voice ID TA has a memory overwrite vulnerability. Successful exploitation of this vulnerability may result in malicious code execution. |
2022-06-13 |
not yet calculated |
CVE-2021-40036
MISC |
| harmonyos — huawei |
The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality. |
2022-06-13 |
not yet calculated |
CVE-2022-31757
MISC
MISC |
| harmonyos — huawei |
The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. |
2022-06-13 |
not yet calculated |
CVE-2022-31758
MISC
MISC |
harmonyos — huawei
|
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability. |
2022-06-13 |
not yet calculated |
CVE-2022-31753
MISC
MISC |
harmonyos — huawei
|
Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality. |
2022-06-13 |
not yet calculated |
CVE-2022-31760
MISC
MISC |
harmonyos — permission_management
|
HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information. |
2022-06-13 |
not yet calculated |
CVE-2021-46811
MISC
MISC |
hevc — video_extensions
|
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29111, CVE-2022-29119. |
2022-06-15 |
not yet calculated |
CVE-2022-30188
MISC |
hpjansson — chafa
|
Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0. |
2022-06-13 |
not yet calculated |
CVE-2022-2061
MISC
CONFIRM |
huawei — emui
|
Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability. |
2022-06-13 |
not yet calculated |
CVE-2021-46813
MISC |
ibm — financial_transaction_manager_for_digital_payments_for_multi-platform
|
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 166801. |
2022-06-15 |
not yet calculated |
CVE-2019-4575
XF
CONFIRM |
ibm — iax
|
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user to exploit a vulnerability in the lpd daemon to cause a denial of service. IBM X-Force ID: 224444. |
2022-06-15 |
not yet calculated |
CVE-2022-22444
CONFIRM
XF |
| ibm — spectrum_project_operations_center |
In some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14.000 does not cause the administrator’s invalid sign-on count to be incremented on the IBM Spectrum Protect Server. An attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to the IBM Spectrum Protect Server. IBM X-Force ID: 226325. |
2022-06-17 |
not yet calculated |
CVE-2022-22485
XF
CONFIRM |
ibm — x-force_exchange
|
The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c. |
2022-06-18 |
not yet calculated |
CVE-2021-46822
MISC
MISC |
| ibm — robotic_process_automation |
IBM Robotic Process Automation 20.10.0, 20.12.5, 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow a user to obtain sensitive information due to information properly masked in the control center UI. IBM X-Force ID: 227294. |
2022-06-17 |
not yet calculated |
CVE-2022-30607
CONFIRM
XF |
| imagemagick — imagemagick |
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type ‘unsigned char’ at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. |
2022-06-16 |
not yet calculated |
CVE-2022-32545
MISC
MISC
MISC |
| imagemagick — imagemagick |
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type ‘unsigned long’ at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. |
2022-06-16 |
not yet calculated |
CVE-2022-32546
MISC
MISC
MISC |
imagemagick — imagemagick
|
In ImageMagick, there is load of misaligned address for type ‘double’, which requires 8 byte alignment and for type ‘float’, which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior. |
2022-06-16 |
not yet calculated |
CVE-2022-32547
MISC
MISC
MISC |
innosetup — installer
|
A vulnerability was found in InnoSetup Installer. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to uncontrolled search path. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. |
2022-06-16 |
not yet calculated |
CVE-2017-20051
MISC
MISC |
intel — processors
|
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. |
2022-06-15 |
not yet calculated |
CVE-2022-21125
MISC
MLIST
CONFIRM
FEDORA
FEDORA |
intel — processors
|
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. |
2022-06-15 |
not yet calculated |
CVE-2022-21123
MISC
MLIST
FEDORA
FEDORA |
intel — processors
|
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. |
2022-06-15 |
not yet calculated |
CVE-2022-21166
MISC
MLIST
FEDORA
FEDORA |
intel — processors
|
Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access. |
2022-06-15 |
not yet calculated |
CVE-2022-21180
MISC
MLIST |
intel — processors
|
Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access. |
2022-06-15 |
not yet calculated |
CVE-2022-24436
MISC |
intel — processors
|
Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. |
2022-06-15 |
not yet calculated |
CVE-2022-21127
MISC
MLIST |
inventree — inventree
|
Cross-site Scripting (XSS) – Stored in GitHub repository inventree/inventree prior to 0.7.2. |
2022-06-17 |
not yet calculated |
CVE-2022-2113
MISC
CONFIRM |
inventree — inventree
|
Unrestricted Upload of File with Dangerous Type in GitHub repository inventree/inventree prior to 0.7.2. |
2022-06-17 |
not yet calculated |
CVE-2022-2111
MISC
CONFIRM |
inventree — inventree
|
Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2. |
2022-06-17 |
not yet calculated |
CVE-2022-2112
MISC
CONFIRM |
invision_community — ips_community_suite
|
A Server-Side Request Forgery (SSRF) vulnerability in IPS Community Suite before 4.6.2 allows remote authenticated users to request arbitrary URLs or trigger deserialization via phar protocol when generating class names dynamically. In some cases an exploitation is possible by an unauthenticated user. |
2022-06-13 |
not yet calculated |
CVE-2021-40604
MISC |
| iobit — iotransfer |
In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim’s endpoint, which can result in data theft and remote code execution. |
2022-06-16 |
not yet calculated |
CVE-2022-24562
MISC
MISC
MISC |
itop — itops
|
ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/pages/ajax.render.php. |
2022-06-14 |
not yet calculated |
CVE-2022-31403
MISC
MISC
MISC |
| itsourcecode — advanced_school_management_system |
itsourcecode Advanced School Management System v1.0 is vulnerable to Arbitrary code execution via ip/school/view/all_teacher.php. |
2022-06-15 |
not yet calculated |
CVE-2022-32433
MISC |
| itsourcecode — advanced_school_management_system |
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_events.php?event_id=. |
2022-06-15 |
not yet calculated |
CVE-2022-32376
MISC |
| itsourcecode — advanced_school_management_system |
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_student_subject.php?index=. |
2022-06-15 |
not yet calculated |
CVE-2022-32380
MISC |
| itsourcecode — advanced_school_management_system |
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_parents_profile.php?my_index=. |
2022-06-15 |
not yet calculated |
CVE-2022-32379
MISC |
| itsourcecode — advanced_school_management_system |
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_teacher_profile.php?my_index=. |
2022-06-15 |
not yet calculated |
CVE-2022-32378
MISC |
| itsourcecode — advanced_school_management_system |
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_exam_timetable.php?id=. |
2022-06-15 |
not yet calculated |
CVE-2022-32377
MISC |
| itsourcecode — advanced_school_management_system |
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_subject.php?id=. |
2022-06-15 |
not yet calculated |
CVE-2022-32372
MISC |
| itsourcecode — advanced_school_management_system |
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_admin_profile.php?my_index=. |
2022-06-15 |
not yet calculated |
CVE-2022-32381
MISC |
| itsourcecode — advanced_school_management_system |
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_timetable.php?id=. |
2022-06-15 |
not yet calculated |
CVE-2022-32375
MISC |
| itsourcecode — advanced_school_management_system |
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_subject_routing.php?id=. |
2022-06-15 |
not yet calculated |
CVE-2022-32374
MISC |
| itsourcecode — advanced_school_management_system |
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_exam.php?id=. |
2022-06-15 |
not yet calculated |
CVE-2022-32373
MISC |
| itsourcecode — advanced_school_management_system |
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_teacher.php?id=. |
2022-06-15 |
not yet calculated |
CVE-2022-32371
MISC |
| itsourcecode — advanced_school_management_system |
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_classroom.php?id=. |
2022-06-15 |
not yet calculated |
CVE-2022-32370
MISC |
| itsourcecode — advanced_school_management_system |
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_grade.php?id=. |
2022-06-15 |
not yet calculated |
CVE-2022-32368
MISC |
javadelight — delight_nashorn_sandox
|
An issue was discovered in Delight Nashorn Sandbox 0.2.0. There is an ReDoS vulnerability that can be exploited to launching a denial of service (DoS) attack. |
2022-06-14 |
not yet calculated |
CVE-2021-40660
MISC |
jforum — jforum
|
JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via http://target_host:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts. |
2022-06-16 |
not yet calculated |
CVE-2022-26173
MISC
MISC
MISC
MISC
MISC |
| joplin — desktop_app |
Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html. |
2022-06-16 |
not yet calculated |
CVE-2021-33295
MISC
MISC
MISC |
jupyter — notebook
|
Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with `ContentsManager.allow_hidden = False` only prevented listing the contents of hidden directories, not accessing individual hidden files or files in hidden directories (i.e. hidden files were ‘hidden’ but not ‘inaccessible’). This could lead to notebook configurations allowing authenticated access to files that may reasonably be expected to be disallowed. Because fully authenticated requests are required, this is of relatively low impact. But if a server’s root directory contains sensitive files whose only protection from the server is being hidden (e.g. `~/.ssh` while serving $HOME), then any authenticated requests could access files if their names are guessable. Such contexts also necessarily have full access to the server and therefore execution permissions, which also generally grants access to all the same files. So this does not generally result in any privilege escalation or increase in information access, only an additional, unintended means by which the files could be accessed. Version 6.4.12 contains a patch for this issue. There are currently no known workarounds. |
2022-06-14 |
not yet calculated |
CVE-2022-29238
CONFIRM |
jupyter — server
|
Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter Notebook. Prior to version 1.17.1, if notebook server is started with a value of `root_dir` that contains the starting user’s home directory, then the underlying REST API can be used to leak the access token assigned at start time by guessing/brute forcing the PID of the jupyter server. While this requires an authenticated user session, this URL can be used from a cross-site scripting payload or from a hooked or otherwise compromised browser to leak this access token to a malicious third party. This token can be used along with the REST API to interact with Jupyter services/notebooks such as modifying or overwriting critical files, such as .bashrc or .ssh/authorized_keys, allowing a malicious user to read potentially sensitive data and possibly gain control of the impacted system. This issue is patched in version 1.17.1. |
2022-06-14 |
not yet calculated |
CVE-2022-29241
CONFIRM |
jvn — ec-cube4
|
Cross-site request forgery (CSRF) vulnerability in Easy Blog for EC-CUBE4 Ver.1.0.1 and earlier allows a remote unauthenticated attacker to hijack the authentication of the administrator and delete a blog article or a category via a specially crafted page. |
2022-06-13 |
not yet calculated |
CVE-2022-27174
MISC
MISC |
jvn — revoworks
|
Incomplete filtering of special elements vulnerability exists in RevoWorks SCVX using ‘File Sanitization Library’ 1.043 and prior versions, RevoWorks Browser 2.2.67 and prior versions (when using ‘File Sanitization Option’), and RevoWorks Desktop 2.1.84 and prior versions (when using ‘File Sanitization Option’), which may allow an attacker to execute a malicious macro by having a user to download, import, and open a specially crafted file in the local environment. |
2022-06-14 |
not yet calculated |
CVE-2022-27176
MISC
MISC |
jvn — t&d_data_server
|
Directory traversal vulnerability in T&D Data Server (Japanese Edition) Ver.2.22 and earlier, T&D Data Server (English Edition) Ver.2.30 and earlier, THERMO RECORDER DATA SERVER (Japanese Edition) Ver.2.13 and earlier, and THERMO RECORDER DATA SERVER (English Edition) Ver.2.13 and earlier allows a remote attacker to view an arbitrary file on the server via unspecified vectors. |
2022-06-14 |
not yet calculated |
CVE-2022-29509
MISC
MISC
MISC |
kiegroup — drools
|
drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability. |
2022-06-16 |
not yet calculated |
CVE-2021-41411
MISC |
kreado — kreasfero
|
Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution. |
2022-06-14 |
not yet calculated |
CVE-2021-42675
MISC
MISC
MISC |
kromitgmbh — titra
|
Weak Password Requirements in GitHub repository kromitgmbh/titra prior to 0.78.1. |
2022-06-16 |
not yet calculated |
CVE-2022-2098
MISC
CONFIRM |
linux — linux_kernel
|
drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function. |
2022-06-18 |
not yet calculated |
CVE-2022-33981
MISC
MISC
MISC
MISC |
linux — linux_kernel
|
An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers. |
2022-06-10 |
not yet calculated |
CVE-2022-32981
MISC
MLIST |
| magicpin — magicpin |
An XML external entity (XXE) injection vulnerability in Magicpin v3.4 allows attackers to access sensitive database information via a crafted SVG file. |
2022-06-14 |
not yet calculated |
CVE-2022-31447
MISC
MISC |
| maianaffiliate — maianaffiliate |
A PHP code injection vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker to gain RCE through the MaianAffiliate admin panel. |
2022-06-16 |
not yet calculated |
CVE-2021-41421
MISC
MISC |
maianaffiliate — maianaffiliate
|
A stored XSS vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker for arbitrary JavaScript code execution in the context of authenticated and unauthenticated users through the MaianAffiliate admin panel. |
2022-06-16 |
not yet calculated |
CVE-2021-41420
MISC
MISC |
| mendix — saml_module |
A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.16.6), Mendix SAML Module (Mendix 8 compatible) (All versions < V2.2.2), Mendix SAML Module (Mendix 9 compatible) (All versions < V3.2.3). In certain configurations SAML module is vulnerable to Cross Site Scripting (XSS) attacks due to insufficient error message sanitation. This could allow an attacker to execute malicious code by tricking users into accessing a malicious link. |
2022-06-14 |
not yet calculated |
CVE-2022-32286
MISC |
mendix — saml_module
|
A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.16.6), Mendix SAML Module (Mendix 8 compatible) (All versions < V2.2.2), Mendix SAML Module (Mendix 9 compatible) (All versions < V3.2.3). The affected module is vulnerable to XML External Entity (XXE) attacks due to insufficient input sanitation. This may allow an attacker to disclose confidential data under certain circumstances. |
2022-06-14 |
not yet calculated |
CVE-2022-32285
MISC |
mercury — mipc451-4
|
MERCURY MIPC451-4 1.0.22 Build 220105 Rel.55642n was discovered to contain a remote code execution (RCE) vulnerability which is exploitable via a crafted POST request. |
2022-06-16 |
not yet calculated |
CVE-2022-31849
MISC |
metasys — ads_adx_oas
|
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface. |
2022-06-15 |
not yet calculated |
CVE-2022-21938
CONFIRM
CERT |
metasys — ads_adx_oas
|
A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change. |
2022-06-15 |
not yet calculated |
CVE-2022-21935
CONFIRM
CERT |
metasys — ads_adx_oas
|
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the web interface. |
2022-06-15 |
not yet calculated |
CVE-2022-21937
CONFIRM
CERT |
| microsoft — av1_vide_extension |
AV1 Video Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30193. |
2022-06-15 |
not yet calculated |
CVE-2022-30167
MISC |
| microsoft — azure |
Azure Service Fabric Container Elevation of Privilege Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30137
MISC |
| microsoft — azure |
Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30177, CVE-2022-30179. |
2022-06-15 |
not yet calculated |
CVE-2022-30178
MISC |
| microsoft — azure |
Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30177, CVE-2022-30178. |
2022-06-15 |
not yet calculated |
CVE-2022-30179
MISC |
| microsoft — azure |
Azure RTOS GUIX Studio Information Disclosure Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30180
MISC |
microsoft — azure
|
Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30178, CVE-2022-30179. |
2022-06-15 |
not yet calculated |
CVE-2022-30177
MISC |
microsoft — azure
|
Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-29149
MISC |
microsoft — excel
|
Microsoft Excel Remote Code Execution Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30173
MISC |
microsoft — hevc_video_extensions
|
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29111, CVE-2022-30188. |
2022-06-15 |
not yet calculated |
CVE-2022-29119
MISC |
microsoft — hevc_video_extensions
|
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29111, CVE-2022-29119, CVE-2022-30188. |
2022-06-15 |
not yet calculated |
CVE-2022-22018
MISC |
microsoft — hevc_video_extensions
|
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29119, CVE-2022-30188. |
2022-06-15 |
not yet calculated |
CVE-2022-29111
MISC |
microsoft — kerberos
|
Kerberos AppContainer Security Feature Bypass Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30164
MISC |
| microsoft — office |
Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30171. |
2022-06-15 |
not yet calculated |
CVE-2022-30172
MISC |
microsoft — office
|
Microsoft Office Remote Code Execution Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30174
MISC |
microsoft — office
|
Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30172. |
2022-06-15 |
not yet calculated |
CVE-2022-30171
MISC |
microsoft — photos
|
Microsoft Photos App Remote Code Execution Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30168
MISC |
microsoft — sql_server
|
Microsoft SQL Server Remote Code Execution Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-29143
MISC |
| microsoft — windows |
Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30131
MISC |
| microsoft — windows |
Windows Media Center Elevation of Privilege Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30135
MISC |
| microsoft — windows |
Windows Container Manager Service Elevation of Privilege Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30132
MISC |
microsoft — windows
|
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30166
MISC |
microsoft– edge
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-22021
MISC |
| microsoft — file_server |
Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30154
MISC |
microsoft — office
|
Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30171, CVE-2022-30172. |
2022-06-15 |
not yet calculated |
CVE-2022-30159
MISC |
microsoft — office365
|
A vulnerability was found in Microsoft O365 and classified as critical. This issue affects the Conditional Access Policy which leads to improper access controls. By default the policy is not verified for every request. The attack may be initiated remotely. Exploit details have been disclosed to the public. It is recommended to change the configuration settings. NOTE: Vendor claims that pre-requisites are very high, the feature works as intended, and that configuration settings might mitigate the issue. |
2022-06-14 |
not yet calculated |
CVE-2022-2077
N/A
N/A
N/A
N/A |
microsoft — office365
|
** DISPUTED ** A vulnerability has been found in Microsoft O365 and classified as critical. The session cookies introduce a session expiration issue as they might be used by two clients at the same time. The attack can be initiated remotely. Exploit details have been disclosed to the public. The real-world consequences of this vulnerability are still doubted at the moment. It is recommended to change the configuration settings. NOTE: Vendor claims that pre-requisites are very high, the feature works as intended, and that configuration settings might mitigate the issue. |
2022-06-14 |
not yet calculated |
CVE-2022-2076
N/A
N/A
N/A
N/A |
microsoft — sharepoint
|
Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30157. |
2022-06-15 |
not yet calculated |
CVE-2022-30158
MISC |
microsoft — sharepoint
|
Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30158. |
2022-06-15 |
not yet calculated |
CVE-2022-30157
MISC |
| microsoft — windows |
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30161. |
2022-06-15 |
not yet calculated |
CVE-2022-30153
MISC |
| microsoft — windows |
Windows Kernel Denial of Service Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30155
MISC |
| microsoft — windows |
Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30160
MISC |
microsoft — windows
|
Windows File History Remote Code Execution Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30142
MISC |
microsoft — windows
|
Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30150
MISC |
microsoft — windows
|
Windows Desired State Configuration (DSC) Information Disclosure Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30148
MISC |
microsoft — windows
|
Windows Installer Elevation of Privilege Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30147
MISC |
microsoft — windows
|
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. |
2022-06-15 |
not yet calculated |
CVE-2022-30143
MISC |
microsoft — windows
|
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. |
2022-06-15 |
not yet calculated |
CVE-2022-30146
MISC |
microsoft — windows
|
Windows Encrypting File System (EFS) Remote Code Execution Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30145
MISC |
microsoft — windows
|
Windows Network Address Translation (NAT) Denial of Service Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30152
MISC |
microsoft — windows
|
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. |
2022-06-15 |
not yet calculated |
CVE-2022-30141
MISC |
microsoft — windows
|
Windows Hyper-V Remote Code Execution Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30163
MISC |
microsoft — windows
|
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30151
MISC |
microsoft — windows
|
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. |
2022-06-15 |
not yet calculated |
CVE-2022-30139
MISC |
microsoft — windows
|
Windows Kerberos Elevation of Privilege Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30165
MISC |
microsoft — windows
|
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30153, CVE-2022-30161. |
2022-06-15 |
not yet calculated |
CVE-2022-30149
MISC |
microsoft — windows
|
Windows Kernel Information Disclosure Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30162
MISC |
microsoft — windows
|
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153. |
2022-06-15 |
not yet calculated |
CVE-2022-30161
MISC |
microsoft — windows
|
Windows iSCSI Discovery Service Remote Code Execution Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30140
MISC |
microsoft — windows
|
Windows Network File System Remote Code Execution Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30136
MISC |
microsoft — windows_smbv3
|
Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot. |
2022-06-14 |
not yet calculated |
CVE-2022-32230
CONFIRM
MISC
MISC
MISC |
mini_cms — mini_cns
|
A cross-site scripting (XSS) vulnerability exists in Mini CMS V1.11. The vulnerability exists in the article upload: post-edit.php page. |
2022-06-13 |
not yet calculated |
CVE-2021-41663
MISC
MISC
MISC |
mint — workbench
|
Vulnerabilities in the Mint WorkBench allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Mint WorkBench installer file allows a low-privileged user to run a “repair” operation on the product |
2022-06-15 |
not yet calculated |
CVE-2022-26057
MISC |
mitel — mivoice_business
|
A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice Business Express through 8.0 SP3 PR3 could allow an unauthenticated attacker (that has network access to the management interface) to conduct a buffer overflow attack due to insufficient validation of URL parameters. A successful exploit could allow arbitrary code execution. |
2022-06-17 |
not yet calculated |
CVE-2022-31784
MISC
MISC |
mitsubishi_electric — melsec-Q
|
Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC-Q Series Q03UDECPU all versions, Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU all versions, Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU the first 5 digits of serial number “24051” and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU the first 5 digits of serial number “24051” and prior, Mitsubishi Electric MELSEC-L series L02/06/26CPU(-P) the first 5 digits of serial number “24051” and prior and Mitsubishi Electric MELSEC-L series L26CPU-(P)BT the first 5 digits of serial number “24051” and prior allows a remote unauthenticated attacker to cause a denial of service (DoS) condition in Ethernet communications by sending specially crafted packets. A system reset of the products is required for recovery. |
2022-06-15 |
not yet calculated |
CVE-2022-24946
MISC
MISC |
| modern_events_calendar — lite |
Cross-site scripting vulnerability in Modern Events Calendar Lite versions prior to 6.3.0 allows remote an authenticated attacker to inject an arbitrary script via unspecified vectors. |
2022-06-16 |
not yet calculated |
CVE-2022-30533
MISC
MISC |
| monstra — monstra_cms |
Monstra 3.0.4 does not filter the case of php, which leads to an unrestricted file upload vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2021-40940
MISC |
mout — mout
|
This affects all versions of package mout. The deepFillIn function can be used to ‘fill missing properties recursively’, while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively is not checked, leading to exploiting this vulnerability. **Note:** This vulnerability derives from an incomplete fix of [CVE-2020-7792](https://security.snyk.io/vuln/SNYK-JS-MOUT-1014544). |
2022-06-17 |
not yet calculated |
CVE-2022-21213
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
| naver — cloud_explorer |
Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection. |
2022-06-13 |
not yet calculated |
CVE-2022-24077
CONFIRM |
neorazorx — facturascripts
|
Cross-site Scripting (XSS) – Stored in GitHub repository neorazorx/facturascripts prior to 2022.06. |
2022-06-13 |
not yet calculated |
CVE-2022-2065
MISC
CONFIRM |
neorazorx — facturascripts
|
Cross-site Scripting (XSS) – Reflected in GitHub repository neorazorx/facturascripts prior to 2022.06. |
2022-06-13 |
not yet calculated |
CVE-2022-2066
MISC
CONFIRM |
| netgear — wnap320_router |
netgear wnap320 router WNAP320_V2.0.3_firmware is vulnerable to Incorrect Access Control via /recreate.php, which can leak all users cookies. |
2022-06-17 |
not yet calculated |
CVE-2022-31876
MISC
MISC |
| nocodb — ncodb |
Cross-site Scripting (XSS) – Stored in GitHub repository nocodb/nocodb prior to 0.91.7+. |
2022-06-14 |
not yet calculated |
CVE-2022-2079
MISC
CONFIRM |
nocodb — nocodb
|
Insufficient Session Expiration in GitHub repository nocodb/nocodb prior to 0.91.7+. |
2022-06-13 |
not yet calculated |
CVE-2022-2064
MISC
CONFIRM |
nocodb — nocodb
|
Improper Privilege Management in GitHub repository nocodb/nocodb prior to 0.91.7+. |
2022-06-13 |
not yet calculated |
CVE-2022-2063
MISC
CONFIRM |
nokia — bharti_airtel_routers
|
Nokia “G-2425G-A” Bharti Airtel Routers Hardware version “3FE48299DEAA” Software Version “3FE49362IJHK42” is vulnerable to Cross-Site Scripting (XSS) via the admin->Maintenance>Device Management. |
2022-06-14 |
not yet calculated |
CVE-2022-30903
MISC
MISC |
nokia — vitalsuite_spm
|
NOKIA VitalSuite SPM 2020 is affected by SQL injection through UserName’. |
2022-06-16 |
not yet calculated |
CVE-2021-41487
MISC
MISC |
npm — pack
|
npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag (ie. `–workspaces`, `–workspace=<name>`). Anyone who has run `npm pack` or `npm publish` inside a workspace, as of v7.9.0 and v7.13.0 respectively, may be affected and have published files into the npm registry they did not intend to include. Users should upgrade to the latest, patched version of npm v8.11.0, run: npm i -g npm@latest . Node.js versions v16.15.1, v17.19.1, and v18.3.0 include the patched v8.11.0 version of npm. |
2022-06-13 |
not yet calculated |
CVE-2022-29244
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC |
npm — pg-native
|
All versions of package pg-native; all versions of package libpq are vulnerable to Denial of Service (DoS) when the addons attempt to cast the second argument to an array and fail. This happens for every non-array argument passed. **Note:** pg-native is a mere binding to npm’s libpq library, which in turn has the addons and bindings to the actual C libpq library. This means that problems found in pg-native may transitively impact npm’s libpq. |
2022-06-17 |
not yet calculated |
CVE-2022-25852
CONFIRM
CONFIRM |
npm — querymen
|
All versions of package querymen are vulnerable to Prototype Pollution if the parameters of exported function handler(type, name, fn) can be controlled by users without any sanitization. Note: This vulnerability derives from an incomplete fix of [CVE-2020-7600](https://security.snyk.io/vuln/SNYK-JS-QUERYMEN-559867). |
2022-06-17 |
not yet calculated |
CVE-2022-25871
CONFIRM |
nuitka — nuitka
|
Command Injection in GitHub repository nuitka/nuitka prior to 0.9. |
2022-06-12 |
not yet calculated |
CVE-2022-2054
CONFIRM
MISC |
octokit — octokit
|
Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r–r–` (i.e. 0644). This means everyone who is not the owner (Group and Public) with access to the instance where this release had been installed could modify the world-writable files from this gem. This issue is patched in Octokit 4.25.0. Two workarounds are available. Users can use the previous version of the gem, v4.22.0. Alternatively, users can modify the file permissions manually until they are able to upgrade to the latest version. |
2022-06-15 |
not yet calculated |
CVE-2022-31072
MISC
CONFIRM |
octokit — octopoller
|
Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r–r–` (i.e. 0644). This means everyone who is not the owner (Group and Public) with access to the instance where this release had been installed could modify the world-writable files from this gem. This issue is patched in Octopoller 0.3.0. Two workarounds are available. Users can use the previous version of the gem, v0.1.0. Alternatively, users can modify the file permissions manually until they are able to upgrade to the latest version. |
2022-06-15 |
not yet calculated |
CVE-2022-31071
CONFIRM
MISC |
ompl — opml
|
Memory leaks in LazyPRM.cpp of OMPL v1.5.0 can cause unexpected behavior. |
2022-06-17 |
not yet calculated |
CVE-2021-41490
MISC |
| online_tours_and_travels_management_system — online_tours_and_travels_management_system |
Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the tname parameter at /admin/operations/tax.php. |
2022-06-15 |
not yet calculated |
CVE-2022-32992
MISC |
opc_foundation — opc_ua_net_standard_stack
|
OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to exhaust the memory resources of a server via a crafted request that triggers Uncontrolled Resource Consumption. |
2022-06-16 |
not yet calculated |
CVE-2022-29866
MISC
MISC |
opc_foundation — opc_ua_net_standard_stack
|
OPC UA .NET Standard Stack allows a remote attacker to bypass the application authentication check via crafted fake credentials. |
2022-06-16 |
not yet calculated |
CVE-2022-29865
MISC
MISC |
opc_foundation — opc_ua_net_standard_stack
|
OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption. |
2022-06-16 |
not yet calculated |
CVE-2022-29864
MISC
MISC |
opc_foundation — opc_ua_net_standard_stack
|
OPC UA .NET Standard Stack 1.04.368 allows remote attacker to cause a crash via a crafted message that triggers excessive memory allocation. |
2022-06-16 |
not yet calculated |
CVE-2022-29863
MISC
MISC |
opc_foundation — opc_ua_net_standard_stack
|
An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message. |
2022-06-16 |
not yet calculated |
CVE-2022-29862
MISC
MISC |
open_forms — open_forms
|
Open Forms is an application for creating and publishing smart forms. Prior to versions 1.0.9 and 1.1.1, the cookie consent page in Open Forms contains an open redirect by injecting a `referer` querystring parameter and failing to validate the value. A malicious actor is able to redirect users to a website under their control, opening them up for phishing attacks. The redirect is initiated by the open forms backend which is a legimate page, making it less obvious to end users they are being redirected to a malicious website. Versions 1.0.9 and 1.1.1 contain patches for this issue. There are no known workarounds avaialble. |
2022-06-13 |
not yet calculated |
CVE-2022-31040
MISC
CONFIRM |
open_forms — open_forms
|
Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users (e.g. only PDF / Excel / …). The input validation of uploaded files is insufficient in versions prior to 1.0.9 and 1.1.1. Users could alter or strip file extensions to bypass this validation. This results in files being uploaded to the server that are of a different file type than indicated by the file name extension. These files may be downloaded (manually or automatically) by staff and/or other applications for further processing. Malicious files can therefore find their way into internal/trusted networks. Versions 1.0.9 and 1.1.1 contain patches for this issue. As a workaround, an API gateway or intrusion detection solution in front of open-forms may be able to scan for and block malicious content before it reaches the Open Forms application. |
2022-06-13 |
not yet calculated |
CVE-2022-31041
CONFIRM
MISC |
oracle — cloud_infrastructure
|
Vulnerability in the Oracle Cloud Infrastructure product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to Oracle Cloud Infrastructure accessible data. All affected customers were notified of CVE-2022-21503 by Oracle. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N) |
2022-06-17 |
not yet calculated |
CVE-2022-21503
MISC |
oracle — linux_uek
|
The code in UEK6 U3 was missing an appropiate file descriptor count to be missing. This resulted in a use count error that allowed a file descriptor to a socket to be closed and freed while it was still in use by another portion of the kernel. An attack with local access can operate on the socket, and cause a denial of service. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). |
2022-06-14 |
not yet calculated |
CVE-2022-21504
MISC |
| otrs — otrs |
Attacker is able to determine if the provided username exists (and it’s valid) using Request New Password feature, based on the response time. |
2022-06-13 |
not yet calculated |
CVE-2022-32741
CONFIRM |
| otrs — otrs |
When Secure::DisableBanner system configuration has been disabled and agent shares his calendar via public URL, received ICS file contains OTRS release number. |
2022-06-13 |
not yet calculated |
CVE-2022-32739
CONFIRM |
| otrs — otrs |
A reply to a forwarded email article by a 3rd party could unintensionally expose the email content to the ticket customer under certain circumstances. |
2022-06-13 |
not yet calculated |
CVE-2022-32740
CONFIRM |
palantir — multipass
|
The Multipass service was found to have code paths that could be abused to cause a denial of service for authentication or authorization operations. A malicious attacker could perform an application-level denial of service attack, potentially causing authentication and/or authorization operations to fail for the duration of the attack. This could lead to performance degradation or login failures for customer Palantir Foundry environments. This vulnerability is resolved in Multipass 3.647.0. This issue affects: Palantir Foundry Multipass versions prior to 3.647.0. |
2022-06-14 |
not yet calculated |
CVE-2022-27889
MISC |
parse_community — parse_server
|
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake certificate accessible via certain Apple domains and providing the URL to that certificate in an authData object. Versions 4.0.11 and 5.2.2 prevent this by introducing a new `rootCertificateUrl` property to the Parse Server Apple Game Center auth adapter which takes the URL to the root certificate of Apple’s Game Center authentication certificate. If no value is set, the `rootCertificateUrl` property defaults to the URL of the current root certificate as of May 27, 2022. Keep in mind that the root certificate can change at any time and that it is the developer’s responsibility to keep the root certificate URL up-to-date when using the Parse Server Apple Game Center auth adapter. There are no known workarounds for this issue. |
2022-06-17 |
not yet calculated |
CVE-2022-31083
MISC
CONFIRM
MISC
MISC |
peel — shopping_cms
|
PEEL Shopping CMS 9.4.0 is vulnerable to authenticated SQL injection in utilisateurs.php. A user that belongs to the administrator group can inject a malicious SQL query in order to affect the execution logic of the application and retrive information from the database. |
2022-06-15 |
not yet calculated |
CVE-2021-41672
MISC
MISC |
| phpcms — phpcms |
There is a reflective cross-site scripting (XSS) vulnerability in the PHPCMS V9.6.3 management side. |
2022-06-15 |
not yet calculated |
CVE-2021-40910
MISC |
php — fedora
|
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service. |
2022-06-16 |
not yet calculated |
CVE-2022-31625
MISC
FEDORA
FEDORA |
php — fedora
|
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability. |
2022-06-16 |
not yet calculated |
CVE-2022-31626
MISC
FEDORA
FEDORA |
| piwigo — piwigo |
In Piwigo 11.5.0, there exists a persistent cross-site scripting in the single mode function through /admin.php?page=batch_manager&mode=unit. |
2022-06-14 |
not yet calculated |
CVE-2021-40678
MISC |
potplayer — potplayer
|
An exploitable out-of-bounds write vulnerability in PotPlayer 1.7.21523 build 210729 may lead to code execution, information disclosure, and denial of service. |
2022-06-15 |
not yet calculated |
CVE-2021-40212
MISC
MISC |
powerjob — powerjob
|
An issue was discovered in PowerJob through 3.2.2, allows attackers to change arbitrary user passwords via the id parameter to /appinfo/save. |
2022-06-16 |
not yet calculated |
CVE-2020-28865
MISC |
powertek_corporation — powertek_firmware
|
Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface (/cgi/get_param.cgi) with the tmpToken cookie set to an empty string followed by a semicolon. This bypasses an active session authorization check. This can be then used to fetch the values of protected sys.passwd and sys.su.name fields that contain the username and password in cleartext. |
2022-06-13 |
not yet calculated |
CVE-2022-33174
MISC |
powertek_corporation — powertek_firmware
|
Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an insecure permissions setting on the user.token field that is accessible to everyone through the /cgi/get_param.cgi HTTP API. This leads to disclosing active session ids of currently logged-in administrators. The session id can then be reused to act as the administrator, allowing reading of the cleartext password, or reconfiguring the device. |
2022-06-13 |
not yet calculated |
CVE-2022-33175
MISC |
| proietti — tech_srl_planet_time_enterprise |
Proietti Tech srl Planet Time Enterprise 4.2.0.1,4.2.0.0,4.1.0.0,4.0.0.0,3.3.1.0,3.3.0.0 is vulnerable to Remote code execution via the Viewstate parameter. |
2022-06-17 |
not yet calculated |
CVE-2022-30422
MISC
MISC |
python — pgadmin4
|
A vulnerability classified as problematic was found in Python 2.7.13. This vulnerability affects unknown code of the component pgAdmin4. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. |
2022-06-16 |
not yet calculated |
CVE-2017-20052
MISC
MISC |
python-idap — python_idap
|
python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service (ReDoS) flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition. |
2022-06-18 |
not yet calculated |
CVE-2021-46823
MISC
MISC |
| qualcomm — snapdragon |
Improper memory allocation during counter check DLM handling can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35096
CONFIRM |
| qualcomm — snapdragon |
Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2021-35130
CONFIRM |
| qualcomm — snapdragon |
Possible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35102
CONFIRM |
| qualcomm — snapdragon |
Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2021-35098
CONFIRM |
| qualcomm — snapdragon |
Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking |
2022-06-14 |
not yet calculated |
CVE-2021-35129
CONFIRM |
| qualcomm — snapdragon |
Improper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35101
CONFIRM |
| qualcomm — snapdragon |
Possible null pointer access due to improper validation of system information message to be processed in Snapdragon Industrial IOT, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35087
CONFIRM |
| qualcomm — snapdragon |
Possible out of bounds read due to improper typecasting while handling page fault for global memory in Snapdragon Connectivity, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35091
CONFIRM |
| qualcomm — snapdragon |
Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35090
CONFIRM |
| qualcomm — snapdragon |
Improper validation of tag id while RRC sending tag id to MAC can lead to TOCTOU race condition in Snapdragon Connectivity, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35111
CONFIRM |
| qualcomm — snapdragon |
Improper serialization of message queue client registration can lead to race condition allowing multiple gunyah message clients to register with same label in Snapdragon Connectivity, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35095
CONFIRM |
| qualcomm — snapdragon |
Memory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35126
CONFIRM |
| qualcomm — snapdragon |
Buffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT |
2022-06-14 |
not yet calculated |
CVE-2021-35123
CONFIRM |
| qualcomm — snapdragon |
Possible use after free due to lack of null check of DRM file status after file structure is freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2021-30334
CONFIRM |
| qualcomm — snapdragon |
Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35094
CONFIRM |
| qualcomm — snapdragon |
Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2021-30350
CONFIRM |
| qualcomm — snapdragon |
Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2021-35078
CONFIRM |
| qualcomm — snapdragon |
RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35070
CONFIRM |
| qualcomm — snapdragon |
Possible buffer over read due to improper validation of SIB type when processing a NR system Information message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35086
CONFIRM |
| qualcomm — snapdragon |
Reachable assertion due to improper validation of coreset in PDCCH configuration in SA mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-30340
CONFIRM |
| qualcomm — snapdragon |
RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking |
2022-06-14 |
not yet calculated |
CVE-2021-30346
CONFIRM |
| qualcomm — snapdragon |
Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC security mode command packet has been received in Snapdragon Industrial IOT |
2022-06-14 |
not yet calculated |
CVE-2021-35082
CONFIRM |
| qualcomm — snapdragon |
Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35079
CONFIRM |
| qualcomm — snapdragon |
APK can load a crafted model into the CDSP which can lead to a compromise of CDSP and other APK`s data executing there in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2021-35116
CONFIRM |
| qualcomm — snapdragon |
Possible null pointer dereference due to improper validation of RRC connection reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35076
CONFIRM |
| qualcomm — snapdragon |
Possible assertion due to improper validation of rank restriction field in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35073
CONFIRM |
| qualcomm — snapdragon |
Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2021-35072
CONFIRM |
| qualcomm — snapdragon |
Disabled SMMU from secure side while RPM is assigned a secure stream can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2021-35080
CONFIRM |
| qualcomm — snapdragon |
Possible buffer overflow due to lack of buffer length check during management frame Rx handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35085
CONFIRM |
| qualcomm — snapdragon |
Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking |
2022-06-14 |
not yet calculated |
CVE-2021-30349
CONFIRM |
| qualcomm — snapdragon |
Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-30347
CONFIRM |
| qualcomm — snapdragon |
Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking |
2022-06-14 |
not yet calculated |
CVE-2021-35071
CONFIRM |
qualcomm — snapdragon
|
Possible buffer over read due to improper calculation of string length while parsing Id3 tag in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2021-35100
CONFIRM |
qualcomm — snapdragon
|
Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music |
2022-06-14 |
not yet calculated |
CVE-2021-35092
CONFIRM |
qualcomm — snapdragon
|
Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music |
2022-06-14 |
not yet calculated |
CVE-2021-35081
CONFIRM |
qualcomm — snapdragon
|
RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking |
2022-06-14 |
not yet calculated |
CVE-2021-30345
CONFIRM |
qualcomm — snapdragon
|
Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2021-30341
CONFIRM |
qualcomm — snapdragon
|
Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music |
2022-06-14 |
not yet calculated |
CVE-2022-25651
CONFIRM |
qualcomm — snapdragon
|
Reading PRNG output may lead to improper key generation due to lack of buffer validation in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking |
2022-06-14 |
not yet calculated |
CVE-2021-30339
CONFIRM |
qualcomm — snapdragon
|
Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music |
2022-06-14 |
not yet calculated |
CVE-2021-30327
CONFIRM |
qualcomm — snapdragon
|
Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2021-35083
CONFIRM |
qualcomm — snapdragon
|
Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2021-30342
CONFIRM |
qualcomm — snapdragon
|
Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-30343
CONFIRM |
qualcomm — snapdragon
|
A user with user level permission can access graphics protected region due to improper access control in register configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2021-35112
CONFIRM |
qualcomm — snapdragon
|
Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35120
CONFIRM |
qualcomm — snapdragon
|
Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2021-30344
CONFIRM |
qualcomm — snapdragon
|
An out-of-bounds write can occur due to an incorrect input check in the camera driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2021-35118
CONFIRM |
qualcomm — snapdragon
|
An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35121
CONFIRM |
qualcomm — snapdragon
|
Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking |
2022-06-14 |
not yet calculated |
CVE-2021-35104
CONFIRM |
qualcomm — snapdragon
|
Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2021-35119
CONFIRM |
qualcomm — snapdragon
|
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking |
2022-06-14 |
not yet calculated |
CVE-2021-30281
CONFIRM |
qualcomm — snapdragon
|
Possible out of bound read due to lack of length check of data length for a DIAG event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music |
2022-06-14 |
not yet calculated |
CVE-2021-35084
CONFIRM |
| qualcomm — snapdragon_auto |
Improper buffer initialization on the backend driver can lead to buffer overflow in Snapdragon Auto |
2022-06-14 |
not yet calculated |
CVE-2021-35114
CONFIRM |
| qualcomm — snapdrgaon |
Out of bound read in WLAN HOST due to improper length check can lead to DOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2022-22065
CONFIRM |
qualcomm — snapdrgaon
|
kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2022-22068
CONFIRM |
qualcomm — snapdrgaon
|
Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music |
2022-06-14 |
not yet calculated |
CVE-2022-22071
CONFIRM |
qualcomm — snapdrgaon
|
Memory corruption due to possible buffer overflow while parsing DSF header with corrupted channel count in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2022-22082
CONFIRM |
qualcomm — snapdrgaon
|
Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2022-22084
CONFIRM |
qualcomm — snapdrgaon
|
memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2022-22087
CONFIRM |
qualcomm — snapdrgaon
|
Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music |
2022-06-14 |
not yet calculated |
CVE-2022-22072
CONFIRM |
qualcomm — snapdrgaon
|
Possible buffer over read due to lack of size validation while unpacking frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2022-22064
CONFIRM |
qualcomm — snapdrgaon
|
Denial of service due to memory corruption while extracting ape header from clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2022-22083
CONFIRM |
qualcomm — snapdrgaon
|
Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile |
2022-06-14 |
not yet calculated |
CVE-2022-22090
CONFIRM |
qualcomm — snapdrgaon
|
Memory corruption in video due to double free while parsing 3gp clip with invalid meta data atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2022-22086
CONFIRM |
qualcomm — snapdrgaon
|
Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2022-22057
CONFIRM |
qualcomm — snapdrgaon
|
Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2022-06-14 |
not yet calculated |
CVE-2022-22085
CONFIRM |
qualcomm — snapdrgaon
|
Memory corruption in multimedia driver due to double free while processing data from user in Snapdragon Auto |
2022-06-14 |
not yet calculated |
CVE-2022-22103
CONFIRM |
qualcomm — trustzone_memory_interface
|
Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Compute |
2022-06-14 |
not yet calculated |
CVE-2021-30338
CONFIRM |
rakuten — casa
|
Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default. |
2022-06-13 |
not yet calculated |
CVE-2022-26834
MISC
MISC |
rakuten — casa
|
Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connected to the Internet with the authentication information unchanged from the default settings. |
2022-06-13 |
not yet calculated |
CVE-2022-28704
MISC
MISC |
rakuten — casa
|
Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation. |
2022-06-13 |
not yet calculated |
CVE-2022-29525
MISC
MISC |
redcap — redacap
|
A Stored Cross-Site Scripting (XSS) vulnerability was discovered in Messenger/messenger_ajax.php in REDCap 12.0.11. This issue allows any authenticated user to inject arbitrary code into the messenger title (aka new_title) field when editing an existing conversation. The payload executes in the browser of any conversation participant with the sidebar shown. |
2022-06-15 |
not yet calculated |
CVE-2022-24004
MISC
MISC |
redcap — redacap
|
A Stored Cross-Site Scripting (XSS) vulnerability was discovered in ProjectGeneral/edit_project_settings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title (app_title) field when editing an existing project. The payload is then reflected within the title tag of the page. |
2022-06-15 |
not yet calculated |
CVE-2022-24127
MISC
MISC |
robohelp — server
|
RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization vulnerability which could lead to privilege escalation. An authenticated attacker could leverage this vulnerability to achieve full administrator privileges. Exploitation of this issue does not require user interaction. |
2022-06-16 |
not yet calculated |
CVE-2022-30670
MISC |
rundeck — rundeck
|
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. The Key Storage converter plugin mechanism was not enabled correctly in Rundeck 4.2.0 and 4.2.1, resulting in use of the encryption layer for Key Storage possibly not working. Any credentials created or overwritten using Rundeck 4.2.0 or 4.2.1 might result in them being written in plaintext to the backend storage. This affects those using any `Storage Converter` plugin. Rundeck 4.3.1 and 4.2.2 have fixed the code and upon upgrade will re-encrypt any plain text values. Version 4.3.0 does not have the vulnerability, but does not include the patch to re-encrypt plain text values if 4.2.0 or 4.2.1 were used. To prevent plaintext credentials from being stored in Rundeck 4.2.0/4.2.1, write access to key storage can be disabled via ACLs. After upgrading to 4.3.1 or later, write access can be restored. |
2022-06-15 |
not yet calculated |
CVE-2022-31044
CONFIRM |
| sap — 3d_visual_enterprise_viewer |
When a user opens manipulated AutoCAD (.dwg, TeighaTranslator.exe) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. |
2022-06-14 |
not yet calculated |
CVE-2022-32235
MISC
MISC |
| sap — 3d_visual_enterprise_viewer |
When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. |
2022-06-14 |
not yet calculated |
CVE-2022-32239
MISC
MISC |
| sap — 3d_visual_enterprise_viewer |
When a user opens manipulated Radiance Picture (.hdr, hdr.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. |
2022-06-14 |
not yet calculated |
CVE-2022-32242
MISC
MISC |
| sap — 3d_visual_enterprise_viewer |
When a user opens manipulated Portable Document Format (.pdf, PDFView.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. |
2022-06-14 |
not yet calculated |
CVE-2022-32241
MISC
MISC |
| sap — 3d_visual_enterprise_viewer |
When a user opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. |
2022-06-14 |
not yet calculated |
CVE-2022-32240
MISC
MISC |
| sap — 3d_visual_enterprise_viewer |
When a user opens manipulated Windows Bitmap (.bmp, 2d.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. |
2022-06-14 |
not yet calculated |
CVE-2022-32236
MISC
MISC |
| sap — 3d_visual_enterprise_viewer |
When a user opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. |
2022-06-14 |
not yet calculated |
CVE-2022-32237
MISC
MISC |
sap — 3d_visual_enterprise_viewer
|
When a user opens manipulated Encapsulated Post Script (.eps, ai.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. |
2022-06-14 |
not yet calculated |
CVE-2022-32238
MISC
MISC |
sap — financial_consolidation
|
SAP Financial Consolidation – version 1010,?does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. |
2022-06-14 |
not yet calculated |
CVE-2022-31595
MISC
MISC |
sap — netweaver
|
Depending on the configuration of the route permission table in file ‘saprouttab’, it is possible for an unauthenticated attacker to execute SAProuter administration commands in SAP NetWeaver and ABAP Platform – versions KERNEL 7.49, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.49, KRNL64UC 7.49, SAP_ROUTER 7.53, 7.22, from a remote client, for example stopping the SAProuter, that could highly impact systems availability. |
2022-06-14 |
not yet calculated |
CVE-2022-27668
MISC
MISC |
sap — netweaver
|
Due to insufficient input validation, SAP NetWeaver Development Infrastructure (Design Time Repository) – versions 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to inject script into the URL and execute code in the user’s browser. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application. |
2022-06-14 |
not yet calculated |
CVE-2022-29618
MISC
MISC |
sap — netweaver
|
Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document accepted from an untrusted source, which allows an adversary to exploit unprotected XML parking at endpoints, and a possibility to conduct SSRF attacks that could compromise system’s Availability by causing system to crash. |
2022-06-13 |
not yet calculated |
CVE-2022-28217
MISC
MISC |
sap — netweaver
|
SAP NetWeaver, ABAP Platform and SAP Host Agent – versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, 8.04, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, 8.04, SAPHOSTAGENT 7.22, allows an authenticated user to misuse a function of sapcontrol webfunctionality(startservice) in Kernel which enables malicious users to retrieve information. On successful exploitation, an attacker can obtain technical information like system number or physical address, which is otherwise restricted, causing a limited impact on the confidentiality of the application. |
2022-06-14 |
not yet calculated |
CVE-2022-29612
MISC
MISC |
sap — netweaver
|
SAP startservice – of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform and HANA Database – versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, SAPHOSTAGENT 7.22, – on Unix systems, s-bit helper program sapuxuserchk, can be abused physically resulting in a privilege escalation of an attacker leading to low impact on confidentiality and integrity, but a profound impact on availability. |
2022-06-14 |
not yet calculated |
CVE-2022-29614
MISC
MISC |
sap — netweaver
|
SAP NetWeaver Developer Studio (NWDS) – version 7.50, is based on Eclipse, which contains the logging framework log4j in version 1.x. The application’s confidentiality and integrity could have a low impact due to the vulnerabilities associated with version 1.x. |
2022-06-14 |
not yet calculated |
CVE-2022-29615
MISC
MISC |
sap — one_support_launchpad
|
A highly privileged user can exploit SUID-root program to escalate his privileges to root on a local Unix system. |
2022-06-14 |
not yet calculated |
CVE-2022-31594
MISC
MISC |
sap — one_support_launchpad
|
Due to improper authorization check, business users who are using Israeli File from SHAAM program (/ATL/VQ23 transaction), are granted more than needed authorization to perform certain transaction, which may lead to users getting access to data that would otherwise be restricted. |
2022-06-14 |
not yet calculated |
CVE-2022-31589
MISC
MISC |
| sap — powerdesigner_proxy |
SAP PowerDesigner Proxy – version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the application during application start up or reboot, potentially compromising Confidentiality, Integrity and Availability of the system. |
2022-06-14 |
not yet calculated |
CVE-2022-31590
MISC
MISC |
scalanace — multiple_versions
|
A vulnerability has been identified in SCALANCE XM408-4C (All versions < V6.5), SCALANCE XM408-4C (L3 int.) (All versions < V6.5), SCALANCE XM408-8C (All versions < V6.5), SCALANCE XM408-8C (L3 int.) (All versions < V6.5), SCALANCE XM416-4C (All versions < V6.5), SCALANCE XM416-4C (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 1x230V (All versions < V6.5), SCALANCE XR524-8C, 1x230V (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 24V (All versions < V6.5), SCALANCE XR524-8C, 24V (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 2x230V (All versions < V6.5), SCALANCE XR524-8C, 2x230V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 1x230V (All versions < V6.5), SCALANCE XR526-8C, 1x230V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 24V (All versions < V6.5), SCALANCE XR526-8C, 24V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 2x230V (All versions < V6.5), SCALANCE XR526-8C, 2x230V (L3 int.) (All versions < V6.5), SCALANCE XR528-6M (All versions < V6.5), SCALANCE XR528-6M (2HR2) (All versions < V6.5), SCALANCE XR528-6M (2HR2, L3 int.) (All versions < V6.5), SCALANCE XR528-6M (L3 int.) (All versions < V6.5), SCALANCE XR552-12M (All versions < V6.5), SCALANCE XR552-12M (2HR2) (All versions < V6.5), SCALANCE XR552-12M (2HR2) (All versions < V6.5), SCALANCE XR552-12M (2HR2, L3 int.) (All versions < V6.5). The OSPF protocol implementation in affected devices fails to verify the checksum and length fields in the OSPF LS Update messages. An unauthenticated remote attacker could exploit this vulnerability to cause interruptions in the network by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device. |
2022-06-14 |
not yet calculated |
CVE-2021-37182
MISC |
shirasagi — shirasagi
|
Cross-site scripting vulnerability in SHIRASAGI v1.0.0 to v1.14.2, and v1.15.0 allows a remote attacker to inject an arbitrary script via unspecified vectors. |
2022-06-14 |
not yet calculated |
CVE-2022-29485
MISC
MISC
MISC
MISC |
sicam — gridedge_essential_arm
|
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software does not apply cross-origin resource sharing (CORS) restrictions for critical operations. In case an attacker tricks a legitimate user into accessing a special resource a malicious request could be executed. |
2022-06-14 |
not yet calculated |
CVE-2022-30228
MISC |
sicam — gridedge_essential_arm
|
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to change data of an user, such as credentials, in case that user’s id is known. |
2022-06-14 |
not yet calculated |
CVE-2022-30229
MISC |
sicam — gridedge_essential_arm
|
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to create a new user with administrative permissions. |
2022-06-14 |
not yet calculated |
CVE-2022-30230
MISC |
sicam — gridedge_essential_arm
|
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software discloses password hashes of other users upon request. This could allow an authenticated user to retrieve another users password hash. |
2022-06-14 |
not yet calculated |
CVE-2022-30231
MISC |
siemens — sinema_remote_connect_server
|
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An error message pop up window in the web interface of the affected application does not prevent injection of JavaScript code. This could allow attackers to perform reflected cross-site scripting (XSS) attacks. |
2022-06-14 |
not yet calculated |
CVE-2022-29034
MISC
FULLDISC |
siemens — spectrum_power_4
|
A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum Power 7 (All versions using Shared HIS), Spectrum Power MGMS (All versions using Shared HIS). An unauthenticated attacker could log into the component Shared HIS used in Spectrum Power systems by using an account with default credentials. A successful exploitation could allow the attacker to access the component Shared HIS with administrative privileges. |
2022-06-14 |
not yet calculated |
CVE-2022-26476
MISC |
siemens — teamcenter
|
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions < V13.1.0.9), Teamcenter V13.2 (All versions), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions). Java EE Server Manager HTML Adaptor in Teamcenter consists of default hardcoded credentials. Access to the application allows a user to perform a series of actions that could potentially lead to remote code execution with elevated permissions. |
2022-06-14 |
not yet calculated |
CVE-2022-31619
MISC |
siemens — teamcenter_active_workspace
|
A vulnerability has been identified in Teamcenter Active Workspace V5.2 (All versions < V5.2.9), Teamcenter Active Workspace V6.0 (All versions < V6.0.3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected application that could allow an attacker to execute malicious code by tricking users into accessing a malicious link. |
2022-06-14 |
not yet calculated |
CVE-2022-32145
MISC |
siemens — sinema_remote_connect_server
|
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP security headers in the web server configured on port 443. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks and other similar client-based attack vectors. |
2022-06-14 |
not yet calculated |
CVE-2022-27219
MISC |
siemens — sinema_remote_connect_server
|
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An attacker in machine-in-the-middle could obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a “BREACH” attack. |
2022-06-14 |
not yet calculated |
CVE-2022-27221
MISC |
siemens — sinema_remote_connect_server
|
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP security headers in the web server configured on port 6220. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks and other similar client-based attack vectors. |
2022-06-14 |
not yet calculated |
CVE-2022-27220
MISC |
| sinema — remote_connect_server |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains an older feature that allows to import device configurations via a specific endpoint. An attacker could use this vulnerability for information disclosure. |
2022-06-14 |
not yet calculated |
CVE-2022-32258
MISC |
| sinema — remote_connect_server |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). There is a missing authentication verification for a resource used to change the roles and permissions of a user. This could allow an attacker to change the permissions of any user and gain the privileges of an administrative user. |
2022-06-14 |
not yet calculated |
CVE-2022-32251
MISC |
| sinema — remote_connect_server |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application creates temporary user credentials for UMC (User Management Component) users. An attacker could use these temporary credentials for authentication bypass in certain scenarios. |
2022-06-14 |
not yet calculated |
CVE-2022-32260
MISC |
| sinema — remote_connect_server |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The system images for installation or update of the affected application contain unit test scripts with sensitive information. An attacker could gain information about testing architecture and also tamper with test configuration. |
2022-06-14 |
not yet calculated |
CVE-2022-32259
MISC |
| sinema — remote_connect_server |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a misconfiguration in the APT update. This could allow an attacker to add insecure packages to the application. |
2022-06-14 |
not yet calculated |
CVE-2022-32261
MISC |
| sinema — remote_connect_server |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to limited information. |
2022-06-14 |
not yet calculated |
CVE-2022-32255
MISC |
| sinema — remote_connect_server |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A customized HTTP POST request could force the application to write the status of a given user to a log file, exposing sensitive user information that could provide valuable guidance to an attacker. |
2022-06-14 |
not yet calculated |
CVE-2022-32254
MISC |
| sinema — remote_connect_server |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). Due to improper input validation, the OpenSSL certificate’s password could be printed to a file reachable by an attacker. |
2022-06-14 |
not yet calculated |
CVE-2022-32253
MISC |
| sinema — remote_connect_server |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The application does not perform the integrity check of the update packages. Without validation, an admin user might be tricked to install a malicious package, granting root privileges to an attacker. |
2022-06-14 |
not yet calculated |
CVE-2022-32252
MISC |
| sinema — remote_connect_server |
When a user opens manipulated Scalable Vector Graphics (.svg, svg.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. |
2022-06-14 |
not yet calculated |
CVE-2022-32243
MISC
MISC |
| sinema — remote_connect_server |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to low privileged users accessing privileged information. |
2022-06-14 |
not yet calculated |
CVE-2022-32256
MISC |
sinema — remote_connect_server
|
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a file upload server that is vulnerable to command injection. An attacker could use this to achieve arbitrary code execution. |
2022-06-14 |
not yet calculated |
CVE-2022-32262
MISC |
| sourcecodester — online_discussion_forum_site |
Online Discussion Forum Site v1.0 is vulnerable to SQL Injection via /odfs/classes/Master.php?f=delete_team. |
2022-06-16 |
not yet calculated |
CVE-2022-31911
MISC |
| sourcecodester — online_discussion_forum_site |
Online Discussion Forum Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /odfs/classes/Master.php?f=save_category, name. |
2022-06-16 |
not yet calculated |
CVE-2022-31913
MISC |
| sourcecodester — zoo_management_system |
Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via zms/admin/public_html/save_animal?an_id=24. |
2022-06-16 |
not yet calculated |
CVE-2022-31914
MISC |
sourcecodester — bank_management_system
|
A vulnerability, which was classified as critical, has been found in SourceCodester Bank Management System 1.0. Affected by this issue is login.php. The manipulation of the argument password with the input 1’and 1=2 union select 1,sleep(10),3,4,5 –+ leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. |
2022-06-15 |
not yet calculated |
CVE-2022-2086
N/A
N/A |
sourcecodester — bank_management_system
|
A vulnerability, which was classified as problematic, was found in SourceCodester Bank Management System 1.0. This affects the file /mnotice.php?id=2. The manipulation of the argument notice with the input <script>alert(1)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. |
2022-06-15 |
not yet calculated |
CVE-2022-2087
N/A
N/A |
sourcecodester — church_management_system
|
Church Management System version 1.0 is affected by a SQL anjection vulnerability through creating a user with a PHP file as an avatar image, which is accessible through the /uploads directory. This can lead to RCE on the web server by uploading a PHP webshell. |
2022-06-13 |
not yet calculated |
CVE-2021-41661
MISC |
| sourcecodester — fast_food_ordering_system |
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_menu. |
2022-06-14 |
not yet calculated |
CVE-2022-32330
MISC |
| sourcecodester — fast_food_ordering_system |
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/view_category.php?id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32331
MISC |
| sourcecodester — fast_food_ordering_system |
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_category. |
2022-06-14 |
not yet calculated |
CVE-2022-32332
MISC |
| sourcecodester — fast_food_ordering_system |
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/view_menu.php?id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32336
MISC |
| sourcecodester — fast_food_ordering_system |
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/manage_category.php?id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32334
MISC |
| sourcecodester — fast_food_ordering_system |
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/sales/receipt.php?id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32333
MISC |
| sourcecodester — fast_food_ordering_system |
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/manage_menu.php?id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32335
MISC |
| sourcecodester — fast_food_ordering_system |
Fast Food Ordering System v1.0 is vulnerable to Delete any file. via /ffos/classes/Master.php?f=delete_img. |
2022-06-14 |
not yet calculated |
CVE-2022-32328
MISC |
| sourcecodester — hospitals_patient_records_management_system |
Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient. |
2022-06-14 |
not yet calculated |
CVE-2022-32344
MISC |
| sourcecodester — hospitals_patient_records_management_system |
Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_room_type. |
2022-06-14 |
not yet calculated |
CVE-2022-32350
MISC |
| sourcecodester — hospitals_patient_records_management_system |
Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/doctors/view_doctor.php?id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32339
MISC |
| sourcecodester — hospitals_patient_records_management_system |
Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/doctors/manage_doctor.php?id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32338
MISC |
| sourcecodester — hospitals_patient_records_management_system |
Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/patients/manage_patient.php?id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32337
MISC |
| sourcecodester — hospitals_patient_records_management_system |
Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/room_types/view_room_type.php?id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32342
MISC |
| sourcecodester — hospitals_patient_records_management_system |
Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via hprms/admin/room_types/manage_room_type.php?id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32343
MISC |
| sourcecodester — hospitals_patient_records_management_system |
Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient_history. |
2022-06-14 |
not yet calculated |
CVE-2022-32349
MISC |
| sourcecodester — hospitals_patient_records_management_system |
Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/rooms/manage_room.php?id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32345
MISC |
| sourcecodester — hospitals_patient_records_management_system |
Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_room. |
2022-06-14 |
not yet calculated |
CVE-2022-32347
MISC |
| sourcecodester — hospitals_patient_records_management_system |
Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_doctor. |
2022-06-14 |
not yet calculated |
CVE-2022-32348
MISC |
| sourcecodester — hospitals_patient_records_management_system |
Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/?page=user/manage_user&id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32341
MISC |
| sourcecodester — hospitals_patient_records_management_system |
Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient_admission. |
2022-06-14 |
not yet calculated |
CVE-2022-32352
MISC |
| sourcecodester — hospitals_patient_records_management_system |
Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_message. |
2022-06-14 |
not yet calculated |
CVE-2022-32351
MISC |
| sourcecodester — hospitals_patient_records_management_system |
Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/rooms/view_room.php?id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32346
MISC |
| sourcecodester — hospitals_patient_records_management_system |
Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/?page=patients/view_patient&id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32340
MISC |
| sourcecodester — online_fire_reporting_system |
Online Fire Reporting System v1.0 is vulnerable to Cross Site Scripting (XSS) via /ofrs/classes/Master.php. |
2022-06-16 |
not yet calculated |
CVE-2022-31906
MISC |
| sourcecodester — online_fire_reporting_system |
Online Fire Reporting System v1.0 was discovered to contain a SQL injection vulnerability via the GET parameter in /report/list.php. |
2022-06-14 |
not yet calculated |
CVE-2022-31415
MISC |
| sourcecodester — online_tutor_portal_site |
Online Tutor Portal Site v1.0 is vulnerable to SQL Injection via /otps/classes/Master.php?f=delete_team. |
2022-06-16 |
not yet calculated |
CVE-2022-31912
MISC |
| sourcecodester — online_tutor_portal_site |
Online Tutor Portal Site v1.0 is vulnerable to Cross Site Scripting (XSS). via /otps/classes/Master.php. |
2022-06-16 |
not yet calculated |
CVE-2022-31910
MISC |
| sourcecodester — product_show_room_site |
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/manage_field.php?id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32365
MISC |
| sourcecodester — product_show_room_site |
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=user/manage_user&id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32354
MISC |
| sourcecodester — product_show_room_site |
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/view_category.php?id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32363
MISC |
| sourcecodester — product_show_room_site |
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/view_field.php?id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32366
MISC |
| sourcecodester — product_show_room_site |
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/manage_product&id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32364
MISC |
| sourcecodester — product_show_room_site |
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/manage_field_order.php?id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32353
MISC |
| sourcecodester — product_show_room_site |
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/view_product&id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32355
MISC |
| sourcecodester — product_show_room_site |
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=inquiries/view_inquiry&id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32367
MISC |
| sourcecodester — product_show_room_site |
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_category. |
2022-06-14 |
not yet calculated |
CVE-2022-32359
MISC |
| sourcecodester — product_show_room_site |
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_inquiry. |
2022-06-14 |
not yet calculated |
CVE-2022-32358
MISC |
| sourcecodester — product_show_room_site |
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/manage_category.php?id=. |
2022-06-14 |
not yet calculated |
CVE-2022-32362
MISC |
| sourcecodester — rescue_dispatch_management_system |
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via rdmsadmin?page=usermanage_user&id=. |
2022-06-17 |
not yet calculated |
CVE-2022-31941
MISC |
| sourcecodester — south_gate_inn_online_reservation_system |
The South Gate Inn Online Reservation System v1.0 contains an SQL injection vulnerability that can be chained with a malicious PHP file upload, which is caused by improper file handling in the editImg function. This vulnerability leads to remote code execution. |
2022-06-13 |
not yet calculated |
CVE-2021-41662
MISC |
| sourcecodester — student_registration_and_fee_payment_system |
Student Registration and Fee Payment System v1.0 is vulnerable to SQL Injection via /scms/student.php. |
2022-06-16 |
not yet calculated |
CVE-2022-31908
MISC |
| sourcecodester — theme_park_ticketing_system |
Theme Park Ticketing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edit_ticket.php. |
2022-06-15 |
not yet calculated |
CVE-2022-32302
MISC |
| sourcesodester — directory_management_system |
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php. |
2022-06-16 |
not yet calculated |
CVE-2022-31384
MISC
MISC
MISC |
sourcesodester — directory_management_system
|
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in view-directory.php. |
2022-06-16 |
not yet calculated |
CVE-2022-31383
MISC
MISC
MISC |
sourcesodester — directory_management_system
|
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter in search-dirctory.php. |
2022-06-16 |
not yet calculated |
CVE-2022-31382
MISC
MISC
MISC |
| sourcesodester — online_discussion_forum_site |
An issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts. |
2022-06-16 |
not yet calculated |
CVE-2022-31295
MISC
MISC |
| sourcesodester — online_discussion_forum_site |
An issue in the save_users() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts. |
2022-06-16 |
not yet calculated |
CVE-2022-31294
MISC
MISC |
| sourcesodester — online_discussion_forum_site |
Online Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/view_post.php. |
2022-06-17 |
not yet calculated |
CVE-2022-31296
MISC
MISC |
| sourcesodester — online_ordering_system |
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/index.php?q=category&search=. |
2022-06-17 |
not yet calculated |
CVE-2022-31355
MISC |
| sourcesodester — online_ordering_system |
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/inventory/index.php?view=edit&id=. |
2022-06-17 |
not yet calculated |
CVE-2022-31357
MISC |
| sourcesodester — online_ordering_system |
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/store/index.php?view=edit&id=. |
2022-06-17 |
not yet calculated |
CVE-2022-31356
MISC |
splunk_enterprise — splunk_universal_forwarder
|
In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface (CLI) did not validate TLS certificates while connecting to a remote Splunk platform instance by default. Splunk peer communications configured properly with valid certificates were not vulnerable. However, connections from misconfigured nodes without valid certificates did not fail by default. After updating to version 9.0, see Configure TLS host name validation for the Splunk CLI (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation#Configure_TLS_host_name_validation_for_the_Splunk_CLI) to enable the remediation. |
2022-06-15 |
not yet calculated |
CVE-2022-32156
CONFIRM
CONFIRM
CONFIRM |
splunk_enterprise — dashboard
|
Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the token is used in a query in a cross-origin request. The result bypasses SPL safeguards for risky commands. See New capabilities can limit access to some custom and potentially risky commands (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/SPLsafeguards#New_capabilities_can_limit_access_to_some_custom_and_potentially_risky_commands) for more information. Note that the attack is browser-based and an attacker cannot exploit it at will. |
2022-06-15 |
not yet calculated |
CVE-2022-32154
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
splunk_enterprise — splunk_enterprise_deployment_servers
|
Splunk Enterprise deployment servers in versions before 9.0 let clients deploy forwarder bundles to other deployment clients through the deployment server. An attacker that compromised a Universal Forwarder endpoint could use the vulnerability to execute arbitrary code on all other Universal Forwarder endpoints subscribed to the deployment server. |
2022-06-15 |
not yet calculated |
CVE-2022-32158
CONFIRM
CONFIRM |
splunk_enterprise — splunk_enterprise_deployment_servers
|
Splunk Enterprise deployment servers in versions before 9.0 allow unauthenticated downloading of forwarder bundles. Remediation requires you to update the deployment server to version 9.0 and Configure authentication for deployment servers and clients (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/ConfigDSDCAuthEnhancements#Configure_authentication_for_deployment_servers_and_clients). Once enabled, deployment servers can manage only Universal Forwarder versions 9.0 and higher. Though the vulnerability does not directly affect Universal Forwarders, remediation requires updating all Universal Forwarders that the deployment server manages to version 9.0 or higher prior to enabling the remediation. |
2022-06-15 |
not yet calculated |
CVE-2022-32157
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
| splunk_enterprise — splunk_enterprise_peers |
Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured properly with valid certificates were not vulnerable. However, an attacker with administrator credentials could add a peer without a valid certificate and connections from misconfigured nodes without valid certificates did not fail by default. For Splunk Enterprise, update to Splunk Enterprise version 9.0 and Configure TLS host name validation for Splunk-to-Splunk communications (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation) to enable the remediation. |
2022-06-15 |
not yet calculated |
CVE-2022-32153
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
splunk_enterprise — splunk_enterprise_peers
|
The httplib and urllib Python libraries that Splunk shipped with Splunk Enterprise did not validate certificates using the certificate authority (CA) certificate stores by default in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203. Python 3 client libraries now verify server certificates by default and use the appropriate CA certificate stores for each library. Apps and add-ons that include their own HTTP libraries are not affected. For Splunk Enterprise, update to Splunk Enterprise version 9.0 and Configure TLS host name validation for Splunk-to-Splunk communications (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation) to enable the remediation. |
2022-06-15 |
not yet calculated |
CVE-2022-32151
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
splunk_enterprise — splunk_enterprise_peers
|
Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured properly with valid certificates were not vulnerable. However, an attacker with administrator credentials could add a peer without a valid certificate and connections from misconfigured nodes without valid certificates did not fail by default. For Splunk Enterprise, update to Splunk Enterprise version 9.0 and Configure TLS host name validation for Splunk-to-Splunk communications (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation) to enable the remediation. |
2022-06-15 |
not yet calculated |
CVE-2022-32152
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
splunk_enterprise — splunk_universal_forwarder
|
In universal forwarder versions before 9.0, management services are available remotely by default. When not required, it introduces a potential exposure, but it is not a vulnerability. If exposed, we recommend each customer assess the potential severity specific to your environment. In 9.0, the universal forwarder now binds the management port to localhost preventing remote logins by default. If management services are not required in versions before 9.0, set disableDefaultPort = true in server.conf OR allowRemoteLogin = never in server.conf OR mgmtHostPort = localhost in web.conf. See Configure universal forwarder management security (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation#Configure_universal_forwarder_management_security) for more information on disabling the remote management services. |
2022-06-15 |
not yet calculated |
CVE-2022-32155
CONFIRM
CONFIRM
CONFIRM |
strapi — strapi
|
Strapi v3.x.x versions and earlier contain a stored cross-site scripting vulnerability in file upload function. By exploiting this vulnerability, an arbitrary script may be executed on the web browser of the user who is logging in to the product with the administrative privilege. |
2022-06-13 |
not yet calculated |
CVE-2022-29894
MISC
MISC
MISC |
| subscription-manager — subscription-manager |
Subscription-Manager v1.0 /main.js has a cross-site scripting (XSS) vulnerability in the machineDetail parameter. |
2022-06-15 |
not yet calculated |
CVE-2021-41415
MISC |
synaptics — fingerprint_driver
|
Improper Input Validation vulnerability in synaTEE.signed.dll of Synaptics Fingerprint Driver allows a local authorized attacker to overwrite a heap tag, with potential loss of confidentiality. This issue affects: Synaptics Synaptics Fingerprint Driver 5.1.xxx.26 versions prior to xxx=340 on x86/64; 5.2.xxxx.26 versions prior to xxxx=3541 on x86/64; 5.2.2xx.26 versions prior to xx=29 on x86/64; 5.2.3xx.26 versions prior to xx=25 on x86/64; 5.3.xxxx.26 versions prior to xxxx=3543 on x86/64; 5.5.xx.1058 versions prior to xx=44 on x86/64; 5.5.xx.1102 versions prior to xx=34 on x86/64; 5.5.xx.1116 versions prior to xx=14 on x86/64; 6.0.xx.1104 versions prior to xx=50 on x86/64; 6.0.xx.1108 versions prior to xx=31 on x86/64; 6.0.xx.1111 versions prior to xx=58 on x86/64. |
2022-06-16 |
not yet calculated |
CVE-2021-3675
MISC
CONFIRM
MISC |
| tenda — hg9 |
Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function. |
2022-06-16 |
not yet calculated |
CVE-2022-30023
MISC
MISC
MISC |
| textpattern — textpattern |
Textpattern 4.8.7 is affected by a HTML injection vulnerability through “Content>Write>Body”. |
2022-06-14 |
not yet calculated |
CVE-2021-40658
MISC |
thinkcmf — thinkcmf
|
thinkcmf v5.1.7 has an unauthorized vulnerability. The attacker can modify the password of the administrator account with id 1 through the background user management group permissions. The use condition is that the background user management group authority is required. |
2022-06-14 |
not yet calculated |
CVE-2021-40616
MISC |
thomson — tcw710
|
A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been declared as problematic. This vulnerability affects unknown code of the file /goform/RgUrlBlock.asp. The manipulation of the argument BasicParentalNewKeyword with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. |
2022-06-12 |
not yet calculated |
CVE-2018-25039
MISC
MISC |
thomson — tcw710
|
A vulnerability was found in Thomson TCW710 ST5D.10.05 and classified as problematic. Affected by this issue is some unknown functionality of the file /goform/RgDdns. The manipulation of the argument DdnsHostName with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. |
2022-06-12 |
not yet calculated |
CVE-2018-25037
MISC
MISC |
thomson — tcw710
|
A vulnerability has been found in Thomson TCW710 ST5D.10.05 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /goform/RgTime. The manipulation of the argument TimeServer1/TimeServer2/TimeServer3 with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). The attack can be launched remotely. The exploit has been disclosed to the public and may be used. |
2022-06-12 |
not yet calculated |
CVE-2018-25036
MISC
MISC |
thomson — tcw710
|
A vulnerability, which was classified as problematic, was found in Thomson TCW710 ST5D.10.05. Affected is an unknown function of the file /goform/RGFirewallEL. The manipulation of the argument EmailAddress/SmtpServerName with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. |
2022-06-12 |
not yet calculated |
CVE-2018-25035
MISC
MISC |
thomson — tcw710
|
A vulnerability, which was classified as problematic, has been found in Thomson TCW710 ST5D.10.05. This issue affects some unknown processing of the file /goform/wlanPrimaryNetwork. The manipulation of the argument ServiceSetIdentifier with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. |
2022-06-12 |
not yet calculated |
CVE-2018-25034
MISC
MISC |
thomson — tcw710
|
A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been classified as problematic. This affects an unknown part of the file /goform/RgDhcp. The manipulation of the argument PppUserName with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. |
2022-06-12 |
not yet calculated |
CVE-2018-25038
MISC
MISC |
topsec — topidp3000
|
An issue in TopIDP3000 Topsec Operating System tos_3.3.005.665b.15_smpidp allows attackers to perform a brute-force attack via a crafted session_id cookie. |
2022-06-14 |
not yet calculated |
CVE-2022-31273
MISC |
| tourism_management_system_version — tourism_management_system_version |
Tourism Management System Version: V 3.2 is affected by: Cross Site Request Forgery (CSRF). |
2022-06-14 |
not yet calculated |
CVE-2022-30930
MISC
MISC |
trendnet — tew-831dr
|
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The web interface is vulnerable to CSRF. An attacker can change the pre-shared key of the Wi-Fi router if the interface’s IP address is known. |
2022-06-16 |
not yet calculated |
CVE-2022-30327
MISC
MISC |
trendnet — tew-831dr
|
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key for the Wi-Fi networks is the same for every router except for the last four digits. The device default pre-shared key for both 2.4 GHz and 5 GHz networks can be guessed or brute-forced by an attacker within range of the Wi-Fi network. |
2022-06-16 |
not yet calculated |
CVE-2022-30325
MISC
MISC |
trendnet — tew-831dr
|
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands. |
2022-06-16 |
not yet calculated |
CVE-2022-30329
MISC
MISC |
trendnet — tew-831dr
|
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The username and password setup for the web interface does not require entering the existing password. A malicious user can change the username and password of the interface. |
2022-06-16 |
not yet calculated |
CVE-2022-30328
MISC
MISC |
trendnet — tew-831dr
|
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The network pre-shared key field on the web interface is vulnerable to XSS. An attacker can use a simple XSS payload to crash the basic.config page of the web interface. |
2022-06-16 |
not yet calculated |
CVE-2022-30326
MISC
MISC |
| trendnet — ip-110wn |
Trendnet IP-110wn camera fw_tv-ip110wn_v2(1.2.2.68) has an xss vulnerability via the proname parameter in /admin/scheprofile.cgi |
2022-06-17 |
not yet calculated |
CVE-2022-31875
MISC |
| trendnet — ip-110wn |
Trendnet IP-110wn camera fw_tv-ip110wn_v2(1.2.2.68) has an XSS vulnerability via the prefix parameter in /admin/general.cgi. |
2022-06-17 |
not yet calculated |
CVE-2022-31873
MISC |
| typo3 — typo3 |
TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, system internal credentials or keys (e.g. database credentials) can be logged as plaintext in exception handlers, when logging the complete exception stack trace. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 contain a fix for the problem. |
2022-06-14 |
not yet calculated |
CVE-2022-31047
MISC
CONFIRM
MISC |
| typo3 — typo3 |
TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, Admin Tool sessions initiated via the TYPO3 backend user interface had not been revoked even if the corresponding user account was degraded to lower permissions or disabled completely. This way, sessions in the admin tool theoretically could have been prolonged without any limit. TYPO3 versions 9.5.34 ELTS, 10.4.29, and 11.5.11 contain a fix for the problem. |
2022-06-14 |
not yet calculated |
CVE-2022-31050
MISC
CONFIRM
MISC |
typo3 — typo3
|
TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users. |
2022-06-14 |
not yet calculated |
CVE-2022-31046
MISC
CONFIRM
MISC |
typo3 — typo3
|
TYPO3 is an open source web content management system. Prior to versions 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed to exploit this vulnerability. TYPO3 versions 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11 contain a fix for the problem. |
2022-06-14 |
not yet calculated |
CVE-2022-31048
MISC
CONFIRM
MISC |
typo3 — typo3
|
TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, user submitted content was used without being properly encoded in HTML emails sent to users. The actually affected components were mail clients used to view those messages. TYPO3 versions 9.5.34 ELTS, 10.4.29, and 11.5.11 contain a fix for the problem. |
2022-06-14 |
not yet calculated |
CVE-2022-31049
MISC
MISC
CONFIRM |
| u5cms — u5cms |
u5cms version 8.3.5 is vulnerable to Cross Site Scripting (XSS). When a user accesses the default home page if the parameter passed in is http://127.0.0.1/? “Onmouseover=%27tzgl (96502)%27bad=”, it can cause html injection. |
2022-06-17 |
not yet calculated |
CVE-2022-32442
MISC |
u5cms — u5cms
|
An issue was discovered in u5cms verion 8.3.5 There is a URL redirection vulnerability that can cause a user’s browser to be redirected to another site via /loginsave.php. |
2022-06-17 |
not yet calculated |
CVE-2022-32444
MISC |
| utorrent — utorrent |
A vulnerability was found in uTorrent. It has been rated as critical. Affected by this issue is some unknown functionality of the component JSON RPC Server. The manipulation leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. |
2022-06-17 |
not yet calculated |
CVE-2018-25041
MISC
MISC
MISC
MISC |
utorrent — utorrent
|
A vulnerability classified as critical has been found in uTorrent. This affects an unknown part. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component. |
2022-06-17 |
not yet calculated |
CVE-2018-25042
MISC
MISC
MISC |
utorrent — utorrent
|
A vulnerability classified as critical was found in uTorrent. This vulnerability affects unknown code of the component PRNG. The manipulation leads to weak authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. |
2022-06-17 |
not yet calculated |
CVE-2018-25043
MISC
MISC
MISC |
utorrent — utorrent
|
A vulnerability, which was classified as critical, has been found in uTorrent. This issue affects some unknown processing of the component Guest Account. The manipulation leads to privilege escalation. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. |
2022-06-17 |
not yet calculated |
CVE-2018-25044
MISC
MISC
MISC |
utorrent — web
|
A vulnerability was found in uTorrent Web. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component HTTP RPC Server. The manipulation leads to privilege escalation. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. |
2022-06-17 |
not yet calculated |
CVE-2018-25040
MISC
MISC
MISC |
victor_cms — victor_cms
|
Victor CMS 1.0 is vulnerable to SQL injection via c_id parameter of admin_edit_comment.php, p_id parameter of admin_edit_post.php, u_id parameter of admin_edit_user.php, and edit parameter of admin_update_categories.php. |
2022-06-16 |
not yet calculated |
CVE-2020-35597
MISC
MISC
MISC |
vmware — hcx
|
VMware HCX update addresses an information disclosure vulnerability. A malicious actor with network user access to the VMware HCX appliance may be able to gain access to sensitive information. |
2022-06-16 |
not yet calculated |
CVE-2022-22953
MISC |
| vmware — .net_and_visual_studio |
.NET and Visual Studio Information Disclosure Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30184
MISC |
voipmonitor — web_gui
|
VoIPmonitor WEB GUI up to version 24.61 is affected by SQL injection through the “api.php” file and “user” parameter. |
2022-06-17 |
not yet calculated |
CVE-2021-41408
MISC
MISC |
| wavlink — wn579 |
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via a crafted POST request. |
2022-06-14 |
not yet calculated |
CVE-2022-31847
MISC |
| wavlink — wn579 |
A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function. |
2022-06-14 |
not yet calculated |
CVE-2022-31845
MISC
MISC |
| wavlink — wn579 |
A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function. |
2022-06-14 |
not yet calculated |
CVE-2022-31846
MISC
MISC |
wavlink — aerial
|
A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows attackers to obtain sensitive router information via execution of the exec cmd function. |
2022-06-14 |
not yet calculated |
CVE-2022-31308
MISC |
wavlink — aerial
|
An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to execute arbitrary commands via a crafted POST request. |
2022-06-14 |
not yet calculated |
CVE-2022-31311
MISC |
wavlink — aerial
|
A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to obtain sensitive router information via execution of the exec cmd function. |
2022-06-14 |
not yet calculated |
CVE-2022-31309
MISC |
| web_based_quiz_systems — web_based_quiz_systems |
Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the eid parameter at welcome.php. |
2022-06-15 |
not yet calculated |
CVE-2022-32991
MISC |
weblizar — user_login_log_plugin
|
A vulnerability was found in weblizar User Login Log Plugin 2.2.1. It has been classified as problematic. Affected is an unknown function. The manipulation leads to basic cross site scripting (Stored). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. |
2022-06-16 |
not yet calculated |
CVE-2017-20056
MISC
MISC
MISC |
| webtareas — webtareas |
Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /linkedcontent/editfolder.php. |
2022-06-16 |
not yet calculated |
CVE-2021-36609
MISC |
webtareas — webtareas
|
Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /projects/editproject.php. |
2022-06-16 |
not yet calculated |
CVE-2021-36608
MISC |
| windows — autopilot_device_management_and_enrollment_client |
Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability. |
2022-06-15 |
not yet calculated |
CVE-2022-30189
MISC |
wiris — mathtype
|
Wiris Mathtype v7.28.0 was discovered to contain a path traversal vulnerability in the resourceFile parameter. This vulnerability is exploited via a crafted request to the resource handler. |
2022-06-16 |
not yet calculated |
CVE-2022-31372
MISC |
wordpre4ss — phil_bakers_gate_plugin
|
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in Phil Baker’s Age Gate plugin <= 2.17.0 at WordPress. |
2022-06-15 |
not yet calculated |
CVE-2021-36901
CONFIRM
CONFIRM |
wordpress — admin_management_xtended
|
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Admin Management Xtended plugin <= 2.4.4 at WordPress. |
2022-06-15 |
not yet calculated |
CVE-2022-29450
CONFIRM
CONFIRM |
wordpress — api_key_for_google_maps
|
Cross-Site Request Forgery (CSRF) vulnerability in API KEY for Google Maps plugin <= 1.2.1 at WordPress leading to Google Maps API key update. |
2022-06-15 |
not yet calculated |
CVE-2022-29453
CONFIRM
CONFIRM |
wordpress — auto_delete_posts
|
The Auto Delete Posts WordPress plugin through 1.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and delete specific posts, categories and attachments at once. |
2022-06-13 |
not yet calculated |
CVE-2022-1779
MISC |
wordpress — change_uploaded_file_permissions
|
Due to missing checks the Change Uploaded File Permissions WordPress plugin through 4.0.0 is vulnerable to CSRF attacks. This can be used to change the file and folder permissions of any folder. This could be problematic when specific files like ini files are made readable for everyone due to this. |
2022-06-13 |
not yet calculated |
CVE-2022-1788
MISC |
| wordpress — export_all_urls |
Authenticated (editor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Export All URLs plugin <= 4.1 at WordPress. |
2022-06-15 |
not yet calculated |
CVE-2022-29452
CONFIRM
CONFIRM |
wordpress — filr
|
The Filr WordPress plugin before 1.2.2.1 does not have authorisation check in two of its AJAX actions, allowing them to be called by any authenticated users, such as subscriber. They are are protected with a nonce, however the nonce is leaked on the dashboard. This could allow them to upload arbitrary HTML files as well as delete all files or arbitrary ones. |
2022-06-13 |
not yet calculated |
CVE-2022-1777
MISC |
wordpress — google_places_reviews_plugin
|
The Google Places Reviews WordPress plugin before 2.0.0 does not properly escape its Google API key setting, which is reflected on the site’s administration panel. A malicious administrator could abuse this bug, in a multisite WordPress configuration, to trick super-administrators into viewing the booby-trapped payload and taking over their account. |
2022-06-13 |
not yet calculated |
CVE-2022-1772
MISC |
wordpress — google_tag_manager
|
The Google Tag Manager for WordPress (GTM4WP) plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the `gtm4wp-options[scroller-contentid]` parameter found in the `~/public/frontend.php` file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.15.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. |
2022-06-13 |
not yet calculated |
CVE-2022-1961
MISC
MISC
MISC |
wordpress — hc_custom_wp-admin
|
The HC Custom WP-Admin URL WordPress plugin through 1.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, allowing them to change the login URL |
2022-06-13 |
not yet calculated |
CVE-2022-1594
MISC |
| wordpress — image_slider |
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Image Slider by NextCode plugin <= 1.1.2 at WordPress. |
2022-06-15 |
not yet calculated |
CVE-2022-29437
CONFIRM
CONFIRM |
wordpress — image_slider
|
Cross-Site Request Forgery (CSRF) vulnerability in Image Slider by NextCode plugin <= 1.1.2 at WordPress allows deleting slides. |
2022-06-15 |
not yet calculated |
CVE-2022-29439
CONFIRM
CONFIRM |
wordpress — image_slider
|
Authenticated (author or higher user role) Persistent Cross-Site Scripting (XSS) vulnerability in Image Slider by NextCode plugin <= 1.1.2 at WordPress. |
2022-06-15 |
not yet calculated |
CVE-2022-29438
CONFIRM
CONFIRM |
| wordpress — jupiterxcore_plugin |
Vulnerable versions of the Jupiter (<= 6.10.1) and JupiterX (<= 2.0.6) Themes allow logged-in users, including subscriber-level users, to perform Path Traversal and Local File inclusion. In the JupiterX theme, the jupiterx_cp_load_pane_action AJAX action present in the lib/admin/control-panel/control-panel.php file calls the load_control_panel_pane function. It is possible to use this action to include any local PHP file via the slug parameter. The Jupiter theme has a nearly identical vulnerability which can be exploited via the mka_cp_load_pane_action AJAX action present in the framework/admin/control-panel/logic/functions.php file, which calls the mka_cp_load_pane_action function. |
2022-06-13 |
not yet calculated |
CVE-2022-1657
MISC |
wordpress — jupiterxcore_plugin
|
Jupiter Theme <= 6.10.1 and JupiterX Core Plugin <= 2.0.7 allow any authenticated attacker, including a subscriber or customer-level attacker, to gain administrative privileges via the “abb_uninstall_template” (both) and “jupiterx_core_cp_uninstall_template” (JupiterX Core Only) AJAX actions |
2022-06-13 |
not yet calculated |
CVE-2022-1654
MISC |
wordpress — jupiterxcore_plugin
|
Vulnerable versions of the JupiterX Core (<= 2.0.6) plugin register an AJAX action jupiterx_conditional_manager which can be used to call any function in the includes/condition/class-condition-manager.php file by sending the desired function to call in the sub_action parameter. This can be used to view site configuration and logged-in users, modify post conditions, or perform a denial of service attack. |
2022-06-13 |
not yet calculated |
CVE-2022-1659
MISC |
wordpress — jupiterxcore_plugin
|
Vulnerable versions of the Jupiter Theme (<= 6.10.1) allow arbitrary plugin deletion by any authenticated user, including users with the subscriber role, via the abb_remove_plugin AJAX action registered in the framework/admin/control-panel/logic/plugin-management.php file. Using this functionality, any logged-in user can delete any installed plugin on the site. |
2022-06-13 |
not yet calculated |
CVE-2022-1658
MISC |
wordpress — latex
|
The LaTeX for WordPress plugin through 3.4.10 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack which could also lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping |
2022-06-13 |
not yet calculated |
CVE-2022-1780
MISC |
wordpress — messages_for_wordpress
|
Authenticated (subscriber or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Messages For WordPress <= 2.1.10 at WordPress. |
2022-06-15 |
not yet calculated |
CVE-2022-29442
CONFIRM
CONFIRM |
wordpress — mobile_browser_color_select
|
The Mobile browser color select plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the admin_update_data() function. This makes it possible for unauthenticated attackers to inject malicious web scripts via forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
2022-06-13 |
not yet calculated |
CVE-2022-1969
MISC
MISC |
wordpress — muneebs_custom_popup_builder
|
Improper Access Control vulnerability leading to multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Muneeb’s Custom Popup Builder plugin <= 1.3.1 at WordPress. |
2022-06-15 |
not yet calculated |
CVE-2022-28612
CONFIRM
CONFIRM |
wordpress — new_user_email_set_up
|
The New User Email Set Up WordPress plugin through 0.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack |
2022-06-13 |
not yet calculated |
CVE-2022-1790
MISC |
wordpress — newsletter_plugin
|
The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $_SERVER[‘REQUEST_URI’] before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below. |
2022-06-13 |
not yet calculated |
CVE-2022-1756
MISC |
wordpress — nicdark_doo_travel_management
|
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark d.o.o. Travel Management plugin <= 2.0 at WordPress. |
2022-06-15 |
not yet calculated |
CVE-2022-27859
CONFIRM
CONFIRM |
wordpress — one_click_plugin_updater
|
The One Click Plugin Updater WordPress plugin through 2.4.14 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable / hide the badge of the available updates and the related check. |
2022-06-13 |
not yet calculated |
CVE-2022-1791
MISC |
wordpress — peteraes_collaboration_e-mails_plugin
|
The Peter’s Collaboration E-mails WordPress plugin through 2.2.0 is vulnerable to CSRF due to missing nonce checks. This allows the change of its settings, which can be used to lower the required user level, change texts, the used email address and more. |
2022-06-13 |
not yet calculated |
CVE-2022-1761
MISC |
| wordpress — photo_gallery_by_supsystic_plugin |
Cross-Site Request Forgery (CSRF) vulnerability in Photo Gallery by Supsystic plugin <= 1.15.5 at WordPress allows changing the plugin settings. |
2022-06-15 |
not yet calculated |
CVE-2021-36891
CONFIRM
CONFIRM |
wordpress — posttabs
|
The postTabs WordPress plugin through 2.10.6 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, which also lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping |
2022-06-13 |
not yet calculated |
CVE-2022-1781
MISC |
| wordpress — private_messages_for_wordpress |
Cross-Site Request Forgery (CSRF) vulnerability in Private Messages For WordPress plugin <= 2.1.10 at WordPress allows attackers to send messages. |
2022-06-15 |
not yet calculated |
CVE-2022-29441
CONFIRM
CONFIRM |
wordpress — promotion_slider
|
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Promotion Slider plugin <= 3.3.4 at WordPress. |
2022-06-15 |
not yet calculated |
CVE-2022-29440
CONFIRM
CONFIRM |
wordpress — quick_subscribe
|
The Quick Subscribe WordPress plugin through 1.7.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and leading to Stored XSS due to the lack of sanitisation and escaping in some of them |
2022-06-13 |
not yet calculated |
CVE-2022-1792
MISC |
wordpress — sticky_popup_plugin
|
The Sticky Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ popup_title’ parameter in versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with admin level capabilities and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This issue mostly affects sites where unfiltered_html has been disabled for administrators and on multi-site installations where unfiltered_html is disabled for administrators. |
2022-06-13 |
not yet calculated |
CVE-2022-1750
MISC |
wordpress — team_manager
|
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in DynamicWebLab’s WordPress Team Manager plugin <= 1.6.9 at WordPress. |
2022-06-15 |
not yet calculated |
CVE-2022-29406
CONFIRM
CONFIRM |
wordpress — wp-chgfontsize_plugin
|
The WP-chgFontSize WordPress plugin through 1.8 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping |
2022-06-13 |
not yet calculated |
CVE-2022-1764
MISC |
wordpress –nicdarks_hotel_booking
|
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark’s Hotel Booking plugin <= 3.0 at WordPress. |
2022-06-15 |
not yet calculated |
CVE-2022-29443
CONFIRM
CONFIRM |
wordpress– sideblog
|
The Sideblog WordPress plugin through 6.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping |
2022-06-13 |
not yet calculated |
CVE-2022-1787
MISC |
wordpress — copify
|
The Copify plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.0. This is due to missing nonce validation on the CopifySettings page. This makes it possible for unauthenticated attackers to update the plugins settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
2022-06-13 |
not yet calculated |
CVE-2022-1900
MISC |
wordpress — download_manager
|
The Download Manager Plugin for WordPress is vulnerable to reflected Cross-Site Scripting in versions up to, and including 3.2.42. This is due to insufficient input sanitization and output escaping on the ‘frameid’ parameter found in the ~/src/Package/views/shortcode-iframe.php file. |
2022-06-13 |
not yet calculated |
CVE-2022-1985
MISC
MISC
MISC |
wordpress — export_any_wordpress_data_to_xml/csv
|
The Export any WordPress data to XML/CSV WordPress plugin before 1.3.5 does not sanitize the cpt POST parameter when exporting post data before using it in a database query, leading to an SQL injection vulnerability. |
2022-06-13 |
not yet calculated |
CVE-2022-1800
MISC |
wordpress — genki_pre-publish_reminder
|
The Genki Pre-Publish Reminder WordPress plugin through 1.4.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored XSS as well as RCE when custom code is added via the plugin settings. |
2022-06-13 |
not yet calculated |
CVE-2022-1758
MISC |
wordpress — hot_linked_image_cacher_plugin
|
The Hot Linked Image Cacher WordPress plugin through 1.16 is vulnerable to CSRF. This can be used to store / cache images from external domains on the server, which could lead to legal risks (due to copyright violations or licensing rules). |
2022-06-13 |
not yet calculated |
CVE-2022-1765
MISC |
wordpress — iq_block_country_plugin
|
The iQ Block Country WordPress plugin through 1.2.13 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it’s block feature by spoofing the headers. |
2022-06-13 |
not yet calculated |
CVE-2022-1762
MISC |
wordpress — keep_backup_daily
|
The Keep Backup Daily plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘t’ parameter in versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. |
2022-06-13 |
not yet calculated |
CVE-2022-1820
MISC
MISC |
wordpress — mitsol_social_post_feed_plugin
|
The Mitsol Social Post Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.10 due to insufficient input sanitization and output escaping on the application id parameters. This makes it possible for authenticated (admin+) attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html is disabled. |
2022-06-13 |
not yet calculated |
CVE-2022-0209
MISC
MISC |
wordpress — ninja_forms_contact_form_plugin
|
Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive’s Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via “label”. |
2022-06-16 |
not yet calculated |
CVE-2021-36827
CONFIRM
CONFIRM |
wordpress — private_files
|
The Private Files WordPress plugin through 0.40 is missing CSRF check when disabling the protection, which could allow attackers to make a logged in admin perform such action via a CSRF attack and make the blog public |
2022-06-13 |
not yet calculated |
CVE-2022-1793
MISC |
wordpress — rb_internal_links_plugin
|
The RB Internal Links WordPress plugin through 2.0.16 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, as well as perform Stored Cross-Site Scripting attacks due to the lack of sanitisation and escaping |
2022-06-13 |
not yet calculated |
CVE-2022-1759
MISC |
wordpress — rsvpmaker_plugin
|
The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficient escaping and parameterization on user supplied data passed to multiple SQL queries in the ~/rsvpmaker-email.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to, and including, 9.3.2. Please note that this is separate from CVE-2022-1453 & CVE-2022-1505. |
2022-06-13 |
not yet calculated |
CVE-2022-1768
MISC
MISC
MISC |
wordpress — static_page_extended_plugin
|
Due to missing checks the Static Page eXtended WordPress plugin through 2.1 is vulnerable to CSRF attacks which allows changing the plugin settings, including required user levels for specific features. This could also lead to Stored Cross-Site Scripting due to the lack of escaping in some of the settings |
2022-06-13 |
not yet calculated |
CVE-2022-1763
MISC |
wordpress — toolbar_to_share
|
The ToolBar to Share plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0. This is due to missing nonce validation on the plugin_toolbar_comparte page. This makes it possible for unauthenticated attackers to update the plugins settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
2022-06-13 |
not yet calculated |
CVE-2022-1918
MISC
MISC |
wordpress — wp_admin_style
|
The WP Admin Style WordPress plugin through 0.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed |
2022-06-13 |
not yet calculated |
CVE-2022-1814
MISC |
wordpress — wp_athletics
|
The WP Athletics WordPress plugin through 1.1.7 does not sanitise and escape a parameter before outputting back in an admin page, leading to a Reflected Cross-Site Scripting |
2022-06-13 |
not yet calculated |
CVE-2022-1773
MISC |
wordpress — wpmk_ajax_finder_plugin
|
The WPMK Ajax Finder WordPress plugin is vulnerable to Cross-Site Request Forgery via the createplugin_atf_admin_setting_page() function found in the ~/inc/config/create-plugin-config.php file due to a missing nonce check which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.1. |
2022-06-13 |
not yet calculated |
CVE-2022-1749
MISC
MISC |
wordpress — zephyr_project_manager
|
The Zephyr Project Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘project’ parameter in versions up to, and including, 3.2.40 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. |
2022-06-13 |
not yet calculated |
CVE-2022-1822
MISC
MISC |
wuzhicms — wuzhicms
|
SQL injection vulnerabilities exist in Wuzhicms v4.1.0 which allows attackers to execute arbitrary SQL commands via the $keyValue parameter in /coreframe/app/pay/admin/index.php |
2022-06-16 |
not yet calculated |
CVE-2021-41654
MISC |
xakuros — xo_slider_plugin
|
Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Xakuro’s XO Slider plugin <= 3.3.2 at WordPress. |
2022-06-15 |
not yet calculated |
CVE-2022-32280
CONFIRM
CONFIRM |
| xfce — xfce |
XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server. |
2022-06-13 |
not yet calculated |
CVE-2022-32278
MISC
DEBIAN |
xiaomi — lamp
|
Xiaomi Lamp 1 v2.0.4_0066 was discovered to be vulnerable to replay attacks. This allows attackers to to bypass the expected access restrictions and gain control of the switch and other functions via a crafted POST request. |
2022-06-16 |
not yet calculated |
CVE-2022-31277
MISC |
xos-shop — xos-shop_system
|
Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/categories.php |
2022-06-16 |
not yet calculated |
CVE-2021-46820
MISC |
xos-shop — xos-shop_system
|
Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/manufacturers.php. |
2022-06-16 |
not yet calculated |
CVE-2021-37764
MISC |
xpedition — designer
|
A vulnerability has been identified in Xpedition Designer (All versions < VX.2.11). The affected application assigns improper access rights to the service executable. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges. |
2022-06-14 |
not yet calculated |
CVE-2022-31465
MISC |
xyzscripts — contact_form_manager_plugin
|
A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. |
2022-06-16 |
not yet calculated |
CVE-2017-20054
MISC
MISC
MISC |
xyzscripts — contact_form_manager_plugin
|
A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. |
2022-06-16 |
not yet calculated |
CVE-2017-20053
MISC
MISC
MISC |
yandex — browser_for_windows
|
Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process. |
2022-06-15 |
not yet calculated |
CVE-2022-28225
MISC |
yandex — browser_for_windows
|
Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process. |
2022-06-15 |
not yet calculated |
CVE-2022-28226
MISC |
yandex — browser
|
Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process. |
2022-06-15 |
not yet calculated |
CVE-2021-25261
MISC |
| yugue — kkcms |
kkcms v1.3.7 was discovered to contain a SQL injection vulnerability via the cid parameter at /template/wapian/vlist.php. |
2022-06-15 |
not yet calculated |
CVE-2022-32101
MISC |
| yuque — youdiancms |
YoudianCMS v9.5.0 was discovered to contain a SQL injection vulnerability via the id parameter at /App/Lib/Action/Admin/SiteAction.class.php. |
2022-06-15 |
not yet calculated |
CVE-2022-32299
MISC |
| yuque — youdiancms |
YoudianCMS v9.5.0 was discovered to contain a SQL injection vulnerability via the MailSendID parameter at /App/Lib/Action/Admin/MailAction.class.php. |
2022-06-15 |
not yet calculated |
CVE-2022-32300
MISC |
| yuque — youdiancms |
YoudianCMS v9.5.0 was discovered to contain a SQL injection vulnerability via the IdList parameter at /App/Lib/Action/Home/ApiAction.class.php. |
2022-06-15 |
not yet calculated |
CVE-2022-32301
MISC |
zoom — on-premise_meeting_connector
|
Zooms On-Premise Meeting Connector MMR before version 4.8.113.20220526 fails to properly check the permissions of a Zoom meeting attendee. As a result, a threat actor in the Zooms waiting room can join the meeting without the consent of the host. |
2022-06-15 |
not yet calculated |
CVE-2022-28749
MISC |
zoom — opener
|
The Zoom Opener installer is downloaded by a user from the Launch meeting page, when attempting to join a meeting without having the Zoom Meeting Client installed. The Zoom Opener installer for Zoom Client for Meetings before version 5.10.3 and Zoom Rooms for Conference Room for Windows before version 5.10.3 are susceptible to a DLL injection attack. This vulnerability could be used to run arbitrary code on the victims host. |
2022-06-15 |
not yet calculated |
CVE-2022-22788
MISC |
| zzcms — zzcms |
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/deluser.php (when the attacker has admin authority) via the id parameter. |
2022-06-17 |
not yet calculated |
CVE-2019-12357
MISC |
| zzcms — zzcms |
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendsms.php (when the attacker has dls_print authority) via a dlid cookie. |
2022-06-17 |
not yet calculated |
CVE-2019-12358
MISC |
| zzcms — zzcms |
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/ztliuyan_sendmail.php (when the attacker has admin authority) via the id parameter. |
2022-06-17 |
not yet calculated |
CVE-2019-12359
MISC |
| zzcms — zzcms |
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_print.php (when the attacker has dls_print authority) via the id parameter. |
2022-06-17 |
not yet calculated |
CVE-2019-12355
MISC |
| zzcms — zzcms |
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_download.php (when the attacker has dls_download authority) via the id parameter. |
2022-06-17 |
not yet calculated |
CVE-2019-12356
MISC |
zzcms — zzcms
|
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendmail.php (when the attacker has dls_print authority) via a dlid cookie. |
2022-06-17 |
not yet calculated |
CVE-2019-12352
MISC |
zzcms — zzcms
|
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/showbad.php (when the attacker has admin authority) via the id parameter. |
2022-06-17 |
not yet calculated |
CVE-2019-12354
MISC |
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
Recent Comments