Security Bulletin 13 Jul 2022

Published on 13 Jul 2022

Updated on 20 Jul 2022

SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.

The vulnerabilities are tabled based on severity, in accordance to their CVSSv3 base scores:


Critical vulnerabilities with a base score of 9.0 to 10.0
High vulnerabilities with a base score of 7.0 to 8.9
Medium vulnerabilities with a base score of 4.0 to 6.9
Low vulnerabilities with a base score of 0.1 to 3.9
None vulnerabilities with a base score of 0.0

For those vulnerabilities without assigned CVSS scores, please visit NVD for the updated CVSS vulnerability entries.

CRITICAL VULNERABILITIES
CVE Number Description Base Score Reference
CVE-2020-12030 There is a flaw in the code used to configure the internal gateway firewall when the gateway's VLAN feature is enabled. If a user enables the VLAN setting, the internal gateway firewall becomes disabled resulting in exposure of all ports used by the gateway. 10 https://nvd.nist.gov/vuln/detail/CVE-2020-12030
CVE-2022-32158 Splunk Enterprise deployment servers in versions before 8.1.10.1, 8.2.6.1, and 9.0 let clients deploy forwarder bundles to other deployment clients through the deployment server. An attacker that compromised a Universal Forwarder endpoint could use the vulnerability to execute arbitrary code on all other Universal Forwarder endpoints subscribed to the deployment server. 10 https://nvd.nist.gov/vuln/detail/CVE-2022-32158
CVE-2020-10189 Zoho ManageEngine Desktop Central before 10.0.474 allows remote code execution because of deserialization of untrusted data in getChartImage in the FileStorage class. This is related to the CewolfServlet and MDMLogUploaderServlet servlets. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10189
CVE-2020-12271 A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration (HTTPS) service or the User Portal exposed on the WAN zone. A successful attack may have caused remote code execution that exfiltrated usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access (but not external Active Directory or LDAP passwords) 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-12271
CVE-2020-15505 A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier that allows remote attackers to execute arbitrary code via unspecified vectors. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-15505
CVE-2020-17496 vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-17496
CVE-2020-17463 FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-17463
CVE-2020-24987 Tenda AC18 Router through V15.03.05.05_EN and through V15.03.05.19(6318) CN devices could cause a remote code execution due to incorrect authentication handling of vulnerable logincheck() function in /usr/lib/lua/ngx_authserver/ngx_wdas.lua file if the administrator UI Interface is set to "radius". 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-24987
CVE-2020-25223 A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-25223
CVE-2020-13963 SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and the related authentication algorithm, is public. The key for admin is hardcoded in the installation code, and there is no key for publicsp (which is a guest account). 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-13963
CVE-2020-25218 Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allow Authentication Bypass in its administrative web interface. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-25218
CVE-2020-13421 OpenIAM before 4.2.0.3 has Incorrect Access Control for the Create User, Modify User Permissions, and Password Reset actions. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-13421
CVE-2021-29998 An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2021-29998
CVE-2020-19778 Incorrect Access Control in Shopxo v1.4.0 and v1.5.0 allows remote attackers to gain privileges in "/index.php" by manipulating the parameter "user_id" in the HTML request. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-19778
CVE-2020-22001 HomeAutomation 3.3.2 suffers from an authentication bypass vulnerability when spoofing client IP address using the X-Forwarded-For header with the local (loopback) IP address value allowing remote control of the smart home solution. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-22001
CVE-2020-21994 AVE DOMINAplus <=1.10.x suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file '/xml/authClients.xml' and obtain administrative login information that allows for a successful authentication bypass attack. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-21994
CVE-2020-19111 Incorrect Access Control vulnerability in Online Book Store v1.0 via admin_verify.php, which could let a remote mailicious user bypass authentication and obtain sensitive information. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-19111
CVE-2020-20951 In Pluck-4.7.10-dev2 admin background, a remote command execution vulnerability exists when uploading files. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-20951
CVE-2020-12061 An issue was discovered in Nitrokey FIDO U2F firmware through 1.1. Communication between the microcontroller and the secure element transmits credentials in plain. This allows an adversary to eavesdrop the communication and derive the secrets stored in the microcontroller. As a result, the attacker is able to arbitrarily manipulate the firmware of the microcontroller. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-12061
CVE-2020-21784 phpwcms 1.9.13 is vulnerable to Code Injection via /phpwcms/setup/setup.php. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-21784
CVE-2020-24133 A heap buffer overflow vulnerability in the r_asm_swf_disass function of Radare2-extras before commit e74a93c allows attackers to execute arbitrary code or carry out denial of service (DOS) attacks. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-24133
CVE-2020-21937 An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-21937
CVE-2020-19301 A vulnerability in the vae_admin_rule database table of vaeThink v1.0.1 allows attackers to execute arbitrary code via a crafted payload in the condition parameter. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-19301
CVE-2020-19305 An issue in /app/system/column/admin/index.class.php of Metinfo v7.0.0 causes the indeximg parameter to be deleted when the column is deleted, allowing attackers to escalate privileges. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-19305
CVE-2020-23151 rConfig 3.9.5 allows command injection by sending a crafted GET request to lib/ajaxHandlers/ajaxArchiveFiles.php since the path parameter is passed directly to the exec function without being escaped. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-23151
CVE-2020-18698 Improper Authentication in Lin-CMS-Flask v0.1.1 allows remote attackers to launch brute force login attempts without restriction via the 'login' function in the component 'app/api/cms/user.py'. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-18698
CVE-2020-18701 Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote attackers to obtain sensitive information and/or gain privileges due to the application not invalidating a user's authentication token upon logout, which allows for replaying packets. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-18701
CVE-2020-22937 A remote code execution (RCE) in e/install/index.php of EmpireCMS 7.5 allows attackers to execute arbitrary PHP code via writing malicious code to the install file. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-22937
CVE-2020-19001 Command Injection in Simiki v1.6.2.1 and prior allows remote attackers to execute arbitrary system commands via line 64 of the component 'simiki/blob/master/simiki/config.py'. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-19001
CVE-2020-18048 An issue in craigms/main.php of CraigMS 1.0 allows attackers to execute arbitrary commands via a crafted input entered into the DB Name field. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-18048
CVE-2020-24672 A vulnerability in Base Software for SoftControl allows an attacker to insert and run arbitrary code in a computer running the affected product. This issue affects: . 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-24672
CVE-2020-21651 Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \\controller\\point.php, which can be exploited via the add() method. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-21651
CVE-2020-21652 Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \\controller\\Config.php, which can be exploited via the addqq() method. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-21652
CVE-2020-22724 A remote command execution vulnerability exists in add_server_service of PPTP_SERVER in Mercury Router MER1200 v1.0.1 and Mercury Router MER1200G v1.0.1. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-22724
CVE-2020-22079 Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01 allows remote attackers to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-22079
CVE-2020-23873 pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::dump. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-23873
CVE-2020-23874 pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::addAttributsNode. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-23874
CVE-2021-40391 An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev (commit b5f1eacd), and the forked version of Gerbv (commit 71493260). A specially-crafted drill file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2021-40391
CVE-2020-15591 fexsrv in F*EX (aka Frams' Fast File EXchange) before fex-20160919_2 allows eval injection (for unauthenticated remote code execution). 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-15591
CVE-2015-20107 In Python (aka CPython) through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). 9.8 https://nvd.nist.gov/vuln/detail/CVE-2015-20107
CVE-2022-22978 In Spring Security versions 5.5.6 and 5.6.3 and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22978
CVE-2022-28660 The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not require authentication when X-Scope-OrgID is used. Versions 1.2.1, 1.3.1, and 1.4.0 contain the bugfix. This affects -auth.type=enterprise in microservices mode 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-28660
CVE-2022-0788 The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated users 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0788
CVE-2022-31813 Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31813
CVE-2022-31625 In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31625
CVE-2022-2068 In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze). 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2068
CVE-2022-31806 In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the controller. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31806
CVE-2022-23170 SysAid - Okta SSO integration - was found vulnerable to XML External Entity Injection vulnerability. Any SysAid environment that uses the Okta SSO integration might be vulnerable. An unauthenticated attacker could exploit the XXE vulnerability by sending a malformed POST request to the identity provider endpoint. An attacker can extract the identity provider endpoint by decoding the SAMLRequest parameter's value and searching for the AssertionConsumerServiceURL parameter's value. It often allows an attacker to view files on the application server filesystem and interact with any back-end or external systems that the application can access. In some situations, an attacker can escalate an XXE attack to compromise the underlying server or other back-end infrastructure by leveraging the XXE vulnerability to perform server-side request forgery (SSRF) attacks. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-23170
CVE-2022-2104 The www-data (Apache web server) account is configured to run sudo with no password for many commands (including /bin/sh and /bin/bash). 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2104
CVE-2022-34057 The Scoptrial package in PyPI version v0.0.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34057
CVE-2022-34059 The Sixfab-Tool in PyPI v0.0.2 to v0.0.3 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34059
CVE-2022-34060 The Togglee package in PyPI version v0.0.8 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34060
CVE-2022-34061 The Catly-Translate package in PyPI v0.0.3 to v0.0.5 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34061
CVE-2022-34064 The Zibal package in PyPI v1.0.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34064
CVE-2022-34065 The Rondolu-YT-Concate package in PyPI v0.1.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34065
CVE-2022-34066 The Texercise package in PyPI v0.0.1 to v0.0.12 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34066
CVE-2022-1574 The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks when importing files, and does not validate them, as a result, unauthenticated attackers can upload arbitrary files (such as PHP) on the remote server 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1574
CVE-2022-2207 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2207
CVE-2022-2216 Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 7.0.0. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2216
CVE-2022-2210 Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2210
CVE-2022-28171 The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affected device. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-28171
CVE-2017-20099 A vulnerability was found in Analytics Stats Counter Statistics Plugin 1.2.2.5 and classified as critical. This issue affects some unknown processing. The manipulation leads to code injection. The attack may be initiated remotely. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2017-20099
CVE-2022-31082 GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. glpi-inventory-plugin is a plugin for GLPI to handle inventory management. In affected versions a SQL injection can be made using package deployment tasks. This issue has been resolved in version 1.0.2. Users are advised to upgrade. Users unable to upgrade should delete the `front/deploypackage.public.php` file if they are not using the `deploy tasks` feature. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31082
CVE-2022-32092 D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32092
CVE-2022-32994 Halo CMS v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the component /api/admin/attachments/upload. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32994
CVE-2022-32995 Halo CMS v1.5.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the template remote download function. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32995
CVE-2022-34132 Benjamin BALET Jorani v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at application/controllers/Leaves.php. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34132
CVE-2022-31056 GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all assistance forms (Ticket/Change/Problem) permit sql injection on the actor fields. This issue has been resolved in version 10.0.2 and all affected users are advised to upgrade. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31056
CVE-2022-31061 GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions there is a SQL injection vulnerability which is possible on login page. No user credentials are required to exploit this vulnerability. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31061
CVE-2022-31106 Underscore.deep is a collection of Underscore mixins that operate on nested objects. Versions of `underscore.deep` prior to version 0.5.3 are vulnerable to a prototype pollution vulnerability. An attacker can craft a malicious payload and pass it to `deepFromFlat`, which would pollute any future Objects created. Any users that have `deepFromFlat` or `deepPick` (due to its dependency on `deepFromFlat`) in their code should upgrade to version 0.5.3 as soon as possible. Users unable to upgrade may mitigate this issue by modifying `deepFromFlat` to prevent specific keywords which will prevent this from happening. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31106
CVE-2022-31230 Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31230
CVE-2022-31885 Marval MSM v14.19.0.12476 is vulnerable to OS Command Injection due to the insecure handling of VBScripts. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31885
CVE-2020-19896 File inclusion vulnerability in Minicms v1.9 allows remote attackers to execute arbitary PHP code via post-edit.php. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-19896
CVE-2022-31887 Marval MSM v14.19.0.12476 has a 0-Click Account Takeover vulnerability which allows an attacker to change any user's password in the organization, this means that the user can also escalate achieve Privilege Escalation by changing the administrator password. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31887
CVE-2022-32532 Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32532
CVE-2022-31266 In ILIAS through 7.10, lack of verification when changing an email address (on the Profile Page) allows remote attackers to take over accounts. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31266
CVE-2017-20111 A vulnerability, which was classified as critical, was found in Teleopti WFM 7.1.0. This affects an unknown part of the component Administration. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2017-20111
CVE-2022-33107 ThinkPHP v6.0.12 was discovered to contain a deserialization vulnerability via the component vendor\\league\\flysystem-cached-adapter\\src\\Storage\\AbstractCache.php. This vulnerability allows attackers to execute arbitrary code via a crafted payload. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-33107
CVE-2021-40597 The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Administrator username and password. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2021-40597
CVE-2022-34835 In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the do_i2c_md function. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34835
CVE-2017-20125 A vulnerability classified as critical was found in Online Hotel Booking System Pro 1.2. Affected by this vulnerability is an unknown functionality of the file /roomtype-details.php. The manipulation of the argument tid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2017-20125
CVE-2021-40643 EyesOfNetwork before 07-07-2021 has a Remote Code Execution vulnerability on the mail options configuration page. In the location of the "sendmail" application in the "cacti" configuration page (by default/usr/sbin/sendmail) it is possible to execute any command, which will be executed when we make a test of the configuration ("send test mail"). 9.8 https://nvd.nist.gov/vuln/detail/CVE-2021-40643
CVE-2021-40663 deep.assign npm package 0.0.0-alpha.0 is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'). 9.8 https://nvd.nist.gov/vuln/detail/CVE-2021-40663
CVE-2021-37778 There is a buffer overflow in gps-sdr-sim v1.0 when parsing long command line parameters, which can lead to DoS or code execution. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2021-37778
CVE-2022-22487 An IBM Spectrum Protect storage agent could allow a remote attacker to perform a brute force attack by allowing unlimited attempts to login to the storage agent without locking the administrative ID. A remote attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to both the IBM Spectrum Protect storage agent and the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 with which it communicates. IBM X-Force ID: 226326. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22487
CVE-2013-4144 There is an object injection vulnerability in swfupload plugin for wordpress. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2013-4144
CVE-2022-32585 A command execution vulnerability exists in the clish art2 functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32585
CVE-2022-33312 Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The `/action/import_cert_file/` API is affected by command injection vulnerability. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-33312
CVE-2022-33313 Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The `/action/import_https_cert_file/` API is affected by command injection vulnerability. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-33313
CVE-2022-33314 Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The `/action/import_sdk_file/` API is affected by command injection vulnerability. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-33314
CVE-2022-33325 Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network packets can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The `/ajax/clear_tools_log/` API is affected by command injection vulnerability. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-33325
CVE-2022-33326 Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network packets can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The `/ajax/config_rollback/` API is affected by a command injection vulnerability. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-33326
CVE-2022-33327 Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network packets can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The `/ajax/remove_sniffer_raw_log/` API is affected by a command injection vulnerability. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-33327
CVE-2022-33328 Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network packets can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The `/ajax/remove/` API is affected by a command injection vulnerability. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-33328
CVE-2022-33329 Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network packets can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The `/ajax/set_sys_time/` API is affected by a command injection vulnerability. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-33329
CVE-2014-0156 Awesome spawn contains OS command injection vulnerability, which allows execution of additional commands passed to Awesome spawn as arguments. If untrusted input was included in command arguments, attacker could use this flaw to execute arbitrary command. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2014-0156
CVE-2021-32428 SQL Injection vulnerability in viaviwebtech Android EBook App (Books App, PDF, ePub, Online Book Reading, Download Books) 10 via the author_id parameter to api.php. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2021-32428
CVE-2022-32295 On Ampere Altra and AltraMax devices before SRP 1.09, the the Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32295
CVE-2022-2274 The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2274
CVE-2022-2185 A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 where it was possible for an unauthorised user to execute arbitrary code on the server using the project import feature. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2185
CVE-2022-32032 Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in the function formAddMacfilterRule. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32032
CVE-2022-32081 MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32081
CVE-2022-32091 MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32091
CVE-2022-31943 MCMS v5.2.8 was discovered to contain an arbitrary file upload vulnerability. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31943
CVE-2022-32093 Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at adminlogin.php. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32093
CVE-2022-32094 Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at doctorlogin.php. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32094
CVE-2022-32095 Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at orders.php. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32095
CVE-2022-2302 Multiple Lenze products of the cabinet series skip the password verification upon second login. After a user has been logged on to the device once, a remote attacker can get full access without knowledge of the password. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2302
CVE-2021-23017 A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. 9.4 https://nvd.nist.gov/vuln/detail/CVE-2021-23017
CVE-2021-21276 Polr is an open source URL shortener. in Polr before version 2.3.0, a vulnerability in the setup process allows attackers to gain admin access to site instances, even if they do not possess an existing account. This vulnerability exists regardless of users' settings. If an attacker crafts a request with specific cookie headers to the /setup/finish endpoint, they may be able to obtain admin privileges on the instance. This is caused by a loose comparison (==) in SetupController that is susceptible to attack. The project has been patched to ensure that a strict comparison (===) is used to verify the setup key, and that /setup/finish verifies that no users table exists before performing any migrations or provisioning any new accounts. This is fixed in version 2.3.0. Users can patch this vulnerability without upgrading by adding abort(404) to the very first line of finishSetup in SetupController.php. 9.3 https://nvd.nist.gov/vuln/detail/CVE-2021-21276
CVE-2019-6569 The monitor barrier of the affected products insufficiently blocks data from being forwarded over the mirror port into the mirrored network. An attacker could use this behavior to transmit malicious packets to systems in the mirrored network, possibly influencing their configuration and runtime behavior. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2019-6569
CVE-2020-20907 MetInfo 7.0 beta is affected by a file modification vulnerability. Attackers can delete and modify ini files in app/system/language/admin/language_general.class.php and app/system/include/function/file.func.php. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2020-20907
CVE-2020-19038 File Deletion vulnerability in Halo 0.4.3 via delBackup. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2020-19038
CVE-2020-25359 An arbitrary file deletion vulnerability in rConfig 3.9.5 has been fixed for 3.9.6. This vulnerability gave attackers the ability to send a crafted request to /lib/ajaxHandlers/ajaxDeleteAllLoggingFiles.php by specifying a path in the path parameter and an extension in the ext parameter and delete all the files with that extension in that path. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2020-25359
CVE-2020-19751 An issue was discovered in gpac 0.8.0. The gf_odf_del_ipmp_tool function in odf_code.c has a heap-based buffer over-read. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2020-19751
CVE-2021-1619 A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2021-1619
CVE-2021-20034 An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2021-20034
CVE-2020-20944 An issue in /admin/index.php?lfj=mysql&action=del of Qibosoft v7 allows attackers to arbitrarily delete files. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2020-20944
CVE-2022-28805 singlevar in lparser.c in Lua through 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2022-28805
CVE-2022-28615 Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2022-28615
CVE-2022-2105 Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, including a “root” user level meant only for the vendor. Web server root level access allows for changing of safety critical parameters. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2022-2105
CVE-2022-33128 RG-EG series gateway EG350 EG_RGOS 11.1(6) was discovered to contain a SQL injection vulnerability via the function get_alarmAction at /alarm_pi/alarmService.php. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2022-33128
CVE-2022-1953 The Product Configurator for WooCommerce WordPress plugin before 1.2.32 suffers from an arbitrary file deletion vulnerability via an AJAX action, accessible to unauthenticated users, which accepts user input that is being used in a path and passed to unlink() without validation first 9.1 https://nvd.nist.gov/vuln/detail/CVE-2022-1953
CVE-2013-4561 In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2013-4561
CVE-2022-28127 A data removal vulnerability exists in the web_server /action/remove/ API functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary file deletion. An attacker can send a sequence of requests to trigger this vulnerability. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2022-28127
CVE-2022-2140 Elcomplus SmartICS v2.3.4.0 does not neutralize user-controllable input, which allows an authenticated user to inject arbitrary code into specific parameters. 9 https://nvd.nist.gov/vuln/detail/CVE-2022-2140

OTHER VULNERABILITIES
CVE Number Description Base Score Reference
CVE-2017-9078 The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -a option is enabled. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2017-9078
CVE-2020-10221 lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the fileName POST parameter. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10221
CVE-2020-10199 Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2). 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10199
CVE-2020-11753 An issue was discovered in Sonatype Nexus Repository Manager in versions 3.21.1 and 3.22.0. It is possible for a user with appropriate privileges to create, modify, and execute scripting tasks without use of the UI or API. NOTE: in 3.22.0, scripting is disabled by default (making this not exploitable). 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-11753
CVE-2020-15776 An issue was discovered in Gradle Enterprise 2018.2 - 2020.2.4. The CSRF prevention token is stored in a request cookie that is not annotated as HttpOnly. An attacker with the ability to execute arbitrary code in a user's browser could impose an arbitrary value for this token, allowing them to perform cross-site request forgery. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-15776
CVE-2020-10580 A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary PHP code on the server as the user running the application. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10580
CVE-2020-22017 A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at ff_fill_rectangle in libavfilter/drawutils.c, which might lead to memory corruption and other potential consequences. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-22017
CVE-2020-22025 A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which might lead to memory corruption and other potential consequences. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-22025
CVE-2020-22032 A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_edgedetect.c in gaussian_blur, which might lead to memory corruption and other potential consequences. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-22032
CVE-2020-22034 A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_floodfill.c, which might lead to memory corruption and other potential consequences. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-22034
CVE-2020-17541 Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-17541
CVE-2020-22201 phpCMS 2008 sp4 allowas remote malicious users to execute arbitrary php commands via the pagesize parameter to yp/product.php. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-22201
CVE-2020-18648 Cross Site Request Forgery (CSRF) in JuQingCMS v1.0 allows remote attackers to gain local privileges via the component "JuQingCMS_v1.0/admin/index.php?c=administrator&a=add". 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-18648
CVE-2020-19907 A command injection vulnerability in the sandcat plugin of Caldera 2.3.1 and earlier allows authenticated attackers to execute any command or service. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-19907
CVE-2020-18875 Incorrect Access Control in DotCMS versions before 5.1 allows remote attackers to gain privileges by injecting client configurations via vtl (velocity) files. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-18875
CVE-2020-22120 A remote code execution (RCE) vulnerability in /root/run/adm.php?admin-ediy&part=exdiy of imcat v5.1 allows authenticated attackers to execute arbitrary code. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-22120
CVE-2021-1579 A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker with Administrator read-only credentials to elevate privileges on an affected system. This vulnerability is due to an insufficient role-based access control (RBAC). An attacker with Administrator read-only credentials could exploit this vulnerability by sending a specific API request using an app with admin write credentials. A successful exploit could allow the attacker to elevate privileges to Administrator with write privileges on the affected device. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-1579
CVE-2020-19155 Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information and/or execute arbitrary code via the 'FileManager.rename()' function in the component 'modules/filemanager/FileManagerController.java'. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-19155
CVE-2020-21598 libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-21598
CVE-2020-20124 Wuzhi CMS v4.1.0 contains a remote code execution (RCE) vulnerability in \\attachment\\admin\\index.php. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-20124
CVE-2020-21650 Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \\controller\\Config.php, which can be exploited via the add() method. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-21650
CVE-2021-22048 The vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-22048
CVE-2020-7881 The vulnerability function is enabled when the streamer service related to the AfreecaTV communicated through web socket using 21201 port. A stack-based buffer overflow leading to remote code execution was discovered in strcpy() operate by "FanTicket" field. It is because of stored data without validation of length. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-7881
CVE-2022-31462 Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the device via a backdoor password (derived from the serial number) that can be found in Bluetooth broadcast data. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31462
CVE-2022-32278 XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32278
CVE-2022-30165 Windows Kerberos Elevation of Privilege Vulnerability. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-30165
CVE-2022-31626 In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31626
CVE-2013-1916 In WordPress Plugin User Photo 0.9.4, when a photo is uploaded, it is only partially validated and it is possible to upload a backdoor on the server hosting WordPress. This backdoor can be called (executed) even if the photo has not been yet approved. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2013-1916
CVE-2019-25071 A vulnerability was found in Apple iPhone up to 12.4.1. It has been declared as critical. Affected by this vulnerability is Siri. Playing an audio or video file might be able to initiate Siri on the same device which makes it possible to execute commands remotely. Exploit details have been disclosed to the public. The existence and implications of this vulnerability are doubted by Apple even though multiple public videos demonstrating the attack exist. Upgrading to version 13.0 migt be able to address this issue. It is recommended to upgrade affected devices. NOTE: Apple claims, that after examining the report they do not see any actual security implications. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2019-25071
CVE-2022-24893 ESP-IDF is the official development framework for Espressif SoCs. In Espressif’s Bluetooth Mesh SDK (`ESP-BLE-MESH`), a memory corruption vulnerability can be triggered during provisioning, because there is no check for the `SegN` field of the Transaction Start PDU. This can result in memory corruption related attacks and potentially attacker gaining control of the entire system. Patch commits are available on the 4.1, 4.2, 4.3 and 4.4 branches and users are recommended to upgrade. The upgrade is applicable for all applications and users of `ESP-BLE-MESH` component from `ESP-IDF`. As it is implemented in the Bluetooth Mesh stack, there is no workaround for the user to fix the application layer without upgrading the underlying firmware. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-24893
CVE-2022-2212 A vulnerability was found in SourceCodester Library Management System 1.0. It has been classified as critical. Affected is an unknown function of the component /card/index.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2212
CVE-2022-2214 A vulnerability was found in SourceCodester Library Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /librarian/bookdetails.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2214
CVE-2022-31086 LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 incorrect regular expressions allow to upload PHP scripts to config/templates/pdf. This vulnerability could lead to a Remote Code Execution if the /config/templates/pdf/ directory is accessible for remote users. This is not a default configuration of LAM. This issue has been fixed in version 8.0. There are no known workarounds for this issue. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31086
CVE-2017-20103

A vulnerability classified as critical has been found in Kama Click Counter Plugin up to 3.4.8. This affects an unknown part of the file wp-admin/admin.php. The manipulation of the argument leads to sql injection (Blind). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.4.9 is able to address this issue. It is recommended to upgrade the affected component.

8.8 https://nvd.nist.gov/vuln/detail/CVE-2017-20103
CVE-2022-33007 TRENDnet Wi-Fi routers TEW751DR v1.03 and TEW-752DRU v1.03 were discovered to contain a stack overflow via the function genacgi_main. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-33007
CVE-2022-31101 prestashop/blockwishlist is a prestashop extension which adds a block containing the customer's wishlists. In affected versions an authenticated customer can perform SQL injection. This issue is fixed in version 2.1.1. Users are advised to upgrade. There are no known workarounds for this issue. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31101
CVE-2022-34134 Benjamin BALET Jorani v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /application/controllers/Users.php. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34134
CVE-2022-23763 Origin validation error vulnerability in NeoRS’s ActiveX moudle allows attackers to download and execute arbitrary files. Remote attackers can use this vulerability to encourage users to access crafted web pages, causing damage such as malicious code infections. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-23763
CVE-2021-40553 piwigo 11.5.0 is affected by a remote code execution (RCE) vulnerability in the LocalFiles Editor. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-40553
CVE-2017-20120 A vulnerability classified as problematic was found in TrueConf Server 4.3.7. This vulnerability affects unknown code of the file /admin/service/stop/. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2017-20120
CVE-2017-20124 A vulnerability classified as critical has been found in Online Hotel Booking System Pro Plugin 1.0. Affected is an unknown function of the file /front/roomtype-details.php. The manipulation of the argument tid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2017-20124
CVE-2022-22472 IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes and 10.1.7 through 10.1.10.2 for Red Hat OpenShift) could allow a remote attacker to bypass IBM Spectrum Protect Plus role based access control restrictions, caused by improper disclosure of session information. By retrieving the logs of a container an attacker could exploit this vulnerability to bypass login security of the IBM Spectrum Protect Plus server and gain unauthorized access based on the permissions of the IBM Spectrum Protect Plus user to the vulnerable Spectrum Protect Plus server software. IBM X-Force ID: 225340. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22472
CVE-2022-34793 Jenkins Recipe Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34793
CVE-2022-31115 opensearch-ruby is a community-driven, open source fork of elasticsearch-ruby. In versions prior to 2.0.1 the ruby `YAML.load` function was used instead of `YAML.safe_load`. As a result opensearch-ruby 2.0.0 and prior can lead to unsafe deserialization using YAML.load if the response is of type YAML. An attacker must be in control of an opensearch server and convince the victim to connect to it in order to exploit this vulnerability. The problem has been patched in opensearch-ruby gem version 2.0.1. Users are advised to upgrade. There are no known workarounds for this issue. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31115
CVE-2022-32420 College Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via /College/admin/teacher.php. This vulnerability is exploited via a crafted PHP file. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32420
CVE-2022-22026 Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22047, CVE-2022-22049. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22026
CVE-2022-30216 Windows Server Service Tampering Vulnerability. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-30216
CVE-2022-30221 Windows Graphics Component Remote Code Execution Vulnerability. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-30221
CVE-2021-1611 A vulnerability in Ethernet over GRE (EoGRE) packet processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9800 Family Wireless Controller, Embedded Wireless Controller, and Embedded Wireless on Catalyst 9000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper processing of malformed EoGRE packets. An attacker could exploit this vulnerability by sending malicious packets to the affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. 8.6 https://nvd.nist.gov/vuln/detail/CVE-2021-1611
CVE-2021-1615 A vulnerability in the packet processing functionality of Cisco Embedded Wireless Controller (EWC) Software for Catalyst Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected AP. This vulnerability is due to insufficient buffer allocation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to exhaust available resources and cause a DoS condition on an affected AP, as well as a DoS condition for client traffic traversing the AP. 8.6 https://nvd.nist.gov/vuln/detail/CVE-2021-1615
CVE-2021-40401 A use-after-free vulnerability exists in the RS-274X aperture definition tokenization functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and Gerbv forked 2.7.1. A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. 8.6 https://nvd.nist.gov/vuln/detail/CVE-2021-40401
CVE-2022-29170 Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request security allow list is used and there is a possibility to add a custom datasource to Grafana which returns HTTP redirects. In this scenario, Grafana would blindly follow the redirects and potentially give secure information to the clients. Grafana Cloud is not impacted by this vulnerability. Versions 7.5.16 and 8.5.3 contain a patch for this issue. There are currently no known workarounds. 8.5 https://nvd.nist.gov/vuln/detail/CVE-2022-29170
CVE-2022-30222 Windows Shell Remote Code Execution Vulnerability. 8.4 https://nvd.nist.gov/vuln/detail/CVE-2022-30222
CVE-2022-30192 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33638, CVE-2022-33639. 8.3 https://nvd.nist.gov/vuln/detail/CVE-2022-30192
CVE-2022-33638 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30192, CVE-2022-33639. 8.3 https://nvd.nist.gov/vuln/detail/CVE-2022-33638
CVE-2022-33639 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30192, CVE-2022-33638. 8.3 https://nvd.nist.gov/vuln/detail/CVE-2022-33639
CVE-2022-33680 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30192, CVE-2022-33638, CVE-2022-33639. 8.3 https://nvd.nist.gov/vuln/detail/CVE-2022-33680
CVE-2022-33674 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33675, CVE-2022-33677. 8.3 https://nvd.nist.gov/vuln/detail/CVE-2022-33674
CVE-2020-2591 Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Application Service). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Web Applications Desktop Integrator. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Web Applications Desktop Integrator, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Web Applications Desktop Integrator accessible data as well as unauthorized update, insert or delete access to some of Oracle Web Applications Desktop Integrator accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 8.2 https://nvd.nist.gov/vuln/detail/CVE-2020-2591
CVE-2020-2665 Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Others). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle iSupport. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iSupport, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iSupport accessible data as well as unauthorized update, insert or delete access to some of Oracle iSupport accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 8.2 https://nvd.nist.gov/vuln/detail/CVE-2020-2665
CVE-2020-2669 Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Email Center. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Email Center, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Email Center accessible data as well as unauthorized update, insert or delete access to some of Oracle Email Center accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 8.2 https://nvd.nist.gov/vuln/detail/CVE-2020-2669
CVE-2020-2670 Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Email Center. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Email Center, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Email Center accessible data as well as unauthorized update, insert or delete access to some of Oracle Email Center accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 8.2 https://nvd.nist.gov/vuln/detail/CVE-2020-2670
CVE-2020-2671 Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Email Center. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Email Center, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Email Center accessible data as well as unauthorized update, insert or delete access to some of Oracle Email Center accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 8.2 https://nvd.nist.gov/vuln/detail/CVE-2020-2671
CVE-2020-2672 Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Email Center. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Email Center, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Email Center accessible data as well as unauthorized update, insert or delete access to some of Oracle Email Center accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 8.2 https://nvd.nist.gov/vuln/detail/CVE-2020-2672
CVE-2022-31112 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In affected versions parse Server LiveQuery does not remove protected fields in classes, passing them to the client. The LiveQueryController now removes protected fields from the client response. Users are advised to upgrade. Users unable t upgrade should use `Parse.Cloud.afterLiveQueryEvent` to manually remove protected fields. 8.2 https://nvd.nist.gov/vuln/detail/CVE-2022-31112
CVE-2022-28200 NVIDIA DGX A100 contains a vulnerability in SBIOS in the BiosCfgTool, where a local user with elevated privileges can read and write beyond intended bounds in SMRAM, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other components. 8.2 https://nvd.nist.gov/vuln/detail/CVE-2022-28200
CVE-2020-13422 OpenIAM before 4.2.0.3 does not verify if a user has permissions to perform /webconsole/rest/api/* administrative actions. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2020-13422
CVE-2020-11511 The LearnPress plugin before 3.2.6.9 for WordPress allows remote attackers to escalate the privileges of any user to LP Instructor via the accept-to-be-teacher action parameter. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2020-11511
CVE-2020-18771 Exiv2 0.27.99.0 has a global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp which can result in an information leak. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2020-18771
CVE-2022-33202 Authentication bypass vulnerability in the setup screen of L2Blocker(on-premise) Ver4.8.5 and earlier and L2Blocker(Cloud) Ver4.8.5 and earlier allows an adjacent attacker to perform an unauthorized login and obtain the stored information or cause a malfunction of the device by using alternative paths or channels for Sensor. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2022-33202
CVE-2022-1572 The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks in an AJAX action, available to any authenticated users such as subscriber, which could allow them to delete arbitrary file 8.1 https://nvd.nist.gov/vuln/detail/CVE-2022-1572
CVE-2022-1903 The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover (even the administrator) due to missing nonce and authorization checks in an AJAX action available to unauthenticated users, allowing them to change the password of arbitrary users by knowing their username 8.1 https://nvd.nist.gov/vuln/detail/CVE-2022-1903
CVE-2022-31034 Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v0.11.0 are vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or UI. The vulnerabilities are due to the use of insufficiently random values in parameters in Oauth2/OIDC login flows. In each case, using a relatively-predictable (time-based) seed in a non-cryptographically-secure pseudo-random number generator made the parameter less random than required by the relevant spec or by general best practices. In some cases, using too short a value made the entropy even less sufficient. The attacks on login flows which are meant to be mitigated by these parameters are difficult to accomplish but can have a high impact potentially granting an attacker admin access to Argo CD. Patches for this vulnerability has been released in the following Argo CD versions: v2.4.1, v2.3.5, v2.2.10 and v2.1.16. There are no known workarounds for this vulnerability. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2022-31034
CVE-2022-31084 LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 There are cases where LAM instantiates objects from arbitrary classes. An attacker can inject the first constructor argument. This can lead to code execution if non-LAM classes are instantiated that execute code during object creation. This issue has been fixed in version 8.0. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2022-31084
CVE-2022-31092 Pimcore is an Open Source Data & Experience Management Platform. Pimcore offers developers listing classes to make querying data easier. This listing classes also allow to order or group the results based on one or more columns which should be quoted by default. The actual issue is that quoting is not done properly in both cases, so there's the theoretical possibility to inject custom SQL if the developer is using this methods with input data and not doing proper input validation in advance and so relies on the auto-quoting being done by the listing classes. This issue has been resolved in version 10.4.4. Users are advised to upgrade or to apple the patch manually. There are no known workarounds for this issue. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2022-31092
CVE-2017-20105 A vulnerability was found in Simplessus 3.7.7. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument path leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.8.3 is able to address this issue. It is recommended to upgrade the affected component. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2017-20105
CVE-2021-38941 IBM CloudPak for Multicloud Monitoring 2.0 and 2.3 has a few containers running in privileged mode which is vulnerable to host information leakage or destruction if unauthorized access to these containers could execute arbitrary commands. IBM X-Force ID: 211048. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2021-38941
CVE-2022-23718 PingID Windows Login prior to 2.8 uses known vulnerable components that can lead to remote code execution. An attacker capable of achieving a sophisticated man-in-the-middle position, or to compromise Ping Identity web servers, could deliver malicious code that would be executed as SYSTEM by the PingID Windows Login application. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2022-23718
CVE-2022-29484 Operation restriction bypass vulnerability in Space of Cybozu Garoon 4.0.0 to 5.9.0 allows a remote authenticated attacker to delete the data of Space. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2022-29484
CVE-2022-22029 Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22039. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2022-22029
CVE-2022-22038 Remote Procedure Call Runtime Remote Code Execution Vulnerability. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2022-22038
CVE-2020-23050 TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a HTML injection vulnerability in the userFirstName parameter of the user account input field. This vulnerability allows attackers to execute phishing attacks, external redirects, and arbitrary code. 8 https://nvd.nist.gov/vuln/detail/CVE-2020-23050
CVE-2022-34792 A cross-site request forgery (CSRF) vulnerability in Jenkins Recipe Plugin 1.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML. 8 https://nvd.nist.gov/vuln/detail/CVE-2022-34792
CVE-2018-14791 Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 may allow non-administrative users to change executable and library files on the affected products. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2018-14791
CVE-2018-14797 Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 allow a specially crafted DLL file to be placed in the search path and loaded as an internal and valid DLL, which may allow arbitrary code execution. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2018-14797
CVE-2020-11875 An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10.0 (MTK chipsets) software. The MTK kernel does not properly implement exception handling, allowing an attacker to gain privileges. The LG ID is LVE-SMP-200001 (February 2020). 7.8 https://nvd.nist.gov/vuln/detail/CVE-2020-11875
CVE-2020-21827 A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2379. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2020-21827
CVE-2021-1106 NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-1106
CVE-2021-1107 NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAP_IOC_WRITE* paths, where improper access controls may lead to code execution, complete denial of service, and seriously compromised integrity of all system components. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-1107
CVE-2021-1419 A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-1419
CVE-2021-3560 It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-3560
CVE-2022-22617 A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to gain elevated privileges. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22617
CVE-2022-29109 Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29110. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-29109
CVE-2022-30594 The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-30594
CVE-2022-1998 A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1998
CVE-2022-31762 The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31762
CVE-2022-30164 Kerberos AppContainer Security Feature Bypass Vulnerability. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-30164
CVE-2022-32530 A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be misled, hiding alarms, showing the wrong server connection option or the wrong control request when a mobile device has been compromised by a malicious application. Affected Product: Geo SCADA Mobile (Build 222 and prior) 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32530
CVE-2022-28619 A potential security vulnerability has been identified in the installer of HPE Version Control Repository Manager. The vulnerability could allow local escalation of privilege. HPE has made the following software update to resolve the vulnerability in HPE Version Control Repository Manager installer 7.6.14.0. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-28619
CVE-2022-2206 Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2206
CVE-2022-31087 LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of .php (and .php5/.php4/.phpt/etc) files. An attacker capable of writing files under www-data privileges can write a web-shell into this directory, and gain a Code Execution on the host. This issue has been fixed in version 8.0. Users unable to upgrade should disallow executing PHP scripts in (/var/lib/ldap-account-manager/)tmp directory. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31087
CVE-2017-20107 A vulnerability, which was classified as problematic, was found in ShadeYouVPN.com Client 2.0.1.11. Affected is an unknown function. The manipulation leads to improper privilege management. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.1.12 is able to address this issue. It is recommended to upgrade the affected component. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2017-20107
CVE-2022-33108 XPDF v4.04 was discovered to contain a stack overflow vulnerability via the Object::Copy class of object.cc files. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-33108
CVE-2022-2145 Cloudflare WARP client for Windows (up to v. 2022.5.309.0) allowed creation of mount points from its ProgramData folder. During installation of the WARP client, it was possible to escalate privileges and overwrite SYSTEM protected files. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2145
CVE-2021-3434 Stack based buffer overflow in le_ecred_conn_req(). Zephyr versions >= v2.5.0 Stack-based Buffer Overflow (CWE-121). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8w87-6rfp-cfrm 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-3434
CVE-2017-20112 A vulnerability has been found in IVPN Client 2.6.6120.33863 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument --up cmd leads to improper privilege management. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2.6.2 is able to address this issue. It is recommended to upgrade the affected component. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2017-20112
CVE-2022-33035 XLPD v7.0.0094 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-33035
CVE-2022-33036 A binary hijack in Embarcadero Dev-CPP v6.3 allows attackers to execute arbitrary code via a crafted .exe file. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-33036
CVE-2022-33037 A binary hijack in Orwell-Dev-Cpp v5.11 allows attackers to execute arbitrary code via a crafted .exe file. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-33037
CVE-2017-20121 A vulnerability was found in Teradici Management Console 2.2.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Database Management. The manipulation leads to improper privilege management. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2017-20121
CVE-2017-20123 A vulnerability was found in Viscosity 1.6.7. It has been classified as critical. This affects an unknown part of the component DLL Handler. The manipulation leads to untrusted search path. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.6.8 is able to address this issue. It is recommended to upgrade the affected component. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2017-20123
CVE-2022-2257 Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2257
CVE-2022-2264 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2264
CVE-2022-2284 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2284
CVE-2022-2285 Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2285
CVE-2022-2286 Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2286
CVE-2022-2288 Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2288
CVE-2022-2289 Use After Free in GitHub repository vim/vim prior to 9.0. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2289
CVE-2022-1794 The CODESYS OPC DA Server prior V3.5.18.20 stores PLC passwords as plain text in its configuration file so that it is visible to all authorized Microsoft Windows users of the system. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1794
CVE-2022-22024 Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22027. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22024
CVE-2022-22027 Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22024. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22027
CVE-2022-22031 Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22031
CVE-2022-22034 Windows Graphics Component Elevation of Privilege Vulnerability. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22034
CVE-2022-22043 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22043
CVE-2022-22045 Windows.Devices.Picker.dll Elevation of Privilege Vulnerability. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22045
CVE-2022-22047 Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026, CVE-2022-22049. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22047
CVE-2022-22049 Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026, CVE-2022-22047. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22049
CVE-2022-22050 Windows Fax Service Elevation of Privilege Vulnerability. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22050
CVE-2022-30206 Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-22041, CVE-2022-30226. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-30206
CVE-2022-30220 Windows Common Log File System Driver Elevation of Privilege Vulnerability. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-30220
CVE-2022-33675 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33677. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-33675
CVE-2021-1623 A vulnerability in the Simple Network Management Protocol (SNMP) punt handling function of Cisco cBR-8 Converged Broadband Routers could allow an authenticated, remote attacker to overload a device punt path, resulting in a denial of service (DoS) condition. This vulnerability is due to the punt path being overwhelmed by large quantities of SNMP requests. An attacker could exploit this vulnerability by sending a large number of SNMP requests to an affected device. A successful exploit could allow the attacker to overload the device punt path, resulting in a DoS condition. 7.7 https://nvd.nist.gov/vuln/detail/CVE-2021-1623
CVE-2022-31091 Guzzle, an extensible PHP HTTP client. `Authorization` and `Cookie` headers on requests are sensitive information. In affected versions on making a request which responds with a redirect to a URI with a different port, if we choose to follow it, we should remove the `Authorization` and `Cookie` headers from the request, before containing. Previously, we would only consider a change in host or scheme. Affected Guzzle 7 users should upgrade to Guzzle 7.4.5 as soon as possible. Affected users using any earlier series of Guzzle should upgrade to Guzzle 6.5.8 or 7.4.5. Note that a partial fix was implemented in Guzzle 7.4.2, where a change in host would trigger removal of the curl-added Authorization header, however this earlier fix did not cover change in scheme or change in port. An alternative approach would be to use your own redirect middleware, rather than ours, if you are unable to upgrade. If you do not require or expect redirects to be followed, one should simply disable redirects all together. 7.7 https://nvd.nist.gov/vuln/detail/CVE-2022-31091
CVE-2022-1746 The authentication mechanism used by poll workers to administer voting using the tested version of Dominion Voting Systems ImageCast X can expose cryptographic secrets used to protect election information. An attacker could leverage this vulnerability to gain access to sensitive information and perform privileged actions, potentially affecting other election equipment. 7.6 https://nvd.nist.gov/vuln/detail/CVE-2022-1746
CVE-2020-2673 Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager (component: Oracle Flow Builder). Supported versions that are affected are 12.5.0.3, 13.1.0.1, 13.2.0.1 and 13.3.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Testing Suite. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Application Testing Suite accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-2673
CVE-2020-11738 The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-11738
CVE-2020-11946 Zoho ManageEngine OpManager before 125120 allows an unauthenticated user to retrieve an API key via a servlet call. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-11946
CVE-2020-12112 BigBlueButton before 2.2.5 allows remote attackers to obtain sensitive files via Local File Inclusion. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-12112
CVE-2020-13410 An issue was discovered in MoscaJS Aedes 0.42.0. lib/write.js does not properly consider exceptions during the writing of an invalid packet to a stream. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-13410
CVE-2020-19419 Incorrect Access Control in Emerson Smart Wireless Gateway 1420 4.6.59 allows remote attackers to obtain sensitive device information from the administrator console without authentication. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-19419
CVE-2020-23533 Union Pay up to 1.2.0, for web based versions contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability, allows attackers to shop for free in merchants' websites and mobile apps, via a crafted authentication code (MAC) which is generated based on a secret key which is NULL. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-23533
CVE-2020-21996 AVE DOMINAplus <=1.10.x suffers from an unauthenticated reboot command execution. Attackers can exploit this issue to cause a denial of service scenario. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-21996
CVE-2020-21997 Smartwares HOME easy <=1.0.9 is vulnerable to an unauthenticated database backup download and information disclosure vulnerability. An attacker could disclose sensitive and clear-text information resulting in authentication bypass, session hijacking and full system control. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-21997
CVE-2020-24396 homee Brain Cube v2 (2.28.2 and 2.28.4) devices have sensitive SSH keys within downloadable and unencrypted firmware images. This allows remote attackers to use the support server as a SOCKS proxy. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-24396
CVE-2020-24939 Prototype pollution in Stampit supermixer 1.0.3 allows an attacker to modify the prototype of a base object which can vary in severity depending on the implementation. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-24939
CVE-2020-23148 The userLogin parameter in ldap/login.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a LDAP injection and obtain sensitive information via a crafted POST request. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-23148
CVE-2020-23332 A heap-based buffer overflow exists in the AP4_StdcFileByteStream::ReadPartial component located in /StdC/Ap4StdCFileByteStream.cpp of Bento4 version 06c39d9. This issue can lead to a denial of service (DOS). 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-23332
CVE-2020-18730 A segmentation violation in the Iec104_Deal_I function of IEC104 v1.0 allows attackers to cause a denial of service (DOS). 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-18730
CVE-2020-18731 A segmentation violation in the Iec104_Deal_FirmUpdate function of IEC104 v1.0 allows attackers to cause a denial of service (DOS). 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-18731
CVE-2020-19750 An issue was discovered in gpac 0.8.0. The strdup function in box_code_base.c has a heap-based buffer over-read. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-19750
CVE-2020-23469 gmate v0.12+bionic contains a regular expression denial of service (ReDoS) vulnerability in the gedit3 plugin. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-23469
CVE-2020-23478 Leo Editor v6.2.1 was discovered to contain a regular expression denial of service (ReDoS) vulnerability in the component plugins/importers/dart.py. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-23478
CVE-2020-20665 rudp v0.6 was discovered to contain a memory leak in the component main.c. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-20665
CVE-2021-40359 A vulnerability has been identified in OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd4), OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V8.2 (All versions), SIMATIC BATCH V9.0 (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 6), SIMATIC NET PC Software V17 (All versions < V17 SP1), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read unexpected critical files. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40359
CVE-2021-20049 A vulnerability in SonicWall SMA100 password change API allows a remote unauthenticated attacker to perform SMA100 username enumeration based on the server responses. This vulnerability impacts 10.2.1.2-24sv, 10.2.0.8-37sv and earlier 10.x versions. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-20049
CVE-2021-24893 The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the comments section, or pending comment dashboard depending if the user sent it as unauthenticated or authenticated. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-24893
CVE-2020-19861 When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt_rdf) byte data can be copied, causing heap overflow information leakage. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-19861
CVE-2021-24906 The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib/pwa-deactivate.php file, which could allow unauthenticated users to disable the plugin (and therefore the protection offered) via a crafted request 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-24906
CVE-2021-37185 A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions >= V2.2). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-37185
CVE-2021-37204 A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 Ready4Linux (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions < V4.0), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions >= V2.2). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packet over port 102/tcp. A restart of the affected device is needed to restore normal operations. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-37204
CVE-2021-37205 A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions >= V2.2). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-37205
CVE-2020-13677 Under some circumstances, the Drupal core JSON:API module does not properly restrict access to certain content, which may result in unintended access bypass. Sites that do not have the JSON:API module enabled are not affected. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-13677
CVE-2020-24771 Incorrect access control in NexusPHP 1.5.beta5.20120707 allows unauthorized attackers to access published content. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-24771
CVE-2022-25622 A vulnerability has been identified in SIMATIC CFU DIQ (All versions), SIMATIC CFU PA (All versions), SIMATIC ET200AL IM157-1 PN (All versions), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 MF HF (All versions), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC PN/MF Coupler (All versions), SIMATIC PN/PN Coupler (All versions >= 4.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.0.0), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.10), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions), SIMATIC TDC CP51M1 (All versions), SIMATIC TDC CPU555 (All versions), SIMATIC WinAC RTX (All versions), SIMIT Simulation Platform (All versions), SINAMICS DCM (All versions with Ethernet interface), SINAMICS G110M (All versions with Ethernet interface), SINAMICS G115D (All versions with Ethernet interface), SINAMICS G120 (incl. SIPLUS variants) (All versions with Ethernet interface), SINAMICS G130 (All versions), SINAMICS G150 (All versions), SINAMICS S110 (All versions with Ethernet interface), SINAMICS S120 (incl. SIPLUS variants) (All versions), SINAMICS S150 (All versions), SINAMICS S210 (All versions), SINAMICS V90 (All versions with Ethernet interface), SIPLUS HCS4200 CIM4210 (All versions), SIPLUS HCS4200 CIM4210C (All versions), SIPLUS HCS4300 CIM4310 (All versions), SIPLUS NET PN/PN Coupler (All versions >= 4.2). The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-25622
CVE-2022-27241 A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (All versions < V8.18.18), Mendix Applications using Mendix 9 (All versions < V9.11), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.12). Applications built with an affected system publicly expose the internal project structure. This could allow an unauthenticated remote attacker to read confidential information. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-27241
CVE-2022-24545 Windows Kerberos Remote Code Execution Vulnerability. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-24545
CVE-2022-1183 On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS (DoT) and DNS over HTTPS (DoH), but configurations using DoT alone are unaffected. Affects BIND 9.18.0 -> 9.18.2 and version 9.19.0 of the BIND 9.19 development branch. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-1183
CVE-2022-23712 A Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability, an unauthenticated attacker could forcibly shut down an Elasticsearch node with a specifically formatted network request. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-23712
CVE-2022-26377 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-26377
CVE-2022-29404 In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-29404
CVE-2022-30522 If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30522
CVE-2022-30556 Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30556
CVE-2022-21211 This affects all versions of package posix. When invoking the toString method, it will fallback to 0x0 value, as the value of toString is not invokable (not a function), and then it will crash with type-check. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-21211
CVE-2022-34296 In Zalando Skipper before 0.13.218, a query predicate could be bypassed via a prepared request. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34296
CVE-2022-31805 In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31805
CVE-2022-2102 Controls limiting uploads to certain file extensions may be bypassed. This could allow an attacker to intercept the initial file upload page response and modify the associated code. This modified code can be forwarded and used by a script loaded later in the sequence, allowing for arbitrary file upload into a location where PHP scripts may be executed. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2102
CVE-2021-40893 A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in validate-data v0.1.1 when validating crafted invalid emails. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40893
CVE-2022-22390 IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. IBM X-Force ID: 221973. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-22390
CVE-2021-40894 A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in underscore-99xp v1.7.2 when the deepValueSearch function is called. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40894
CVE-2021-40895 A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in todo-regex v0.1.1 when matching crafted invalid TODO statements. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40895
CVE-2021-40896 A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in that-value v0.1.3 when validating crafted invalid emails. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40896
CVE-2021-40897 A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in split-html-to-chars v1.0.5 when splitting crafted invalid htmls. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40897
CVE-2021-40898 A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in scaffold-helper v1.2.0 when copying crafted invalid files. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40898
CVE-2021-40899 A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in repo-git-downloader v0.1.1 when downloading crafted invalid git repositories. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40899
CVE-2022-0722 Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository ionicabizau/parse-url prior to 7.0.0. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-0722
CVE-2021-40900 A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in regexfn v1.0.5 when validating crafted invalid emails. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40900
CVE-2021-40901 A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in scniro-validator v1.0.1 when validating crafted invalid emails. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40901
CVE-2021-33647 When performing the inference shape operation of the Tile operator, if the input data type is not int or int32, it will access data outside of bounds of heap allocated buffers. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-33647
CVE-2021-33648 When performing the inference shape operation of Affine, Concat, MatMul, ArgMinMax, EmbeddingLookup, and Gather operators, if the input shape size is 0, it will access data outside of bounds of shape which allocated from heap buffers. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-33648
CVE-2021-33649 When performing the inference shape operation of the Transpose operator, if the value in the perm element is greater than or equal to the size of the input_shape, it will access data outside of bounds of input_shape which allocated from heap buffers. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-33649
CVE-2021-33650 When performing the inference shape operation of the SparseToDense operator, if the number of inputs is less than three, it will access data outside of bounds of inputs which allocated from heap buffers. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-33650
CVE-2021-33651 When performing the analytical operation of the DepthwiseConv2D operator, if the attribute depth_multiplier is 0, it will cause a division by 0 exception. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-33651
CVE-2021-33652 When the Reduce operator run operation is executed, if there is a value of 0 in the parameter axis_sizes element, it will cause a division by 0 exception. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-33652
CVE-2021-33653 When performing the derivation shape operation of the SpaceToBatch operator, if there is a value of 0 in the parameter block_shape element, it will cause a division by 0 exception. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-33653
CVE-2021-33654 When performing the initialization operation of the Split operator, if a dimension in the input shape is 0, it will cause a division by 0 exception. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-33654
CVE-2021-40941 In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity in Ap4Array.h:172, as demonstrated by GPAC. This can cause a denial of service (DOS). 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40941
CVE-2022-26477 The Security Team noticed that the termination condition of the for loop in the readExternal method is a controllable variable, which, if tampered with, may lead to CPU exhaustion. As a fix, we added an upper bound and termination condition in the read and write logic. We classify it as a "low-priority but useful improvement". SystemDS is a distributed system and needs to serialize/deserialize data but in many code paths (e.g., on Spark broadcast/shuffle or writing to sequence files) the byte stream is anyway protected by additional CRC fingerprints. In this particular case though, the number of decoders is upper-bounded by twice the number of columns, which means an attacker would need to modify two entries in the byte stream in a consistent manner. By adding these checks robustness was strictly improved with almost zero overhead. These code changes are available in versions higher than 2.2.1. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-26477
CVE-2022-28166 In Brocade SANnav version before SANN2.2.0.2 and Brocade SANNav before 2.1.1.8, the implementation of TLS/SSL Server Supports the Use of Static Key Ciphers (ssl-static-key-ciphers) on ports 443 & 18082. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-28166
CVE-2022-28168 In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1.1.8, encoded scp-server passwords are stored using Base64 encoding, which could allow an attacker able to access log files to easily decode the passwords. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-28168
CVE-2022-28622 A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server supports weak key exchange algorithms which could lead to remote unauthorized access. HPE has made the following software update to resolve the vulnerability in HPE StoreOnce Software 4.3.2. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-28622
CVE-2022-31089 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In affected versions certain types of invalid files requests are not handled properly and can crash the server. If you are running multiple Parse Server instances in a cluster, the availability impact may be low; if you are running Parse Server as single instance without redundancy, the availability impact may be high. This issue has been addressed in versions 4.10.12 and 5.2.3. Users are advised to upgrade. There are no known workarounds for this issue. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31089
CVE-2022-31093 NextAuth.js is a complete open source authentication solution for Next.js applications. In affected versions an attacker can send a request to an app using NextAuth.js with an invalid `callbackUrl` query parameter, which internally is converted to a `URL` object. The URL instantiation would fail due to a malformed URL being passed into the constructor, causing it to throw an unhandled error which led to the **API route handler timing out and logging in to fail**. This has been remedied in versions 3.29.5 and 4.5.0. If for some reason you cannot upgrade, the workaround requires you to rely on Advanced Initialization. Please see the documentation for more. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31093
CVE-2022-31098 Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. A vulnerability in the logging of Weave GitOps could allow an authenticated remote attacker to view sensitive cluster configurations, aka KubeConfg, of registered Kubernetes clusters, including the service account tokens in plain text from Weave GitOps's pod logs on the management cluster. An unauthorized remote attacker can also view these sensitive configurations from external log storage if enabled by the management cluster. This vulnerability is due to the client factory dumping cluster configurations and their service account tokens when the cluster manager tries to connect to an API server of a registered cluster, and a connection error occurs. An attacker could exploit this vulnerability by either accessing logs of a pod of Weave GitOps, or from external log storage and obtaining all cluster configurations of registered clusters. A successful exploit could allow the attacker to use those cluster configurations to manage the registered Kubernetes clusters. This vulnerability has been fixed by commit 567356f471353fb5c676c77f5abc2a04631d50ca. Users should upgrade to Weave GitOps core version v0.8.1-rc.6 or newer. There is no known workaround for this vulnerability. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31098
CVE-2022-31103 lettersanitizer is a DOM-based HTML email sanitizer for in-browser email rendering. All versions of lettersanitizer below 1.0.2 are affected by a denial of service issue when processing a CSS at-rule `@keyframes`. This package is depended on by [react-letter](https://github.com/mat-sz/react-letter), therefore everyone using react-letter is also at risk. The problem has been patched in version 1.0.2. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31103
CVE-2017-20104 A vulnerability was found in Simplessus 3.7.7. It has been declared as critical. This vulnerability affects unknown code of the component Cookie Handler. The manipulation of the argument UWA_SID leads to sql injection (Time). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.8.3 is able to address this issue. It is recommended to upgrade the affected component. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2017-20104
CVE-2021-41460 ECShop 4.1.0 has SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-41460
CVE-2021-41687 DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for parsing data, but does not free it when error in parsing. Sending specific requests to the dcmqrdb program incur the memory leak. An attacker can use it to launch a DoS attack. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-41687
CVE-2021-41688 DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but its address is still used in other locations. Sending specific requests to the dcmqrdb program will incur a double free. An attacker can use it to launch a DoS attack. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-41688
CVE-2021-41689 DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the dcmqrdb program, it would query its database and copy the result even if the result is null, which can incur a head-based overflow. An attacker can use it to launch a DoS attack. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-41689
CVE-2021-41690 DCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all file information are recorded in a global variable LST and are not freed properly. Sending specific requests to the dcmqrdb program can incur a memory leak. An attacker can use it to launch a DoS attack. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-41690
CVE-2022-29519 Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-29519
CVE-2022-34750 An issue was discovered in MediaWiki through 1.38.1. The lemma length of a Wikibase lexeme is currently capped at a thousand characters. Unfortunately, this length is not validated, allowing much larger lexemes to be created, which introduces various denial-of-service attack vectors within the Wikibase and WikibaseLexeme extensions. This is related to Special:NewLexeme and Special:NewProperty. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34750
CVE-2022-28621 A remote disclosure of sensitive information vulnerability was discovered in HPE NonStop DSM/SCM version: T6031H03^ADP. HPE has provided a software update to resolve this vulnerability in HPE NonStop DSM/SCM. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-28621
CVE-2021-3430 Assertion reachable with repeated LL_CONNECTION_PARAM_REQ. Zephyr versions >= v1.14 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-3430
CVE-2021-3431 Assertion reachable with repeated LL_FEATURE_REQ. Zephyr versions >= v2.5.0 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7548-5m6f-mqv9 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-3431
CVE-2021-3432 Invalid interval in CONNECT_IND leads to Division by Zero. Zephyr versions >= v1.14.0 Divide By Zero (CWE-369). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7364-p4wc-8mj4 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-3432
CVE-2017-20110 A vulnerability, which was classified as problematic, has been found in Teleopti WFM up to 7.1.0. Affected by this issue is some unknown functionality of the component Administration. The manipulation as part of JSON leads to information disclosure (Credentials). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2017-20110
CVE-2022-33021 CVA6 commit 909d85a accesses invalid memory when reading the value of MHPMCOUNTER30. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33021
CVE-2022-33023 CVA6 commit 909d85a gives incorrect permission to use special multiplication units when the format of instructions is wrong. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33023
CVE-2022-22474 IBM Spectrum Protect 8.1.0.0 through 8.1.14.0 dsmcad, dsmc, and dsmcsvc processes incorrectly handle certain read operations on TCP/IP sockets. This can result in a denial of service for IBM Spectrum Protect client operations. IBM X-Force ID: 225348. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-22474
CVE-2022-33082 An issue in the AST parser (ast/compile.go) of Open Policy Agent v0.10.2 allows attackers to cause a Denial of Service (DoS) via a crafted input. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33082
CVE-2022-33087 A stack overflow in the function DM_ In fillobjbystr() of TP-Link Archer C50&A5(US)_V5_200407 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33087
CVE-2022-33099 An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33099
CVE-2022-32030 Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetQosBand. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32030
CVE-2022-32031 Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetRouteStatic. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32031
CVE-2022-32033 Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32033
CVE-2022-32034 Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the items parameter in the function formdelMasteraclist. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32034
CVE-2022-32035 Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formMasterMng. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32035
CVE-2022-32036 Tenda M3 V1.0.0.12 was discovered to contain multiple stack overflow vulnerabilities via the ssidList, storeName, and trademark parameters in the function formSetStoreWeb. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32036
CVE-2022-32037 Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAPCfg. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32037
CVE-2022-32039 Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the listN parameter in the function fromDhcpListClient. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32039
CVE-2022-32040 Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetCfm. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32040
CVE-2022-32041 Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formGetPassengerAnalyseData. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32041
CVE-2022-32043 Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAccessCodeInfo. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32043
CVE-2022-32044 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the password parameter in the function FUN_00413f80. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32044
CVE-2022-32045 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00413be4. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32045
CVE-2022-32046 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_0041880c. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32046
CVE-2022-32047 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00412ef4. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32047
CVE-2022-32048 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the command parameter in the function FUN_0041cc88. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32048
CVE-2022-32049 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the url parameter in the function FUN_00418540. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32049
CVE-2022-32050 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041af40. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32050
CVE-2022-32051 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc, week, sTime, eTime parameters in the function FUN_004133c4. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32051
CVE-2022-32052 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_004137a4. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32052
CVE-2022-32053 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041621c. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32053
CVE-2022-25758 All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service (ReDoS) via the loadAnnotation() function, due to the usage of insecure regex. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-25758
CVE-2022-32082 MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table->get_ref_count() == 0 in dict0dict.cc. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32082
CVE-2022-32083 MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Item_subselect::init_expr_cache_tracker. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32083
CVE-2022-32084 MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32084
CVE-2022-32085 MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_func_in::cleanup/Item::cleanup_processor. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32085
CVE-2022-32086 MariaDB v10.4 to v10.8 was discovered to contain a segmentation fault via the component Item_field::fix_outer_field. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32086
CVE-2022-32087 MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_args::walk_args. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32087
CVE-2022-32088 MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32088
CVE-2022-32089 MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component st_select_lex_unit::exclude_level. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32089
CVE-2022-32551 Zoho ManageEngine ServiceDesk Plus MSP before 10604 allows path traversal (to WEBINF/web.xml from sample/WEB-INF/web.xml or sample/META-INF/web.xml). 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32551
CVE-2022-32284 Use of insufficiently random values vulnerability exists in Vnet/IP communication module VI461 of YOKOGAWA Wide Area Communication Router (WAC Router) AW810D, which may allow a remote attacker to cause denial-of-service (DoS) condition by sending a specially crafted packet. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32284
CVE-2022-30290 In OpenCTI through 5.2.4, a broken access control vulnerability has been identified in the profile endpoint. An attacker can abuse the identified vulnerability in order to arbitrarily change their registered e-mail address as well as their API key, even though such action is not possible through the interface, legitimately. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30290
CVE-2022-22025 Windows Internet Information Services Cachuri Module Denial of Service Vulnerability. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-22025
CVE-2022-22037 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30202, CVE-2022-30224. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-22037
CVE-2022-22039 Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22029. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-22039
CVE-2022-30211 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30211
CVE-2022-30215 Active Directory Federation Services Elevation of Privilege Vulnerability. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30215
CVE-2022-31460 Owl Labs Meeting Owl 5.2.0.15 allows attackers to activate Tethering Mode with hard-coded hoothoot credentials via a certain c 150 value. 7.4 https://nvd.nist.gov/vuln/detail/CVE-2022-31460
CVE-2022-30203 Windows Boot Manager Security Feature Bypass Vulnerability. 7.4 https://nvd.nist.gov/vuln/detail/CVE-2022-30203
CVE-2022-30209 Windows IIS Server Elevation of Privilege Vulnerability. 7.4 https://nvd.nist.gov/vuln/detail/CVE-2022-30209
CVE-2021-1108 NVIDIA Linux kernel distributions contain a vulnerability in FuSa Capture (VI/ISP), where integer underflow due to lack of input validation may lead to complete denial of service, partial integrity, and serious confidentiality loss for all processes in the system. 7.3 https://nvd.nist.gov/vuln/detail/CVE-2021-1108
CVE-2021-44463 Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege escalation on the DeltaV Distributed Control System Controllers and Workstations (All versions) when some DeltaV services are started. 7.3 https://nvd.nist.gov/vuln/detail/CVE-2021-44463
CVE-2022-0624 Authorization Bypass Through User-Controlled Key in GitHub repository ionicabizau/parse-path prior to 5.0.0. 7.3 https://nvd.nist.gov/vuln/detail/CVE-2022-0624
CVE-2022-34043 Incorrect permissions for the folder C:\\ProgramData\\NoMachine\\var\\uninstall of Nomachine v7.9.2 allows attackers to perform a DLL hijacking attack and execute arbitrary code. 7.3 https://nvd.nist.gov/vuln/detail/CVE-2022-34043
CVE-2022-22040 Internet Information Services Dynamic Compression Module Denial of Service Vulnerability. 7.3 https://nvd.nist.gov/vuln/detail/CVE-2022-22040
CVE-2020-25217 Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allows Command Injection as root in its administrative web interface. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2020-25217
CVE-2020-20444 Jact OpenClinic 0.8.20160412 allows the attacker to read server files after login to the the admin account by an infected 'file' GET parameter in '/shared/view_source.php' which "could" lead to RCE vulnerability . 7.2 https://nvd.nist.gov/vuln/detail/CVE-2020-20444
CVE-2020-25206 The web console for Mimosa B5, B5c, and C5x firmware through 2.8.0.2 allows authenticated command injection in the Throughput, WANStats, PhyStats, and QosStats API classes. An attacker with access to a web console account may execute operating system commands on affected devices by sending crafted POST requests to the affected endpoints (/core/api/calls/Throughput.php, /core/api/calls/WANStats.php, /core/api/calls/PhyStats.php, /core/api/calls/QosStats.php). This results in the complete takeover of the vulnerable device. This vulnerability does not occur in the older 1.5.x firmware versions. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2020-25206
CVE-2020-18885 Command Injection in PHPMyWind v5.6 allows remote attackers to execute arbitrary code via the "text color" field of the component '/admin/web_config.php'. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2020-18885
CVE-2020-19822 A remote code execution (RCE) vulnerability in template_user.php of ZZCMS version 2018 allows attackers to execute arbitrary PHP code via the "ml" and "title" parameters. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2020-19822
CVE-2020-20746 A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60_EN allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via a crafted POST request to /goform/SetStaticRouteCfg. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2020-20746
CVE-2022-20828 A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco ASA that is hosting the ASA FirePOWER module. Note: To exploit this vulnerability, the attacker must have administrative access to the Cisco ASA. A user who has administrative access to a particular Cisco ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco ASA. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-20828
CVE-2022-20829 A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software. This vulnerability is due to insufficient validation of the authenticity of an ASDM image during its installation on a device that is running Cisco ASA Software. An attacker could exploit this vulnerability by installing a crafted ASDM image on the device that is running Cisco ASA Software and then waiting for a targeted user to access that device using ASDM. A successful exploit could allow the attacker to execute arbitrary code on the machine of the targeted user with the privileges of that user on that machine. Notes: To successfully exploit this vulnerability, the attacker must have administrative privileges on the device that is running Cisco ASA Software. Potential targets are limited to users who manage the same device that is running Cisco ASA Software using ASDM. Cisco has released and will release software updates that address this vulnerability. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-20829
CVE-2022-1977 The Import Export All WordPress Images, Users & Post Types WordPress plugin before 6.5.3 does not fully validate the file to be imported via an URL before making an HTTP request to it, which could allow high privilege users such as admin to perform Blind SSRF attacks 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-1977
CVE-2022-30997 Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-30997
CVE-2022-33042 Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/inquiries/view_details.php. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-33042
CVE-2022-2073 Code Injection in GitHub repository getgrav/grav prior to 1.7.34. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-2073
CVE-2022-33057 Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_reservation. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-33057
CVE-2022-33058 Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_message. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-33058
CVE-2022-33059 Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_train. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-33059
CVE-2022-33060 Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_schedule. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-33060
CVE-2022-33061 Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_service. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-33061
CVE-2021-37770 Nucleus CMS v3.71 is affected by a file upload vulnerability. In this vulnerability, we can use upload to change the upload path to the path without the Htaccess file. Upload an Htaccess file and write it to AddType application / x-httpd-php.jpg. In this way, an attacker can upload a picture with shell, treat it as PHP, execute commands, so as to take down website resources. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2021-37770
CVE-2022-33085 ESPCMS P8 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the fetch_filename function at \\espcms_public\\espcms_templates\\ESPCMS_Templates. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-33085
CVE-2022-33633 Skype for Business and Lync Remote Code Execution Vulnerability. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-33633
CVE-2022-33676 Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-33678. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-33676
CVE-2022-33677 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-33677
CVE-2022-33678 Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-33676. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-33678
CVE-2020-2675 Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Login). The supported version that is affected is 5.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality OPERA 5 accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N). 7.1 https://nvd.nist.gov/vuln/detail/CVE-2020-2675
CVE-2020-2699 Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.0.1-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized update, insert or delete access to some of Oracle FLEXCUBE Universal Banking accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N). 7.1 https://nvd.nist.gov/vuln/detail/CVE-2020-2699
CVE-2020-2713 Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Payments accessible data as well as unauthorized update, insert or delete access to some of Oracle Banking Payments accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N). 7.1 https://nvd.nist.gov/vuln/detail/CVE-2020-2713
CVE-2020-23921 An issue was discovered in fast_ber through v0.4. yy::yylex() in asn_compiler.hpp has a heap-based buffer over-read. 7.1 https://nvd.nist.gov/vuln/detail/CVE-2020-23921
CVE-2020-23922 An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read. 7.1 https://nvd.nist.gov/vuln/detail/CVE-2020-23922
CVE-2020-23928 An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read. 7.1 https://nvd.nist.gov/vuln/detail/CVE-2020-23928
CVE-2020-23931 An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read. 7.1 https://nvd.nist.gov/vuln/detail/CVE-2020-23931
CVE-2020-24119 A heap buffer overflow read was discovered in upx 4.0.0, because the check in p_lx_elf.cpp is not perfect. 7.1 https://nvd.nist.gov/vuln/detail/CVE-2020-24119
CVE-2020-23060 Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Export/Import function. This vulnerability allows attackers to escalate local process privileges via a crafted ef2 file. 7.1 https://nvd.nist.gov/vuln/detail/CVE-2020-23060
CVE-2020-12946 Insufficient input validation in ASP firmware for discrete TPM commands could allow a potential loss of integrity and denial of service. 7.1 https://nvd.nist.gov/vuln/detail/CVE-2020-12946
CVE-2022-31463 Owl Labs Meeting Owl 5.2.0.15 does not require a password for Bluetooth commands, because only client-side authentication is used. 7.1 https://nvd.nist.gov/vuln/detail/CVE-2022-31463
CVE-2022-2287 Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. 7.1 https://nvd.nist.gov/vuln/detail/CVE-2022-2287
CVE-2022-22022 Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22041, CVE-2022-30206, CVE-2022-30226. 7.1 https://nvd.nist.gov/vuln/detail/CVE-2022-22022
CVE-2022-30225 Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability. 7.1 https://nvd.nist.gov/vuln/detail/CVE-2022-30225
CVE-2022-30226 Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-22041, CVE-2022-30206. 7.1 https://nvd.nist.gov/vuln/detail/CVE-2022-30226
CVE-2022-1734 A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine. 7 https://nvd.nist.gov/vuln/detail/CVE-2022-1734
CVE-2022-22036 Performance Counters for Windows Elevation of Privilege Vulnerability. 7 https://nvd.nist.gov/vuln/detail/CVE-2022-22036
CVE-2022-30202 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22037, CVE-2022-30224. 7 https://nvd.nist.gov/vuln/detail/CVE-2022-30202
CVE-2022-30224 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22037, CVE-2022-30202. 7 https://nvd.nist.gov/vuln/detail/CVE-2022-30224
CVE-2022-33644 Xbox Live Save Service Elevation of Privilege Vulnerability. 7 https://nvd.nist.gov/vuln/detail/CVE-2022-33644
CVE-2022-1741 The tested version of Dominion Voting Systems ImageCast X has a Terminal Emulator application which could be leveraged by an attacker to gain elevated privileges on a device and/or install malicious code. 6.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1741
CVE-2022-1742 The tested version of Dominion Voting Systems ImageCast X allows for rebooting into Android Safe Mode, which allows an attacker to directly access the operating system. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code. 6.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1742
CVE-2022-1743 The tested version of Dominion Voting System ImageCast X can be manipulated to cause arbitrary code execution by specially crafted election definition files. An attacker could leverage this vulnerability to spread malicious code to ImageCast X devices from the EMS. 6.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1743
CVE-2022-1744 Applications on the tested version of Dominion Voting Systems ImageCast X can execute code with elevated privileges by exploiting a system level service. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code. 6.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1744
CVE-2022-1745 The authentication mechanism used by technicians on the tested version of Dominion Voting Systems ImageCast X is susceptible to forgery. An attacker with physical access may use this to gain administrative privileges on a device and install malicious code or perform arbitrary administrative actions. 6.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1745
CVE-2022-22041 Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-30206, CVE-2022-30226. 6.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22041
CVE-2021-1111 Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components. 6.7 https://nvd.nist.gov/vuln/detail/CVE-2021-1111
CVE-2022-26364 x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe. 6.7 https://nvd.nist.gov/vuln/detail/CVE-2022-26364
CVE-2021-42056 Thales Safenet Authentication Client (SAC) for Linux and Windows through 10.7.7 creates insecure temporary hid and lock files allowing a local attacker, through a symlink attack, to overwrite arbitrary files, and potentially achieve arbitrary command execution with high privileges. 6.7 https://nvd.nist.gov/vuln/detail/CVE-2021-42056
CVE-2022-22711 Windows BitLocker Information Disclosure Vulnerability. 6.7 https://nvd.nist.gov/vuln/detail/CVE-2022-22711
CVE-2022-22023 Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability. 6.6 https://nvd.nist.gov/vuln/detail/CVE-2022-22023
CVE-2022-30205 Windows Group Policy Elevation of Privilege Vulnerability. 6.6 https://nvd.nist.gov/vuln/detail/CVE-2022-30205
CVE-2022-30214 Windows DNS Server Remote Code Execution Vulnerability. 6.6 https://nvd.nist.gov/vuln/detail/CVE-2022-30214
CVE-2018-19021 A specially crafted script could bypass the authentication of a maintenance port of Emerson DeltaV DCS Versions 11.3.1, 11.3.2, 12.3.1, 13.3.1, 14.3, R5.1, R6 and prior, which may allow an attacker to cause a denial of service. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2018-19021
CVE-2020-2684 Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.0.1-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Universal Banking accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-2684
CVE-2020-2711 Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Payments accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-2711
CVE-2020-2716 Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Corporate Lending accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-2716
CVE-2020-2721 Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1.0-12.4.0 and 14.0.0-14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-2721
CVE-2020-23995 An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 and 6.0 allows remote authenticated attackers to get the upload data path via a workspace upload. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-23995
CVE-2020-21839 An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-21839
CVE-2020-22033 A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavfilter/vf_vmafmotion.c in convolution_y_8bit, which could let a remote malicious user cause a Denial of Service. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-22033
CVE-2021-20329 Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshalling Go objects into BSON. A malicious user could use a Go object with specific string to potentially inject additional fields into marshalled documents. This issue affects all MongoDB GO Drivers up to (and including) 1.5.0. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2021-20329
CVE-2020-20467 White Shark System (WSS) 1.3.2 is vulnerable to sensitive information disclosure via default_task_add.php, remote attackers can exploit the vulnerability to create a task. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-20467
CVE-2020-20213 Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an stack exhaustion vulnerability in the /nova/bin/net process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-20213
CVE-2020-20217 Mikrotik RouterOs before 6.47 (stable tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/route process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-20217
CVE-2020-19721 A heap buffer overflow vulnerability in Ap4TrunAtom.cpp of Bento 1.5.1-628 may lead to an out-of-bounds write while running mp42aac, leading to system crashes and a denial of service (DOS). 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-19721
CVE-2020-23707 A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_progressive() at ok_jpg.c:1054 of ok-file-formats through 2020-06-26 allows attackers to cause a Denial of Service (DOS) via a crafted jpeg file. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-23707
CVE-2020-20230 Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the sshd process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-20230
CVE-2020-20248 Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the memtest process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-20248
CVE-2020-20221 Mikrotik RouterOs before 6.44.6 (long-term tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/cerm process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-20221
CVE-2020-18898 A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service (DOS) via a crafted file. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-18898
CVE-2020-18899 An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-18899
CVE-2020-18775 In Libav 12.3, there is a heap-based buffer over-read in vc1_decode_b_mb_intfi in vc1_block.c that allows an attacker to cause denial-of-service via a crafted file. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-18775
CVE-2020-18778 In Libav 12.3, there is a heap-based buffer over-read in vc1_decode_p_mb_intfi in vc1_block.c that allows an attacker to cause denial-of-service via a crafted file. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-18778
CVE-2020-18127 An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily view files. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-18127
CVE-2020-21050 Libsixel prior to v1.8.3 contains a stack buffer overflow in the function gif_process_raster at fromgif.c. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-21050
CVE-2020-21600 libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pred_avg_16_fallback function, which can be exploited via a crafted a file. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-21600
CVE-2020-21602 libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bipred_16_fallback function, which can be exploited via a crafted a file. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-21602
CVE-2020-13676 The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module (which comes with the Standard profile) is installed. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-13676
CVE-2022-22662 A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-22662
CVE-2022-31459 Owl Labs Meeting Owl 5.2.0.15 allows attackers to retrieve the passcode hash via a certain c 10 value over Bluetooth. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31459
CVE-2022-31461 Owl Labs Meeting Owl 5.2.0.15 allows attackers to deactivate the passcode protection mechanism via a certain c 11 message. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31461
CVE-2022-29617 Due to improper error handling an authenticated user can crash CLA assistant instance. This could impact the availability of the application. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-29617
CVE-2022-0779 The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its um_show_uploaded_file AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-0779
CVE-2022-28217 Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document accepted from an untrusted source, which allows an adversary to exploit unprotected XML parking at endpoints, and a possibility to conduct SSRF attacks that could compromise system?s Availability by causing system to crash. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-28217
CVE-2022-34295 totd before 1.5.3 does not properly randomize mesg IDs. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34295
CVE-2013-1891 In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2013-1891
CVE-2022-22389 IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-22389
CVE-2022-31016 Argo CD is a declarative continuous deployment for Kubernetes. Argo CD versions v0.7.0 and later are vulnerable to an uncontrolled memory consumption bug, allowing an authorized malicious user to crash the repo-server service, resulting in a Denial of Service. The attacker must be an authenticated Argo CD user authorized to deploy Applications from a repository which contains (or can be made to contain) a large file. The fix for this vulnerability is available in versions 2.3.5, 2.2.10, 2.1.16, and later. There are no known workarounds. Users are recommended to upgrade. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31016
CVE-2022-1843 The MailPress WordPress plugin through 7.2.1 does not have CSRF checks in various places, which could allow attackers to make a logged in admin change the settings, purge log files and more via CSRF attacks 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-1843
CVE-2022-28167 Brocade SANnav before Brocade SANvav v. 2.2.0.2 and Brocade SANanv v.2.1.1.8 logs the Brocade Fabric OS switch password in plain text in asyncjobscheduler-manager.log 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-28167
CVE-2022-2221 Information Exposure vulnerability in My Account Settings of Devolutions Remote Desktop Manager before 2022.1.8 allows authenticated users to access credentials of other users. This issue affects: Devolutions Remote Desktop Manager versions prior to 2022.1.8. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2221
CVE-2022-31081 HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based applications are served on top of Nginx or Apache, not on the `HTTP::Daemon`. This library is commonly used for local development and tests. Users are advised to update to resolve this issue. Users unable to upgrade may add additional request handling logic as a mitigation. After calling `my $rqst = $conn->get_request()` one could inspect the returned `HTTP::Request` object. Querying the 'Content-Length' (`my $cl = $rqst->header('Content-Length')`) will show any abnormalities that should be dealt with by a `400` response. Expected strings of 'Content-Length' SHOULD consist of either a single non-negative integer, or, a comma separated repetition of that number. (that is `42` or `42, 42, 42`). Anything else MUST be rejected. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31081
CVE-2022-33116 An issue in the jmpath variable in /modules/mindmap/index.php of GUnet Open eClass Platform (aka openeclass) v3.12.4 and below allows attackers to read arbitrary files via a directory traversal. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33116
CVE-2022-31090 Guzzle, an extensible PHP HTTP client. `Authorization` headers on requests are sensitive information. In affected versions when using our Curl handler, it is possible to use the `CURLOPT_HTTPAUTH` option to specify an `Authorization` header. On making a request which responds with a redirect to a URI with a different origin (change in host, scheme or port), if we choose to follow it, we should remove the `CURLOPT_HTTPAUTH` option before continuing, stopping curl from appending the `Authorization` header to the new request. Affected Guzzle 7 users should upgrade to Guzzle 7.4.5 as soon as possible. Affected users using any earlier series of Guzzle should upgrade to Guzzle 6.5.8 or 7.4.5. Note that a partial fix was implemented in Guzzle 7.4.2, where a change in host would trigger removal of the curl-added Authorization header, however this earlier fix did not cover change in scheme or change in port. If you do not require or expect redirects to be followed, one should simply disable redirects all together. Alternatively, one can specify to use the Guzzle steam handler backend, rather than curl. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31090
CVE-2022-31100 rulex is a new, portable, regular expression language. When parsing untrusted rulex expressions, rulex may crash, possibly enabling a Denial of Service attack. This happens when the expression contains a multi-byte UTF-8 code point in a string literal or after a backslash, because rulex tries to slice into the code point and panics as a result. This is a security concern for you, if your service parses untrusted rulex expressions (expressions provided by an untrusted user), and your service becomes unavailable when the thread running rulex panics. The crashes are fixed in version **0.4.3**. Affected users are advised to update to this version. The only known workaround for this issue is to assume that regular expression parsing will panic and to add logic to catch panics. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31100
CVE-2022-31099 rulex is a new, portable, regular expression language. When parsing untrusted rulex expressions, the stack may overflow, possibly enabling a Denial of Service attack. This happens when parsing an expression with several hundred levels of nesting, causing the process to abort immediately. This is a security concern for you, if your service parses untrusted rulex expressions (expressions provided by an untrusted user), and your service becomes unavailable when the process running rulex aborts due to a stack overflow. The crash is fixed in version **0.4.3**. Affected users are advised to update to this version. There are no known workarounds for this issue. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31099
CVE-2021-3779 A malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. This issue was resolved in version 2.10.0 and later. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2021-3779
CVE-2022-31883 Marval MSM v14.19.0.12476 is has an Insecure Direct Object Reference (IDOR) vulnerability. A low privilege user is able to see other users API Keys including the Admins API Keys. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31883
CVE-2022-31886 Marval MSM v14.19.0.12476 is vulnerable to Cross Site Request Forgery (CSRF). An attacker can disable the 2FA by sending the user a malicious form. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31886
CVE-2021-41559 Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array() that enables a remote attack via a crafted XML document. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2021-41559
CVE-2022-31884 Marval MSM v14.19.0.12476 has an Improper Access Control vulnerability which allows a low privilege user to delete other users API Keys including high privilege and the Administrator users API Keys. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31884
CVE-2022-29269 In Nagios XI through 5.8.5, in the schedule report function, an authenticated attacker is able to inject HTML tags that lead to the reformatting/editing of emails from an official email address. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-29269
CVE-2022-29271 In Nagios XI through 5.8.5, a read-only Nagios user (due to an incorrect permission check) is able to schedule downtime for any host/services. This allows an attacker to permanently disable all monitoring checks. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-29271
CVE-2017-20109 A vulnerability classified as problematic was found in Teleopti WFM up to 7.1.0. Affected by this vulnerability is an unknown functionality of the file /TeleoptiWFM/Administration/GetOneTenant of the component Administration. The manipulation leads to information disclosure (Credentials). The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2017-20109
CVE-2022-26135 A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the sign-up feature) to perform a full read server-side request forgery via a batch endpoint. This affects Atlassian Jira Server and Data Center from version 8.0.0 before version 8.13.22, from version 8.14.0 before 8.20.10, from version 8.21.0 before 8.22.4. This also affects Jira Management Server and Data Center versions from version 4.0.0 before 4.13.22, from version 4.14.0 before 4.20.10 and from version 4.21.0 before 4.22.4. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-26135
CVE-2022-2056 Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2056
CVE-2022-2057 Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2057
CVE-2022-2058 Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2058
CVE-2022-22496 While a user account for the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 is being established, it may be configured to use SESSIONSECURITY=TRANSITIONAL. While in this mode, it may be susceptible to an offline dictionary attack. IBM X-Force ID: 226942. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-22496
CVE-2022-34779 A missing permission check in Jenkins XebiaLabs XL Release Plugin 22.0.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34779
CVE-2022-34780 A cross-site request forgery (CSRF) vulnerability in Jenkins XebiaLabs XL Release Plugin 22.0.0 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34780
CVE-2022-34781 Missing permission checks in Jenkins XebiaLabs XL Release Plugin 22.0.0 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34781
CVE-2022-34789 A cross-site request forgery (CSRF) vulnerability in Jenkins Matrix Reloaded Plugin 1.1.3 and earlier allows attackers to rebuild previous matrix builds. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34789
CVE-2022-34794 Missing permission checks in Jenkins Recipe Plugin 1.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34794
CVE-2022-34798 Jenkins Deployment Dashboard Plugin 1.0.10 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP URL using attacker-specified credentials. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34798
CVE-2022-34805 Jenkins Skype notifier Plugin 1.1.0 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34805
CVE-2022-34806 Jenkins Jigomerge Plugin 0.9 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34806
CVE-2022-34807 Jenkins Elasticsearch Query Plugin 1.2 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34807
CVE-2022-34809 Jenkins RQM Plugin 2.8 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34809
CVE-2022-34810 A missing check in Jenkins RQM Plugin 2.8 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34810
CVE-2022-34816 Jenkins HPE Network Virtualization Plugin 1.0 stores passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34816
CVE-2022-29892 Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to repeatedly display errors in certain functions and cause a denial-of-service (DoS). 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-29892
CVE-2022-1967 The WP Championship WordPress plugin before 9.3 is lacking CSRF checks in various places, allowing attackers to make a logged in admin perform unwanted actions, such as create and delete arbitrary teams as well as update the plugin's settings. Due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site Scripting issues 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-1967
CVE-2022-22042 Windows Hyper-V Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30223. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-22042
CVE-2022-30181 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30181
CVE-2022-30208 Windows Security Account Manager (SAM) Denial of Service Vulnerability. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30208
CVE-2022-33637 Microsoft Defender for Endpoint Tampering Vulnerability. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33637
CVE-2022-33641 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33641
CVE-2022-33643 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33643
CVE-2022-33655 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33655
CVE-2022-33656 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33656
CVE-2022-33657 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33657
CVE-2022-33661 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33661
CVE-2022-33662 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33662
CVE-2022-33663 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33663
CVE-2022-33665 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33665
CVE-2022-33666 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33666
CVE-2022-33667 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33667
CVE-2022-33672 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33672
CVE-2022-33673 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33673
CVE-2020-4757 IBM FileNet Content Manager and IBM Content Navigator 3.0.CD is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188600. 6.4 https://nvd.nist.gov/vuln/detail/CVE-2020-4757
CVE-2022-26362 x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, the logic for acquiring a type reference has a race condition, whereby a safely TLB flush is issued too early and creates a window where the guest can re-establish the read/write mapping before writeability is prohibited. 6.4 https://nvd.nist.gov/vuln/detail/CVE-2022-26362
CVE-2022-23719 PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service used to capture security key requests. An attacker with the ability to execute code on the target machine maybe able to exploit and spoof the local Java service using multiple attack vectors. A successful attack can lead to code executed as SYSTEM by the PingID Windows Login application, or even a denial of service for offline security key authentication. 6.4 https://nvd.nist.gov/vuln/detail/CVE-2022-23719
CVE-2020-25160 Improper access controls in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enables attackers to extract and tamper with the devices network configuration. 6.3 https://nvd.nist.gov/vuln/detail/CVE-2020-25160
CVE-2020-2598 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Activity Guide). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 6.1 https://nvd.nist.gov/vuln/detail/CVE-2020-2598
CVE-2020-2600 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 6.1 https://nvd.nist.gov/vuln/detail/CVE-2020-2600
CVE-2020-2676 Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Printing). The supported version that is affected is 5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality OPERA 5, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality OPERA 5 accessible data as well as unauthorized read access to a subset of Oracle Hospitality OPERA 5 accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 6.1 https://nvd.nist.gov/vuln/detail/CVE-2020-2676
CVE-2020-13174 The web server in the Teradici Managament console versions 20.04 and 20.01.1 did not properly set the X-Frame-Options HTTP header, which could allow an attacker to trick a user into clicking a malicious link via clickjacking. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2020-13174
CVE-2020-23376 NoneCMS v1.3 has a CSRF vulnerability in public/index.php/admin/nav/add.html, as demonstrated by adding a navigation column which can be injected with arbitrary web script or HTML via the name parameter to launch a stored XSS attack. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2020-23376
CVE-2022-23728 Attacker can reset the device with AT Command in the process of rebooting the device. The LG ID is LVE-SMP-210011. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-23728
CVE-2022-32209 There is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer. This vulnerability has been assigned the CVE identifier CVE-2022-32209. Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3## Impact A possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both `select` and `style` elements. Code is only impacted if allowed tags are being overridden. This vulnerability was responsibly reported by [windshock](https://hackerone.com/windshock?type=user). 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-32209
CVE-2021-39047 IBM Planning Analytics 2.0 and IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214349. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2021-39047
CVE-2022-29168 Wire is a secure messaging application. Wire is vulnerable to arbitrary HTML and Javascript execution via insufficient escaping when rendering `@mentions` in the wire-webapp. If a user receives and views a malicious message, arbitrary code is injected and executed in the context of the victim allowing the attacker to fully control the user account. Wire-desktop clients that are connected to a vulnerable wire-webapp version are also vulnerable to this attack. The issue has been fixed in wire-webapp 2022-05-04-production.0 and is already deployed on all Wire managed services. On-premise instances of wire-webapp need to be updated to docker tag 2022-05-04-production.0-v0.29.7-0-a6f2ded or wire-server 2022-05-04 (chart/4.11.0) or later. No known workarounds exist. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-29168
CVE-2022-29931 The administration interface of the Raytion Custom Security Manager (Raytion CSM) in Version 7.2.0 allows reflected Cross-site Scripting (XSS). 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-29931
CVE-2022-33146 Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-33146
CVE-2022-1470 The Ultimate WooCommerce CSV Importer WordPress plugin through 2.0 does not sanitise and escape the imported data before outputting it back in the page, leading to a Reflected Cross-Site Scripting 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-1470
CVE-2022-1593 The Site Offline or Coming Soon WordPress plugin through 1.6.6 does not have CSRF check in place when updating its settings, and it also lacking sanitisation as well as escaping in some of them. As a result, attackers could make a logged in admin change them and put Cross-Site Scripting payloads in them via a CSRF attack 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-1593
CVE-2022-1904 The Pricing Tables WordPress Plugin WordPress plugin before 3.2.1 does not sanitise and escape parameter before outputting it back in a page available to any user (both authenticated and unauthenticated) when a specific setting is enabled, leading to a Reflected Cross-Site Scripting 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-1904
CVE-2022-1916 The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store WordPress plugin before 1.0.5 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected cross-Site Scripting 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-1916
CVE-2022-2217 Cross-site Scripting (XSS) - Generic in GitHub repository ionicabizau/parse-url prior to 7.0.0. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-2217
CVE-2022-2218 Cross-site Scripting (XSS) - Stored in GitHub repository ionicabizau/parse-url prior to 7.0.0. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-2218
CVE-2017-20100 A vulnerability was found in Air Transfer 1.0.14/1.2.1. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2017-20100
CVE-2020-21161 Cross Site Scripting (XSS) vulnerability in Ruckus Wireless ZoneDirector 9.8.3.0. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2020-21161
CVE-2022-28172 The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to XSS attack by sending messages with malicious commands to the affected device. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-28172
CVE-2022-31065 BigBlueButton is an open source web conferencing system. In affected versions an attacker can embed malicious JS in their username and have it executed on the victim's client. When a user receives a private chat from the attacker (whose username contains malicious JavaScript), the script gets executed. Additionally when the victim receives a notification that the attacker has left the session. This issue has been patched in version 2.4.8 and 2.5.0. There are no known workarounds for this issue. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-31065
CVE-2022-31085 LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the session files include the LDAP user name and password in clear text if the PHP OpenSSL extension is not installed or encryption is disabled by configuration. This issue has been fixed in version 8.0. Users unable to upgrade should install the PHP OpenSSL extension and make sure session encryption is enabled in LAM main configuration. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-31085
CVE-2022-31094 ScratchTools is a web extension designed to make interacting with the Scratch programming language community (Scratching) easier. In affected versions anybody who uses the Recently Viewed Projects feature is vulnerable to having their account taken over if they view a project that tries to. The issue is that if a user visits a project that includes Javascript in the title, then when the Recently Viewed Projects feature displays it, it could run the Javascript. This issue has been addressed in the 2.5.2 release. Users having issues scratching should open an issue in the project issue tracker https://github.com/STForScratch/ScratchTools/ 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-31094
CVE-2022-33005 A cross-site scripting (XSS) vulnerability in the System Settings/IOT Settings module of Delta Electronics DIAEnergie v1.08.00 allows attackers to execute arbitrary web scripts via a crafted payload injected into the Name text field. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-33005
CVE-2022-34133 Benjamin BALET Jorani v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Comment parameter at application/controllers/Leaves.php. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-34133
CVE-2022-31108 Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. An attacker is able to inject arbitrary `CSS` into the generated graph allowing them to change the styling of elements outside of the generated graph, and potentially exfiltrate sensitive information by using specially crafted `CSS` selectors. The following example shows how an attacker can exfiltrate the contents of an input field by bruteforcing the `value` attribute one character at a time. Whenever there is an actual match, an `http` request will be made by the browser in order to "load" a background image that will let an attacker know what's the value of the character. This issue may lead to `Information Disclosure` via CSS selectors and functions able to generate HTTP requests. This also allows an attacker to change the document in ways which may lead a user to perform unintended actions, such as clicking on a link, etc. This issue has been resolved in version 9.1.3. Users are advised to upgrade. Users unable to upgrade should ensure that user input is adequately escaped before embedding it in CSS blocks. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-31108
CVE-2020-19897 A reflected Cross Site Scripting (XSS) in wuzhicms v4.1.0 allows remote attackers to execute arbitrary web script or HTML via the imgurl parameter. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2020-19897
CVE-2022-29272 In Nagios XI through 5.8.5, an open redirect vulnerability exists in the login function that could lead to spoofing. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-29272
CVE-2022-31897 SourceCodester Zoo Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via public_html/register_visitor?msg=. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-31897
CVE-2020-26877 ApiFest OAuth 2.0 Server 0.3.1 does not validate the redirect URI in accordance with RFC 6749 and is susceptible to an open redirector attack. Specifically, it directly sends an authorization code to the redirect URI submitted with the authorization request, without checking whether the redirect URI is registered by the client who initiated the request. This allows an attacker to craft a request with a manipulated redirect URI (redirect_uri parameter), which is under the attacker's control, and consequently obtain the leaked authorization code when the server redirects the client to the manipulated redirect URI with an authorization code. NOTE: this is similar to CVE-2019-3778. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2020-26877
CVE-2021-39074 IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2021-39074
CVE-2022-2252 Open Redirect in GitHub repository microweber/microweber prior to 1.2.19. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-2252
CVE-2017-20119 A vulnerability classified as problematic has been found in TrueConf Server 4.3.7. This affects an unknown part of the file /admin/general/change-lang. The manipulation of the argument redirect_url leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2017-20119
CVE-2013-4170 In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, the `tagName` property of an `Ember.View` was inserted into such a string without being sanitized. This means that if an application assigns a view's `tagName` to user-supplied data, a specially-crafted payload could execute arbitrary JavaScript in the context of the current domain ("XSS"). This vulnerability only affects applications that assign or bind user-provided content to `tagName`. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2013-4170
CVE-2021-37524 Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.26 allows remote unauthenticated users to inject arbitrary web script or HTML via an unsanitized "path" parameter in resources/login.php. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2021-37524
CVE-2022-34911 An issue was discovered in MediaWiki before 1.35.7, 1.36.x and 1.37.x before 1.37.3, and 1.38.x before 1.38.1. XSS can occur in configurations that allow a JavaScript payload in a username. After account creation, when it sets the page title to "Welcome" followed by the username, the username is not escaped: SpecialCreateAccount::successfulAction() calls ::showSuccessPage() with a message as second parameter, and OutputPage::setPageTitle() uses text(). 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-34911
CVE-2022-34912 An issue was discovered in MediaWiki before 1.37.3 and 1.38.x before 1.38.1. The contributions-title, used on Special:Contributions, is used as page title without escaping. Hence, in a non-default configuration where a username contains HTML entities, it won't be escaped. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-34912
CVE-2022-2290 Cross-site Scripting (XSS) - Reflected in GitHub repository zadam/trilium prior to 0.52.4, 0.53.1-beta. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-2290
CVE-2022-27627 Cross-site scripting vulnerability in Organization's Information of Cybozu Garoon 4.10.2 to 5.5.1 allows a remote attacker to execute an arbitrary script on the logged-in user's web browser. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-27627
CVE-2022-0250 The Redirection for Contact Form 7 WordPress plugin before 2.5.0 does not escape a link generated before outputting it in an attribute, leading to a Reflected Cross-Site Scripting 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-0250
CVE-2022-1946 The Gallery WordPress plugin before 2.0.0 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-1946
CVE-2022-34007 EQS Integrity Line through 2022-07-01 allows a stored XSS via a crafted whistleblower entry. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-34007
CVE-2022-22048 BitLocker Security Feature Bypass Vulnerability. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-22048
CVE-2020-2680 Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.0 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H). 6 https://nvd.nist.gov/vuln/detail/CVE-2020-2680
CVE-2021-20600 Uncontrolled resource consumption in Mitsubishi Electric MELSEC iQ-R series C Controller Module R12CCPU-V Firmware Versions "16" and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending a large number of packets in a short time while the module starting up. System reset is required for recovery. 5.9 https://nvd.nist.gov/vuln/detail/CVE-2021-20600
CVE-2020-23036 MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure session validation vulnerability in the session handling of the `password` authentication parameter of the wifi photo transfer module. This vulnerability allows attackers with network access privileges or on public wifi networks to read the authentication credentials and follow-up requests containing the user password via a man in the middle attack. 5.9 https://nvd.nist.gov/vuln/detail/CVE-2020-23036
CVE-2022-32969 MetaMask before 10.11.3 might allow an attacker to access a user's secret recovery phrase because an input field is used for a BIP39 mnemonic, and Firefox and Chromium save such fields to disk in order to support the Restore Session feature, aka the Demonic issue. 5.9 https://nvd.nist.gov/vuln/detail/CVE-2022-32969
CVE-2022-22028 Windows Network File System Information Disclosure Vulnerability. 5.9 https://nvd.nist.gov/vuln/detail/CVE-2022-22028
CVE-2020-2595 Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler). The supported version that is affected is 19.3.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle GraalVM Enterprise Edition. While the vulnerability is in Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle GraalVM Enterprise Edition accessible data. CVSS 3.0 Base Score 5.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N). 5.8 https://nvd.nist.gov/vuln/detail/CVE-2020-2595
CVE-2020-2677 Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Login). Supported versions that are affected are 5.5 and 5.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 accessible data. CVSS 3.0 Base Score 5.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N). 5.7 https://nvd.nist.gov/vuln/detail/CVE-2020-2677
CVE-2017-20101 A vulnerability, which was classified as problematic, was found in ProjectSend r754. This affects an unknown part of the file process.php?do=zip_download. The manipulation of the argument client/file leads to information disclosure. It is possible to initiate the attack remotely. 5.7 https://nvd.nist.gov/vuln/detail/CVE-2017-20101
CVE-2022-31076 KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. In affected versions a malicious message can crash CloudCore by triggering a nil-pointer dereference in the UDS Server. Since the UDS Server only communicates with the CSI Driver on the cloud side, the attack is limited to the local host network. As such, an attacker would already need to be an authenticated user of the Cloud. Additionally it will be affected only when users turn on the unixsocket switch in the config file cloudcore.yaml. This bug has been fixed in Kubeedge 1.11.0, 1.10.1, and 1.9.3. Users should update to these versions to resolve the issue. Users unable to upgrade should sisable the unixsocket switch of CloudHub in the config file cloudcore.yaml. 5.7 https://nvd.nist.gov/vuln/detail/CVE-2022-31076
CVE-2022-31077 KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. In affected versions a malicious message response from KubeEdge can crash the CSI Driver controller server by triggering a nil-pointer dereference panic. As a consequence, the CSI Driver controller will be in denial of service. This bug has been fixed in Kubeedge 1.11.0, 1.10.1, and 1.9.3. Users should update to these versions to resolve the issue. At the time of writing, no workaround exists. 5.7 https://nvd.nist.gov/vuln/detail/CVE-2022-31077
CVE-2022-31096 Discourse is an open source discussion platform. Under certain conditions, a logged in user can redeem an invite with an email that either doesn't match the invite's email or does not adhere to the email domain restriction of an invite link. The impact of this flaw is aggravated when the invite has been configured to add the user that accepts the invite into restricted groups. Once a user has been incorrectly added to a restricted group, the user may then be able to view content which that are restricted to the respective group. Users are advised to upgrade to the current stable releases. There are no known workarounds to this issue. 5.7 https://nvd.nist.gov/vuln/detail/CVE-2022-31096
CVE-2022-30223 Windows Hyper-V Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22042. 5.7 https://nvd.nist.gov/vuln/detail/CVE-2022-30223
CVE-2022-31104 Wasmtime is a standalone runtime for WebAssembly. In affected versions wasmtime's implementation of the SIMD proposal for WebAssembly on x86_64 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bugs were presented in the `i8x16.swizzle` and `select` WebAssembly instructions. The `select` instruction is only affected when the inputs are of `v128` type. The correspondingly affected Cranelift instructions were `swizzle` and `select`. The `swizzle` instruction lowering in Cranelift erroneously overwrote the mask input register which could corrupt a constant value, for example. This means that future uses of the same constant may see a different value than the constant itself. The `select` instruction lowering in Cranelift wasn't correctly implemented for vector types that are 128-bits wide. When the condition was 0 the wrong instruction was used to move the correct input to the output of the instruction meaning that only the low 32 bits were moved and the upper 96 bits of the result were left as whatever the register previously contained (instead of the input being moved from). The `select` instruction worked correctly if the condition was nonzero, however. This bug in Wasmtime's implementation of these instructions on x86_64 represents an incorrect implementation of the specified semantics of these instructions according to the WebAssembly specification. The impact of this is benign for hosts running WebAssembly but represents possible vulnerabilities within the execution of a guest program. For example a WebAssembly program could take unintended branches or materialize incorrect values internally which runs the risk of exposing the program itself to other related vulnerabilities which can occur from miscompilations. We have released Wasmtime 0.38.1 and cranelift-codegen (and other associated cranelift crates) 0.85.1 which contain the corrected implementations of these two instructions in Cranelift. If upgrading is not an option for you at this time, you can avoid the vulnerability by disabling the Wasm simd proposal. Additionally the bug is only present on x86_64 hosts. Other aarch64 hosts are not affected. Note that s390x hosts don't yet implement the simd proposal and are not affected. 5.6 https://nvd.nist.gov/vuln/detail/CVE-2022-31104
CVE-2020-24349 njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2020-24349
CVE-2020-23915 An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_escape_sequence() in peglib.h has a heap-based buffer over-read. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2020-23915
CVE-2020-18392 Stack overflow vulnerability in parse_array Cesanta MJS 1.20.1, allows remote attackers to cause a Denial of Service (DoS) via a crafted file. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2020-18392
CVE-2020-19463 An issue has been found in function vfprintf in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to a stack overflow. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2020-19463
CVE-2020-19464 An issue has been found in function XRef::fetch in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to a stack overflow . 5.5 https://nvd.nist.gov/vuln/detail/CVE-2020-19464
CVE-2020-21675 A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2020-21675
CVE-2020-21676 A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2020-21676
CVE-2020-21535 fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2020-21535
CVE-2020-23886 XnView MP v0.96.4 was discovered to contain a heap overflow which allows attackers to cause a denial of service (DoS) via a crafted pict file. Related to a User Mode Write AV starting at ntdll!RtlpLowFragHeapFree. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2020-23886
CVE-2020-12954 A side effect of an integrated chipset option may be able to be used by an attacker to bypass SPI ROM protections, allowing unauthorized SPI ROM modification. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2020-12954
CVE-2022-1475 An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729_parse() in llibavcodec/g729_parser.c when processing a specially crafted file. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-1475
CVE-2022-21151 Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-21151
CVE-2022-31621 MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_xbstream.cc, when an error occurs (stream_ctxt->dest_file == NULL) while executing the method xbstream_open, the held lock is not released correctly, which allows local users to trigger a denial of service due to the deadlock. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31621
CVE-2022-31622 MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (pthread_create returns a nonzero value) while executing the method create_worker_threads, the held lock is not released correctly, which allows local users to trigger a denial of service due to the deadlock. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31622
CVE-2022-31623 MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e., going to the err label) while executing the method create_worker_threads, the held lock thd->ctrl_mutex is not released correctly, which allows local users to trigger a denial of service due to the deadlock. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31623
CVE-2022-31624 MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method log_statement_ex, the held lock lock_bigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31624
CVE-2022-31751 The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31751
CVE-2022-31755 The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31755
CVE-2022-21123 Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-21123
CVE-2022-21125 Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-21125
CVE-2022-21127 Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-21127
CVE-2022-21166 Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-21166
CVE-2022-30184 .NET and Visual Studio Information Disclosure Vulnerability. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30184
CVE-2022-31307 Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_string_offset at src/njs_string.c. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31307
CVE-2022-32414 Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_vmcode_interpreter at src/njs_vmcode.c. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32414
CVE-2022-34494 rpmsg_virtio_add_ctrl_dev in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34494
CVE-2022-34495 rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34495
CVE-2022-2208 NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2208
CVE-2017-20102 A vulnerability was found in Album Lock 4.0 and classified as critical. Affected by this issue is some unknown functionality of the file /getImage. The manipulation of the argument filePaht leads to path traversal. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2017-20102
CVE-2021-40942 In GPAC MP4Box v1.1.0, there is a heap-buffer-overflow in the function filter_parse_dyn_args function in filter_core/filter.c:1454, as demonstrated by GPAC. This can cause a denial of service (DOS). 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40942
CVE-2021-40606 The gf_bs_write_data function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40606
CVE-2021-40607 The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40607
CVE-2021-40608 The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40608
CVE-2021-40609 The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40609
CVE-2021-40943 In Bento4 1.6.0-638, there is a null pointer reference in the function AP4_DescriptorListInspector::Action function in Ap4Descriptor.h:124 , as demonstrated by GPAC. This can cause a denial of service (DOS). 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40943
CVE-2021-40944 In GPAC MP4Box 1.1.0, there is a Null pointer reference in the function gf_filter_pid_get_packet function in src/filter_core/filter_pid.c:5394, as demonstrated by GPAC. This can cause a denial of service (DOS). 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-40944
CVE-2022-2231 NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2231
CVE-2022-1852 A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-1852
CVE-2022-2078 A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2078
CVE-2022-22478 IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225886. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-22478
CVE-2022-23717 PingID Windows Login prior to 2.8 is vulnerable to a denial of service condition on local machines when combined with using offline security keys as part of authentication. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-23717
CVE-2022-23725 PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-23725
CVE-2014-0068 It was reported that watchman in openshift node-utils creates /var/run/watchman.pid and /var/log/watchman.ouput with world writable permission. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2014-0068
CVE-2022-2279 NULL Pointer Dereference in GitHub repository bfabiszewski/libmobi prior to 0.11. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2279
CVE-2022-22367 IBM UrbanCode Deploy (UCD) 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 could disclose sensitive database information to a local user in plain text. IBM X-Force ID: 221008. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-22367
CVE-2022-25876 The package link-preview-js before 2.1.16 are vulnerable to Server-side Request Forgery (SSRF) which allows attackers to send arbitrary requests to the local network and read the response. This is due to flawed DNS rebinding protection. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-25876
CVE-2022-2301 Buffer Over-read in GitHub repository hpjansson/chafa prior to 1.10.3. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2301
CVE-2022-30213 Windows GDI+ Information Disclosure Vulnerability. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30213
CVE-2020-2683 Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.0.1-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle FLEXCUBE Universal Banking. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Universal Banking accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N). 5.4 https://nvd.nist.gov/vuln/detail/CVE-2020-2683
CVE-2020-2707 Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: WebAccess). Supported versions that are affected are 15.1.0.0-15.2.18.7, 16.1.0.0-16.2.19.0, 17.1.0.0-17.12.16.0, 18.1.0.0-18.8.16.0 and 19.12.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Primavera P6 Enterprise Project Portfolio Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Primavera P6 Enterprise Project Portfolio Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Primavera P6 Enterprise Project Portfolio Management accessible data as well as unauthorized read access to a subset of Primavera P6 Enterprise Project Portfolio Management accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N). 5.4 https://nvd.nist.gov/vuln/detail/CVE-2020-2707
CVE-2020-2710 Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Payments accessible data as well as unauthorized read access to a subset of Oracle Banking Payments accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N). 5.4 https://nvd.nist.gov/vuln/detail/CVE-2020-2710
CVE-2020-2712 Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Payments accessible data as well as unauthorized read access to a subset of Oracle Banking Payments accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N). 5.4 https://nvd.nist.gov/vuln/detail/CVE-2020-2712
CVE-2020-2715 Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Corporate Lending accessible data as well as unauthorized read access to a subset of Oracle Banking Corporate Lending accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N). 5.4 https://nvd.nist.gov/vuln/detail/CVE-2020-2715
CVE-2020-2717 Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Corporate Lending accessible data as well as unauthorized read access to a subset of Oracle Banking Corporate Lending accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N). 5.4 https://nvd.nist.gov/vuln/detail/CVE-2020-2717
CVE-2020-11899 The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2020-11899
CVE-2020-26147 An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2020-26147
CVE-2021-1561 A vulnerability in the spam quarantine feature of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), could allow an authenticated, remote attacker to gain unauthorized access and modify the spam quarantine settings of another user. This vulnerability exists because access to the spam quarantine feature is not properly restricted. An attacker could exploit this vulnerability by sending malicious requests to an affected system. A successful exploit could allow the attacker to modify another user's spam quarantine settings, possibly disabling security controls or viewing email messages stored on the spam quarantine interfaces. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2021-1561
CVE-2022-25373 Zoho ManageEngine SupportCenter Plus before 11020 allows Stored XSS in the request history. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-25373
CVE-2022-22502 IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 227124. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-22502
CVE-2022-29096 Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in saveGroupConfigurations page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-29096
CVE-2022-33910 An XSS vulnerability in MantisBT before 2.25.5 allows remote attackers to attach crafted SVG documents to issue reports or bugnotes. When a user or an admin clicks on the attachment, file_download.php opens the SVG document in a browser tab instead of downloading it as a file, causing the JavaScript code to execute. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-33910
CVE-2022-2213 A vulnerability was found in SourceCodester Library Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/edit_admin_details.php?id=admin. The manipulation of the argument Name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-2213
CVE-2022-1776 The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress plugin before 2.1.8 does not sanitize and escape some campaign parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-1776
CVE-2022-1964 The Easy SVG Support WordPress plugin before 3.3.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-1964
CVE-2022-2040 The Brizy WordPress plugin before 2.4.2 does not sanitise and escape some element URL, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-2040
CVE-2022-2041 The Brizy WordPress plugin before 2.4.2 does not sanitise and escape some element content, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-2041
CVE-2022-31035 Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v1.0.0 are vulnerable to a cross-site scripting (XSS) bug allowing a malicious user to inject a `javascript\:` link in the UI. When clicked by a victim user, the script will execute with the victim's permissions (up to and including admin). The script would be capable of doing anything which is possible in the UI or via the API, such as creating, modifying, and deleting Kubernetes resources. A patch for this vulnerability has been released in the following Argo CD versions: v2.4.1, v2.3.5, v2.2.10 and v2.1.16. There are no completely-safe workarounds besides upgrading. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-31035
CVE-2022-31057 Shopware is an open source e-commerce software made in Germany. Versions of Shopware 5 prior to version 5.7.12 are subject to an authenticated Stored XSS in Administration. Users are advised to upgrade. There are no known workarounds for this issue. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-31057
CVE-2022-31064 BigBlueButton is an open source web conferencing system. Users in meetings with private chat enabled are vulnerable to a cross site scripting attack in affected versions. The attack occurs when the attacker (with xss in the name) starts a chat. in the victim's client the JavaScript will be executed. This issue has been addressed in version 2.4.8 and 2.5.0. There are no known workarounds for this issue. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-31064
CVE-2022-23896 Admidio 4.1.2 version is affected by stored cross-site scripting (XSS). 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-23896
CVE-2022-25238 Silverstripe silverstripe/framework through 4.10.0 allows XSS, inside of script tags that can can be added to website content via XHR by an authenticated CMS user if the cwp-core module is not installed on the sanitise_server_side contig is not set to true in project code. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-25238
CVE-2022-28803 In SilverStripe Framework through 2022-04-07, Stored XSS can occur in javascript link tags added via XMLHttpRequest (XHR). 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-28803
CVE-2017-20108 A vulnerability classified as problematic has been found in Easy Table Plugin 1.6. This affects an unknown part of the file /wordpress/wp-admin/options-general.php. The manipulation leads to basic cross site scripting. It is possible to initiate the attack remotely 5.4 https://nvd.nist.gov/vuln/detail/CVE-2017-20108
CVE-2017-20113 A vulnerability, which was classified as problematic, was found in TrueConf Server 4.3.7. This affects an unknown part. The manipulation leads to basic cross site scripting (Stored). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2017-20113
CVE-2017-20114 A vulnerability has been found in TrueConf Server 4.3.7 and classified as problematic. This vulnerability affects unknown code of the file /admin/conferences/get-all-status/. The manipulation of the argument keys[] leads to basic cross site scripting (Reflected). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2017-20114
CVE-2017-20115 A vulnerability was found in TrueConf Server 4.3.7 and classified as problematic. This issue affects some unknown processing of the file /admin/conferences/list/. The manipulation of the argument sort leads to basic cross site scripting (Reflected). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2017-20115
CVE-2017-20116 A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic. Affected is an unknown function of the file /admin/group/list/. The manipulation of the argument checked_group_id leads to basic cross site scripting (Reflected). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2017-20116
CVE-2017-20117 A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/group. The manipulation leads to basic cross site scripting (DOM). The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2017-20117
CVE-2017-20118 A vulnerability was found in TrueConf Server 4.3.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/conferences/list/. The manipulation of the argument domxss leads to basic cross site scripting (DOM). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2017-20118
CVE-2017-20122 A vulnerability classified as problematic was found in Bitrix Site Manager 12.06.2015. Affected by this vulnerability is an unknown functionality of the component Contact Form. The manipulation of the argument text leads to basic cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2017-20122
CVE-2022-33043 A cross-site scripting (XSS) vulnerability in the batch add function of Urtracker Premium v4.0.1.1477 allows attackers to execute arbitrary web scripts or HTML via a crafted excel file. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-33043
CVE-2022-34777 Jenkins GitLab Plugin 1.5.34 and earlier does not escape multiple fields inserted into the description of webhook-triggered builds, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-34777
CVE-2022-34778 Jenkins TestNG Results Plugin 554.va4a552116332 and earlier renders the unescaped test descriptions and exception messages provided in test results if certain job-level options are set, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to configure jobs or control test results. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-34778
CVE-2022-34783 Jenkins Plot Plugin 2.1.10 and earlier does not escape plot descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-34783
CVE-2022-34784 Jenkins build-metrics Plugin 1.3 does not escape the build description on one of its views, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Build/Update permission. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-34784
CVE-2022-34786 Jenkins Rich Text Publisher Plugin 1.4 and earlier does not escape the HTML message set by its post-build step, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure jobs. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-34786
CVE-2022-34787 Jenkins Project Inheritance Plugin 21.04.03 and earlier does not escape the reason a build is blocked in tooltips, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to control the reason a queue item is blocked. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-34787
CVE-2022-34788 Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not escape the agent name in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Agent/Configure permission. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-34788
CVE-2022-34790 Jenkins eXtreme Feedback Panel Plugin 2.0.1 and earlier does not escape the job names used in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-34790
CVE-2022-34791 Jenkins Validating Email Parameter Plugin 1.10 and earlier does not escape the name and description of its parameter type, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-34791
CVE-2022-34795 Jenkins Deployment Dashboard Plugin 1.0.10 and earlier does not escape environment names on its Deployment Dashboard view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with View/Configure permission. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-34795
CVE-2022-2280 Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.19. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-2280
CVE-2014-3650 Multiple persistent cross-site scripting (XSS) flaws were found in the way Aerogear handled certain user-supplied content. A remote attacker could use these flaws to compromise the application with specially crafted input. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2014-3650
CVE-2022-22373 An improper validation vulnerability in IBM InfoSphere Information Server 11.7 Pack for SAP Apps and BW Packs may lead to creation of directories and files on the server file system that may contain non-sensitive debugging information like stack traces. IBM X-Force ID: 221323. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-22373
CVE-2022-26368 Browse restriction bypass and operation restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter and/or obtain the data of Cabinet. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-26368
CVE-2022-2300 Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.19. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-2300
CVE-2022-30289 A stored Cross-site Scripting (XSS) vulnerability was identified in the Data Import functionality of OpenCTI through 5.2.4. An attacker can abuse the vulnerability to upload a malicious file that will then be executed by a victim when they open the file location. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-30289
CVE-2020-2666 Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Supported versions that are affected are 12.2.5-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Applications Framework. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Framework accessible data. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). 5.3 https://nvd.nist.gov/vuln/detail/CVE-2020-2666
CVE-2020-2695 Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Approval Framework). Supported versions that are affected are 9.1 and 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise CC Common Application Objects. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise CC Common Application Objects accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). 5.3 https://nvd.nist.gov/vuln/detail/CVE-2020-2695
CVE-2020-19275 An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid characters after the normal interface, which causes an error that will leak the physical path. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2020-19275
CVE-2020-20470 White Shark System (WSS) 1.3.2 has web site physical path leakage vulnerability. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2020-20470
CVE-2020-12730 MagicMotion Flamingo 2 lacks BLE encryption, enabling data sniffing and packet forgery. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2020-12730
CVE-2021-1591 A vulnerability in the EtherChannel port subscription logic of Cisco Nexus 9500 Series Switches could allow an unauthenticated, remote attacker to bypass access control list (ACL) rules that are configured on an affected device. This vulnerability is due to oversubscription of resources that occurs when applying ACLs to port channel interfaces. An attacker could exploit this vulnerability by attempting to access network resources that are protected by the ACL. A successful exploit could allow the attacker to access network resources that would be protected by the ACL that was applied on the port channel interface. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2021-1591
CVE-2020-19003 An issue in Gate One 1.2.0 allows attackers to bypass to the verification check done by the origins list and connect to Gate One instances used by hosts not on the origins list. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2020-19003
CVE-2022-1328 Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-1328
CVE-2022-22976 Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. When using the BCrypt class with the maximum work factor (31), the encoder does not perform any salt rounds, due to an integer overflow error. The default settings are not affected by this CVE. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-22976
CVE-2022-28614 The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the 'ap_rputs' function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-28614
CVE-2022-29526 Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-29526
CVE-2022-34298 The NT auth module in OpenAM before 14.6.6 allows a "replace Samba username attack." 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-34298
CVE-2022-29578 Meridian Cooperative Utility Software versions 22.02 and 22.03 allows remote attackers to obtain sensitive information such as name, address, and daily energy usage. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-29578
CVE-2020-9754 NAVER Whale browser mobile app before 1.10.6.2 allows the attacker to bypass its browser unlock function via incognito mode. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2020-9754
CVE-2022-31039 Greenlight is a simple front-end interface for your BigBlueButton server. In affected versions an attacker can view any room's settings even though they are not authorized to do so. Only the room owner and administrator should be able to view a room's settings. This issue has been patched in release version 2.12.6. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-31039
CVE-2022-31088 LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LDAP search configuration. This issue has been fixed in version 8.0. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-31088
CVE-2022-0085 Server-Side Request Forgery (SSRF) in GitHub repository dompdf/dompdf prior to 2.0.0. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-0085
CVE-2022-31068 GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all GLPI instances with the native inventory used may leak sensitive information. The feature to get refused file is not authenticated. This issue has been addressed in version 10.0.2 and all affected users are advised to upgrade. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-31068
CVE-2022-22494 IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14 could allow a remote attacker to gain details of the database, such as type and version, by sending a specially-crafted HTTP request. This information could then be used in future attacks. IBM X-Force ID: 226940. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-22494
CVE-2022-34894 In JetBrains Hub before 2022.2.14799, insufficient access control allowed the hijacking of untrusted services 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-34894
CVE-2022-28713 Improper authentication vulnerability in Scheduler of Cybozu Garoon 4.10.0 to 5.5.1 allows a remote attacker to obtain some data of Facility Information without logging in to the product. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-28713
CVE-2022-30791 In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-30791
CVE-2022-30792 In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-30792
CVE-2021-30651 A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory servers that they might not otherwise be authorized to access. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2021-30651
CVE-2022-29097 Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-29097
CVE-2022-2088 An authenticated user with admin privileges may be able to terminate any process on the system running Elcomplus SmartICS v2.3.4.0. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-2088
CVE-2022-31229 Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administrator could potentially exploit this vulnerability, leading to disclosure of sensitive information. This sensitive information can be used to access sensitive resources. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-31229
CVE-2021-37791 MyAdmin v1.0 is affected by an incorrect access control vulnerability in viewing personal center in /api/user/userData?userCode=admin. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2021-37791
CVE-2022-33642 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-33642
CVE-2022-33650 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-33650
CVE-2022-33651 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-33651
CVE-2022-33653 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-33653
CVE-2022-33654 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-33654
CVE-2022-33659 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-33659
CVE-2022-33660 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-33660
CVE-2022-33664 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-33664
CVE-2022-33668 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-33668
CVE-2022-33669 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-33669
CVE-2022-33671 Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-33671