| CVE Number | Description | Base Score | Reference |
|---|
| CVE-2017-16544 | In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2017-16544 |
| CVE-2019-12257 | Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-12257 |
| CVE-2019-5086 | An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In order to trigger this vulnerability, a victim would need to open a specially crafted XCF file. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5086 |
| CVE-2019-5087 | An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row's allocation size, that could be exploited to corrupt memory and eventually execute arbitrary code. In order to trigger this vulnerability, a victim would need to open a specially crafted XCF file. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5087 |
| CVE-2019-5076 | An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll PNG header-parser of the Accusoft ImageGear 19.3.0 library. A specially crafted PNG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the viction to trigger the vulnerability. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5076 |
| CVE-2019-5083 | An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll TIFdecodethunderscan function of Accusoft ImageGear 19.3.0 library. A specially crafted TIFF file can cause an out of bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5083 |
| CVE-2019-5132 | An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll GEM Raster parser of the Accusoft ImageGear 19.3.0 library. A specially crafted GEM file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5132 |
| CVE-2019-5133 | An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll BMP parser of the ImageGear 19.3.0 library. A specially crafted BMP file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5133 |
| CVE-2019-5092 | An exploitable heap out of bounds write vulnerability exists in the UI tag parsing functionality of the DICOM image format of LEADTOOLS 20.0.2019.3.15. A specially crafted DICOM image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting in code execution. An attacker can specially craft a DICOM image to trigger this vulnerability. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5092 |
| CVE-2019-5154 | An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20.0.2019.3.15. A specially crafted J2K image file can cause an out of bounds write of a null byte in a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this vulnerability. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5154 |
| CVE-2019-5144 | An exploitable heap underflow vulnerability exists in the derive_taps_and_gains function in kdu_v7ar.dll of Kakadu Software SDK 7.10.2. A specially crafted jp2 file can cause a heap overflow, which can result in remote code execution. An attacker could provide a malformed file to the victim to trigger this vulnerability. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5144 |
| CVE-2019-5063 | An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV 4.1.0. A specially crafted XML file can cause a buffer overflow, resulting in multiple heap corruptions and potential code execution. An attacker can provide a specially crafted file to trigger this vulnerability. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5063 |
| CVE-2019-5064 | An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, before version 4.2.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5064 |
| CVE-2019-5126 | An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5126 |
| CVE-2020-7591 | A vulnerability has been identified in SIPORT MP (All versions < 3.2.1). Vulnerable versions of the device could allow an authenticated attacker to impersonate other users of the system and perform (potentially administrative) actions on behalf of those users if the single sign-on feature ("Allow logon without password") is enabled. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2020-7591 |
| CVE-2020-26682 | In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2020-26682 |
| CVE-2020-13778 | rConfig 3.9.4 and earlier allows authenticated code execution (of system commands) by sending a forged GET request to lib/ajaxHandlers/ajaxAddTemplate.php or lib/ajaxHandlers/ajaxEditTemplate.php. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2020-13778 |
| CVE-2022-23302 | JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-23302 |
| CVE-2022-23307 | CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-23307 |
| CVE-2022-22150 | A memory corruption vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger an exception which is improperly handled, leaving the engine in an invalid state, which can lead to memory corruption and arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted, malicious site if the browser plugin extension is enabled. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-22150 |
| CVE-2022-23642 | Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.37 is vulnerable to remote code execution in the `gitserver` service. The service acts as a git exec proxy, and fails to properly restrict calling `git config`. This allows an attacker to set the git `core.sshCommand` option, which sets git to use the specified command instead of ssh when they need to connect to a remote system. Exploitation of this vulnerability depends on how Sourcegraph is deployed. An attacker able to make HTTP requests to internal services like gitserver is able to exploit it. This issue is patched in Sourcegraph version 3.37. As a workaround, ensure that requests to gitserver are properly protected. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-23642 |
| CVE-2021-24957 | The Advanced Page Visit Counter WordPress plugin before 6.1.6 does not escape the artID parameter before using it in a SQL statement in the apvc_reset_count_art AJAX action, available to any authenticated user, leading to a SQL injection | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-24957 |
| CVE-2022-29500 | SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-29500 |
| CVE-2022-29501 | SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-29501 |
| CVE-2022-30129 | Visual Studio Code Remote Code Execution Vulnerability. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30129 |
| CVE-2022-31483 | An authenticated attacker can upload a file with a filename including “..” and “/” to achieve the ability to upload the desired file anywhere on the filesystem. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.271. This allows a malicious actor to overwrite sensitive system files and install a startup service to gain remote access to the underlaying Linux operating system with root privileges. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-31483 |
| CVE-2022-31486 | An authenticated attacker can send a specially crafted route to the “edit_route.cgi” binary and have it execute shell commands. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.303 for the LP series and 1.297 for the EP series. An attacker with this level of access on the device can monitor all communications sent to and from this device, modify onboard relays, change configuration files, or cause the device to become unstable. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-31486 |
| CVE-2022-1680 | An account takeover issue has been discovered in GitLab EE affecting all versions starting from 11.10 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. When group SAML SSO is configured, the SCIM feature (available only on Premium+ subscriptions) may allow any owner of a Premium group to invite arbitrary users through their username and email, then change those users' email addresses via SCIM to an attacker controlled email address and thus - in the absence of 2FA - take over those accounts. It is also possible for the attacker to change the display name and username of the targeted account. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1680 |
| CVE-2020-36543 | A vulnerability, which was classified as critical, was found in SialWeb CMS. This affects an unknown part of the file /about.php. The manipulation of the argument Id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2020-36543 |
| CVE-2022-1703 | Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Commands which potentially leads to remote command execution vulnerability or denial of service (DoS) attack. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1703 |
| CVE-2022-1683 | The amtyThumb WordPress plugin through 4.2.0 does not sanitise and escape a parameter before using it in a SQL statement via its shortcode, leading to an SQL injection and is exploitable by any authenticated user (and not just Author+ like the original advisory mention) due to the fact that they can execute shortcodes via an AJAX action | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1683 |
| CVE-2021-36710 | ToaruOS 1.99.2 is affected by incorrect access control via the kernel. Improper MMU management and having a low GDT address allows it to be mapped in userland. A call gate can then be written to escalate to CPL 0. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-36710 |
| CVE-2022-31496 | LibreHealth EHR Base 2.0.0 allows incorrect interface/super/manage_site_files.php access. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-31496 |
| CVE-2022-25806 | An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. A hardcoded DES key in the PrefDBCredentials class allows an attacker, who has discovered encrypted superuser credentials, to decrypt those credentials using a static 8-byte DES key. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-25806 |
| CVE-2022-30075 | In TP-Link Router AX50 firmware 210730 and older, import of a malicious backup file via web interface can lead to remote code execution due to improper validation. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30075 |
| CVE-2021-40961 | CMS Made Simple <=2.2.15 is affected by SQL injection in modules/News/function.admin_articlestab.php. The $sortby variable is concatenated with $query1, but it is possible to inject arbitrary SQL language without using the '. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-40961 |
| CVE-2016-15002 | A vulnerability, which was classified as critical, was found in MONyog Ultimate 6.63. This affects an unknown part of the component Cookie Handler. The manipulation of the argument HasServerEdit/IsAdmin leads to privilege escalation. It is possible to initiate the attack remotely. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2016-15002 |
| CVE-2019-25064 | A vulnerability was found in CoreHR Core Portal up to 27.0.7. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site request forgery. It is possible to launch the attack remotely. Upgrading to version 27.0.8 is able to address this issue. It is recommended to upgrade the affected component. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-25064 |
| CVE-2019-25066 | A vulnerability has been found in ajenti 2.1.31 and classified as critical. This vulnerability affects unknown code of the component API. The manipulation leads to privilege escalation. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.1.32 is able to address this issue. The name of the patch is 7aa146b724e0e20cfee2c71ca78fafbf53a8767c. It is recommended to upgrade the affected component. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-25066 |
| CVE-2019-25067 | A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the component API. The manipulation leads to Privilege Escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-25067 |
| CVE-2019-25068 | A vulnerability classified as critical was found in Axios Italia Axios RE 1.7.0/7.0.0. This vulnerability affects unknown code of the file REDefault.aspx of the component Connection Handler. The manipulation of the argument DBIDX leads to privilege escalation. The attack can be initiated remotely. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-25068 |
| CVE-2022-25152 | The ITarian platform (SAAS / on-premise) offers the possibility to run code on agents via a function called procedures. It is possible to require a mandatory approval process. Due to a vulnerability in the approval process, present in any version prior to 6.35.37347.20040, a malicious actor (with a valid session token) can create a procedure, bypass approval, and execute the procedure. This results in the ability for any user with a valid session token to perform arbitrary code execution and full system take-over on all agents. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-25152 |
| CVE-2017-20020 | A vulnerability, which was classified as problematic, has been found in Solare Solar-Log 2.8.4-56/3.5.2-85. Affected by this issue is some unknown functionality. The manipulation leads to cross site request forgery. The attack may be launched remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is recommended to upgrade the affected component. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2017-20020 |
| CVE-2021-44117 | A Cross Site Request Forgery (CSRF) vulnerability exists in TheDayLightStudio Fuel CMS 1.5.0 via a POST call to /fuel/sitevariables/delete/4. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-44117 |
| CVE-2021-44582 | A Privilege Escalation vulnerability exists in Sourcecodester Money Transfer Management System 1.0, which allows a remote malicious user to gain elevated privileges to the Admin role via any URL. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-44582 |
| CVE-2022-22479 | IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 225887. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-22479 |
| CVE-2017-20037 | A vulnerability has been found in SICUNET Access Controller 0.32-05z and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument c leads to privilege escalation. The attack can be launched remotely. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2017-20037 |
| CVE-2017-20038 | A vulnerability was found in SICUNET Access Controller 0.32-05z and classified as critical. Affected by this issue is some unknown functionality of the file card_scan_decoder.php. The manipulation of the argument No/door leads to privilege escalation. The attack may be launched remotely. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2017-20038 |
| CVE-2021-41738 | ZeroShell 3.9.5 has a command injection vulnerability in /cgi-bin/kerbynet IP parameter, which may allow an authenticated attacker to execute system commands. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-41738 |
| CVE-2017-20042 | A vulnerability has been found in Navetti PricePoint 4.6.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection (Blind). The attack can be launched remotely. Upgrading to version 4.7.0.0 is able to address this issue. It is recommended to upgrade the affected component. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2017-20042 |
| CVE-2017-20045 | A vulnerability was found in Navetti PricePoint 4.6.0.0. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.7.0.0 is able to address this issue. It is recommended to upgrade the affected component. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2017-20045 |
| CVE-2022-1765 | The Hot Linked Image Cacher WordPress plugin through 1.16 is vulnerable to CSRF. This can be used to store / cache images from external domains on the server, which could lead to legal risks (due to copyright violations or licensing rules). | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1765 |
| CVE-2022-1777 | The Filr WordPress plugin before 1.2.2.1 does not have authorisation check in two of its AJAX actions, allowing them to be called by any authenticated users, such as subscriber. They are are protected with a nonce, however the nonce is leaked on the dashboard. This could allow them to upload arbitrary HTML files as well as delete all files or arbitrary ones. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1777 |
| CVE-2022-1900 | The Copify plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.0. This is due to missing nonce validation on the CopifySettings page. This makes it possible for unauthenticated attackers to update the plugins settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1900 |
| CVE-2022-1918 | The ToolBar to Share plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0. This is due to missing nonce validation on the plugin_toolbar_comparte page. This makes it possible for unauthenticated attackers to update the plugins settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1918 |
| CVE-2022-1654 | Jupiter Theme <= 6.10.1 and JupiterX Core Plugin <= 2.0.7 allow any authenticated attacker, including a subscriber or customer-level attacker, to gain administrative privileges via the "abb_uninstall_template" (both) and "jupiterx_core_cp_uninstall_template" (JupiterX Core Only) AJAX actions | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1654 |
| CVE-2022-1657 | Vulnerable versions of the Jupiter (<= 6.10.1) and JupiterX (<= 2.0.6) Themes allow logged-in users, including subscriber-level users, to perform Path Traversal and Local File inclusion. In the JupiterX theme, the jupiterx_cp_load_pane_action AJAX action present in the lib/admin/control-panel/control-panel.php file calls the load_control_panel_pane function. It is possible to use this action to include any local PHP file via the slug parameter. The Jupiter theme has a nearly identical vulnerability which can be exploited via the mka_cp_load_pane_action AJAX action present in the framework/admin/control-panel/logic/functions.php file, which calls the mka_cp_load_pane_action function. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1657 |
| CVE-2022-1749 | The WPMK Ajax Finder WordPress plugin is vulnerable to Cross-Site Request Forgery via the createplugin_atf_admin_setting_page() function found in the ~/inc/config/create-plugin-config.php file due to a missing nonce check which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.1. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1749 |
| CVE-2022-1969 | The Mobile browser color select plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the admin_update_data() function. This makes it possible for unauthenticated attackers to inject malicious web scripts via forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1969 |
| CVE-2021-39820 | Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-39820 |
| CVE-2022-30153 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30161. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30153 |
| CVE-2022-30157 | Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30158. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30157 |
| CVE-2022-30158 | Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30157. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30158 |
| CVE-2022-30161 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30161 |
| CVE-2022-30165 | Windows Kerberos Elevation of Privilege Vulnerability. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30165 |
| CVE-2022-26669 | ASUS Control Center is vulnerable to SQL injection. An authenticated remote attacker with general user privilege can inject SQL command to specific API parameters to acquire database schema or access data. | 8.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-26669 |
| CVE-2022-30163 | Windows Hyper-V Remote Code Execution Vulnerability. | 8.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30163 |
| CVE-2021-41641 | Deno <=1.14.0 file sandbox does not handle symbolic links correctly. When running Deno with specific write access, the Deno.symlink method can be used to gain access to any directory. | 8.4 | https://nvd.nist.gov/vuln/detail/CVE-2021-41641 |
| CVE-2022-30164 | Kerberos AppContainer Security Feature Bypass Vulnerability. | 8.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-30164 |
| CVE-2021-32777 | Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions when ext-authz extension is sending request headers to the external authorization service it must merge multiple value headers according to the HTTP spec. However, only the last header value is sent. This may allow specifically crafted requests to bypass authorization. Attackers may be able to escalate privileges when using ext-authz extension or back end service that uses multiple value headers for authorization. A specifically constructed request may be delivered by an untrusted downstream peer in the presence of ext-authz extension. Envoy versions 1.19.1, 1.18.4, 1.17.4, 1.16.5 contain fixes to the ext-authz extension to correctly merge multiple request header values, when sending request for authorization. | 8.3 | https://nvd.nist.gov/vuln/detail/CVE-2021-32777 |
| CVE-2021-32779 | Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy incorrectly handled a URI '#fragment' element as part of the path element. Envoy is configured with an RBAC filter for authorization or similar mechanism with an explicit case of a final "/admin" path element, or is using a negative assertion with final path element of "/admin". The client sends request to "/app1/admin#foo". In Envoy prior to 1.18.0, or 1.18.0+ configured with path_normalization=false. Envoy treats fragment as a suffix of the query string when present, or as a suffix of the path when query string is absent, so it evaluates the final path element as "/admin#foo" and mismatches with the configured "/admin" path element. In Envoy 1.18.0+ configured with path_normalization=true. Envoy transforms this to /app1/admin%23foo and mismatches with the configured /admin prefix. The resulting URI is sent to the next server-agent with the offending "#foo" fragment which violates RFC3986 or with the nonsensical "%23foo" text appended. A specifically constructed request with URI containing '#fragment' element delivered by an untrusted client in the presence of path based request authorization resulting in escalation of Privileges when path based request authorization extensions. Envoy versions 1.19.1, 1.18.4, 1.17.4, 1.16.5 contain fixes that removes fragment from URI path in incoming requests. | 8.3 | https://nvd.nist.gov/vuln/detail/CVE-2021-32779 |
| CVE-2022-22021 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. | 8.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-22021 |
| CVE-2021-35530 | A vulnerability in the application authentication and authorization mechanism in Hitachi Energy's TXpert Hub CoreTec 4, that depends on a token validation of the session identifier, allows an unauthorized modified message to be executed in the server enabling an unauthorized actor to change an existing user password, and further gain authorized access into the system via login mechanism. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0 2.1.0; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1. | 8.2 | https://nvd.nist.gov/vuln/detail/CVE-2021-35530 |
| CVE-2015-7547 | Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2015-7547 |
| CVE-2019-12263 | Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2019-12263 |
| CVE-2022-27438 | Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-27438 |
| CVE-2021-40668 | The Android application HTTP File Server (Version 1.4.1) by 'slowscript' is affected by a path traversal vulnerability that permits arbitrary directory listing, file read, and file write. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2021-40668 |
| CVE-2022-1993 | Path Traversal in GitHub repository gogs/gogs prior to 0.12.9. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-1993 |
| CVE-2022-1779 | The Auto Delete Posts WordPress plugin through 1.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and delete specific posts, categories and attachments at once. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-1779 |
| CVE-2022-1791 | The One Click Plugin Updater WordPress plugin through 2.4.14 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable / hide the badge of the available updates and the related check. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-1791 |
| CVE-2021-35082 | Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC security mode command packet has been received in Snapdragon Industrial IOT | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2021-35082 |
| CVE-2022-30141 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-30141 |
| CVE-2022-27511 | Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted. | 8.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-27511 |
| CVE-2022-2027 | Improper Neutralization of Formula Elements in a CSV File in GitHub repository kromitgmbh/titra prior to 0.77.0. | 8 | https://nvd.nist.gov/vuln/detail/CVE-2022-2027 |
| CVE-2022-2037 | Excessive Attack Surface in GitHub repository tooljet/tooljet prior to v1.16.0. | 8 | https://nvd.nist.gov/vuln/detail/CVE-2022-2037 |
| CVE-2019-5084 | An exploitable heap out-of-bounds write vulnerability exists in the TIF-parsing functionality of LEADTOOLS 20. A specially crafted TIF image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting in code execution. An attacker can specially craft a TIF image to trigger this vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5084 |
| CVE-2019-5099 | An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5099 |
| CVE-2019-5100 | An exploitable integer overflow vulnerability exists in the BMP header parsing functionality of LEADTOOLS 20. A specially crafted BMP image file can cause an integer overflow, potentially resulting in code execution. An attacker can specially craft a BMP image to trigger this vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5100 |
| CVE-2019-5125 | An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20. A specially crafted J2K image file can cause an out of bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5125 |
| CVE-2019-5071 | An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS1 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5071 |
| CVE-2019-5072 | An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS2 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5072 |
| CVE-2019-5164 | An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger this vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-5164 |
| CVE-2020-8177 | curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2020-8177 |
| CVE-2021-40157 | A user may be tricked into opening a malicious FBX file which may exploit an Untrusted Pointer Dereference vulnerability in FBX’s Review version 1.5.0 and prior causing it to run arbitrary code on the system. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-40157 |
| CVE-2021-3903 | vim is vulnerable to Heap-based Buffer Overflow | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-3903 |
| CVE-2021-39653 | In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing warning to the user. This could lead to local escalation of privilege after preparing the device, hiding the warning, and passing the phone to a new user, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-193443223References: N/A | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-39653 |
| CVE-2022-0417 | Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-0417 |
| CVE-2022-21124 | Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25234. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-21124 |
| CVE-2022-24396 | The Simple Diagnostics Agent - versions 1.0 up to version 1.57, does not perform any authentication checks for functionalities that can be accessed via localhost on http port 3005. Due to lack of authentication checks, an attacker could access administrative or other privileged functionalities and read, modify, or delete sensitive information and configurations. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-24396 |
| CVE-2022-26981 | Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c). | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-26981 |
| CVE-2022-0943 | Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-0943 |
| CVE-2022-28389 | mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-28389 |
| CVE-2022-28390 | ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-28390 |
| CVE-2022-26360 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise purpose of these regions is unknown, once a device associated with such a region is active, the mappings of these regions need to remain continuouly accessible by the device. This requirement has been violated. Subsequent DMA or interrupts from the device may have unpredictable behaviour, ranging from IOMMU faults to memory corruption. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-26360 |
| CVE-2022-26361 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise purpose of these regions is unknown, once a device associated with such a region is active, the mappings of these regions need to remain continuouly accessible by the device. This requirement has been violated. Subsequent DMA or interrupts from the device may have unpredictable behaviour, ranging from IOMMU faults to memory corruption. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-26361 |
| CVE-2022-26531 | Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-26531 |
| CVE-2022-26532 | A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-26532 |
| CVE-2021-42612 | A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-42612 |
| CVE-2021-42613 | A double free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-42613 |
| CVE-2021-42614 | A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-42614 |
| CVE-2022-1851 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1851 |
| CVE-2022-26757 | A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-26757 |
| CVE-2022-1898 | Use After Free in GitHub repository vim/vim prior to 8.2. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1898 |
| CVE-2022-1652 | Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1652 |
| CVE-2022-1968 | Use After Free in GitHub repository vim/vim prior to 8.2. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1968 |
| CVE-2022-32250 | net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-32250 |
| CVE-2022-30749 | Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to add arbitrary smart devices by bypassing login activity. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30749 |
| CVE-2019-25062 | A vulnerability was found in Sricam IP CCTV Camera and classified as critical. This issue affects some unknown processing of the component Device Viewer. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-25062 |
| CVE-2019-25063 | A vulnerability was found in Sricam IP CCTV Camera. It has been classified as critical. Affected is an unknown function of the component Device Viewer. The manipulation leads to memory corruption. Local access is required to approach this attack. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-25063 |
| CVE-2022-30790 | Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30790 |
| CVE-2022-1998 | A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1998 |
| CVE-2022-2000 | Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-2000 |
| CVE-2022-31214 | A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user namespace, the NO_NEW_PRIVS prctl is not activated, and the entered mount namespace is under the attacker's control. In this way, the filesystem layout can be adjusted to gain root privileges through execution of available setuid-root binaries such as su or sudo. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-31214 |
| CVE-2022-25153 | The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL settings. Due to this setting, a malicious actor with low privileges access to a system can escalate his privileges to SYSTEM abusing an insecure openssl.conf lookup. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-25153 |
| CVE-2022-30703 | Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an exposed dangerous method vulnerability that could allow an attacker to obtain access to leaked kernel addresses and disclose sensitive information. This vulnerability could also potentially be chained for privilege escalation. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30703 |
| CVE-2017-20018 | A vulnerability was found in XAMPP 7.1.1-0-VC14. It has been classified as problematic. Affected is an unknown function of the component Installer. The manipulation leads to privilege escalation. It is possible to launch the attack remotely. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2017-20018 |
| CVE-2022-27502 | RealVNC VNC Server 6.9.0 through 5.1.0 for Windows allows local privilege escalation because an installer repair operation executes %TEMP% files as SYSTEM. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-27502 |
| CVE-2022-24429 | The package convert-svg-core before 0.6.3 are vulnerable to Arbitrary Code Injection when using a specially crafted SVG file. An attacker can read arbitrary files from the file system and then show the file content as a converted PNG file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-24429 |
| CVE-2022-29092 | Dell SupportAssist Client Consumer versions (3.11.0 and versions prior) and Dell SupportAssist Client Commercial versions (3.2.0 and versions prior) contain a privilege escalation vulnerability. A non-admin user can exploit the vulnerability and gain admin access to the system. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-29092 |
| CVE-2022-2054 | Command Injection in GitHub repository nuitka/nuitka prior to 0.9. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-2054 |
| CVE-2021-46816 | Adobe Premiere Pro version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-46816 |
| CVE-2021-46817 | Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-46817 |
| CVE-2021-46818 | Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-46818 |
| CVE-2022-1202 | The WP-CRM WordPress plugin through 1.2.1 does not validate and sanitise fields when exporting people to a CSV file, leading to a CSV injection vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1202 |
| CVE-2022-24077 | Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-24077 |
| CVE-2022-31762 | The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-31762 |
| CVE-2022-29524 | Out-of-bounds write vulnerability exists in V-Server v4.0.11.0 and earlier and V-Server Lite v4.0.13.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-29524 |
| CVE-2021-30281 | XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-30281 |
| CVE-2021-42732 | Access of Memory Location After End of Buffer (CWE-788) | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-42732 |
| CVE-2021-43754 | Adobe Prelude version 22.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-43754 |
| CVE-2021-43756 | Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-43756 |
| CVE-2021-42735 | Adobe Photoshop version 22.5.1 (and earlier versions ) is affected by an Access of Memory Location After End of Buffer vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-42735 |
| CVE-2021-43755 | Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-43755 |
| CVE-2022-28839 | Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-28839 |
| CVE-2022-28840 | Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-28840 |
| CVE-2022-28841 | Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-28841 |
| CVE-2022-28842 | Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-28842 |
| CVE-2022-28843 | Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-28843 |
| CVE-2022-28845 | Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-28845 |
| CVE-2022-28846 | Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-28846 |
| CVE-2022-28847 | Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-28847 |
| CVE-2022-28848 | Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-28848 |
| CVE-2022-30647 | Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30647 |
| CVE-2022-30648 | Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30648 |
| CVE-2022-30649 | Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30649 |
| CVE-2022-22018 | HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29111, CVE-2022-29119, CVE-2022-30188. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-22018 |
| CVE-2022-29111 | HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29119, CVE-2022-30188. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-29111 |
| CVE-2022-29119 | HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29111, CVE-2022-30188. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-29119 |
| CVE-2022-29149 | Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-29149 |
| CVE-2022-30131 | Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30131 |
| CVE-2022-30132 | Windows Container Manager Service Elevation of Privilege Vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30132 |
| CVE-2022-30135 | Windows Media Center Elevation of Privilege Vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30135 |
| CVE-2022-30147 | Windows Installer Elevation of Privilege Vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30147 |
| CVE-2022-30160 | Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30160 |
| CVE-2022-30166 | Local Security Authority Subsystem Service Elevation of Privilege Vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30166 |
| CVE-2022-30167 | AV1 Video Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30193. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30167 |
| CVE-2022-30168 | Microsoft Photos App Remote Code Execution Vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30168 |
| CVE-2022-30173 | Microsoft Excel Remote Code Execution Vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30173 |
| CVE-2022-30177 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30178, CVE-2022-30179. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30177 |
| CVE-2022-30178 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30177, CVE-2022-30179. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30178 |
| CVE-2022-30179 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30177, CVE-2022-30178. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30179 |
| CVE-2022-30180 | Azure RTOS GUIX Studio Information Disclosure Vulnerability. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30180 |
| CVE-2022-30188 | HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29111, CVE-2022-29119. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30188 |
| CVE-2022-30193 | AV1 Video Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30167. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30193 |
| CVE-2022-30658 | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30658 |
| CVE-2022-30660 | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30660 |
| CVE-2022-30661 | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30661 |
| CVE-2022-30662 | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30662 |
| CVE-2022-30663 | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30663 |
| CVE-2022-30665 | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30665 |
| CVE-2022-30650 | Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30650 |
| CVE-2022-30651 | Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30651 |
| CVE-2022-30652 | Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30652 |
| CVE-2022-30653 | Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30653 |
| CVE-2022-30654 | Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30654 |
| CVE-2022-30655 | Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30655 |
| CVE-2022-30657 | Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30657 |
| CVE-2022-30664 | Adobe Animate version 22.0.5 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 7.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30664 |
| CVE-2015-8852 | Varnish 3.x before 3.0.7, when used in certain stacked installations, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a header line terminated by a \\r (carriage return) character in conjunction with multiple Content-Length headers in an HTTP request. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2015-8852 |
| CVE-2017-12425 | An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1.0 through 4.1.7, 5.0.0, and 5.1.0 through 5.1.2. A wrong if statement in the varnishd source code means that particular invalid requests from the client can trigger an assert, related to an Integer Overflow. This causes the varnishd worker process to abort and restart, losing the cached contents in the process. An attacker can therefore crash the varnishd worker process on demand and effectively keep it from serving content - a Denial-of-Service attack. The specific source-code filename containing the incorrect statement varies across releases. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2017-12425 |
| CVE-2019-12259 | Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-12259 |
| CVE-2019-12258 | Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-12258 |
| CVE-2019-15892 | An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Service attack. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-15892 |
| CVE-2019-5097 | A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to an infinite loop in the process. The request can be unauthenticated in the form of GET or POST requests and does not require the requested resource to exist on the server. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-5097 |
| CVE-2019-5163 | An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerability. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-5163 |
| CVE-2019-5090 | An exploitable information disclosure vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an out-of-bounds read, resulting in information disclosure. An attacker can send a packet to trigger this vulnerability. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-5090 |
| CVE-2019-5091 | An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an infinite loop, resulting in a denial of service. An attacker can send a packet to trigger this vulnerability. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-5091 |
| CVE-2013-4090 | Varnish HTTP cache before 3.0.4: ACL bug | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2013-4090 |
| CVE-2020-25829 | An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY query. This results in a denial of service for installation that always validate (dnssec=validate), and for clients requesting validation when on-demand validation is enabled (dnssec=process). | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2020-25829 |
| CVE-2021-38593 | Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke). | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-38593 |
| CVE-2021-32778 | Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy’s procedure for resetting a HTTP/2 stream has O(N^2) complexity, leading to high CPU utilization when a large number of streams are reset. Deployments are susceptible to Denial of Service when Envoy is configured with high limit on H/2 concurrent streams. An attacker wishing to exploit this vulnerability would require a client opening and closing a large number of H/2 streams. Envoy versions 1.19.1, 1.18.4, 1.17.4, 1.16.5 contain fixes to reduce time complexity of resetting HTTP/2 streams. As a workaround users may limit the number of simultaneous HTTP/2 dreams for upstream and downstream peers to a low number, i.e. 100. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-32778 |
| CVE-2021-32781 | Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions after Envoy sends a locally generated response it must stop further processing of request or response data. However when local response is generated due the internal buffer overflow while request or response is processed by the filter chain the operation may not be stopped completely and result in accessing a freed memory block. A specifically constructed request delivered by an untrusted downstream or upstream peer in the presence of extensions that modify and increase the size of request or response bodies resulting in a Denial of Service when using extensions that modify and increase the size of request or response bodies, such as decompressor filter. Envoy versions 1.19.1, 1.18.4, 1.17.4, 1.16.5 contain fixes to address incomplete termination of request processing after locally generated response. As a workaround disable Envoy's decompressor, json-transcoder or grpc-web extensions or proprietary extensions that modify and increase the size of request or response bodies, if feasible. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-32781 |
| CVE-2021-33582 | Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute daemon hang) via input that is mishandled during hash-table interaction. Because there are many insertions into a single bucket, strcmp becomes slow. This is fixed in 3.4.2, 3.2.8, and 3.0.16. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-33582 |
| CVE-2022-0391 | A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\\r' and '\\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-0391 |
| CVE-2022-22547 | Simple Diagnostics Agent - versions 1.0 (up to version 1.57.), allows an attacker to access information which would otherwise be restricted via a random port 9000-65535. This allows information gathering which could be used exploit future open-source security exploits. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-22547 |
| CVE-2022-21822 | NVIDIA FLARE contains a vulnerability in the admin interface, where an un-authorized attacker can cause Allocation of Resources Without Limits or Throttling, which may lead to cause system unavailable. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-21822 |
| CVE-2022-27192 | The Reporting module in Aseco Lietuva document management system DVS Avilys before 3.5.58 allows unauthorized file download. An unauthenticated attacker can impersonate an administrator by reading administrative files. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-27192 |
| CVE-2022-29176 | Rubygems is a package registry used to supply software for the Ruby language ecosystem. Due to a bug in the yank action, it was possible for any RubyGems.org user to remove and replace certain gems even if that user was not authorized to do so. To be vulnerable, a gem needed: one or more dashes in its name creation within 30 days OR no updates for over 100 days At present, we believe this vulnerability has not been exploited. RubyGems.org sends an email to all gem owners when a gem version is published or yanked. We have not received any support emails from gem owners indicating that their gem has been yanked without authorization. An audit of gem changes for the last 18 months did not find any examples of this vulnerability being used in a malicious way. A deeper audit for any possible use of this exploit is ongoing, and we will update this advisory once it is complete. Using Bundler in --frozen or --deployment mode in CI and during deploys, as the Bundler team has always recommended, will guarantee that your application does not silently switch to versions created using this exploit. To audit your application history for possible past exploits, review your Gemfile.lock and look for gems whose platform changed when the version number did not change. For example, gemname-3.1.2 updating to gemname-3.1.2-java could indicate a possible abuse of this vulnerability. RubyGems.org has been patched and is no longer vulnerable to this issue as of the 5th of May 2022. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-29176 |
| CVE-2022-31480 | An unauthenticated attacker could arbitrarily upload firmware files to the target device, ultimately causing a Denial-of-Service (DoS). This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.302 for the LP series and 1.296 for the EP series. The attacker needs to have a properly signed and encrypted binary, loading the firmware to the device ultimately triggers a reboot. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31480 |
| CVE-2022-31482 | An unauthenticated attacker can send a specially crafted unauthenticated HTTP request to the device that can overflow a buffer. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.29. The overflowed data leads to segmentation fault and ultimately a denial-of-service condition, causing the device to reboot. The impact of this vulnerability is that an unauthenticated attacker could leverage this flaw to cause the target device to become unresponsive. An attacker could automate this attack to achieve persistent DoS, effectively rendering the target controller useless. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31482 |
| CVE-2022-31484 | An unauthenticated attacker can send a specially crafted network packet to delete a user from the web interface. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.29. The impact of this vulnerability is that an unauthenticated attacker could restrict access to the web interface to legitimate users and potentially requiring them to use the default user dip switch procedure to gain access back. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31484 |
| CVE-2021-37589 | Virtua Cobranca before 12R allows SQL Injection on the login page. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-37589 |
| CVE-2020-14125 | A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is caused by out-of-bound read/write and can be exploited by attackers to make denial of service. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2020-14125 |
| CVE-2022-24296 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Air Conditioning System G-150AD Ver. 3.21 and prior, Air Conditioning System AG-150A-A Ver. 3.21 and prior, Air Conditioning System AG-150A-J Ver. 3.21 and prior, Air Conditioning System GB-50AD Ver. 3.21 and prior, Air Conditioning System GB-50ADA-A Ver. 3.21 and prior, Air Conditioning System GB-50ADA-J Ver. 3.21 and prior, Air Conditioning System EB-50GU-A Ver. 7.10 and prior, Air Conditioning System EB-50GU-J Ver. 7.10 and prior, Air Conditioning System AE-200J Ver. 7.97 and prior, Air Conditioning System AE-200A Ver. 7.97 and prior, Air Conditioning System AE-200E Ver. 7.97 and prior, Air Conditioning System AE-50J Ver. 7.97 and prior, Air Conditioning System AE-50A Ver. 7.97 and prior, Air Conditioning System AE-50E Ver. 7.97 and prior, Air Conditioning System EW-50J Ver. 7.97 and prior, Air Conditioning System EW-50A Ver. 7.97 and prior, Air Conditioning System EW-50E Ver. 7.97 and prior, Air Conditioning System TE-200A Ver. 7.97 and prior, Air Conditioning System TE-50A Ver. 7.97 and prior and Air Conditioning System TW-50A Ver. 7.97 and prior allows a remote unauthenticated attacker to cause a disclosure of encrypted message of the air conditioning systems by sniffing encrypted communications. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-24296 |
| CVE-2022-28382 | An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode (Electronic Codebook, aka ECB), an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the USB-to-SATA bridge controller INIC-3637EN uses AES-256 with the ECB mode. This operation mode of block ciphers (e.g., AES) always encrypts identical plaintext data, in this case blocks of 16 bytes, to identical ciphertext data. For some data, for instance bitmap images, the lack of the cryptographic property called diffusion, within ECB, can leak sensitive information even in encrypted data. Thus, the use of the ECB operation mode can put the confidentiality of specific information at risk, even in an encrypted form. This affects Keypad Secure USB 3.2 Gen 1 Drive Part Number #49428, Store 'n' Go Secure Portable HDD GD25LK01-3637-C VER4.0, Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1, and Fingerprint Secure Portable Hard Drive Part Number #53650. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-28382 |
| CVE-2022-29014 | A local file inclusion vulnerability in Razer Sila Gaming Router v2.0.441_api-2.0.418 allows attackers to read arbitrary files. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-29014 |
| CVE-2022-31649 | ownCloud owncloud/core before 10.10.0 Improperly Removes Sensitive Information Before Storage or Transfer. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31649 |
| CVE-2022-29255 | Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions prior to 0.3.4 when a calling an external contract with no return value, the contract address (including side effects) could be evaluated twice. This may result in incorrect outcomes for contracts. This issue has been addressed in v0.3.4. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-29255 |
| CVE-2022-31019 | Vapor is a server-side Swift HTTP web framework. When using automatic content decoding an attacker can craft a request body that can make the server crash with the following request: `curl -d "array[_0][0][array][_0][0][array]$(for f in $(seq 1100); do echo -n '[_0][0][array]'; done)[string][_0]=hello%20world" http://localhost:8080/foo`. The issue is unbounded, attacker controlled stack growth which will at some point lead to a stack overflow and a process crash. This issue has been fixed in version 4.61.1. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31019 |
| CVE-2022-31026 | Trilogy is a client library for MySQL. When authenticating, a malicious server could return a specially crafted authentication packet, causing the client to read and return up to 12 bytes of data from an uninitialized variable in stack memory. Users of the trilogy gem should upgrade to version 2.1.1 This issue can be avoided by only connecting to trusted servers. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31026 |
| CVE-2022-23138 | ZTE's MF297D product has cryptographic issues vulnerability. Due to the use of weak random values, the security of the device is reduced, and it may face the risk of attack. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-23138 |
| CVE-2022-2019 | A vulnerability classified as critical was found in SourceCodester Prison Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Users.php?f=save of the component New User Creation. The manipulation leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-2019 |
| CVE-2019-25069 | A vulnerability, which was classified as problematic, has been found in Axios Italia Axios RE 1.7.0/7.0.0. This issue affects some unknown processing of the component Error Message Handler. The manipulation leads to information disclosure (ASP.NET). The attack may be initiated remotely. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-25069 |
| CVE-2022-25151 | Within the Service Desk module of the ITarian platform (SAAS and on-premise), a remote attacker can obtain sensitive information, caused by the failure to set the HTTP Only flag. A remote attacker could exploit this vulnerability to gain access to the management interface by using this vulnerability in combination with a successful Cross-Site Scripting attack on a user. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-25151 |
| CVE-2022-26377 | Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-26377 |
| CVE-2022-29404 | In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-29404 |
| CVE-2022-30522 | If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30522 |
| CVE-2022-30556 | Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30556 |
| CVE-2022-29225 | Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 secompressors accumulate decompressed data into an intermediate buffer before overwriting the body in the decode/encodeBody. This may allow an attacker to zip bomb the decompressor by sending a small highly compressed payload. Maliciously constructed zip files may exhaust system memory and cause a denial of service. Users are advised to upgrade. Users unable to upgrade may consider disabling decompression. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-29225 |
| CVE-2022-29227 | Envoy is a cloud-native high-performance edge/middle/service proxy. In versions prior to 1.22.1 if Envoy attempts to send an internal redirect of an HTTP request consisting of more than HTTP headers, there’s a lifetime bug which can be triggered. If while replaying the request Envoy sends a local reply when the redirect headers are processed, the downstream state indicates that the downstream stream is not complete. On sending the local reply, Envoy will attempt to reset the upstream stream, but as it is actually complete, and deleted, this result in a use-after-free. Users are advised to upgrade. Users unable to upgrade are advised to disable internal redirects if crashes are observed. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-29227 |
| CVE-2022-29228 | Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 the OAuth filter would try to invoke the remaining filters in the chain after emitting a local response, which triggers an ASSERT() in newer versions and corrupts memory on earlier versions. continueDecoding() shouldn’t ever be called from filters after a local reply has been sent. Users are advised to upgrade. There are no known workarounds for this issue. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-29228 |
| CVE-2022-31033 | The Mechanize library is used for automating interaction with websites. Mechanize automatically stores and sends cookies, follows redirects, and can follow links and submit forms. In versions prior to 2.8.5 the Authorization header is leaked after a redirect to a different port on the same site. Users are advised to upgrade to Mechanize v2.8.5 or later. There are no known workarounds for this issue. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31033 |
| CVE-2022-31051 | semantic-release is an open source npm package for automated version management and package publishing. In affected versions secrets that would normally be masked by semantic-release can be accidentally disclosed if they contain characters that are excluded from uri encoding by `encodeURI`. Occurrence is further limited to execution contexts where push access to the related repository is not available without modifying the repository url to inject credentials. Users are advised to upgrade. Users unable to upgrade should ensure that secrets that do not contain characters that are excluded from encoding with `encodeURI` when included in a URL are already masked properly. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31051 |
| CVE-2017-20019 | A vulnerability classified as problematic was found in Solare Solar-Log 2.8.4-56/3.5.2-85. Affected by this vulnerability is an unknown functionality of the component Config Handler. The manipulation leads to information disclosure. The attack can be launched remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is recommended to upgrade the affected component. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2017-20019 |
| CVE-2017-20022 | A vulnerability has been found in Solare Solar-Log 2.8.4-56/3.5.2-85 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to information disclosure. The attack can be initiated remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is recommended to upgrade the affected component. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2017-20022 |
| CVE-2017-20024 | A vulnerability was found in Solare Solar-Log 2.8.4-56/3.5.2-85. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. It is possible to launch the attack remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is recommended to upgrade the affected component. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2017-20024 |
| CVE-2022-31042 | Guzzle is an open source PHP HTTP client. In affected versions the `Cookie` headers on requests are sensitive information. On making a request using the `https` scheme to a server which responds with a redirect to a URI with the `http` scheme, or on making a request to a server which responds with a redirect to a a URI to a different host, we should not forward the `Cookie` header on. Prior to this fix, only cookies that were managed by our cookie middleware would be safely removed, and any `Cookie` header manually added to the initial request would not be stripped. We now always strip it, and allow the cookie middleware to re-add any cookies that it deems should be there. Affected Guzzle 7 users should upgrade to Guzzle 7.4.4 as soon as possible. Affected users using any earlier series of Guzzle should upgrade to Guzzle 6.5.7 or 7.4.4. Users unable to upgrade may consider an alternative approach to use your own redirect middleware, rather than ours. If you do not require or expect redirects to be followed, one should simply disable redirects all together. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31042 |
| CVE-2022-31043 | Guzzle is an open source PHP HTTP client. In affected versions `Authorization` headers on requests are sensitive information. On making a request using the `https` scheme to a server which responds with a redirect to a URI with the `http` scheme, we should not forward the `Authorization` header on. This is much the same as to how we don't forward on the header if the host changes. Prior to this fix, `https` to `http` downgrades did not result in the `Authorization` header being removed, only changes to the host. Affected Guzzle 7 users should upgrade to Guzzle 7.4.4 as soon as possible. Affected users using any earlier series of Guzzle should upgrade to Guzzle 6.5.7 or 7.4.4. Users unable to upgrade may consider an alternative approach which would be to use their own redirect middleware. Alternately users may simply disable redirects all together if redirects are not expected or required. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31043 |
| CVE-2018-17240 | There is a memory dump vulnerability on Netwave IP camera devices at //proc/kcore that allows an unauthenticated attacker to exfiltrate sensitive information from the network configuration (e.g., username and password). | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2018-17240 |
| CVE-2022-25851 | The package jpeg-js before 0.4.4 are vulnerable to Denial of Service (DoS) where a particular piece of input will cause to enter an infinite loop and never return. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-25851 |
| CVE-2022-30780 | Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30780 |
| CVE-2022-2013 | In Octopus Server after version 2022.1.1495 and before 2022.1.2647 if private spaces were enabled via the experimental feature flag all new users would have access to the Script Console within their private space. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-2013 |
| CVE-2022-26834 | Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-26834 |
| CVE-2022-2062 | Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository nocodb/nocodb prior to 0.91.7+. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-2062 |
| CVE-2022-1412 | The Log WP_Mail WordPress plugin through 0.1 saves sent email in a publicly accessible directory using predictable filenames, allowing any unauthenticated visitor to obtain potentially sensitive information like generated passwords. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-1412 |
| CVE-2022-1762 | The iQ Block Country WordPress plugin through 1.2.13 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-1762 |
| CVE-2022-1768 | The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficient escaping and parameterization on user supplied data passed to multiple SQL queries in the ~/rsvpmaker-email.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to, and including, 9.3.2. Please note that this is separate from CVE-2022-1453 & CVE-2022-1505. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-1768 |
| CVE-2021-46814 | The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-46814 |
| CVE-2021-46812 | The Device Manager has a vulnerability in multi-device interaction. Successful exploitation of this vulnerability may affect data integrity. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-46812 |
| CVE-2021-46815 | Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-46815 |
| CVE-2022-31754 | Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31754 |
| CVE-2022-31761 | Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31761 |
| CVE-2022-29798 | There is a denial of service vulnerability in CV81-WDM FW versions 01.70.49.29.46. Successful exploitation could cause denial of service. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-29798 |
| CVE-2022-29143 | Microsoft SQL Server Remote Code Execution Vulnerability. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-29143 |
| CVE-2022-30139 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30139 |
| CVE-2022-30143 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30143 |
| CVE-2022-30145 | Windows Encrypting File System (EFS) Remote Code Execution Vulnerability. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30145 |
| CVE-2022-30146 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30146 |
| CVE-2022-30149 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30153, CVE-2022-30161. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30149 |
| CVE-2022-30150 | Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30150 |
| CVE-2022-30152 | Windows Network Address Translation (NAT) Denial of Service Vulnerability. | 7.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30152 |
| CVE-2019-5152 | An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information disclosure. An attacker can send arbitrary packets to trigger this vulnerability. | 7.4 | https://nvd.nist.gov/vuln/detail/CVE-2019-5152 |
| CVE-2022-30174 | Microsoft Office Remote Code Execution Vulnerability. | 7.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-30174 |
| CVE-2020-27611 | BigBlueButton through 2.2.28 uses STUN/TURN resources from a third party, which may represent an unintended endpoint. | 7.3 | https://nvd.nist.gov/vuln/detail/CVE-2020-27611 |
| CVE-2022-1659 | Vulnerable versions of the JupiterX Core (<= 2.0.6) plugin register an AJAX action jupiterx_conditional_manager which can be used to call any function in the includes/condition/class-condition-manager.php file by sending the desired function to call in the sub_action parameter. This can be used to view site configuration and logged-in users, modify post conditions, or perform a denial of service attack. | 7.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-1659 |
| CVE-2022-26668 | ASUS Control Center API has a broken access control vulnerability. An unauthenticated remote attacker can call privileged API functions to perform partial system operations or cause partial disrupt of service. | 7.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-26668 |
| CVE-2020-5844 | index.php?sec=godmode/extensions&sec2=extensions/files_repo in Pandora FMS v7.0 NG allows authenticated administrators to upload malicious PHP scripts, and execute them via base64 decoding of the file location. This affects v7.0NG.742_FIX_PERL2020. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2020-5844 |
| CVE-2020-5791 | Improper neutralization of special elements used in an OS command in Nagios XI 5.7.3 allows a remote, authenticated admin user to execute operating system commands with the privileges of the apache user. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2020-5791 |
| CVE-2022-31325 | There is a SQL Injection vulnerability in ChurchCRM 4.4.5 via the 'PersonID' field in /churchcrm/WhyCameEditor.php. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-31325 |
| CVE-2022-2017 | A vulnerability was found in SourceCodester Prison Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /pms/admin/visits/view_visit.php of the component Visit Handler. The manipulation of the argument id with the malicious sql input leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-2017 |
| CVE-2022-2018 | A vulnerability classified as critical has been found in SourceCodester Prison Management System 1.0. Affected is an unknown function of the file /admin/?page=inmates/view_inmate of the component Inmate Handler. The manipulation of the argument id with the malicious sql input leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-2018 |
| CVE-2017-20030 | A vulnerability was found in PHPList 3.2.6. It has been classified as critical. Affected is an unknown function of the file /lists/admin/ of the component Sending Campain. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.3.1 is able to address this issue. It is recommended to upgrade the affected component. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2017-20030 |
| CVE-2022-0863 | The WP SVG Icons WordPress plugin through 3.2.3 does not properly validate uploaded custom icon packs, allowing an high privileged user like an admin to upload a zip file containing malicious php code, leading to remote code execution. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-0863 |
| CVE-2022-1800 | The Export any WordPress data to XML/CSV WordPress plugin before 1.3.5 does not sanitize the cpt POST parameter when exporting post data before using it in a database query, leading to an SQL injection vulnerability. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-1800 |
| CVE-2022-32330 | Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_menu. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32330 |
| CVE-2022-32331 | Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/view_category.php?id=. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32331 |
| CVE-2022-32332 | Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_category. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32332 |
| CVE-2022-32333 | Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/sales/receipt.php?id=. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32333 |
| CVE-2022-32334 | Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/manage_category.php?id=. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32334 |
| CVE-2022-32335 | Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/manage_menu.php?id=. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32335 |
| CVE-2022-32338 | Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/doctors/manage_doctor.php?id=. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32338 |
| CVE-2022-32339 | Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/doctors/view_doctor.php?id=. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32339 |
| CVE-2022-32340 | Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/?page=patients/view_patient&id=. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32340 |
| CVE-2022-32341 | Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/?page=user/manage_user&id=. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32341 |
| CVE-2022-32342 | Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/room_types/view_room_type.php?id=. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32342 |
| CVE-2022-32343 | Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via hprms/admin/room_types/manage_room_type.php?id=. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32343 |
| CVE-2022-32344 | Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32344 |
| CVE-2022-32345 | Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/rooms/manage_room.php?id=. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32345 |
| CVE-2022-32346 | Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/rooms/view_room.php?id=. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32346 |
| CVE-2022-32347 | Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_room. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32347 |
| CVE-2022-32348 | Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_doctor. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32348 |
| CVE-2022-32349 | Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient_history. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32349 |
| CVE-2022-32350 | Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_room_type. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32350 |
| CVE-2022-32351 | Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_message. | 7.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-32351 |
| CVE-2019-12264 | Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2019-12264 |
| CVE-2021-43818 | lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2021-43818 |
| CVE-2021-40413 | An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. The UpgradePrepare is the API that checks if a provided filename identifies a new version of the RLC-410W firmware. If the version is new, it would be possible, allegedly, to later on perform the Upgrade. An attacker can send an HTTP request to trigger this vulnerability. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2021-40413 |
| CVE-2021-40414 | An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. The SetMdAlarm API sets the movement detection parameters, giving the ability to set the sensitivity of the camera per a range of hours, and which of the camera spaces to ignore when considering movement detection. Because in cgi_check_ability the SetMdAlarm API does not have a specific case, the user permission will default to 7. This will give non-administrative users the possibility to change the movement detection parameters. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2021-40414 |
| CVE-2022-29093 | Dell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion vulnerability. Authenticated non-admin user could exploit the issue and delete arbitrary files on the system. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-29093 |
| CVE-2022-29094 | Dell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion/overwrite vulnerability. Authenticated non-admin user could exploit the issue and delete or overwrite arbitrary files on the system. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-29094 |
| CVE-2022-30140 | Windows iSCSI Discovery Service Remote Code Execution Vulnerability. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-30140 |
| CVE-2022-30142 | Windows File History Remote Code Execution Vulnerability. | 7.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-30142 |
| CVE-2022-20006 | In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way to briefly view what's under the lockscreen due to a race condition. This could lead to local escalation of privilege if a Guest user is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-151095871 | 7 | https://nvd.nist.gov/vuln/detail/CVE-2022-20006 |
| CVE-2021-40776 | Adobe Lightroom Classic 10.3 (and earlier) are affected by a privilege escalation vulnerability in the Offline Lightroom Classic installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product installation to abuse this vulnerability. | 7 | https://nvd.nist.gov/vuln/detail/CVE-2021-40776 |
| CVE-2022-30151 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. | 7 | https://nvd.nist.gov/vuln/detail/CVE-2022-30151 |
| CVE-2022-29855 | Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution. | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-29855 |
| CVE-2022-29854 | A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12) and earlier, could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution. | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-29854 |
| CVE-2022-22309 | The POWER systems FSP is vulnerable to unauthenticated logins through the serial port/TTY interface. This vulnerability can be more critical if the serial port is connected to a serial-over-lan device. IBM X-Force ID: 217095. | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-22309 |
| CVE-2022-30784 | A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22. | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30784 |
| CVE-2022-30786 | A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22. | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30786 |
| CVE-2022-30788 | A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22. | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30788 |
| CVE-2022-30789 | A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22. | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30789 |
| CVE-2022-1789 | With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference. | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1789 |
| CVE-2021-43271 | Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11.1, 11.11.1a, 11.11.5, and 11.11.5a (when configured to use local, RADIUS, or TACACS authentication) logs usernames and passwords if either is entered incorrectly. If a user enters an incorrect username and/or password when logging into the WebUI, these attempted credentials are included in an error message that is logged in the WebUI log file. A log entry does not appear if the username and password provided correctly match a valid set of credentials. This also does not happen if AppResponse is configured to use SAML authentication. The WebUI log file is included in subsequent diagnostic system dumps that are generated. (Only users with Full Control access to the System Configuration permission can generate system dumps. By default, only System Administrators have Full Control access to the System Configuration permission.) | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-43271 |
| CVE-2022-28383 | An issue was discovered in certain Verbatim drives through 2022-03-31. Due to insufficient firmware validation, an attacker can store malicious firmware code for the USB-to-SATA bridge controller on the USB drive (e.g., by leveraging physical access during the supply chain). This code is then executed. This affects Keypad Secure USB 3.2 Gen 1 Drive Part Number #49428, Store 'n' Go Secure Portable HDD GD25LK01-3637-C VER4.0, Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1, and Fingerprint Secure Portable Hard Drive Part Number #53650. | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-28383 |
| CVE-2022-22259 | There is an improper authentication vulnerability in FLMG-10 10.0.1.0(H100SP22C00). Successful exploitation of this vulnerability may lead to a control of the victim device. | 6.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-22259 |
| CVE-2022-30783 | An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-30783 |
| CVE-2022-30785 | A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-30785 |
| CVE-2022-30787 | An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-30787 |
| CVE-2022-26691 | A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-26691 |
| CVE-2021-35531 | Improper Input Validation vulnerability in a particular configuration setting field of Hitachi Energy TXpert Hub CoreTec 4 product, allows an attacker with access to an authorized user with ADMIN or ENGINEER role rights to inject an OS command that is executed by the system. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2021-35531 |
| CVE-2021-35532 | A vulnerability exists in the file upload validation part of Hitachi Energy TXpert Hub CoreTec 4 product. The vulnerability allows an attacker or malicious agent who manages to gain access to the system and obtain an account with sufficient privilege to upload a malicious firmware to the product. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2021-35532 |
| CVE-2022-26363 | x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-26363 |
| CVE-2022-26364 | x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-26364 |
| CVE-2022-21499 | KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H). | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-21499 |
| CVE-2022-30137 | Azure Service Fabric Container Elevation of Privilege Vulnerability. | 6.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-30137 |
| CVE-2018-19497 | In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service (SEGV on unknown address with READ memory access in a tsk_getu16 call in hfs_dir_open_meta_cb in tsk/fs/hfs_dent.c). | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2018-19497 |
| CVE-2019-1010065 | The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. The impact is: Opening crafted disk image triggers crash in tsk/fs/hfs_dent.c:237. The component is: Overflow in fls tool used on HFS image. Bug is in tsk/fs/hfs.c file in function hfs_cat_traverse() in lines: 952, 1062. The attack vector is: Victim must open a crafted HFS filesystem image. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-1010065 |
| CVE-2019-5061 | An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby Aps of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-5061 |
| CVE-2019-5062 | An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger a deauthentication against stations using 802.11w, resulting in a denial of service. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-5062 |
| CVE-2019-5108 | An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2019-5108 |
| CVE-2020-6648 | A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passwords by connecting to FortiGate CLI and executing the "diag sys ha checksum show" command. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2020-6648 |
| CVE-2021-24405 | The Easy Cookies Policy WordPress plugin through 1.6.2 is lacking any capability and CSRF check when saving its settings, allowing any authenticated users (such as subscriber) to change them. If users can't register, this can be done through CSRF. Furthermore, the cookie banner setting is not sanitised or validated before being output in all pages of the frontend and the backend settings one, leading to a Stored Cross-Site Scripting issue. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-24405 |
| CVE-2021-25263 | Local privilege vulnerability in Yandex Browser for Windows prior to 21.9.0.390 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating files in directory with insecure permissions during Yandex Browser update process. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-25263 |
| CVE-2021-43797 | Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / end of the header name. It should instead fail fast as these are not allowed by the spec and could lead to HTTP request smuggling. Failing to do the validation might cause netty to "sanitize" header names before it forward these to another remote system when used as proxy. This remote system can't see the invalid usage anymore, and therefore does not do the validation itself. Users should upgrade to version 4.1.71.Final. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-43797 |
| CVE-2022-23437 | There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-23437 |
| CVE-2022-24196 | iText v7.1.17 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-24196 |
| CVE-2022-25570 | In Click Studios (SA) Pty Ltd Passwordstate 9435, users with access to a passwordlist can gain access to additional password lists without permissions. Specifically, an authenticated user who has write permissions to a password list in one folder (with the default permission model) can extend his permissions to all other password lists in the same folder. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-25570 |
| CVE-2022-0404 | The Material Design for Contact Form 7 WordPress plugin through 2.6.4 does not check authorization or that the option mentioned in the notice param belongs to the plugin when processing requests to the cf7md_dismiss_notice action, allowing any logged in user (with roles as low as Subscriber) to set arbitrary options to true, potentially leading to Denial of Service by breaking the site. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-0404 |
| CVE-2022-22971 | In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-22971 |
| CVE-2022-22475 | IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 are vulnerable to identity spoofing by an authenticated user. IBM X-Force ID: 225603. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-22475 |
| CVE-2022-29220 | github-action-merge-dependabot is an action that automatically approves and merges dependabot pull requests (PRs). Prior to version 3.2.0, github-action-merge-dependabot does not check if a commit created by dependabot is verified with the proper GPG key. There is just a check if the actor is set to `dependabot[bot]` to determine if the PR is a legit PR. Theoretically, an owner of a seemingly valid and legit action in the pipeline can check if the PR is created by dependabot and if their own action has enough permissions to modify the PR in the pipeline. If so, they can modify the PR by adding a second seemingly valid and legit commit to the PR, as they can set arbitrarily the username and email in for commits in git. Because the bot only checks if the actor is valid, it would pass the malicious changes through and merge the PR automatically, without getting noticed by project maintainers. It would probably not be possible to determine where the malicious commit came from, as it would only say `dependabot[bot]` and the corresponding email-address. Version 3.2.0 contains a patch for this issue. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-29220 |
| CVE-2020-36532 | A vulnerability has been found in Klapp App and classified as problematic. This vulnerability affects unknown code of the component Authorization. The manipulation leads to information disclosure (Credentials). The attack can be initiated remotely. It is recommended to upgrade the affected app. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2020-36532 |
| CVE-2022-30466 | joyebike Joy ebike Wolf Manufacturing year 2022 is vulnerable to Authentication Bypass by Capture-replay. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30466 |
| CVE-2022-0779 | The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its um_show_uploaded_file AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-0779 |
| CVE-2022-1570 | The Files Download Delay WordPress plugin before 1.0.7 does not have authorisation and CSRF checks when reseting its settings, which could allow any authenticated users, such as subscriber to perform such action. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-1570 |
| CVE-2022-25805 | An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. The transmission of cleartext LDAP bind credentials by the cmd_mgt_load_mgt_tree command allows an attacker (who can intercept or inspect traffic between an authenticated UMS client and server) to compromise those LDAP bind credentials. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-25805 |
| CVE-2022-29254 | silverstripe-omnipay is a SilverStripe integration with Omnipay PHP payments library. For a subset of Omnipay gateways (those that use intermediary states like `isNotification()` or `isRedirect()`), if the payment identifier or success URL is exposed it is possible for payments to be prematurely marked as completed without payment being taken. This is mitigated by the fact that most payment gateways hide this information from users, however some issuing banks offer flawed 3DSecure implementations that may inadvertently expose this data. The following versions have been patched to fix this issue: `2.5.2`, `3.0.2`, `3.1.4`, and `3.2.1`. There are no known workarounds for this vulnerability. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-29254 |
| CVE-2022-31027 | OAuthenticator is an OAuth token library for the JupyerHub login handler. CILogonOAuthenticator is provided by the OAuthenticator package, and lets users log in to a JupyterHub via CILogon. This is primarily used to restrict a JupyterHub only to users of a given institute. The allowed_idps configuration trait of CILogonOAuthenticator is documented to be a list of domains that indicate the institutions whose users are authorized to access this JupyterHub. This authorization is validated by ensuring that the *email* field provided to us by CILogon has a *domain* that matches one of the domains listed in `allowed_idps`.If `allowed_idps` contains `berkeley.edu`, you might expect only users with valid current credentials provided by University of California, Berkeley to be able to access the JupyterHub. However, CILogonOAuthenticator does *not* verify which provider is used by the user to login, only the email address provided. So a user can login with a GitHub account that has email set to `<something>@berkeley.edu`, and that will be treated exactly the same as someone logging in using the UC Berkeley official Identity Provider. The patch fixing this issue makes a *breaking change* in how `allowed_idps` is interpreted. It's no longer a list of domains, but configuration representing the `EntityID` of the IdPs that are allowed, picked from the [list maintained by CILogon](https://cilogon.org/idplist/). Users are advised to upgrade. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31027 |
| CVE-2022-30898 | A Cross-site request forgery (CSRF) vulnerability in Cscms music portal system v4.2 allows remote attackers to change the administrator's username and password. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30898 |
| CVE-2022-29250 | GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions prior to version 10.0.1 it is possible to add extra information by SQL injection on search pages. In order to exploit this vulnerability a user must be logged in. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-29250 |
| CVE-2021-42811 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SafeNet KeySecure allows an authenticated user to read arbitrary files from the underlying system on which the product is deployed. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-42811 |
| CVE-2022-32978 | There is an assertion failure in SingleComponentLSScan::ParseMCU in singlecomponentlsscan.cpp in libjpeg before 1.64 via an empty JPEG-LS scan. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-32978 |
| CVE-2022-26041 | Directory traversal vulnerability in RCCMD 4.26 and earlier allows a remote authenticated attacker with an administrative privilege to read or alter an arbitrary file on the server via unspecified vectors. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-26041 |
| CVE-2021-25116 | The Enqueue Anything WordPress plugin through 1.0.1 does not have authorisation and CSRF checks in the remove_asset AJAX action, and does not ensure that the item to be deleted is actually an asset. As a result, low privilege users such as subscriber could delete arbitrary assets, as well as put arbitrary posts in the trash. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-25116 |
| CVE-2022-0745 | The Like Button Rating WordPress plugin before 2.6.45 allows any logged-in user, such as subscriber, to send arbitrary e-mails to any recipient, with any subject and body | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-0745 |
| CVE-2022-1605 | The Email Users WordPress plugin through 4.8.8 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and change the notification settings of arbitrary users | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-1605 |
| CVE-2022-1608 | The OnePress Social Locker WordPress plugin through 5.6.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-1608 |
| CVE-2022-1612 | The Webriti SMTP Mail WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-1612 |
| CVE-2022-1624 | The Latest Tweets Widget WordPress plugin through 1.1.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-1624 |
| CVE-2022-1694 | The Useful Banner Manager WordPress plugin through 1.6.1 does not perform CSRF checks on POST requests to its admin page, allowing an attacker to trick a logged in admin to add, modify or delete banners from the plugin by submitting a form. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-1694 |
| CVE-2022-1761 | The Peter’s Collaboration E-mails WordPress plugin through 2.2.0 is vulnerable to CSRF due to missing nonce checks. This allows the change of its settings, which can be used to lower the required user level, change texts, the used email address and more. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-1761 |
| CVE-2022-1788 | Due to missing checks the Change Uploaded File Permissions WordPress plugin through 4.0.0 is vulnerable to CSRF attacks. This can be used to change the file and folder permissions of any folder. This could be problematic when specific files like ini files are made readable for everyone due to this. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-1788 |
| CVE-2022-1790 | The New User Email Set Up WordPress plugin through 0.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-1790 |
| CVE-2022-21504 | The code in UEK6 U3 was missing an appropiate file descriptor count to be missing. This resulted in a use count error that allowed a file descriptor to a socket to be closed and freed while it was still in use by another portion of the kernel. An attack with local access can operate on the socket, and cause a denial of service. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-21504 |
| CVE-2022-30189 | Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30189 |
| CVE-2022-30670 | RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization vulnerability which could lead to privilege escalation. An authenticated attacker could leverage this vulnerability to achieve full administrator privileges. Exploitation of this issue does not require user interaction. | 6.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30670 |
| CVE-2022-26362 | x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, the logic for acquiring a type reference has a race condition, whereby a safely TLB flush is issued too early and creates a window where the guest can re-establish the read/write mapping before writeability is prohibited. | 6.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-26362 |
| CVE-2022-0823 | An improper control of interaction frequency vulnerability in Zyxel GS1200 series switches could allow a local attacker to guess the password by using a timing side-channel attack. | 6.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-0823 |
| CVE-2022-21742 | Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services. | 6.2 | https://nvd.nist.gov/vuln/detail/CVE-2022-21742 |
| CVE-2022-24399 | The SAP Focused Run (Real User Monitoring) - versions 200, 300, REST service does not sufficiently sanitize the input name of the file using multipart/form-data, resulting in Cross-Site Scripting (XSS) vulnerability. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-24399 |
| CVE-2022-26101 | Fiori launchpad - versions 754, 755, 756, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-26101 |
| CVE-2021-23648 | The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2021-23648 |
| CVE-2022-29296 | A reflected cross-site scripting (XSS) vulnerability in the login portal of Avantune Genialcloud ProJ - 10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-29296 |
| CVE-2022-31470 | An XSS vulnerability in the index_mobile_changepass.hsp reset-password section of Axigen Mobile WebMail before 10.2.3.12 and 10.3.x before 10.3.3.47 allows attackers to run arbitrary Javascript code that, using an active end-user session (for a logged-in user), can access and retrieve mailbox content. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-31470 |
| CVE-2022-1005 | The WP Statistics WordPress plugin before 13.2.2 does not sanitise the REQUEST_URI parameter before outputting it back in the rendered page, leading to Cross-Site Scripting (XSS) in web browsers which do not encode characters | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-1005 |
| CVE-2022-1673 | The WooCommerce Green Wallet Gateway WordPress plugin before 1.0.2 does not escape the error_envision query parameter before outputting it to the page, leading to a Reflected Cross-Site Scripting vulnerability. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-1673 |
| CVE-2022-31497 | LibreHealth EHR Base 2.0.0 allows interface/main/finder/finder_navigation.php patient XSS. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-31497 |
| CVE-2022-30875 | Dolibarr 12.0.5 is vulnerable to Cross Site Scripting (XSS) via Sql Error Page. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-30875 |
| CVE-2022-32195 | Open edX platform before 2022-06-06 allows XSS via the "next" parameter in the logout URL. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-32195 |
| CVE-2022-2035 | A reflected cross-site scripting (XSS) vulnerability exists in the playerConfUrl parameter in the /defaultui/player/modern.html file for SCORM Engine versions < 20.1.45.914, 21.1.x < 21.1.7.219. The issue exists because there are no limitations on the domain or format of the url supplied by the user, allowing an attacker to craft malicious urls which can trigger a reflected XSS payload in the context of a victim's browser. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-2035 |
| CVE-2022-24969 | bypass CVE-2021-25640 > In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-24969 |
| CVE-2017-20026 | A vulnerability has been found in HumHub up to 1.0.1 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting (Reflected). The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.1.1 is able to address this issue. It is recommended to upgrade the affected component. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2017-20026 |
| CVE-2017-20027 | A vulnerability was found in HumHub up to 1.0.1 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting (DOM). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.1.1 is able to address this issue. It is recommended to upgrade the affected component. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2017-20027 |
| CVE-2017-20033 | A vulnerability classified as problematic has been found in PHPList 3.2.6. This affects an unknown part of the file /lists/admin/. The manipulation of the argument page with the input send\\'\\";>--redacted-- leads to cross site scripting (Reflected). It is possible to initiate the attack remotely. Upgrading to version 3.3.1 is able to address this issue. It is recommended to upgrade the affected component | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2017-20033 |
| CVE-2022-31402 | ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/webservices/export-v2.php. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-31402 |
| CVE-2021-44266 | GUnet Open eClass (aka openeclass) before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2021-44266 |
| CVE-2021-41750 | A cross-site scripting (XSS) vulnerability in the SEOmatic plugin 3.4.10 for Craft CMS 3 allows remote attackers to inject arbitrary web script via a GET to /index.php?action=seomatic/file/seo-file-link with url parameter containing the base64 encoded URL of a malicious web page / file and fileName parameter containing an arbitrary filename with the intended content-type to be rendered in the user's browser as the extension. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2021-41750 |
| CVE-2022-27231 | Cross-site scripting vulnerability exists in WP Statistics versions prior to 13.2.0 because it improperly processes a platform parameter. By exploiting this vulnerability, an arbitrary script may be executed on the web browser of the user who is logging in to the website using the product. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-27231 |
| CVE-2022-31040 | Open Forms is an application for creating and publishing smart forms. Prior to versions 1.0.9 and 1.1.1, the cookie consent page in Open Forms contains an open redirect by injecting a `referer` querystring parameter and failing to validate the value. A malicious actor is able to redirect users to a website under their control, opening them up for phishing attacks. The redirect is initiated by the open forms backend which is a legimate page, making it less obvious to end users they are being redirected to a malicious website. Versions 1.0.9 and 1.1.1 contain patches for this issue. There are no known workarounds avaialble. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-31040 |
| CVE-2022-0626 | The Advanced Admin Search WordPress plugin before 1.1.6 does not sanitize and escape some parameters before outputting them back in an admin page, leading to a Reflected Cross-Site Scripting. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-0626 |
| CVE-2022-1532 | Themify WordPress plugin before 1.3.8 does not sanitise and escape the page parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-1532 |
| CVE-2022-1604 | The MailerLite WordPress plugin before 1.5.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-1604 |
| CVE-2022-1707 | The Google Tag Manager for WordPress plugin for WordPress is vulnerable to reflected Cross-Site Scripting via the s parameter due to the site search populating into the data layer of sites with insufficient sanitization in versions up to an including 1.15. The affected file is ~/public/frontend.php and this could be exploited by unauthenticated attackers. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-1707 |
| CVE-2022-1724 | The Simple Membership WordPress plugin before 4.1.1 does not properly sanitise and escape parameters before outputting them back in AJAX actions, leading to Reflected Cross-Site Scripting | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-1724 |
| CVE-2022-1773 | The WP Athletics WordPress plugin through 1.1.7 does not sanitise and escape a parameter before outputting back in an admin page, leading to a Reflected Cross-Site Scripting | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-1773 |
| CVE-2022-1822 | The Zephyr Project Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘project’ parameter in versions up to, and including, 3.2.40 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-1822 |
| CVE-2022-1820 | The Keep Backup Daily plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘t’ parameter in versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-1820 |
| CVE-2019-5101 | An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any certificate, leading to the theft of all the data sent by the client during the first request. After an SSL connection is initialized via _ustream_ssl_init, and after any data (e.g. the client's HTTP request) is written to the stream using ustream_printf, the code eventually enters the function __ustream_ssl_poll, which is used to dispatch the read/write events | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2019-5101 |
| CVE-2019-5102 | An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any certificate, leading to the theft of all the data sent by the client during the first request. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2019-5102 |
| CVE-2022-29224 | Envoy is a cloud-native high-performance proxy. Versions of envoy prior to 1.22.1 are subject to a segmentation fault in the GrpcHealthCheckerImpl. Envoy can perform various types of upstream health checking. One of them uses gRPC. Envoy also has a feature which can “hold� (prevent removal) upstream hosts obtained via service discovery until configured active health checking fails. If an attacker controls an upstream host and also controls service discovery of that host (via DNS, the EDS API, etc.), an attacker can crash Envoy by forcing removal of the host from service discovery, and then failing the gRPC health check request. This will crash Envoy via a null pointer dereference. Users are advised to upgrade to resolve this vulnerability. Users unable to upgrade may disable gRPC health checking and/or replace it with a different health checking type as a mitigation. | 5.9 | https://nvd.nist.gov/vuln/detail/CVE-2022-29224 |
| CVE-2017-13755 | In The Sleuth Kit (TSK) 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660_proc_dir() in tsk/fs/iso9660_dent.c in libtskfs.a, as demonstrated by fls. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2017-13755 |
| CVE-2017-13756 | In The Sleuth Kit (TSK) 4.4.2, opening a crafted disk image triggers infinite recursion in dos_load_ext_table() in tsk/vs/dos.c in libtskvs.a, as demonstrated by mmls. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2017-13756 |
| CVE-2017-13760 | In The Sleuth Kit (TSK) 4.4.2, fls hangs on a corrupt exfat image in tsk_img_read() in tsk/img/img_io.c in libtskimg.a. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2017-13760 |
| CVE-2015-9261 | huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2015-9261 |
| CVE-2018-9867 | In SonicWall SonicOS, administrators without full permissions can download imported certificates. Occurs when administrators who are not in the SonicWall Administrators user group attempt to download imported certificates. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2018-9867 |
| CVE-2020-27843 | A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encoding functionality, causing an out-of-bounds read. The highest threat from this vulnerability is system availability. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2020-27843 |
| CVE-2021-39624 | In PackageManager, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-67862680 | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-39624 |
| CVE-2022-1122 | A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-1122 |
| CVE-2022-24859 | PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 if the code attempts to get the content stream. The reason is that the last while-loop in `ContentStream._readInlineImage` only terminates when it finds the `EI` token, but never actually checks if the stream has already ended. This issue has been resolved in version `1.27.5`. Users unable to upgrade should validate and PDFs prior to iterating over their content stream. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-24859 |
| CVE-2022-1516 | A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-1516 |
| CVE-2022-24823 | Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-24823 |
| CVE-2022-1622 | LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-1622 |
| CVE-2022-1623 | LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-1623 |
| CVE-2022-28774 | Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be restricted. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-28774 |
| CVE-2022-31783 | Liblouis 3.21.0 has an out-of-bounds write in compileRule in compileTranslationTable.c, as demonstrated by lou_trace. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31783 |
| CVE-2022-30552 | Das U-Boot 2022.01 has a Buffer Overflow. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30552 |
| CVE-2022-28384 | An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part Number #49428 and Store 'n' Go Secure Portable HDD GD25LK01-3637-C VER4.0. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-28384 |
| CVE-2021-40592 | GPAC version before commit 71460d72ec07df766dab0a4d52687529f3efcf0a (version v1.0.1 onwards) contains loop with unreachable exit condition ('infinite loop') vulnerability in ISOBMFF reader filter, isoffin_read.c. Function isoffin_process() can result in DoS by infinite loop. To exploit, the victim must open a specially crafted mp4 file. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2021-40592 |
| CVE-2022-25804 | An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. Insecure permissions for the serverconfig registry key (under JavaSoft\\Prefs\\de\\igel\\rm\\config in HKEY_LOCAL_MACHINE\\SOFTWARE) allow an unprivileged local attacker to read the encrypted dbuser and dbpassword values for the UMS superuser. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-25804 |
| CVE-2022-25807 | An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. A hardcoded DES key in the LDAPDesPWEncrypter class allows an attacker, who has discovered encrypted LDAP bind credentials, to decrypt those credentials using a static 8-byte DES key. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-25807 |
| CVE-2022-31030 | containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the `ExecSync` API. This can cause containerd to consume all available memory on the computer, denying service to other legitimate workloads. Kubernetes and crictl can both be configured to use containerd's CRI implementation; `ExecSync` may be used when running probes or when executing processes via an "exec" facility. This bug has been fixed in containerd 1.6.6 and 1.5.13. Users should update to these versions to resolve the issue. Users unable to upgrade should ensure that only trusted images and commands are used. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31030 |
| CVE-2022-30702 | Trend Micro Security 2022 and 2021 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure vulnerability that could allow an attacker to disclose sensitive information on an affected machine. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30702 |
| CVE-2022-31282 | Bento4 MP4Dump v1.2 was discovered to contain a segmentation violation via an unknown address at /Source/C++/Core/Ap4DataBuffer.cpp:175. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31282 |
| CVE-2022-31285 | An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core/Ap4Array.h. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31285 |
| CVE-2022-31287 | An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom.cpp. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31287 |
| CVE-2017-20040 | A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been declared as problematic. This vulnerability affects unknown code of the component Password Storage. The manipulation leads to weak encryption. Attacking locally is a requirement. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2017-20040 |
| CVE-2022-31751 | The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31751 |
| CVE-2022-31755 | The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31755 |
| CVE-2022-31756 | The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31756 |
| CVE-2022-31759 | AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31759 |
| CVE-2022-31763 | The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31763 |
| CVE-2022-31752 | Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-31752 |
| CVE-2022-28850 | Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-28850 |
| CVE-2022-30666 | Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30666 |
| CVE-2022-30667 | Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30667 |
| CVE-2022-30668 | Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30668 |
| CVE-2022-30669 | Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30669 |
| CVE-2022-30148 | Windows Desired State Configuration (DSC) Information Disclosure Vulnerability. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30148 |
| CVE-2022-30155 | Windows Kernel Denial of Service Vulnerability. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30155 |
| CVE-2022-30159 | Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30171, CVE-2022-30172. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30159 |
| CVE-2022-30162 | Windows Kernel Information Disclosure Vulnerability. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30162 |
| CVE-2022-30171 | Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30172. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30171 |
| CVE-2022-30172 | Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30171. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30172 |
| CVE-2022-30184 | .NET and Visual Studio Information Disclosure Vulnerability. | 5.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30184 |
| CVE-2018-5280 | SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices has XSS via the Configure SSO screens. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2018-5280 |
| CVE-2018-5281 | SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4 devices has XSS via the CFS Custom Category and Cloud AV DB Exclusion Settings screens. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2018-5281 |
| CVE-2021-41164 | CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter (ACF) module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code. It affects all users using the CKEditor 4 at version < 4.17.0. The problem has been recognized and patched. The fix will be available in version 4.17.0. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2021-41164 |
| CVE-2021-38267 | Cross-site scripting (XSS) vulnerability in the Blogs module's edit blog entry page in Liferay Portal 7.3.2 through 7.3.6, and Liferay DXP 7.3 before fix pack 2 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_blogs_web_portlet_BlogsAdminPortlet_title and _com_liferay_blogs_web_portlet_BlogsAdminPortlet_subtitle parameter. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2021-38267 |
| CVE-2022-2022 | Cross-site Scripting (XSS) - Stored in GitHub repository nocodb/nocodb prior to 0.91.7. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-2022 |
| CVE-2020-36544 | A vulnerability has been found in SialWeb CMS and classified as problematic. This vulnerability affects unknown code of the component Search Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2020-36544 |
| CVE-2022-1506 | The WP Born Babies WordPress plugin through 1.0 does not sanitise and escape some of its fields, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-1506 |
| CVE-2022-1577 | The Database Backup for WordPress plugin before 2.5.2 does not have CSRF check in place when updating the schedule backup settings, which could allow an attacker to make a logged in admin change them via a CSRF attack. This could lead to cases where attackers can send backup notification emails to themselves, which contain more details. Or disable the automatic backup schedule | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-1577 |
| CVE-2021-40610 | Emlog Pro v 1.0.4 cross-site scripting (XSS) in Emlog Pro background management. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2021-40610 |
| CVE-2022-2016 | Cross-site Scripting (XSS) - Reflected in GitHub repository neorazorx/facturascripts prior to 2022.1. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-2016 |
| CVE-2022-2014 | Code Injection in GitHub repository jgraph/drawio prior to 19.0.2. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-2014 |
| CVE-2022-2015 | Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 19.0.2. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-2015 |
| CVE-2022-2026 | Cross-site Scripting (XSS) - Stored in GitHub repository kromitgmbh/titra prior to 0.77.0. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-2026 |
| CVE-2022-2028 | Cross-site Scripting (XSS) - Generic in GitHub repository kromitgmbh/titra prior to 0.77.0. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-2028 |
| CVE-2022-2029 | Cross-site Scripting (XSS) - DOM in GitHub repository kromitgmbh/titra prior to 0.77.0. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-2029 |
| CVE-2022-2036 | Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 9.0.1. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-2036 |
| CVE-2022-31038 | Gogs is an open source self-hosted Git service. In versions of gogs prior to 0.12.9 `DisplayName` does not filter characters input from users, which leads to an XSS vulnerability when directly displayed in the issue list. This issue has been resolved in commit 155cae1d which sanitizes `DisplayName` prior to display to the user. All users of gogs are advised to upgrade. Users unable to upgrade should check their users' display names for malicious characters. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-31038 |
| CVE-2022-24876 | GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Kanban is a GLPI view to display Projects, Tickets, Changes or Problems on a task board. In versions prior to 10.0.1 a user can exploit a cross site scripting vulnerability in Kanban by injecting HTML code in its user name. Users are advised to upgrade. There are no known workarounds for this issue. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-24876 |
| CVE-2017-20034 | A vulnerability classified as problematic was found in PHPList 3.2.6. This vulnerability affects unknown code of the file /lists/admin/ of the component List Name. The manipulation leads to cross site scripting (Persistent). The attack can be initiated remotely. Upgrading to version 3.3.1 is able to address this issue. It is recommended to upgrade the affected component. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2017-20034 |
| CVE-2017-20035 | A vulnerability, which was classified as problematic, has been found in PHPList 3.2.6. This issue affects some unknown processing of the file /lists/admin/ of the component Subscribe. The manipulation leads to cross site scripting (Persistent). The attack may be initiated remotely. Upgrading to version 3.3.1 is able to address this issue. It is recommended to upgrade the affected component. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2017-20035 |
| CVE-2017-20036 | A vulnerability, which was classified as problematic, was found in PHPList 3.2.6. Affected is an unknown function of the file /lists/admin/ of the component Bounce Rule. The manipulation leads to cross site scripting (Persistent). It is possible to launch the attack remotely. Upgrading to version 3.3.1 is able to address this issue. It is recommended to upgrade the affected component. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2017-20036 |
| CVE-2022-30611 | IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using some fields of the form in the portal UI to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. IBM X-Force ID: 227364. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-30611 |
| CVE-2021-41502 | An issue was discovered in Subrion CMS v4.2.1 There is a stored cross-site scripting (XSS) vulnerability that can execute malicious JavaScript code by modifying the name of the uploaded image, closing the html tag, or adding the onerror attribute. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2021-41502 |
| CVE-2018-25034 | A vulnerability, which was classified as problematic, has been found in Thomson TCW710 ST5D.10.05. This issue affects some unknown processing of the file /goform/wlanPrimaryNetwork. The manipulation of the argument ServiceSetIdentifier with the input >--redacted-- as part of POST Request leads to cross site scripting (Persistent). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2018-25034 |
| CVE-2018-25035 | A vulnerability, which was classified as problematic, was found in Thomson TCW710 ST5D.10.05. Affected is an unknown function of the file /goform/RGFirewallEL. The manipulation of the argument EmailAddress/SmtpServerName with the input >--redacted-- as part of POST Request leads to cross site scripting (Persistent). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2018-25035 |
| CVE-2018-25036 | A vulnerability has been found in Thomson TCW710 ST5D.10.05 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /goform/RgTime. The manipulation of the argument TimeServer1/TimeServer2/TimeServer3 with the input >--redacted-- as part of POST Request leads to cross site scripting (Persistent). The attack can be launched remotely. The exploit has been disclosed to the public and may be used | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2018-25036 |
| CVE-2018-25037 | A vulnerability was found in Thomson TCW710 ST5D.10.05 and classified as problematic. Affected by this issue is some unknown functionality of the file /goform/RgDdns. The manipulation of the argument DdnsHostName with the input >--redacted-- as part of POST Request leads to cross site scripting (Persistent). The attack may be launched remotely. The exploit has been disclosed to the public and may be used | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2018-25037 |
| CVE-2018-25038 | A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been classified as problematic. This affects an unknown part of the file /goform/RgDhcp. The manipulation of the argument PppUserName with the input >--redacted-- as part of POST Request leads to cross site scripting (Persistent). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2018-25038 |
| CVE-2018-25039 | A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been declared as problematic. This vulnerability affects unknown code of the file /goform/RgUrlBlock.asp. The manipulation of the argument BasicParentalNewKeyword with the input >--redacted-- as part of POST Request leads to cross site scripting (Persistent). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2018-25039 |
| CVE-2017-20043 | A vulnerability was found in Navetti PricePoint 4.6.0.0 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting (Persistent). The attack may be launched remotely. Upgrading to version 4.7.0.0 is able to address this issue. It is recommended to upgrade the affected component. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2017-20043 |
| CVE-2017-20044 | A vulnerability was found in Navetti PricePoint 4.6.0.0. It has been classified as problematic. This affects an unknown part. The manipulation leads to basic cross site scripting (Reflected). It is possible to initiate the attack remotely. Upgrading to version 4.7.0.0 is able to address this issue. It is recommended to upgrade the affected component. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2017-20044 |
| CVE-2022-2060 | Cross-site Scripting (XSS) - Stored in GitHub repository dolibarr/dolibarr prior to 16.0. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-2060 |
| CVE-2021-40902 | flatCore-CMS version 2.0.8 is affected by Cross Site Scripting (XSS) in the "Create New Page" option through the index page. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2021-40902 |
| CVE-2022-1208 | The Ultimate Member plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Biography field featured on individual user profile pages due to insufficient input sanitization and output escaping that allows users to encode malicious web scripts with HTML encoding that is reflected back on the page. This affects versions up to, and including, 2.3.2. Please note this issue was partially fixed in version 2.3.2 then subsequently fully patched in version 2.3.3. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-1208 |
| CVE-2022-1549 | The WP Athletics WordPress plugin through 1.1.7 does not sanitize parameters before storing them in the database, nor does it escape the values when outputting them back in the admin dashboard, leading to a Stored Cross-Site Scripting vulnerability. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-1549 |
| CVE-2022-1656 | Vulnerable versions of the JupiterX Theme (<=2.0.6) allow any logged-in user, including subscriber-level users, to access any of the functions registered in lib/api/api/ajax.php, which also grant access to the jupiterx_api_ajax_ actions registered by the JupiterX Core Plugin (<=2.0.6). This includes the ability to deactivate arbitrary plugins as well as update the theme’s API key. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-1656 |
| CVE-2022-1763 | Due to missing checks the Static Page eXtended WordPress plugin through 2.1 is vulnerable to CSRF attacks which allows changing the plugin settings, including required user levels for specific features. This could also lead to Stored Cross-Site Scripting due to the lack of escaping in some of the settings | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-1763 |
| CVE-2022-1764 | The WP-chgFontSize WordPress plugin through 1.8 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-1764 |
| CVE-2022-1780 | The LaTeX for WordPress plugin through 3.4.10 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack which could also lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-1780 |
| CVE-2022-1781 | The postTabs WordPress plugin through 2.10.6 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, which also lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-1781 |
| CVE-2022-1787 | The Sideblog WordPress plugin through 6.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-1787 |
| CVE-2022-1792 | The Quick Subscribe WordPress plugin through 1.7.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and leading to Stored XSS due to the lack of sanitisation and escaping in some of them | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-1792 |
| CVE-2022-1658 | Vulnerable versions of the Jupiter Theme (<= 6.10.1) allow arbitrary plugin deletion by any authenticated user, including users with the subscriber role, via the abb_remove_plugin AJAX action registered in the framework/admin/control-panel/logic/plugin-management.php file. Using this functionality, any logged-in user can delete any installed plugin on the site. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-1658 |
| CVE-2022-23072 | In Recipes, versions 1.0.5 through 1.2.5 are vulnerable to Stored Cross-Site Scripting (XSS), in “Add to Cart” functionality. When a victim accesses the food list page, then adds a new Food with a malicious javascript payload in the ‘Name’ parameter and clicks on the Add to Shopping Cart icon, an XSS payload will trigger. A low privileged attacker will have the victim's API key and can lead to admin's account takeover. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-23072 |
| CVE-2022-23073 | In Recipes, versions 1.0.5 through 1.2.5 are vulnerable to Stored Cross-Site Scripting (XSS), in copy to clipboard functionality. When a victim accesses the food list page, then adds a new Food with a malicious javascript payload in the ‘Name’ parameter and clicks on the clipboard icon, an XSS payload will trigger. A low privileged attacker will have the victim's API key and can lead to admin's account takeover. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-23073 |
| CVE-2022-23074 | In Recipes, versions 0.17.0 through 1.2.5 are vulnerable to Stored Cross-Site Scripting (XSS), in the ‘Name’ field of Keyword, Food and Unit components. When a victim accesses the Keyword/Food/Unit endpoints, the XSS payload will trigger. A low privileged attacker will have the victim's API key and can lead to admin's account takeover. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-23074 |
| CVE-2019-12265 | Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2019-12265 |
| CVE-2022-22970 | In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-22970 |
| CVE-2022-31485 | An unauthenticated attacker can send a specially crafted packets to update the “notes” section of the home page of the web interface. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.29. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-31485 |
| CVE-2022-1598 | The WPQA Builder WordPress plugin before 5.4 which is a companion to the Discy and Himer , lacks authentication in a REST API endpoint, allowing unauthenticated users to discover private questions sent between users on the site. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-1598 |
| CVE-2022-28330 | Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-28330 |
| CVE-2022-28614 | The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the 'ap_rputs' function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-28614 |
| CVE-2022-31769 | IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 could allow a remote attacker to view product configuration information stored in PostgreSQL, which could be used in further attacks against the system. IBM X-Force ID: 228219. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-31769 |
| CVE-2022-1595 | The HC Custom WP-Admin URL WordPress plugin through 1.4 leaks the secret login URL when sending a specific crafted request | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-1595 |
| CVE-2022-30154 | Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-30154 |
| CVE-2022-27512 | Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM. | 5.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-27512 |
| CVE-2022-1685 | The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise the orderby parameter before using it in a SQL statement via the Manage Products admin page, leading to an SQL Injection | 4.9 | https://nvd.nist.gov/vuln/detail/CVE-2022-1685 |
| CVE-2022-1691 | The Realty Workstation WordPress plugin through 1.0.6 does not sanitise and escape the trans_edit parameter before using it in a SQL statement when an agent edit a transaction, leading to an SQL injection | 4.9 | https://nvd.nist.gov/vuln/detail/CVE-2022-1691 |
| CVE-2022-21503 | Vulnerability in the Oracle Cloud Infrastructure product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to Oracle Cloud Infrastructure accessible data. All affected customers were notified of CVE-2022-21503 by Oracle. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N) | 4.9 | https://nvd.nist.gov/vuln/detail/CVE-2022-21503 |
| CVE-2022-0388 | The Interactive Medical Drawing of Human Body WordPress plugin before 2.6 does not sanitise and escape the Link field, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-0388 |
| CVE-2022-1394 | The Photo Gallery by 10Web WordPress plugin before 1.6.4 does not properly validate and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1394 |
| CVE-2022-1469 | The FiboSearch WordPress plugin before 1.17.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1469 |
| CVE-2022-1541 | The Video Slider WordPress plugin before 1.4.8 does not sanitize or escape some of its video settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1541 |
| CVE-2022-1569 | The Drag & Drop Builder, Human Face Detector, Pre-built Templates, Spam Protection, User Email Notifications & more! WordPress plugin before 1.4.9.4 does not sanitise and escape some of its form fields, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1569 |
| CVE-2022-1647 | The FormCraft WordPress plugin before 1.2.6 does not sanitise and escape Field Labels, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1647 |
| CVE-2022-30899 | A Cross Site Scripting vulnerabilty exists in PartKeepr 1.4.0 via the 'name' field in /api/part_categories. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-30899 |
| CVE-2022-2020 | A vulnerability, which was classified as problematic, has been found in SourceCodester Prison Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/?page=system_info of the component System Name Handler. The manipulation with the input <img src="" onerror="alert(1)"> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-2020 |
| CVE-2022-1335 | The Slideshow CK WordPress plugin before 1.4.10 does not sanitize and escape Slide's descriptions, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1335 |
| CVE-2022-1336 | The Carousel CK WordPress plugin through 1.1.0 does not sanitize and escape Slide's descriptions, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1336 |
| CVE-2022-1710 | The Appointment Hour Booking WordPress plugin before 1.3.56 does not sanitise and escape a settings of its Calendar fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1710 |
| CVE-2022-1772 | The Google Places Reviews WordPress plugin before 2.0.0 does not properly escape its Google API key setting, which is reflected on the site's administration panel. A malicious administrator could abuse this bug, in a multisite WordPress configuration, to trick super-administrators into viewing the booby-trapped payload and taking over their account. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1772 |
| CVE-2022-1814 | The WP Admin Style WordPress plugin through 0.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1814 |
| CVE-2022-31398 | A cross-site scripting (XSS) vulnerability in /staff/tools/custom-fields of Helpdeskz v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email name field. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-31398 |
| CVE-2022-31400 | A cross-site scripting (XSS) vulnerability in /staff/setup/email-addresses of Helpdeskz v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email name field. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-31400 |
| CVE-2022-0209 | The Mitsol Social Post Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.10 due to insufficient input sanitization and output escaping on the application id parameters. This makes it possible for authenticated (admin+) attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html is disabled. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-0209 |
| CVE-2022-1750 | The Sticky Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ popup_title' parameter in versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with admin level capabilities and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This issue mostly affects sites where unfiltered_html has been disabled for administrators and on multi-site installations where unfiltered_html is disabled for administrators. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1750 |
| CVE-2022-1961 | The Google Tag Manager for WordPress (GTM4WP) plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the `gtm4wp-options[scroller-contentid]` parameter found in the `~/public/frontend.php` file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.15.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. | 4.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-1961 |
| CVE-2022-31758 | The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | 4.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-31758 |
| CVE-2022-28385 | An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity checks, an attacker can manipulate the content of the emulated CD-ROM drive (containing the Windows and macOS client software). The content of this emulated CD-ROM drive is stored as an ISO-9660 image in the hidden sectors of the USB drive, that can only be accessed using special IOCTL commands, or when installing the drive in an external disk enclosure. By manipulating this ISO-9660 image or replacing it with another one, an attacker is able to store malicious software on the emulated CD-ROM drive. This software may get executed by an unsuspecting victim when using the device. For example, an attacker with temporary physical access during the supply chain could program a modified ISO-9660 image on a device that always accepts an attacker-controlled password for unlocking the device. If the attacker later on gains access to the used USB drive, he can simply decrypt all contained user data. Storing arbitrary other malicious software is also possible. This affects Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1 and Fingerprint Secure Portable Hard Drive Part Number #53650. | 4.6 | https://nvd.nist.gov/vuln/detail/CVE-2022-28385 |
| CVE-2022-28387 | An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affects Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1 and Fingerprint Secure Portable Hard Drive Part Number #53650. | 4.6 | https://nvd.nist.gov/vuln/detail/CVE-2022-28387 |
| CVE-2022-28386 | An issue was discovered in certain Verbatim drives through 2022-03-31. The security feature for lockout (e.g., requiring a reformat of the drive after 20 failed unlock attempts) does not work as specified. More than 20 attempts may be made. This affects Keypad Secure USB 3.2 Gen 1 Drive Part Number #49428 and Store 'n' Go Secure Portable HDD GD25LK01-3637-C VER4.0. | 4.6 | https://nvd.nist.gov/vuln/detail/CVE-2022-28386 |
| CVE-2022-29948 | Due to an insecure design, the Lepin EP-KP001 flash drive through KP001_V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Normally, the encrypted disk partition with this data is unlocked by entering the correct passcode (6 to 14 digits) via the keypad and pressing the Unlock button. This authentication is performed by an unknown microcontroller. By replacing this microcontroller on a target device with one from an attacker-controlled Lepin EP-KP001 whose passcode is known, it is possible to successfully unlock the target device and read the stored data in cleartext. | 4.6 | https://nvd.nist.gov/vuln/detail/CVE-2022-29948 |
| CVE-2022-30610 | IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to reverse tabnabbing where it could allow a page linked to from within IBM Spectrum Copy Data Management to rewrite it. An administrator could enter a link to a malicious URL that another administrator could then click. Once clicked, that malicious URL could then rewrite the original page with a phishing page. IBM X-Force ID: 227363. | 4.5 | https://nvd.nist.gov/vuln/detail/CVE-2022-30610 |
| CVE-2019-5068 | An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability. | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2019-5068 |
| CVE-2020-27068 | Product: AndroidVersions: Android kernelAndroid ID: A-127973231References: Upstream kernel | 4.4 | https://nvd.nist.gov/vuln/detail/CVE-2020-27068 |
| CVE-2020-15792 | A vulnerability has been identified in Desigo Insight (All versions). The web service does not properly apply input validation for some query parameters in a reserved area. This could allow an authenticated attacker to retrieve data via a content-based blind SQL injection attack. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2020-15792 |
| CVE-2022-1695 | The WP Simple Adsense Insertion WordPress plugin before 2.1 does not perform CSRF checks on updates to its admin page, allowing an attacker to trick a logged in user to manipulate ads and inject arbitrary javascript via submitting a form. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-1695 |
| CVE-2022-1709 | The Throws SPAM Away WordPress plugin before 3.3.1 does not have CSRF checks in place when deleting comments (either all, spam, or pending), allowing attackers to make a logged in admin delete comments via a CSRF attack | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-1709 |
| CVE-2022-1712 | The LiveSync for WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-1712 |
| CVE-2022-32273 | As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core (MDCore) before 5.1.2 could allow an authenticated user to enumerate filenames on the server. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-32273 |
| CVE-2022-24896 | Tuleap is a Free & Open Source Suite to manage software developments and collaboration. In versions prior to 13.7.99.239 Tuleap does not properly verify authorizations when displaying the content of tracker report renderer and chart widgets. Malicious users could use this vulnerability to retrieve the name of a tracker they cannot access as well as the name of the fields used in reports. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-24896 |
| CVE-2022-30760 | An Insecure Direct Object Reference (IDOR) issue in fn2Web in ihb eG FlexNow before 2.04.09.016 allows remote authenticated attackers to obtain sensitive student information (final grades, study courses, degrees) by changing the student ID parameter in the HTTP POST request to the FrontControllerSS endpoint. | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-30760 |
| CVE-2022-1594 | The HC Custom WP-Admin URL WordPress plugin through 1.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, allowing them to change the login URL | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-1594 |
| CVE-2022-1793 | The Private Files WordPress plugin through 0.40 is missing CSRF check when disabling the protection, which could allow attackers to make a logged in admin perform such action via a CSRF attack and make the blog public | 4.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-1793 |
| CVE-2020-27818 | A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. An attacker able to pass a malicious file to be processed by pngcheck could cause a temporary denial of service, posing a low risk to application availability. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2020-27818 |
| CVE-2020-10698 | A flaw was found in Ansible Tower when running jobs. This flaw allows an attacker to access the stdout of the executed jobs which are run from other organizations. Some sensible data can be disclosed. However, critical data should not be disclosed, as it should be protected by the no_log flag when debugging is enabled. This flaw affects Ansible Tower versions before 3.6.4, Ansible Tower versions before 3.5.6 and Ansible Tower versions before 3.4.6. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2020-10698 |
| CVE-2021-0983 | In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible disclosure of information about installed device/profile owner package name due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-192245204 | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2021-0983 |
| CVE-2022-22426 | IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. An attacker could exploit this vulnerability to bypass authentication and gain unauthorized access to the Spectrum Copy Data Management catalog which contains metadata. IBM X-Force ID: 223718. | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-2022-22426 |
| CVE-2022-27657 | A highly privileged remote attacker, can gain unauthorized access to display contents of restricted directories by exploiting insufficient validation of path information in SAP Focused Run (Simple Diagnostics Agent 1.0) - version 1.0. | 2.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-27657 |
| CVE-2022-1684 | The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter before using it in various SQL queries, leading to SQL Injections exploitable by high privileged users such as admin | 2.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-1684 |
| CVE-2022-1686 | The Five Minute Webshop WordPress plugin through 1.3.2 does not sanitise and escape the id parameter before using it in a SQL statement when editing a product via the admin dashboard, leading to an SQL Injection | 2.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-1686 |
| CVE-2022-1687 | The Logo Slider WordPress plugin through 1.4.8 does not sanitise and escape the lsp_slider_id parameter before using it in a SQL statement via the Manage Slider Images admin page, leading to an SQL Injection | 2.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-1687 |
| CVE-2022-1688 | The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the id parameter before using it in various SQL statement via the admin dashboard, leading to SQL Injections | 2.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-1688 |
| CVE-2022-1689 | The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the Update parameter before using it in a SQL statement when updating a note via the admin dashboard, leading to an SQL injection | 2.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-1689 |
| CVE-2022-1690 | The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the ids from the bulk actions before using them in a SQL statement in an admin page, leading to an SQL injection | 2.7 | https://nvd.nist.gov/vuln/detail/CVE-2022-1690 |
| CVE-2017-20031 | A vulnerability was found in PHPList 3.2.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument sortby with the input password leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.3.1 is able to address this issue. It is recommended to upgrade the affected component. | 2.7 | https://nvd.nist.gov/vuln/detail/CVE-2017-20031 |
| CVE-2003-0947 | Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable. | – | https://nvd.nist.gov/vuln/detail/CVE-2003-0947 |
| CVE-2008-4918 | Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote attackers to inject arbitrary web script or HTML into arbitrary web sites via a URL to a site that is blocked based on content filtering, which is not properly handled in the CFS block page, aka "universal website hijacking." | – | https://nvd.nist.gov/vuln/detail/CVE-2008-4918 |
| CVE-2009-3732 | Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute arbitrary code via unspecified vectors. | – | https://nvd.nist.gov/vuln/detail/CVE-2009-3732 |
| CVE-2011-2894 | Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through 3.0.5 and 2.0.0 through 2.0.6, and possibly other versions deserialize objects from untrusted sources, which allows remote attackers to bypass intended security restrictions and execute untrusted code by (1) serializing a java.lang.Proxy instance and using InvocationHandler, or (2) accessing internal AOP interfaces, as demonstrated using deserialization of a DefaultListableBeanFactory instance to execute arbitrary commands via the java.lang.Runtime class. | – | https://nvd.nist.gov/vuln/detail/CVE-2011-2894 |
| CVE-2013-4484 | Varnish before 3.0.5 allows remote attackers to cause a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI. | – | https://nvd.nist.gov/vuln/detail/CVE-2013-4484 |
| CVE-2014-2589 | Cross-site scripting (XSS) vulnerability in the Dashboard Backend service (stats/dashboard.jsp) in SonicWall Network Security Appliance (NSA) 2400 allows remote attackers to inject arbitrary web script or HTML via the sn parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-2589 |
| CVE-2013-0345 | varnish 3.0.3 uses world-readable permissions for the /var/log/varnish/ directory and the log files in the directory, which allows local users to obtain sensitive information by reading the files. NOTE: some of these details are obtained from third party information. | – | https://nvd.nist.gov/vuln/detail/CVE-2013-0345 |
| CVE-2015-0235 | Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST." | – | https://nvd.nist.gov/vuln/detail/CVE-2015-0235 |
| CVE-2022-32278 | XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32278 |
| CVE-2022-29034 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An error message pop up window in the web interface of the affected application does not prevent injection of JavaScript code. This could allow attackers to perform reflected cross-site scripting (XSS) attacks. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29034 |
| CVE-2021-40678 | In Piwigo 11.5.0, there exists a persistent cross-site scripting in the single mode function through /admin.php?page=batch_manager&mode=unit. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-40678 |
| CVE-2022-31273 | An issue in TopIDP3000 Topsec Operating System tos_3.3.005.665b.15_smpidp allows attackers to perform a brute-force attack via a crafted session_id cookie. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31273 |
| CVE-2021-40660 | An issue was discovered in Delight Nashorn Sandbox 0.2.0. There is an ReDoS vulnerability that can be exploited to launching a denial of service (DoS) attack. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-40660 |
| CVE-2022-27889 | The Multipass service was found to have code paths that could be abused to cause a denial of service for authentication or authorization operations. A malicious attacker could perform an application-level denial of service attack, potentially causing authentication and/or authorization operations to fail for the duration of the attack. This could lead to performance degradation or login failures for customer Palantir Foundry environments. This vulnerability is resolved in Multipass 3.647.0. This issue affects: Palantir Foundry Multipass versions prior to 3.647.0. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-27889 |
| CVE-2022-31308 | A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows attackers to obtain sensitive router information via execution of the exec cmd function. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31308 |
| CVE-2022-31309 | A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to obtain sensitive router information via execution of the exec cmd function. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31309 |
| CVE-2022-31311 | An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to execute arbitrary commands via a crafted POST request. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31311 |
| CVE-2022-31845 | A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31845 |
| CVE-2022-31846 | A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31846 |
| CVE-2022-31847 | A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via a crafted POST request. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31847 |
| CVE-2022-32336 | Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/view_menu.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32336 |
| CVE-2022-30931 | Employee Leaves Management System (ELMS) V 2.1 is vulnerable to Cross Site Request Forgery (CSRF) via /myprofile.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30931 |
| CVE-2022-32328 | Fast Food Ordering System v1.0 is vulnerable to Delete any file. via /ffos/classes/Master.php?f=delete_img. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32328 |
| CVE-2022-32352 | Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient_admission. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32352 |
| CVE-2021-42675 | Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-42675 |
| CVE-2022-27668 | Depending on the configuration of the route permission table in file 'saprouttab', it is possible for an unauthenticated attacker to execute SAProuter administration commands in SAP NetWeaver and ABAP Platform - versions KERNEL 7.49, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.49, KRNL64UC 7.49, SAP_ROUTER 7.53, 7.22, from a remote client, for example stopping the SAProuter, that could highly impact systems availability. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-27668 |
| CVE-2022-29612 | SAP NetWeaver, ABAP Platform and SAP Host Agent - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, 8.04, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, 8.04, SAPHOSTAGENT 7.22, allows an authenticated user to misuse a function of sapcontrol webfunctionality(startservice) in Kernel which enables malicious users to retrieve information. On successful exploitation, an attacker can obtain technical information like system number or physical address, which is otherwise restricted, causing a limited impact on the confidentiality of the application. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29612 |
| CVE-2022-30930 | Tourism Management System Version: V 3.2 is affected by: Cross Site Request Forgery (CSRF). | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30930 |
| CVE-2022-31289 | https://ossindex.sonatype.org/ Sonatype Nexus Repository Manager OSS 3.37.3-02 is affected by: Incorrect Access Control. The impact is: Authentication Bypass (remote). The component is: Admin Panel. The attack vector is: With the help of response manipulation Attacker can bypass the login panel and view the dashboard menus, No user interaction is required. ¶¶ 1. Go to https://nexus.e-goi.com 2. Click on the Sign In button. 3. Enter the password as admin:admin. 4. Intercept the request in Burp Suite. 5. Capture the Response of the Request. 6. Change the Status Code from 403 Forbidden to 200 OK. 7. You will see the dashboard which provides the admin access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31289 |
| CVE-2022-31403 | ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/pages/ajax.render.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31403 |
| CVE-2022-32337 | Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/patients/manage_patient.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32337 |
| CVE-2022-32557 | An issue was discovered in Couchbase Server before 7.0.4. The Index Service does not enforce authentication for TCP/TLS servers. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32557 |
| CVE-2022-32559 | An issue was discovered in Couchbase Server before 7.0.4. Random HTTP requests lead to leaked metrics. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32559 |
| CVE-2022-32561 | An issue was discovered in Couchbase Server before 6.6.5 and 7.x before 7.0.4. Previous mitigations for CVE-2018-15728 were found to be insufficient when it was discovered that diagnostic endpoints could still be accessed from the network. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32561 |
| CVE-2022-29238 | Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with `ContentsManager.allow_hidden = False` only prevented listing the contents of hidden directories, not accessing individual hidden files or files in hidden directories (i.e. hidden files were 'hidden' but not 'inaccessible'). This could lead to notebook configurations allowing authenticated access to files that may reasonably be expected to be disallowed. Because fully authenticated requests are required, this is of relatively low impact. But if a server's root directory contains sensitive files whose only protection from the server is being hidden (e.g. `~/.ssh` while serving $HOME), then any authenticated requests could access files if their names are guessable. Such contexts also necessarily have full access to the server and therefore execution permissions, which also generally grants access to all the same files. So this does not generally result in any privilege escalation or increase in information access, only an additional, unintended means by which the files could be accessed. Version 6.4.12 contains a patch for this issue. There are currently no known workarounds. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29238 |
| CVE-2022-30903 | Nokia "G-2425G-A" Bharti Airtel Routers Hardware version "3FE48299DEAA" Software Version "3FE49362IJHK42" is vulnerable to Cross-Site Scripting (XSS) via the admin->Maintenance>Device Management. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30903 |
| CVE-2022-32364 | Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/manage_product&id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32364 |
| CVE-2022-32365 | Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/manage_field.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32365 |
| CVE-2022-32366 | Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/view_field.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32366 |
| CVE-2022-32367 | Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=inquiries/view_inquiry&id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32367 |
| CVE-2022-29614 | SAP startservice - of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform and HANA Database - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, SAPHOSTAGENT 7.22, - on Unix systems, s-bit helper program sapuxuserchk, can be abused physically resulting in a privilege escalation of an attacker leading to low impact on confidentiality and integrity, but a profound impact on availability. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29614 |
| CVE-2022-29615 | SAP NetWeaver Developer Studio (NWDS) - version 7.50, is based on Eclipse, which contains the logging framework log4j in version 1.x. The application's confidentiality and integrity could have a low impact due to the vulnerabilities associated with version 1.x. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29615 |
| CVE-2022-29618 | Due to insufficient input validation, SAP NetWeaver Development Infrastructure (Design Time Repository) - versions 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to inject script into the URL and execute code in the user’s browser. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29618 |
| CVE-2022-31589 | Due to improper authorization check, business users who are using Israeli File from SHAAM program (/ATL/VQ23 transaction), are granted more than needed authorization to perform certain transaction, which may lead to users getting access to data that would otherwise be restricted. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31589 |
| CVE-2022-31590 | SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the application during application start up or reboot, potentially compromising Confidentiality, Integrity and Availability of the system. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31590 |
| CVE-2022-31594 | A highly privileged user can exploit SUID-root program to escalate his privileges to root on a local Unix system. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31594 |
| CVE-2022-31595 | SAP Financial Consolidation - version 1010,?does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31595 |
| CVE-2022-32235 | When a user opens manipulated AutoCAD (.dwg, TeighaTranslator.exe) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32235 |
| CVE-2022-31059 | Discourse Calendar is a calendar plugin for Discourse, an open-source messaging app. Prior to version 1.0.1, parsing and rendering of Event names can be susceptible to cross-site scripting (XSS) attacks. This vulnerability only affects sites which have modified or disabled Discourse’s default Content Security Policy. This issue is patched in version 1.0.1 of the Discourse Calendar plugin. As a workaround, ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31059 |
| CVE-2022-32236 | When a user opens manipulated Windows Bitmap (.bmp, 2d.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32236 |
| CVE-2022-32237 | When a user opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32237 |
| CVE-2022-32238 | When a user opens manipulated Encapsulated Post Script (.eps, ai.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32238 |
| CVE-2022-32239 | When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32239 |
| CVE-2022-29241 | Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter Notebook. Prior to version 1.17.1, if notebook server is started with a value of `root_dir` that contains the starting user's home directory, then the underlying REST API can be used to leak the access token assigned at start time by guessing/brute forcing the PID of the jupyter server. While this requires an authenticated user session, this URL can be used from a cross-site scripting payload or from a hooked or otherwise compromised browser to leak this access token to a malicious third party. This token can be used along with the REST API to interact with Jupyter services/notebooks such as modifying or overwriting critical files, such as .bashrc or .ssh/authorized_keys, allowing a malicious user to read potentially sensitive data and possibly gain control of the impacted system. This issue is patched in version 1.17.1. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29241 |
| CVE-2022-31046 | TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31046 |
| CVE-2022-31047 | TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, system internal credentials or keys (e.g. database credentials) can be logged as plaintext in exception handlers, when logging the complete exception stack trace. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 contain a fix for the problem. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31047 |
| CVE-2022-31048 | TYPO3 is an open source web content management system. Prior to versions 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed to exploit this vulnerability. TYPO3 versions 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11 contain a fix for the problem. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31048 |
| CVE-2022-31049 | TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, user submitted content was used without being properly encoded in HTML emails sent to users. The actually affected components were mail clients used to view those messages. TYPO3 versions 9.5.34 ELTS, 10.4.29, and 11.5.11 contain a fix for the problem. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31049 |
| CVE-2022-31050 | TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, Admin Tool sessions initiated via the TYPO3 backend user interface had not been revoked even if the corresponding user account was degraded to lower permissions or disabled completely. This way, sessions in the admin tool theoretically could have been prolonged without any limit. TYPO3 versions 9.5.34 ELTS, 10.4.29, and 11.5.11 contain a fix for the problem. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31050 |
| CVE-2022-31060 | Discourse is an open-source discussion platform. Prior to version 2.8.4 in the `stable` branch and version `2.9.0.beta5` in the `beta` and `tests-passed` branches, banner topic data is exposed on login-required sites. This issue is patched in version 2.8.4 in the `stable` branch and version `2.9.0.beta5` in the `beta` and `tests-passed` branches of Discourse. As a workaround, one may disable banners. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31060 |
| CVE-2022-32353 | Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/manage_field_order.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32353 |
| CVE-2022-32354 | Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=user/manage_user&id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32354 |
| CVE-2022-32355 | Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/view_product&id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32355 |
| CVE-2022-32358 | Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_inquiry. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32358 |
| CVE-2022-32359 | Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_category. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32359 |
| CVE-2022-32362 | Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/manage_category.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32362 |
| CVE-2022-32363 | Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/view_category.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32363 |
| CVE-2022-31066 | EdgeX Foundry is an open source project for building a common open framework for Internet of Things edge computing. Prior to version 2.1.1, the /api/v2/config endpoint exposes message bus credentials to local unauthenticated users. In security-enabled mode, message bus credentials are supposed to be kept in the EdgeX secret store and require authentication to access. This vulnerability bypasses the access controls on message bus credentials when running in security-enabled mode. (No credentials are required when running in security-disabled mode.) As a result, attackers could intercept data or inject fake data into the EdgeX message bus. Users should upgrade to EdgeXFoundry Kamakura release (2.2.0) or to the June 2022 EdgeXFoundry LTS Jakarta release (2.1.1) to receive a patch. More information about which go modules, docker containers, and snaps contain patches is available in the GitHub Security Advisory. There are currently no known workarounds for this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31066 |
| CVE-2022-32230 | Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32230 |
| CVE-2022-32240 | When a user opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32240 |
| CVE-2022-32241 | When a user opens manipulated Portable Document Format (.pdf, PDFView.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32241 |
| CVE-2022-32242 | When a user opens manipulated Radiance Picture (.hdr, hdr.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32242 |
| CVE-2022-32243 | When a user opens manipulated Scalable Vector Graphics (.svg, svg.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32243 |
| CVE-2022-1958 | A vulnerability classified as critical has been found in FileCloud. Affected is the NTFS handler which leads to improper access controls. It is possible to launch the attack remotely but it demands some form of authentication. Upgrading to version 21.3.5.18513 is able to address this issue. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1958 |
| CVE-2021-40212 | An exploitable out-of-bounds write vulnerability in PotPlayer 1.7.21523 build 210729 may lead to code execution, information disclosure, and denial of service. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-40212 |
| CVE-2021-41413 | ok-file-formats master 2021-9-12 is affected by a buffer overflow in ok_jpg_convert_data_unit_grayscale and ok_jpg_convert_YCbCr_to_RGB. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-41413 |
| CVE-2021-39691 | In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when processing user input. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-157929241 | – | https://nvd.nist.gov/vuln/detail/CVE-2021-39691 |
| CVE-2022-20123 | In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221852424 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20123 |
| CVE-2022-20124 | In deletePackageX of DeletePackageHelper.java, there is a possible way for a Guest user to reset pre-loaded applications for other users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-170646036 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20124 |
| CVE-2022-20125 | In GBoard, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-194402515 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20125 |
| CVE-2022-20126 | In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode without user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-203431023 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20126 |
| CVE-2022-20127 | In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221862119 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20127 |
| CVE-2022-20129 | In registerPhoneAccount of PhoneAccountRegistrar.java, there is a possible way to prevent the user from selecting a phone account due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-217934478 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20129 |
| CVE-2022-20130 | In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224314979 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20130 |
| CVE-2022-20131 | In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221856662 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20131 |
| CVE-2022-20132 | In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188677105References: Upstream kernel | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20132 |
| CVE-2022-20133 | In setDiscoverableTimeout of AdapterService.java, there is a possible bypass of user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-206807679 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20133 |
| CVE-2022-20134 | In readArguments of CallSubjectDialog.java, there is a possible way to trick the user to call the wrong phone number due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-218341397 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20134 |
| CVE-2022-20135 | In writeToParcel of GateKeeperResponse.java, there is a possible parcel format mismatch. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220303465 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20135 |
| CVE-2022-20137 | In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-206986392 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20137 |
| CVE-2022-2086 | A vulnerability, which was classified as critical, has been found in SourceCodester Bank Management System 1.0. Affected by this issue is login.php. The manipulation of the argument password with the input 1' and malicious sql input leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-2086 |
| CVE-2022-2087 | A vulnerability, which was classified as problematic, was found in SourceCodester Bank Management System 1.0. This affects the file /mnotice.php?id=2. The manipulation of the argument notice with the input --redacted-- leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used | – | https://nvd.nist.gov/vuln/detail/CVE-2022-2087 |
| CVE-2021-36901 | Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in Phil Baker's Age Gate plugin <= 2.17.0 at WordPress. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-36901 |
| CVE-2021-39806 | In closef of label_backends_android.c, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege during startup of servicemanager, if an attacker can trigger an initialization failure, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215387420 | – | https://nvd.nist.gov/vuln/detail/CVE-2021-39806 |
| CVE-2022-20138 | In ACTION_MANAGED_PROFILE_PROVISIONED of DevicePolicyManagerService.java, there is a possible way for unprivileged app to send MANAGED_PROFILE_PROVISIONED intent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-210469972 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20138 |
| CVE-2022-20140 | In read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-227618988 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20140 |
| CVE-2022-20141 | In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20141 |
| CVE-2022-20142 | In createFromParcel of GeofenceHardwareRequestParcelable.java, there is a possible arbitrary code execution due to parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-216631962 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20142 |
| CVE-2022-20143 | In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220735360 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20143 |
| CVE-2022-20144 | In multiple functions of AvatarPhotoController.java, there is a possible access to content owned by system content providers due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-187702830 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20144 |
| CVE-2022-20145 | In startLegacyVpnPrivileged of Vpn.java, there is a possible way to retrieve VPN credentials due to a protocol downgrade attack. This could lead to remote escalation of privilege if a malicious Wi-Fi AP is used, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-201660636 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20145 |
| CVE-2022-20146 | In uploadFile of FileUploadServiceImpl.java, there is a possible incorrect file access due to a confused deputy. This could lead to local information disclosure of private files with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-211757677References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20146 |
| CVE-2022-20147 | In nfa_dm_check_set_config of nfa_dm_main.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221216105 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20147 |
| CVE-2022-20148 | In TBD of TBD, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-219513976References: Upstream kernel | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20148 |
| CVE-2022-20149 | Product: AndroidVersions: Android kernelAndroid ID: A-211685939References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20149 |
| CVE-2022-20151 | Product: AndroidVersions: Android kernelAndroid ID: A-210712565References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20151 |
| CVE-2022-20152 | In the TitanM chip, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-202006198References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20152 |
| CVE-2022-20153 | In rcu_cblist_dequeue of rcu_segcblist.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222091980References: Upstream kernel | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20153 |
| CVE-2022-20154 | In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174846563References: Upstream kernel | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20154 |
| CVE-2022-20155 | In ipu_core_jqs_msg_transport_kernel_write_sync of ipu-core-jqs-msg-transport.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-176754369References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20155 |
| CVE-2022-20156 | In unflatten of GraphicBuffer.cpp, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-212803946References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20156 |
| CVE-2022-20159 | In asn1_ec_pkey_parse of acropora/crypto/asn1_common.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210971465References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20159 |
| CVE-2022-20160 | Product: AndroidVersions: Android kernelAndroid ID: A-210083655References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20160 |
| CVE-2022-20162 | In asn1_p256_int of crypto/asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223492713References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20162 |
| CVE-2022-20164 | Product: AndroidVersions: Android kernelAndroid ID: A-204891956References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20164 |
| CVE-2022-20165 | In asn1_parse of asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-220868345References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20165 |
| CVE-2022-20166 | In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182388481References: Upstream kernel | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20166 |
| CVE-2022-20167 | Product: AndroidVersions: Android kernelAndroid ID: A-204956204References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20167 |
| CVE-2022-20168 | Product: AndroidVersions: Android kernelAndroid ID: A-210594998References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20168 |
| CVE-2022-20169 | Product: AndroidVersions: Android kernelAndroid ID: A-211162353References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20169 |
| CVE-2022-20170 | Product: AndroidVersions: Android kernelAndroid ID: A-209421931References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20170 |
| CVE-2022-20171 | Product: AndroidVersions: Android kernelAndroid ID: A-215565667References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20171 |
| CVE-2022-20172 | In onbind of ShannonRcsService.java, there is a possible access to protect data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-206987222References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20172 |
| CVE-2022-20173 | Product: AndroidVersions: Android kernelAndroid ID: A-207116951References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20173 |
| CVE-2022-20174 | In exynos_secEnv_init of mach-gs101.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210847407References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20174 |
| CVE-2022-20175 | Product: AndroidVersions: Android kernelAndroid ID: A-209252491References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20175 |
| CVE-2022-20176 | In auth_store of sjtag-driver.c, there is a possible read of uninitialized memory due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-197787879References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20176 |
| CVE-2022-20177 | Product: AndroidVersions: Android kernelAndroid ID: A-209906686References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20177 |
| CVE-2022-20178 | In ioctl_dpm_qos_update and ioctl_event_control_set of (TBD), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-224932775References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20178 |
| CVE-2022-20179 | Product: AndroidVersions: Android kernelAndroid ID: A-211683760References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20179 |
| CVE-2022-20181 | Product: AndroidVersions: Android kernelAndroid ID: A-210936609References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20181 |
| CVE-2022-20182 | In handle_ramdump of pixel_loader.c, there is a possible way to create a ramdump of non-secure memory due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222348453References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20182 |
| CVE-2022-20183 | In hypx_create_blob_dmabuf of faceauth_hypx.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188911154References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20183 |
| CVE-2022-20184 | Product: AndroidVersions: Android kernelAndroid ID: A-209153114References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20184 |
| CVE-2022-20185 | In TBD of TBD, there is a possible use after free bug. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-208842348References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20185 |
| CVE-2022-20186 | In kbase_mem_alias of mali_kbase_mem_linux.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-215001024References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20186 |
| CVE-2022-20188 | Product: AndroidVersions: Android kernelAndroid ID: A-207254598References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20188 |
| CVE-2022-20190 | Product: AndroidVersions: Android kernelAndroid ID: A-208744915References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20190 |
| CVE-2022-20191 | Product: AndroidVersions: Android kernelAndroid ID: A-209324757References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20191 |
| CVE-2022-20192 | In grantEmbeddedWindowFocus of WindowManagerService.java, there is a possible way to change an input channel for embedded hierarchy due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215912712 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20192 |
| CVE-2022-20193 | In getUniqueUsagesWithLabels of PermissionUsageHelper.java, there is a possible incorrect permission attribution due to a logic error in the code. This could lead to local escalation of privilege by conflating apps with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-212434116 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20193 |
| CVE-2022-20194 | In onCreate of ChooseLockGeneric.java, there is a possible permission bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-222684510 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20194 |
| CVE-2022-20195 | In the keystore library, there is a possible prevention of access to system Settings due to unsafe deserialization. This could lead to local denial of service with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-213172664 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20195 |
| CVE-2022-20196 | In gallery3d and photos, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-201535148 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20196 |
| CVE-2022-20197 | In recycle of Parcel.java, there is a possible way to start foreground activity from background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-208279300 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20197 |
| CVE-2022-20198 | In llcp_dlc_proc_connect_pdu of llcp_dlc.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure from the NFC stack with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-221851879 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20198 |
| CVE-2022-20200 | In updateApState of SoftApManager.java, there is a possible leak of hotspot state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-212695058 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20200 |
| CVE-2022-20201 | In getAppSize of InstalldNativeService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-220733817 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20201 |
| CVE-2022-20202 | In ih264_resi_trans_quant_4x4_sse42 of ih264_resi_trans_quant_sse42.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-204704614 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20202 |
| CVE-2022-20204 | In registerRemoteBugreportReceivers of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-171495100 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20204 |
| CVE-2022-20205 | In isFileUri of FileUtil.java, there is a possible way to bypass the check for a file:// scheme due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215212561 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20205 |
| CVE-2022-20206 | In setPackageOrComponentEnabled of NotificationManagerService.java, there is a missing permission check. This could lead to local information disclosure about enabled notification listeners with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-220737634 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20206 |
| CVE-2022-20207 | In static definitions of GattServiceConfig.java, there is a possible permission bypass due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-185513714 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20207 |
| CVE-2022-20208 | In parseRecursively of cppbor_parse.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-192743373 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20208 |
| CVE-2022-20209 | In hme_add_new_node_to_a_sorted_array of hme_utils.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-207502397 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20209 |
| CVE-2022-20210 | The UE and the EMM communicate with each other using NAS messages. When a new NAS message arrives from the EMM, the modem parses it and fills in internal objects based on the received data. A bug in the parsing code could be used by an attacker to remotely crash the modem, which could lead to DoS or RCE.Product: AndroidVersions: Android SoCAndroid ID: A-228868888 | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20210 |
| CVE-2022-20233 | In param_find_digests_internal and related functions of the Titan-M source, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222472803References: N/A | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20233 |
| CVE-2022-27859 | Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark d.o.o. Travel Management plugin <= 2.0 at WordPress. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-27859 |
| CVE-2022-29406 | Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in DynamicWebLab's WordPress Team Manager plugin <= 1.6.9 at WordPress. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29406 |
| CVE-2021-33036 | In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-33036 |
| CVE-2022-33140 | The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of operating system commands on Linux and macOS platforms. The ShellUserGroupProvider is not included in the default configuration. Command injection requires ShellUserGroupProvider to be one of the enabled User Group Providers in the Authorizers configuration. Command injection also requires an authenticated user with elevated privileges. Apache NiFi requires an authenticated user with authorization to modify access policies in order to execute the command. Apache NiFi Registry requires an authenticated user with authorization to read user groups in order to execute the command. The resolution removes command formatting based on user-provided arguments. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33140 |
| CVE-2019-4575 | IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 166801. | – | https://nvd.nist.gov/vuln/detail/CVE-2019-4575 |
| CVE-2021-40910 | There is a reflective cross-site scripting (XSS) vulnerability in the PHPCMS V9.6.3 management side. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-40910 |
| CVE-2021-41672 | PEEL Shopping CMS 9.4.0 is vulnerable to authenticated SQL injection in utilisateurs.php. A user that belongs to the administrator group can inject a malicious SQL query in order to affect the execution logic of the application and retrive information from the database. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-41672 |
| CVE-2022-22444 | IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user to exploit a vulnerability in the lpd daemon to cause a denial of service. IBM X-Force ID: 224444. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-22444 |
| CVE-2022-29437 | Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Image Slider by NextCode plugin <= 1.1.2 at WordPress. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29437 |
| CVE-2022-29438 | Authenticated (author or higher user role) Persistent Cross-Site Scripting (XSS) vulnerability in Image Slider by NextCode plugin <= 1.1.2 at WordPress. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29438 |
| CVE-2022-29439 | Cross-Site Request Forgery (CSRF) vulnerability in Image Slider by NextCode plugin <= 1.1.2 at WordPress allows deleting slides. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29439 |
| CVE-2022-29440 | Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Promotion Slider plugin <= 3.3.4 at WordPress. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29440 |
| CVE-2022-29441 | Cross-Site Request Forgery (CSRF) vulnerability in Private Messages For WordPress plugin <= 2.1.10 at WordPress allows attackers to send messages. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29441 |
| CVE-2022-29442 | Authenticated (subscriber or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Messages For WordPress <= 2.1.10 at WordPress. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29442 |
| CVE-2022-29453 | Cross-Site Request Forgery (CSRF) vulnerability in API KEY for Google Maps plugin <= 1.2.1 at WordPress leading to Google Maps API key update. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29453 |
| CVE-2021-40727 | Access of Memory Location After End of Buffer (CWE-788 | – | https://nvd.nist.gov/vuln/detail/CVE-2021-40727 |
| CVE-2021-40940 | Monstra 3.0.4 does not filter the case of php, which leads to an unrestricted file upload vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-40940 |
| CVE-2022-1342 | A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate attackers to observe sensitive data. A caching issue can cause sensitive fields to sometimes stay revealed when closing and reopening a panel, which could lead to involuntarily disclosing sensitive information. This issue affects: Devolutions Remote Desktop Manager 2022.1.24 version and prior versions. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1342 |
| CVE-2022-32101 | kkcms v1.3.7 was discovered to contain a SQL injection vulnerability via the cid parameter at /template/wapian/vlist.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32101 |
| CVE-2022-32151 | The httplib and urllib Python libraries that Splunk shipped with Splunk Enterprise did not validate certificates using the certificate authority (CA) certificate stores by default in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203. Python 3 client libraries now verify server certificates by default and use the appropriate CA certificate stores for each library. Apps and add-ons that include their own HTTP libraries are not affected. For Splunk Enterprise, update to Splunk Enterprise version 9.0 and Configure TLS host name validation for Splunk-to-Splunk communications (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation) to enable the remediation. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32151 |
| CVE-2022-32152 | Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured properly with valid certificates were not vulnerable. However, an attacker with administrator credentials could add a peer without a valid certificate and connections from misconfigured nodes without valid certificates did not fail by default. For Splunk Enterprise, update to Splunk Enterprise version 9.0 and Configure TLS host name validation for Splunk-to-Splunk communications (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation) to enable the remediation. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32152 |
| CVE-2022-32153 | Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured properly with valid certificates were not vulnerable. However, an attacker with administrator credentials could add a peer without a valid certificate and connections from misconfigured nodes without valid certificates did not fail by default. For Splunk Enterprise, update to Splunk Enterprise version 9.0 and Configure TLS host name validation for Splunk-to-Splunk communications (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation) to enable the remediation. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32153 |
| CVE-2022-32154 | Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the token is used in a query in a cross-origin request. The result bypasses SPL safeguards for risky commands. See New capabilities can limit access to some custom and potentially risky commands (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/SPLsafeguards#New_capabilities_can_limit_access_to_some_custom_and_potentially_risky_commands) for more information. Note that the attack is browser-based and an attacker cannot exploit it at will. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32154 |
| CVE-2022-32155 | In universal forwarder versions before 9.0, management services are available remotely by default. When not required, it introduces a potential exposure, but it is not a vulnerability. If exposed, we recommend each customer assess the potential severity specific to your environment. In 9.0, the universal forwarder now binds the management port to localhost preventing remote logins by default. If management services are not required in versions before 9.0, set disableDefaultPort = true in server.conf OR allowRemoteLogin = never in server.conf OR mgmtHostPort = localhost in web.conf. See Configure universal forwarder management security (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation#Configure_universal_forwarder_management_security) for more information on disabling the remote management services. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32155 |
| CVE-2022-32156 | In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface (CLI) did not validate TLS certificates while connecting to a remote Splunk platform instance by default. Splunk peer communications configured properly with valid certificates were not vulnerable. However, connections from misconfigured nodes without valid certificates did not fail by default. After updating to version 9.0, see Configure TLS host name validation for the Splunk CLI (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation#Configure_TLS_host_name_validation_for_the_Splunk_CLI) to enable the remediation. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32156 |
| CVE-2022-32157 | Splunk Enterprise deployment servers in versions before 9.0 allow unauthenticated downloading of forwarder bundles. Remediation requires you to update the deployment server to version 9.0 and Configure authentication for deployment servers and clients (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/ConfigDSDCAuthEnhancements#Configure_authentication_for_deployment_servers_and_clients). Once enabled, deployment servers can manage only Universal Forwarder versions 9.0 and higher. Though the vulnerability does not directly affect Universal Forwarders, remediation requires updating all Universal Forwarders that the deployment server manages to version 9.0 or higher prior to enabling the remediation. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32157 |
| CVE-2022-32158 | Splunk Enterprise deployment servers in versions before 9.0 let clients deploy forwarder bundles to other deployment clients through the deployment server. An attacker that compromised a Universal Forwarder endpoint could use the vulnerability to execute arbitrary code on all other Universal Forwarder endpoints subscribed to the deployment server. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32158 |
| CVE-2022-32299 | YoudianCMS v9.5.0 was discovered to contain a SQL injection vulnerability via the id parameter at /App/Lib/Action/Admin/SiteAction.class.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32299 |
| CVE-2022-32300 | YoudianCMS v9.5.0 was discovered to contain a SQL injection vulnerability via the MailSendID parameter at /App/Lib/Action/Admin/MailAction.class.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32300 |
| CVE-2022-32301 | YoudianCMS v9.5.0 was discovered to contain a SQL injection vulnerability via the IdList parameter at /App/Lib/Action/Home/ApiAction.class.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32301 |
| CVE-2022-32302 | Theme Park Ticketing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edit_ticket.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32302 |
| CVE-2022-32991 | Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the eid parameter at welcome.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32991 |
| CVE-2022-32992 | Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the tname parameter at /admin/operations/tax.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32992 |
| CVE-2017-20046 | A vulnerability classified as problematic has been found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20046 |
| CVE-2017-20047 | A vulnerability classified as problematic was found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20047 |
| CVE-2017-20048 | A vulnerability, which was classified as critical, has been found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. Affected by this issue is some unknown functionality of the component Script Editor. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20048 |
| CVE-2017-20049 | A vulnerability, which was classified as critical, was found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. This affects an unknown part of the component CGI Script. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20049 |
| CVE-2017-20050 | A vulnerability has been found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007 and classified as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to improper access controls. The attack can be initiated remotely. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20050 |
| CVE-2022-20664 | A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access Protocol (LDAP) external authentication server connected to an affected device. This vulnerability is due to a lack of proper input sanitization while querying the external authentication server. An attacker could exploit this vulnerability by sending a crafted query through an external authentication web page. A successful exploit could allow the attacker to gain access to sensitive information, including user credentials from the external authentication server. To exploit this vulnerability, an attacker would need valid operator-level (or higher) credentials. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20664 |
| CVE-2022-20733 | A vulnerability in the login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to log in without credentials and access all roles without any restrictions. This vulnerability is due to exposed sensitive Security Assertion Markup Language (SAML) metadata. An attacker could exploit this vulnerability by using the exposed SAML metadata to bypass authentication to the user portal. A successful exploit could allow the attacker to access all roles without any restrictions. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20733 |
| CVE-2022-20736 | A vulnerability in the web-based management interface of Cisco AppDynamics Controller Software could allow an unauthenticated, remote attacker to access a configuration file and the login page for an administrative console that they would not normally have authorization to access. This vulnerability is due to improper authorization checking for HTTP requests that are submitted to the affected web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected instance of AppDynamics Controller. A successful exploit could allow the attacker to access the login page for an administrative console. AppDynamics has released software updates that address this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20736 |
| CVE-2022-20798 | A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass authentication and log in to the web management interface of an affected device. This vulnerability is due to improper authentication checks when an affected device uses Lightweight Directory Access Protocol (LDAP) for external authentication. An attacker could exploit this vulnerability by entering a specific input on the login page of the affected device. A successful exploit could allow the attacker to gain unauthorized access to the web-based management interface of the affected device. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20798 |
| CVE-2022-20817 | A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to impersonate another user's phone if the Cisco Unified Communications Manager (CUCM) is in secure mode. This vulnerability is due to improper key generation during the manufacturing process that could result in duplicated manufactured keys installed on multiple devices. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on the secure communication between the phone and the CUCM. A successful exploit could allow the attacker to impersonate another user's phone. This vulnerability cannot be addressed with software updates. There is a workaround that addresses this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20817 |
| CVE-2022-20819 | A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege levels for sensitive data are not properly enforced. An attacker with read-only privileges for the web-based management interface on an affected device could exploit this vulnerability by browsing to a page that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information about the system configuration. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20819 |
| CVE-2022-20825 | A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient user input validation of incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device using root-level privileges. Cisco has not released software updates that address this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20825 |
| CVE-2022-24004 | A Stored Cross-Site Scripting (XSS) vulnerability was discovered in Messenger/messenger_ajax.php in REDCap 12.0.11. This issue allows any authenticated user to inject arbitrary code into the messenger title (aka new_title) field when editing an existing conversation. The payload executes in the browser of any conversation participant with the sidebar shown. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-24004 |
| CVE-2022-24127 | A Stored Cross-Site Scripting (XSS) vulnerability was discovered in ProjectGeneral/edit_project_settings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title (app_title) field when editing an existing project. The payload is then reflected within the title tag of the page. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-24127 |
| CVE-2022-26057 | Vulnerabilities in the Mint WorkBench allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Mint WorkBench installer file allows a low-privileged user to run a "repair" operation on the product | – | https://nvd.nist.gov/vuln/detail/CVE-2022-26057 |
| CVE-2022-29443 | Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark's Hotel Booking plugin <= 3.0 at WordPress. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29443 |
| CVE-2022-29450 | Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Admin Management Xtended plugin <= 2.4.4 at WordPress. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29450 |
| CVE-2022-31044 | Rundeck is an open source automation service with a web console, command line tools and a WebAPI. The Key Storage converter plugin mechanism was not enabled correctly in Rundeck 4.2.0 and 4.2.1, resulting in use of the encryption layer for Key Storage possibly not working. Any credentials created or overwritten using Rundeck 4.2.0 or 4.2.1 might result in them being written in plaintext to the backend storage. This affects those using any `Storage Converter` plugin. Rundeck 4.3.1 and 4.2.2 have fixed the code and upon upgrade will re-encrypt any plain text values. Version 4.3.0 does not have the vulnerability, but does not include the patch to re-encrypt plain text values if 4.2.0 or 4.2.1 were used. To prevent plaintext credentials from being stored in Rundeck 4.2.0/4.2.1, write access to key storage can be disabled via ACLs. After upgrading to 4.3.1 or later, write access can be restored. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31044 |
| CVE-2022-31069 | NestJS Proxy is a NestJS module to decorate and proxy calls. Prior to version 0.7.0, the nestjs-proxy library did not have a way to control when Authorization headers should should be forwarded for specific backend services configured by the application developer. This could have resulted in sensitive information such as OAuth bearer access tokens being inadvertently exposed to such services that should not see them. A new feature has been introduced in the patched version of nestjs-proxy that allows application developers to opt out of forwarding the Authorization headers on a per service basis using the `forwardToken` config setting. Developers are advised to review the README for this library on Github or NPM for further details on how this configuration can be applied. This issue has been fixed in version 0.7.0 of `@finastra/nestjs-proxy`. Users of `@ffdc/nestjs-proxy` are advised that this package has been deprecated and is no longer being maintained or receiving updates. Such users should update their package.json file to use `@finastra/nestjs-proxy` instead. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31069 |
| CVE-2022-31070 | NestJS Proxy is a NestJS module to decorate and proxy calls. Prior to version 0.7.0, the nestjs-proxy library did not have a way to block sensitive cookies (e.g. session cookies) from being forwarded to backend services configured by the application developer. This could have led to sensitive cookies being inadvertently exposed to such services that should not see them. The patched version now blocks cookies from being forwarded by default. However developers can configure an allow-list of cookie names by using the `allowedCookies` config setting. This issue has been fixed in version 0.7.0 of `@finastra/nestjs-proxy`. Users of `@ffdc/nestjs-proxy` are advised that this package has been deprecated and is no longer being maintained or receiving updates. Such users should update their package.json file to use `@finastra/nestjs-proxy` instead. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31070 |
| CVE-2022-31216 | Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31216 |
| CVE-2022-31217 | Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31217 |
| CVE-2022-31218 | Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31218 |
| CVE-2022-31219 | Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31219 |
| CVE-2022-32375 | itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_timetable.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32375 |
| CVE-2022-32376 | itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_events.php?event_id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32376 |
| CVE-2022-32377 | itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_exam_timetable.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32377 |
| CVE-2022-32378 | itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_teacher_profile.php?my_index=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32378 |
| CVE-2022-32379 | itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_parents_profile.php?my_index=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32379 |
| CVE-2022-32380 | itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_student_subject.php?index=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32380 |
| CVE-2022-32381 | itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_admin_profile.php?my_index=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32381 |
| CVE-2022-32433 | itsourcecode Advanced School Management System v1.0 is vulnerable to Arbitrary code execution via ip/school/view/all_teacher.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32433 |
| CVE-2022-32550 | An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. In specific circumstances, this issue allowed a malicious server to convince a 1Password app or integration it is communicating with the 1Password service. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32550 |
| CVE-2021-25261 | Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-25261 |
| CVE-2021-36891 | Cross-Site Request Forgery (CSRF) vulnerability in Photo Gallery by Supsystic plugin <= 1.15.5 at WordPress allows changing the plugin settings. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-36891 |
| CVE-2021-41415 | Subscription-Manager v1.0 /main.js has a cross-site scripting (XSS) vulnerability in the machineDetail parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-41415 |
| CVE-2021-41418 | AriaNg v0.1.0~v1.2.2 is affected by an incorrect access control vulnerability through not authenticating visitors' access rights. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-41418 |
| CVE-2022-21123 | Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-21123 |
| CVE-2022-21125 | Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-21125 |
| CVE-2022-21127 | Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-21127 |
| CVE-2022-21935 | A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-21935 |
| CVE-2022-21937 | Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the web interface. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-21937 |
| CVE-2022-23823 | A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-23823 |
| CVE-2022-28225 | Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-28225 |
| CVE-2022-28226 | Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-28226 |
| CVE-2022-28612 | Improper Access Control vulnerability leading to multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Muneeb's Custom Popup Builder plugin <= 1.3.1 at WordPress. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-28612 |
| CVE-2022-28844 | Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-28844 |
| CVE-2022-28849 | Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-28849 |
| CVE-2022-29452 | Authenticated (editor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Export All URLs plugin <= 4.1 at WordPress. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29452 |
| CVE-2022-32280 | Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Xakuro's XO Slider plugin <= 3.3.2 at WordPress. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32280 |
| CVE-2022-32368 | itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_grade.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32368 |
| CVE-2022-32373 | itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_exam.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32373 |
| CVE-2022-32374 | itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_subject_routing.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32374 |
| CVE-2022-21166 | Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-21166 |
| CVE-2022-21180 | Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-21180 |
| CVE-2022-21938 | Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-21938 |
| CVE-2022-22788 | The Zoom Opener installer is downloaded by a user from the Launch meeting page, when attempting to join a meeting without having the Zoom Meeting Client installed. The Zoom Opener installer for Zoom Client for Meetings before version 5.10.3 and Zoom Rooms for Conference Room for Windows before version 5.10.3 are susceptible to a DLL injection attack. This vulnerability could be used to run arbitrary code on the victims host. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-22788 |
| CVE-2022-24436 | Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-24436 |
| CVE-2022-24946 | Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC-Q Series Q03UDECPU all versions, Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU all versions, Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-L series L02/06/26CPU(-P) the first 5 digits of serial number "24051" and prior and Mitsubishi Electric MELSEC-L series L26CPU-(P)BT the first 5 digits of serial number "24051" and prior allows a remote unauthenticated attacker to cause a denial of service (DoS) condition in Ethernet communications by sending specially crafted packets. A system reset of the products is required for recovery. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-24946 |
| CVE-2022-28749 | Zooms On-Premise Meeting Connector MMR before version 4.8.113.20220526 fails to properly check the permissions of a Zoom meeting attendee. As a result, a threat actor in the Zooms waiting room can join the meeting without the consent of the host. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-28749 |
| CVE-2022-32370 | itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_classroom.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32370 |
| CVE-2022-32371 | itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_teacher.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32371 |
| CVE-2022-32372 | itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_subject.php?id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32372 |
| CVE-2021-41403 | flatCore-CMS version 2.0.8 calls dangerous functions, causing server-side request forgery vulnerabilities. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-41403 |
| CVE-2022-20203 | In multiple locations of the nanopb library, there is a possible way to corrupt memory when decoding untrusted protobuf files. This could lead to local escalation of privilege,with no additional execution privileges needed. User interaction is not needed for exploitation. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-20203 |
| CVE-2022-31071 | Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r--r--` (i.e. 0644). This means everyone who is not the owner (Group and Public) with access to the instance where this release had been installed could modify the world-writable files from this gem. This issue is patched in Octopoller 0.3.0. Two workarounds are available. Users can use the previous version of the gem, v0.1.0. Alternatively, users can modify the file permissions manually until they are able to upgrade to the latest version. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31071 |
| CVE-2022-31072 | Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r--r--` (i.e. 0644). This means everyone who is not the owner (Group and Public) with access to the instance where this release had been installed could modify the world-writable files from this gem. This issue is patched in Octokit 4.25.0. Two workarounds are available. Users can use the previous version of the gem, v4.22.0. Alternatively, users can modify the file permissions manually until they are able to upgrade to the latest version. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31072 |
| CVE-2022-30533 | Cross-site scripting vulnerability in Modern Events Calendar Lite versions prior to 6.3.0 allows remote an authenticated attacker to inject an arbitrary script via unspecified vectors. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30533 |
| CVE-2022-30538 | Out-of-bounds write vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30538 |
| CVE-2022-30546 | Out-of-bounds read vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30546 |
| CVE-2022-30549 | Out-of-bounds read vulnerability exists in V-Server v4.0.11.0 and earlier and V-Server Lite v4.0.13.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30549 |
| CVE-2022-31625 | In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31625 |
| CVE-2022-31626 | In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31626 |
| CVE-2017-20051 | A vulnerability was found in InnoSetup Installer. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to uncontrolled search path. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20051 |
| CVE-2017-20052 | A vulnerability classified as problematic was found in Python 2.7.13. This vulnerability affects unknown code of the component pgAdmin4. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20052 |
| CVE-2021-41402 | flatCore-CMS v2.0.8 has a code execution vulnerability, which could let a remote malicious user execute arbitrary PHP code. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-41402 |
| CVE-2021-41411 | drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-41411 |
| CVE-2021-41458 | In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-41458 |
| CVE-2022-2098 | Weak Password Requirements in GitHub repository kromitgmbh/titra prior to 0.78.1. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-2098 |
| CVE-2021-41654 | SQL injection vulnerabilities exist in Wuzhicms v4.1.0 which allows attackers to execute arbitrary SQL commands via the $keyValue parameter in /coreframe/app/pay/admin/index.php | – | https://nvd.nist.gov/vuln/detail/CVE-2021-41654 |
| CVE-2017-20053 | A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20053 |
| CVE-2017-20054 | A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20054 |
| CVE-2017-20055 | A vulnerability classified as problematic has been found in BestWebSoft Contact Form Plugin 4.0.0. This affects an unknown part. The manipulation leads to basic cross site scripting (Stored). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.0.2 is able to address this issue. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20055 |
| CVE-2017-20056 | A vulnerability was found in weblizar User Login Log Plugin 2.2.1. It has been classified as problematic. Affected is an unknown function. The manipulation leads to basic cross site scripting (Stored). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20056 |
| CVE-2022-31372 | Wiris Mathtype v7.28.0 was discovered to contain a path traversal vulnerability in the resourceFile parameter. This vulnerability is exploited via a crafted request to the resource handler. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31372 |
| CVE-2022-30023 | Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30023 |
| CVE-2022-31277 | Xiaomi Lamp 1 v2.0.4_0066 was discovered to be vulnerable to replay attacks. This allows attackers to to bypass the expected access restrictions and gain control of the switch and other functions via a crafted POST request. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31277 |
| CVE-2022-31300 | A cross-site scripting vulnerability in the DM Section component of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31300 |
| CVE-2022-31849 | MERCURY MIPC451-4 1.0.22 Build 220105 Rel.55642n was discovered to contain a remote code execution (RCE) vulnerability which is exploitable via a crafted POST request. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31849 |
| CVE-2022-31906 | Online Fire Reporting System v1.0 is vulnerable to Cross Site Scripting (XSS) via /ofrs/classes/Master.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31906 |
| CVE-2022-31908 | Student Registration and Fee Payment System v1.0 is vulnerable to SQL Injection via /scms/student.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31908 |
| CVE-2022-31910 | Online Tutor Portal Site v1.0 is vulnerable to Cross Site Scripting (XSS). via /otps/classes/Master.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31910 |
| CVE-2022-31911 | Online Discussion Forum Site v1.0 is vulnerable to SQL Injection via /odfs/classes/Master.php?f=delete_team. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31911 |
| CVE-2022-31912 | Online Tutor Portal Site v1.0 is vulnerable to SQL Injection via /otps/classes/Master.php?f=delete_team. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31912 |
| CVE-2022-31913 | Online Discussion Forum Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /odfs/classes/Master.php?f=save_category, name. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31913 |
| CVE-2022-22953 | VMware HCX update addresses an information disclosure vulnerability. A malicious actor with network user access to the VMware HCX appliance may be able to gain access to sensitive information. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-22953 |
| CVE-2022-27531 | A maliciously crafted TIF file can be forced to read beyond allocated boundaries in Autodesk 3ds Max 2022, and 2021 when parsing the TIF files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-27531 |
| CVE-2022-27532 | A maliciously crafted TIF file in Autodesk 3ds Max 2022 and 2021 can be used to write beyond the allocated buffer while parsing TIF files. This vulnerability in conjunction with other vulnerabilities could lead to arbitrary code execution. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-27532 |
| CVE-2022-31291 | An issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31291 |
| CVE-2022-31914 | Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via zms/admin/public_html/save_animal?an_id=24. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31914 |
| CVE-2021-3675 | Improper Input Validation vulnerability in synaTEE.signed.dll of Synaptics Fingerprint Driver allows a local authorized attacker to overwrite a heap tag, with potential loss of confidentiality. This issue affects: Synaptics Synaptics Fingerprint Driver 5.1.xxx.26 versions prior to xxx=340 on x86/64; 5.2.xxxx.26 versions prior to xxxx=3541 on x86/64; 5.2.2xx.26 versions prior to xx=29 on x86/64; 5.2.3xx.26 versions prior to xx=25 on x86/64; 5.3.xxxx.26 versions prior to xxxx=3543 on x86/64; 5.5.xx.1058 versions prior to xx=44 on x86/64; 5.5.xx.1102 versions prior to xx=34 on x86/64; 5.5.xx.1116 versions prior to xx=14 on x86/64; 6.0.xx.1104 versions prior to xx=50 on x86/64; 6.0.xx.1108 versions prior to xx=31 on x86/64; 6.0.xx.1111 versions prior to xx=58 on x86/64. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-3675 |
| CVE-2021-41420 | A stored XSS vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker for arbitrary JavaScript code execution in the context of authenticated and unauthenticated users through the MaianAffiliate admin panel. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-41420 |
| CVE-2021-41421 | A PHP code injection vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker to gain RCE through the MaianAffiliate admin panel. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-41421 |
| CVE-2022-1642 | A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability is caused by the interaction between a deserialization mechanism offered by the Swift standard library, the Codable protocol; and the JSONDecoder class offered by swift-corelibs-foundation, which can deserialize types that adopt the Codable protocol based on the content of a provided JSON document. When a type that adopts Codable requests the initialization of a field with an integer value, the JSONDecoder class uses a type-erased container with different accessor methods to attempt and coerce a corresponding JSON value and produce an integer. In the case the JSON value was a numeric literal with a floating-point portion, JSONDecoder used different type-eraser methods during validation than it did during the final casting of the value. The checked casting produces a deterministic crash due to this mismatch. The JSONDecoder class is often wrapped by popular Swift-based web frameworks to parse the body of HTTP requests and perform basic type validation. This makes the attack low-effort: sending a specifically crafted JSON document during a request to these endpoints will cause them to crash. The attack does not have any confidentiality or integrity risks in and of itself; the crash is produced deterministically by an abort function that ensures that execution does not continue in the face of this violation of assumptions. However, unexpected crashes can lead to violations of invariants in services, so it's possible that this attack can be used to trigger error conditions that escalate the risk. Producing a denial of service may also be the goal of an attacker in itself. This issue is solved in Swift 5.6.2 for Linux and Windows. This issue was solved by ensuring that the same methods are invoked both when validating and during casting, so that no type mismatch occurs. Swift for Linux and Windows versions are not ABI-interchangeable. To upgrade a service, its owner must update to this version of the Swift toolchain, then recompile and redeploy their software. The new version of Swift includes an updated swift-corelibs-foundation package. Versions of Swift running on Darwin-based operating systems are not affected. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1642 |
| CVE-2022-29862 | An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29862 |
| CVE-2022-29865 | OPC UA .NET Standard Stack allows a remote attacker to bypass the application authentication check via crafted fake credentials. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29865 |
| CVE-2022-30659 | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30659 |
| CVE-2022-31298 | A cross-site scripting vulnerability in the ads comment section of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31298 |
| CVE-2022-31382 | Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter in search-dirctory.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31382 |
| CVE-2022-31383 | Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in view-directory.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31383 |
| CVE-2022-31384 | Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31384 |
| CVE-2021-36827 | Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label". | – | https://nvd.nist.gov/vuln/detail/CVE-2021-36827 |
| CVE-2021-41487 | NOKIA VitalSuite SPM 2020 is affected by SQL injection through UserName'. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-41487 |
| CVE-2022-29863 | OPC UA .NET Standard Stack 1.04.368 allows remote attacker to cause a crash via a crafted message that triggers excessive memory allocation. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29863 |
| CVE-2022-29864 | OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29864 |
| CVE-2022-29866 | OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to exhaust the memory resources of a server via a crafted request that triggers Uncontrolled Resource Consumption. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29866 |
| CVE-2022-2085 | A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined for the device that uses it as a prototype that depends upon the number of bits per pixel. For bpp > 64, mem_x_device is used and does not have an init_device_procs defined. This flaw allows an attacker to parse a large number of bits (more than 64 bits per pixel), which triggers a NULL pointer dereference flaw, causing an application to crash. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-2085 |
| CVE-2022-30656 | Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30656 |
| CVE-2022-31294 | An issue in the save_users() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31294 |
| CVE-2022-31301 | Haraj v3.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Post Ads component. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31301 |
| CVE-2022-32545 | A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32545 |
| CVE-2022-32546 | A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32546 |
| CVE-2022-32547 | In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32547 |
| CVE-2020-35597 | Victor CMS 1.0 is vulnerable to SQL injection via c_id parameter of admin_edit_comment.php, p_id parameter of admin_edit_post.php, u_id parameter of admin_edit_user.php, and edit parameter of admin_update_categories.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2020-35597 |
| CVE-2022-24562 | In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remote code execution. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-24562 |
| CVE-2022-31464 | Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31464 |
| CVE-2022-31295 | An issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31295 |
| CVE-2020-25459 | An issue was discovered in function sync_tree in hetero_decision_tree_guest.py in WeBank FATE (Federated AI Technology Enabler) 0.1 through 1.4.2 allows attackers to read sensitive information during the training process of machine learning joint modeling. | – | https://nvd.nist.gov/vuln/detail/CVE-2020-25459 |
| CVE-2020-28865 | An issue was discovered in PowerJob through 3.2.2, allows attackers to change arbitrary user passwords via the id parameter to /appinfo/save. | – | https://nvd.nist.gov/vuln/detail/CVE-2020-28865 |
| CVE-2021-33295 | Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-33295 |
| CVE-2021-36608 | Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /projects/editproject.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-36608 |
| CVE-2021-36609 | Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /linkedcontent/editfolder.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-36609 |
| CVE-2021-37764 | Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/manufacturers.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-37764 |
| CVE-2021-46820 | Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/categories.php | – | https://nvd.nist.gov/vuln/detail/CVE-2021-46820 |
| CVE-2018-18907 | An issue was discovered on D-Link DIR-850L 1.21WW devices. A partially completed WPA handshake is sufficient for obtaining full access to the wireless network. A client can access the network by sending packets on Data Frames to the AP without encryption. | – | https://nvd.nist.gov/vuln/detail/CVE-2018-18907 |
| CVE-2022-26173 | JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via http://target_host:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-26173 |
| CVE-2022-31299 | Haraj v3.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the User Upgrade Form. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31299 |
| CVE-2022-33739 | CA Clarity 15.8 and below and 15.9.0 contain an insecure XML parsing vulnerability that could allow a remote attacker to potentially view the contents of any file on the system. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33739 |
| CVE-2022-33750 | CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary commands. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33750 |
| CVE-2022-33751 | CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could allow a remote attacker to potentially access sensitive data. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33751 |
| CVE-2022-33752 | CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33752 |
| CVE-2022-33753 | CA Automic Automation 12.2 and 12.3 contain an insecure file creation and handling vulnerability in the Automic agent that could allow a user to potentially elevate privileges. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33753 |
| CVE-2022-33754 | CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33754 |
| CVE-2022-33755 | CA Automic Automation 12.2 and 12.3 contain an insecure input handling vulnerability in the Automic Agent that could allow a remote attacker to potentially enumerate users. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33755 |
| CVE-2022-33756 | CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33756 |
| CVE-2022-30325 | An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key for the Wi-Fi networks is the same for every router except for the last four digits. The device default pre-shared key for both 2.4 GHz and 5 GHz networks can be guessed or brute-forced by an attacker within range of the Wi-Fi network. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30325 |
| CVE-2022-30326 | An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The network pre-shared key field on the web interface is vulnerable to XSS. An attacker can use a simple XSS payload to crash the basic.config page of the web interface. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30326 |
| CVE-2022-30327 | An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The web interface is vulnerable to CSRF. An attacker can change the pre-shared key of the Wi-Fi router if the interface's IP address is known. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30327 |
| CVE-2022-30328 | An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The username and password setup for the web interface does not require entering the existing password. A malicious user can change the username and password of the interface. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30328 |
| CVE-2022-30329 | An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30329 |
| CVE-2018-25040 | A vulnerability was found in uTorrent Web. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component HTTP RPC Server. The manipulation leads to privilege escalation. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2018-25040 |
| CVE-2018-25041 | A vulnerability was found in uTorrent. It has been rated as critical. Affected by this issue is some unknown functionality of the component JSON RPC Server. The manipulation leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2018-25041 |
| CVE-2018-25042 | A vulnerability classified as critical has been found in uTorrent. This affects an unknown part. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2018-25042 |
| CVE-2018-25043 | A vulnerability classified as critical was found in uTorrent. This vulnerability affects unknown code of the component PRNG. The manipulation leads to weak authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2018-25043 |
| CVE-2018-25044 | A vulnerability, which was classified as critical, has been found in uTorrent. This issue affects some unknown processing of the component Guest Account. The manipulation leads to privilege escalation. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2018-25044 |
| CVE-2019-12352 | An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendmail.php (when the attacker has dls_print authority) via a dlid cookie. | – | https://nvd.nist.gov/vuln/detail/CVE-2019-12352 |
| CVE-2019-12353 | An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/dl_sendmail.php (when the attacker has admin authority) via the id parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2019-12353 |
| CVE-2019-12354 | An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/showbad.php (when the attacker has admin authority) via the id parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2019-12354 |
| CVE-2019-12355 | An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_print.php (when the attacker has dls_print authority) via the id parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2019-12355 |
| CVE-2019-12356 | An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_download.php (when the attacker has dls_download authority) via the id parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2019-12356 |
| CVE-2019-12357 | An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/deluser.php (when the attacker has admin authority) via the id parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2019-12357 |
| CVE-2019-12358 | An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendsms.php (when the attacker has dls_print authority) via a dlid cookie. | – | https://nvd.nist.gov/vuln/detail/CVE-2019-12358 |
| CVE-2019-12359 | An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/ztliuyan_sendmail.php (when the attacker has admin authority) via the id parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2019-12359 |
| CVE-2020-36547 | A vulnerability was found in GE Voluson S8. It has been rated as critical. This issue affects the Service Browser which itroduces hard-coded credentials. Attacking locally is a requirement. It is recommended to change the configuration settings. | – | https://nvd.nist.gov/vuln/detail/CVE-2020-36547 |
| CVE-2020-36548 | A vulnerability classified as problematic has been found in GE Voluson S8. Affected is the file /uscgi-bin/users.cgi of the Service Browser. The manipulation leads to improper authentication and elevated access possibilities. It is possible to launch the attack on the local host. | – | https://nvd.nist.gov/vuln/detail/CVE-2020-36548 |
| CVE-2020-36549 | A vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the local network is required for this attack to succeed. | – | https://nvd.nist.gov/vuln/detail/CVE-2020-36549 |
| CVE-2021-41408 | VoIPmonitor WEB GUI up to version 24.61 is affected by SQL injection through the "api.php" file and "user" parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-41408 |
| CVE-2021-41490 | Memory leaks in LazyPRM.cpp of OMPL v1.5.0 can cause unexpected behavior. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-41490 |
| CVE-2021-45024 | ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to XML External Entity (XXE). | – | https://nvd.nist.gov/vuln/detail/CVE-2021-45024 |
| CVE-2021-45025 | ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to Cleartext Storage of Sensitive Information in a Cookie. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-45025 |
| CVE-2021-45026 | ASG technologies ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to Cross Site Scripting (XSS). | – | https://nvd.nist.gov/vuln/detail/CVE-2021-45026 |
| CVE-2022-2111 | Unrestricted Upload of File with Dangerous Type in GitHub repository inventree/inventree prior to 0.7.2. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-2111 |
| CVE-2022-2112 | Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-2112 |
| CVE-2022-2113 | Cross-site Scripting (XSS) - Stored in GitHub repository inventree/inventree prior to 0.7.2. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-2113 |
| CVE-2022-31296 | Online Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/view_post.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31296 |
| CVE-2022-31784 | A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice Business Express through 8.0 SP3 PR3 could allow an unauthenticated attacker (that has network access to the management interface) to conduct a buffer overflow attack due to insufficient validation of URL parameters. A successful exploit could allow arbitrary code execution. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31784 |
| CVE-2022-33912 | A permission issue affects users that deployed the shipped version of the Checkmk Debian package. Packages created by the agent bakery (enterprise editions only) were not affected. Using the shipped version of the agents, the maintainer scripts located at /var/lib/dpkg/info/ will be owned by the user and the group with ID 1001. If such a user exists on the system, they can change the content of these files (which are then executed by root). This leads to a local privilege escalation on the monitored host. Version 1.6 through 1.6.9p29, version 2.0 through 2.0.0p26, version 2.1 through 2.1.0p3, and version 2.2.0i1 are affected. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33912 |
| CVE-2022-33915 | Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. This Hotpatch package is not a replacement for updating to a log4j version that mitigates CVE-2021-44228 or CVE-2021-45046; it provides a temporary mitigation to CVE-2021-44228 by hotpatching the local Java virtual machines. To do so, it iterates through all running Java processes, performs several checks, and executes the Java virtual machine with the same permissions and capabilities as the running process to load the hotpatch. A local user could cause the hotpatch script to execute a binary with elevated privileges by running a custom java process that performs exec() of an SUID binary after the hotpatch has observed the process path and before it has observed its effective user ID. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33915 |
| CVE-2021-40903 | A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server. Settings file has a predefined secret string, which would be randomly generated, however it is static. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-40903 |
| CVE-2022-31246 | paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request (e.g., within QR code data). On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31246 |
| CVE-2022-31355 | Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/index.php?q=category&search=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31355 |
| CVE-2022-31356 | Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/store/index.php?view=edit&id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31356 |
| CVE-2022-31357 | Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/inventory/index.php?view=edit&id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31357 |
| CVE-2022-22485 | In some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14.000 does not cause the administrator's invalid sign-on count to be incremented on the IBM Spectrum Protect Server. An attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to the IBM Spectrum Protect Server. IBM X-Force ID: 226325. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-22485 |
| CVE-2022-30607 | IBM Robotic Process Automation 20.10.0, 20.12.5, 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow a user to obtain sensitive information due to information properly masked in the control center UI. IBM X-Force ID: 227294. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30607 |
| CVE-2022-32442 | u5cms version 8.3.5 is vulnerable to Cross Site Scripting (XSS). When a user accesses the default home page if the parameter passed in is http://127.0.0.1/? "Onmouseover=%27tzgl (96502)%27bad=", it can cause html injection. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32442 |
| CVE-2022-32444 | An issue was discovered in u5cms verion 8.3.5 There is a URL redirection vulnerability that can cause a user's browser to be redirected to another site via /loginsave.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32444 |
| CVE-2022-30422 | Proietti Tech srl Planet Time Enterprise 4.2.0.1,4.2.0.0,4.1.0.0,4.0.0.0,3.3.1.0,3.3.0.0 is vulnerable to Remote code execution via the Viewstate parameter. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30422 |
| CVE-2022-21184 | An information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-21184 |
| CVE-2022-21806 | A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to remote code execution. The device is exposed to attacks from the network. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-21806 |
| CVE-2022-29496 | A stack-based buffer overflow vulnerability exists in the BlynkConsole.h runCommand functionality of Blynk -Library v1.0.1. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29496 |
| CVE-2022-31083 | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake certificate accessible via certain Apple domains and providing the URL to that certificate in an authData object. Versions 4.0.11 and 5.2.2 prevent this by introducing a new `rootCertificateUrl` property to the Parse Server Apple Game Center auth adapter which takes the URL to the root certificate of Apple's Game Center authentication certificate. If no value is set, the `rootCertificateUrl` property defaults to the URL of the current root certificate as of May 27, 2022. Keep in mind that the root certificate can change at any time and that it is the developer's responsibility to keep the root certificate URL up-to-date when using the Parse Server Apple Game Center auth adapter. There are no known workarounds for this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31083 |
| CVE-2022-31941 | Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via \\rdms\\admin?page=user\\manage_user&id=. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31941 |
| CVE-2022-22138 | All versions of package fast-string-search are vulnerable to Denial of Service (DoS) when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-22138 |
| CVE-2022-25345 | All versions of package @discordjs/opus are vulnerable to Denial of Service (DoS) when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-25345 |
| CVE-2022-25856 | The package github.com/argoproj/argo-events/sensors/artifacts before 1.7.1 are vulnerable to Directory Traversal in the (g *GitArtifactReader).Read() API in git.go. This could allow arbitrary file reads if the GitArtifactReader is provided a pathname containing a symbolic link or an implicit directory name such as ... | – | https://nvd.nist.gov/vuln/detail/CVE-2022-25856 |
| CVE-2022-25871 | All versions of package querymen are vulnerable to Prototype Pollution if the parameters of exported function handler(type, name, fn) can be controlled by users without any sanitization. Note: This vulnerability derives from an incomplete fix of [CVE-2020-7600](https://security.snyk.io/vuln/SNYK-JS-QUERYMEN-559867). | – | https://nvd.nist.gov/vuln/detail/CVE-2022-25871 |
| CVE-2022-25872 | All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-25872 |
| CVE-2022-31873 | Trendnet IP-110wn camera fw_tv-ip110wn_v2(1.2.2.68) has an XSS vulnerability via the prefix parameter in /admin/general.cgi. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31873 |
| CVE-2022-31874 | ASUS RT-N53 3.0.0.4.376.3754 has a command injection vulnerability in the SystemCmd parameter of the apply.cgi interface. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31874 |
| CVE-2022-31875 | Trendnet IP-110wn camera fw_tv-ip110wn_v2(1.2.2.68) has an xss vulnerability via the proname parameter in /admin/scheprofile.cgi | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31875 |
| CVE-2022-31876 | netgear wnap320 router WNAP320_V2.0.3_firmware is vulnerable to Incorrect Access Control via /recreate.php, which can leak all users cookies. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31876 |
| CVE-2014-125002 | A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125002 |
| CVE-2014-125003 | A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function get_siz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125003 |
| CVE-2014-125004 | A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125004 |
| CVE-2014-125005 | A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_vol_header of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125005 |
| CVE-2014-125006 | A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function output_frame of the file libavcodec/h264.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125006 |
| CVE-2014-125007 | A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is the function intra_pred of the file libavcodec/hevcpred_template.c. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125007 |
| CVE-2014-125008 | A vulnerability classified as problematic has been found in FFmpeg 2.0. Affected is the function vorbis_header of the file libavformat/oggparsevorbis.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125008 |
| CVE-2014-125009 | A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function add_yblock of the file libavcodec/snow.h. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125009 |
| CVE-2014-125010 | A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function decode_slice_header of the file libavcodec/h64.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125010 |
| CVE-2014-125011 | A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125011 |
| CVE-2014-125012 | A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an unknown function of the file libavcodec/dxtroy.c. The manipulation leads to integer coercion error. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125012 |
| CVE-2014-125013 | A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function msrle_decode_frame of the file libavcodec/msrle.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125013 |
| CVE-2014-125014 | A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is an unknown functionality of the component HEVC Video Decoder. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125014 |
| CVE-2014-125015 | A vulnerability classified as critical has been found in FFmpeg 2.0. Affected is the function read_var_block_data. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125015 |
| CVE-2014-125016 | A vulnerability was found in FFmpeg 2.0. It has been rated as problematic. This issue affects the function ff_init_buffer_info of the file utils.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125016 |
| CVE-2014-125017 | A vulnerability classified as critical was found in FFmpeg 2.0. This vulnerability affects the function rpza_decode_stream. The manipulation leads to memory corruption. The attack can be initiated remotely. The name of the patch is Fixes Invalid Writes. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125017 |
| CVE-2021-46822 | The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-46822 |
| CVE-2021-46823 | python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service (ReDoS) flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-46823 |
| CVE-2022-33981 | drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33981 |
| CVE-2022-33987 | The got package before 12.1.0 for Node.js allows a redirect to a UNIX socket. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33987 |
| CVE-2014-125018 | A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function decode_slice_header. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125018 |
| CVE-2014-125019 | A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_nal_unit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125019 |
| CVE-2014-125020 | A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125020 |
| CVE-2014-125021 | A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function cmv_process_header. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125021 |
| CVE-2014-125022 | A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function shorten_decode_frame of the component Bitstream Buffer. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125022 |
| CVE-2014-125023 | A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function truemotion1_decode_header of the component Truemotion1 Handler. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125023 |
| CVE-2014-125024 | A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function lag_decode_frame. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125024 |
| CVE-2014-125025 | A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function decode_pulses. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. | – | https://nvd.nist.gov/vuln/detail/CVE-2014-125025 |
| CVE-2022-2124 | Buffer Over-read in GitHub repository vim/vim prior to 8.2. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-2124 |
| CVE-2022-23071 | In Recipes, versions 0.9.1 through 1.2.5 are vulnerable to Server Side Request Forgery (SSRF), in the “Import Recipe” functionality. When an attacker enters the localhost URL, a low privileged attacker can access/read the internal file system to access sensitive information. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-23071 |
| CVE-2022-2125 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-2125 |
| CVE-2022-2126 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-2126 |
| CVE-2022-2129 | Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-2129 |
| CVE-2022-34000 | libjxl 0.6.1 has an assertion failure in LowMemoryRenderPipeline::Init() in render_pipeline/low_memory_render_pipeline.cc. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-34000 |
| CVE-2022-34005 | An issue was discovered in TitanFTP (aka Titan FTP) NextGen before 1.2.1050. There is Remote Code Execution due to a hardcoded password for the sa account on the Microsoft SQL Express 2019 instance installed by default during TitanFTP NextGen installation, aka NX-I674 (sub-issue 1). | – | https://nvd.nist.gov/vuln/detail/CVE-2022-34005 |
| CVE-2022-34006 | An issue was discovered in TitanFTP (aka Titan FTP) NextGen before 1.2.1050. When installing, Microsoft SQL Express 2019 installs by default with an SQL instance running as SYSTEM with BUILTIN\\Users as sysadmin, thus enabling unprivileged Windows users to execute commands locally as NT AUTHORITY\\SYSTEM, aka NX-I674 (sub-issue 2). | – | https://nvd.nist.gov/vuln/detail/CVE-2022-34006 |
| CVE-2022-2023 | Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-2023 |
| CVE-2017-20057 | A vulnerability classified as problematic has been found in Elefant CMS 1.3.12-RC. Affected is an unknown function. The manipulation of the argument username leads to basic cross site scripting (Persistent). It is possible to launch the attack remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20057 |
| CVE-2017-20058 | A vulnerability classified as problematic was found in Elefant CMS 1.3.12-RC. Affected by this vulnerability is an unknown functionality of the component Version Comparison. The manipulation leads to basic cross site scripting (Persistent). The attack can be launched remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20058 |
| CVE-2017-20059 | A vulnerability, which was classified as problematic, has been found in Elefant CMS 1.3.12-RC. Affected by this issue is some unknown functionality of the component Title Handler. The manipulation with the input </title><img src=no onerror=alert(1)> leads to basic cross site scripting (Persistent). The attack may be launched remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20059 |
| CVE-2017-20060 | A vulnerability, which was classified as problematic, was found in Elefant CMS 1.3.12-RC. This affects an unknown part of the component Blog Post Handler. The manipulation leads to basic cross site scripting (Persistent). It is possible to initiate the attack remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20060 |
| CVE-2017-20061 | A vulnerability has been found in Elefant CMS 1.3.12-RC and classified as problematic. This vulnerability affects unknown code of the file /admin/extended. The manipulation of the argument name with the input %3Cimg%20src=no%20onerror=alert(1)%3E leads to basic cross site scripting (Reflected). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20061 |
| CVE-2017-20062 | A vulnerability was found in Elefant CMS 1.3.12-RC and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20062 |
| CVE-2017-20063 | A vulnerability was found in Elefant CMS 1.3.12-RC. It has been classified as critical. Affected is an unknown function of the file /filemanager/upload/drop of the component File Upload. The manipulation leads to improper privilege management. It is possible to launch the attack remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20063 |
| CVE-2017-20064 | A vulnerability was found in Elefant CMS 1.3.12-RC. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /designer/add/layout. The manipulation leads to code injection. The attack can be launched remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20064 |
| CVE-2021-45918 | NHI’s health insurance web service component has insufficient validation for input string length, which can result in heap-based buffer overflow attack. A remote attacker can exploit this vulnerability to flood the memory space reserved for the program, in order to terminate service without authentication, which requires a system restart to recover service. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-45918 |
| CVE-2022-2130 | Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.17. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-2130 |
| CVE-2021-25088 | The XML Sitemaps WordPress plugin before 4.1.3 does not sanitise and escape a settings before outputting it in the Debug page, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | – | https://nvd.nist.gov/vuln/detail/CVE-2021-25088 |
| CVE-2021-25104 | The Ocean Extra WordPress plugin before 1.9.5 does not escape generated links which are then used when the OceanWP is active, leading to a Reflected Cross-Site Scripting issue | – | https://nvd.nist.gov/vuln/detail/CVE-2021-25104 |
| CVE-2021-25121 | The Rating by BestWebSoft WordPress plugin through 1.5 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service on the post/page when a user submit such rating | – | https://nvd.nist.gov/vuln/detail/CVE-2021-25121 |
| CVE-2022-0663 | The Print, PDF, Email by PrintFriendly WordPress plugin before 5.2.3 does not sanitise and escape the Custom Button Text settings, which could allow high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | – | https://nvd.nist.gov/vuln/detail/CVE-2022-0663 |
| CVE-2022-1266 | The Post Grid, Slider & Carousel Ultimate WordPress plugin before 1.5.0 does not sanitise and escape the Header Title, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1266 |
| CVE-2022-1472 | The Better Find and Replace WordPress plugin before 1.3.6 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1472 |
| CVE-2022-1603 | The Mail Subscribe List WordPress plugin before 2.1.4 does not have CSRF check in place when deleting subscribed users, which could allow attackers to make a logged in admin perform such action and delete arbitrary users from the subscribed list | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1603 |
| CVE-2022-1610 | The Seamless Donations WordPress plugin before 5.1.9 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1610 |
| CVE-2022-1614 | The WP-EMail WordPress plugin before 2.69.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based anti-spamming restrictions. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1614 |
| CVE-2022-1630 | The WP-EMail WordPress plugin before 2.69.0 does not protect its log deletion functionality with nonce checks, allowing attacker to make a logged in admin delete logs via a CSRF attack | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1630 |
| CVE-2022-1717 | The Custom Share Buttons with Floating Sidebar WordPress plugin before 4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1717 |
| CVE-2022-1801 | The Very Simple Contact Form WordPress plugin before 11.6 exposes the solution to the captcha in the rendered contact form, both as hidden input fields and as plain text in the page, making it very easy for bots to bypass the captcha check, rendering the page a likely target for spam bots. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1801 |
| CVE-2022-1818 | The Multi-page Toolkit WordPress plugin through 2.6 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1818 |
| CVE-2022-1823 | Improper privilege management vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. This could result in the user gaining elevated permissions and being able to execute arbitrary code, through not correctly checking the integrity of the configuration file. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1823 |
| CVE-2022-1824 | An uncontrolled search path vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local attacker to perform a sideloading attack by using a specific file name. This could result in the user gaining elevated permissions and being able to execute arbitrary code as there were insufficient checks on the executable being signed by McAfee. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1824 |
| CVE-2022-1826 | The Cross-Linker WordPress plugin through 3.0.1.9 does not have CSRF check in place when creating Cross-Links, which could allow attackers to make a logged in admin perform such action via a CSRF attack | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1826 |
| CVE-2022-1827 | The PDF24 Article To PDF WordPress plugin through 4.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1827 |
| CVE-2022-1828 | The PDF24 Articles To PDF WordPress plugin through 4.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1828 |
| CVE-2022-1829 | The Inline Google Maps WordPress plugin through 5.11 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1829 |
| CVE-2022-1830 | The Amazon Einzeltitellinks WordPress plugin through 1.3.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1830 |
| CVE-2022-1831 | The WPlite WordPress plugin through 1.3.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1831 |
| CVE-2022-1832 | The CaPa Protect WordPress plugin through 0.5.8.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable the applied protection. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1832 |
| CVE-2022-1889 | The Newsletter WordPress plugin before 7.4.6 does not escape and sanitise the preheader_text setting, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when the unfilteredhtml is disallowed | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1889 |
| CVE-2022-1895 | The underConstruction WordPress plugin before 1.20 does not have CSRF check in place when deactivating the construction mode, which could allow attackers to make a logged in admin perform such action via a CSRF attack | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1895 |
| CVE-2022-1896 | The underConstruction WordPress plugin before 1.21 does not sanitise or escape the "Display a custom page using your own HTML" setting before outputting it, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiletred_html capability is disallowed. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1896 |
| CVE-2022-1905 | The Events Made Easy WordPress plugin before 2.2.81 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1905 |
| CVE-2022-1915 | The WP Zillow Review Slider WordPress plugin before 2.4 does not escape a settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite) | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1915 |
| CVE-2022-1939 | The Allow svg files WordPress plugin before 1.1 does not properly validate uploaded files, which could allow high privilege users such as admin to upload PHP files even when they are not allowed to | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1939 |
| CVE-2022-1945 | The Coming Soon & Maintenance Mode by Colorlib WordPress plugin before 1.0.99 does not sanitize and escape some settings, allowing high privilege users such as admin to perform Stored Cross-Site Scripting when unfiltered_html is disallowed (for example in multisite setup) | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1945 |
| CVE-2022-25772 | A cross-site scripting (XSS) vulnerability in the web tracking component of Mautic before 4.3.0 allows remote attackers to inject executable javascript | – | https://nvd.nist.gov/vuln/detail/CVE-2022-25772 |
| CVE-2021-41682 | There is a heap-use-after-free at ecma-helpers-string.c:1940 in ecma_compare_ecma_non_direct_strings in JerryScript 2.4.0 | – | https://nvd.nist.gov/vuln/detail/CVE-2021-41682 |
| CVE-2021-41683 | There is a stack-overflow at ecma-helpers.c:326 in ecma_get_lex_env_type in JerryScript 2.4.0 | – | https://nvd.nist.gov/vuln/detail/CVE-2021-41683 |
| CVE-2022-1720 | Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1720 |
| CVE-2022-2134 | Denial of Service in GitHub repository inventree/inventree prior to 0.8.0. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-2134 |
| CVE-2022-31794 | An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hw_view.php. An attacker is able to influence the unitName POST parameter and inject special characters such as semicolons, backticks, or command-substitution sequences in order to force the application to execute arbitrary commands. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31794 |
| CVE-2022-31795 | An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the grel_finfo function in grel.php. An attacker is able to influence the username (user), password (pw), and file-name (file) parameters and inject special characters such as semicolons, backticks, or command-substitution sequences in order to force the application to execute arbitrary commands. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31795 |
| CVE-2022-32983 | Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32983 |
| CVE-2022-33913 | In Mahara 21.04 before 21.04.6, 21.10 before 21.10.4, and 22.04.2, files can sometimes be downloaded through thumb.php with no permission check. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33913 |
| CVE-2022-22317 | IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 218281. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-22317 |
| CVE-2022-22318 | IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-22318 |
| CVE-2022-22414 | IBM Robotic Process Automation 21.0.2 could allow a local user to obtain sensitive web service configuration credentials from system memory. IBM X-Force ID: 223026. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-22414 |
| CVE-2022-2128 | Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-2128 |
| CVE-2017-20065 | A vulnerability was found in Supsystic Popup Plugin 1.7.6 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20065 |
| CVE-2017-20066 | A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper access controls. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20066 |
| CVE-2022-31062 | ### Impact A plugin public script can be used to read content of system files. ### Patches Upgrade to version 1.0.2. ### Workarounds `b/deploy/index.php` file can be deleted if deploy feature is not used. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31062 |
| CVE-2017-20067 | A vulnerability was found in Hindu Matrimonial Script. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20067 |
| CVE-2017-20068 | A vulnerability was found in Hindu Matrimonial Script. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/usermanagement.php. The manipulation leads to improper privilege management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20068 |
| CVE-2017-20069 | A vulnerability classified as critical has been found in Hindu Matrimonial Script. This affects an unknown part of the file /admin/countrymanagement.php. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20069 |
| CVE-2017-20070 | A vulnerability classified as critical was found in Hindu Matrimonial Script. This vulnerability affects unknown code of the file /admin/communitymanagement.php. The manipulation leads to improper privilege management. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20070 |
| CVE-2017-20071 | A vulnerability, which was classified as critical, has been found in Hindu Matrimonial Script. This issue affects some unknown processing of the file /admin/renewaldue.php. The manipulation leads to improper privilege management. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20071 |
| CVE-2017-20072 | A vulnerability, which was classified as critical, was found in Hindu Matrimonial Script. Affected is an unknown function of the file /admin/generalsettings.php. The manipulation leads to improper privilege management. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20072 |
| CVE-2017-20073 | A vulnerability has been found in Hindu Matrimonial Script and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/cms.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20073 |
| CVE-2017-20074 | A vulnerability was found in Hindu Matrimonial Script and classified as critical. Affected by this issue is some unknown functionality of the file /admin/newsletter1.php. The manipulation leads to improper privilege management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20074 |
| CVE-2017-20075 | A vulnerability was found in Hindu Matrimonial Script. It has been classified as critical. This affects an unknown part of the file /admin/payment.php. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20075 |
| CVE-2017-20076 | A vulnerability was found in Hindu Matrimonial Script. It has been declared as critical. This vulnerability affects unknown code of the file /admin/searchview.php. The manipulation leads to improper privilege management. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20076 |
| CVE-2017-20077 | A vulnerability was found in Hindu Matrimonial Script. It has been rated as critical. This issue affects some unknown processing of the file /admin/success_story.php. The manipulation leads to improper privilege management. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20077 |
| CVE-2017-20078 | A vulnerability classified as critical has been found in Hindu Matrimonial Script. Affected is an unknown function of the file /admin/featured.php. The manipulation leads to improper privilege management. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20078 |
| CVE-2017-20079 | A vulnerability classified as critical was found in Hindu Matrimonial Script. Affected by this vulnerability is an unknown functionality of the file /admin/photo.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20079 |
| CVE-2017-20080 | A vulnerability, which was classified as critical, has been found in Hindu Matrimonial Script. Affected by this issue is some unknown functionality of the file /admin/googleads.php. The manipulation leads to improper privilege management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20080 |
| CVE-2017-20081 | A vulnerability, which was classified as critical, was found in Hindu Matrimonial Script. This affects an unknown part of the file /admin/reports.php. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | – | https://nvd.nist.gov/vuln/detail/CVE-2017-20081 |
| CVE-2022-31302 | maccms8 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Server Group text field. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31302 |
| CVE-2022-31303 | maccms10 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Server Group text field. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31303 |
| CVE-2022-31306 | Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_convert_to_slow_array at src/njs_array.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31306 |
| CVE-2022-31307 | Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_string_offset at src/njs_string.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31307 |
| CVE-2022-31373 | SolarView Compact v6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Solar_AiConf.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31373 |
| CVE-2022-31374 | An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31374 |
| CVE-2022-32414 | Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_vmcode_interpreter at src/njs_vmcode.c. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32414 |
| CVE-2022-33119 | NUUO Network Video Recorder NVRsolo v03.06.02 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via login.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33119 |
| CVE-2022-33139 | A vulnerability has been identified in SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33139 |
| CVE-2022-23342 | The Hyland Onbase Application Server releases prior to 20.3.58.1000 and OnBase releases 21.1.1.1000 through 21.1.15.1000 are vulnerable to a username enumeration vulnerability. An attacker can obtain valid users based on the response returned for invalid and valid users by sending a POST login request to the /mobilebroker/ServiceToBroker.svc/Json/Connect endpoint. This can lead to user enumeration against the underlying Active Directory integrated systems. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-23342 |
| CVE-2022-25585 | Unioncms v1.0.13 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Default settings. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-25585 |
| CVE-2022-29774 | iSpyConnect iSpy v7.2.2.0 is vulnerable to path traversal. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29774 |
| CVE-2022-29775 | iSpyConnect iSpy v7.2.2.0 allows attackers to bypass authentication via a crafted URL. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-29775 |
| CVE-2022-31478 | The UserTakeOver plugin before 4.0.1 for ILIAS allows an attacker to list all users via the search function. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31478 |
| CVE-2022-33048 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/reservations/view_details.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33048 |
| CVE-2022-33049 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/?page=user/manage_user. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33049 |
| CVE-2022-33055 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/trains/manage_train.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33055 |
| CVE-2022-33056 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/schedules/manage_schedule.php. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33056 |
| CVE-2021-41924 | Webkul krayin crm before 1.2.2 is vulnerable to Cross Site Scripting (XSS). | – | https://nvd.nist.gov/vuln/detail/CVE-2021-41924 |
| CVE-2022-1596 | Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1596 |
| CVE-2022-1665 | A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it shouldn't. These kernel builds don't have the secure boot lockdown patches applied to it and can bypass the secure boot validations, allowing the attacker to load another non-trusted code. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1665 |
| CVE-2022-1833 | A flaw was found in AMQ Broker Operator 7.9.4 installed via UI using OperatorHub where a low-privilege user that has access to the namespace where the AMQ Operator is deployed has access to clusterwide edit rights by checking the secrets. The service account used for building the Operator gives more permission than expected and an attacker could benefit from it. This requires at least an already compromised low-privilege account or insider attack. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-1833 |
| CVE-2022-22979 | In Spring Cloud Function versions prior to 3.2.6, it is possible for a user who directly interacts with framework provided lookup functionality to cause a denial-of-service condition due to the caching issue in the Function Catalog component of the framework. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-22979 |
| CVE-2022-23171 | AtlasVPN - Privilege Escalation Lack of proper security controls on named pipe messages can allow an attacker with low privileges to send a malicious payload and gain SYSTEM permissions on a windows computer where the AtlasVPN client is installed. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-23171 |
| CVE-2022-26147 | The Quectel RG502Q-EA modem before 2022-02-23 allow OS Command Injection. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-26147 |
| CVE-2022-27867 | A maliciously crafted JT file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-27867 |
| CVE-2022-27868 | A maliciously crafted CAT file in Autodesk AutoCAD 2023 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-27868 |
| CVE-2022-27869 | A maliciously crafted TIFF file in Autodesk AutoCAD 2023 can be forced to read and write beyond allocated boundaries when parsing the TIFF file. This vulnerability can be exploited to execute arbitrary code. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-27869 |
| CVE-2022-27870 | A maliciously crafted TGA file in Autodesk AutoCAD 2023 may be used to write beyond the allocated buffer while parsing TGA file. This vulnerability may be exploited to execute arbitrary code. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-27870 |
| CVE-2022-27871 | Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-27871 |
| CVE-2022-27872 | A maliciously crafted PDF file may be used to dereference a pointer for read or write operation while parsing PDF files in Autodesk Navisworks 2022. The vulnerability exists because the application fails to handle a crafted PDF file, which causes an unhandled exception. An attacker can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-27872 |
| CVE-2022-2068 | In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze). | – | https://nvd.nist.gov/vuln/detail/CVE-2022-2068 |
| CVE-2022-30874 | There is a Cross Site Scripting Stored (XSS) vulnerability in NukeViet CMS before 4.5.02. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-30874 |
| CVE-2022-31786 | IdeaLMS 2022 allows reflected Cross Site Scripting (XSS) via the IdeaLMS/Class/Assessment/ PATH_INFO. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31786 |
| CVE-2022-32973 | An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32973 |
| CVE-2022-32974 | An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-32974 |
| CVE-2022-33995 | A path traversal issue in entry attachments in Devolutions Remote Desktop Manager before 2022.2 allows attackers to create or overwrite files in an arbitrary location. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-33995 |
| CVE-2022-34008 | Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privileged attacker can use an NTFS directory junction to restore a malicious DLL from quarantine into the System32 folder. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-34008 |
| CVE-2021-39006 | IBM QRadar WinCollect Agent 10.0 and 10.0.1 could allow an attacker to obtain sensitive information due to missing best practices. IBM X-Force ID: 213549. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-39006 |
| CVE-2021-36761 | The GeoAnalytics feature in Qlik Sense April 2020 patch 4 allows SSRF. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-36761 |
| CVE-2021-40510 | XML eXternal Entity (XXE) in OBDA systems’ Mastro 1.0 allows remote attackers to read system files via custom DTDs. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-40510 |
| CVE-2021-40511 | OBDA systems’ Mastro 1.0 is vulnerable to XML Entity Expansion (aka “billion laughs”) attack allowing denial of service. | – | https://nvd.nist.gov/vuln/detail/CVE-2021-40511 |
| CVE-2022-31095 | discourse-chat is a chat plugin for the Discourse application. Versions prior to 0.4 are vulnerable to an exposure of sensitive information, where an attacker who knows the message ID for a channel they do not have access to can view that message using the chat message lookup endpoint, primarily affecting direct message channels. There are no known workarounds for this issue, and users are advised to update the plugin. | – | https://nvd.nist.gov/vuln/detail/CVE-2022-31095 |