Security Bulletin 24 Aug 2022

Published on 24 Aug 2022

Updated on 24 Aug 2022

SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.

The vulnerabilities are tabled based on severity, in accordance to their CVSSv3 base scores:


Critical vulnerabilities with a base score of 9.0 to 10.0
High vulnerabilities with a base score of 7.0 to 8.9
Medium vulnerabilities with a base score of 4.0 to 6.9
Low vulnerabilities with a base score of 0.1 to 3.9
None vulnerabilities with a base score of 0.0

For those vulnerabilities without assigned CVSS scores, please visit NVD for the updated CVSS vulnerability entries.

CRITICAL VULNERABILITIES
CVE Number Description Base Score Reference
CVE-2021-44228 Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. 10 https://nvd.nist.gov/vuln/detail/CVE-2021-44228
CVE-2022-35978 Minetest is a free open-source voxel game engine with easy modding and game creation. In **single player**, a mod can set a global setting that controls the Lua script loaded to display the main menu. The script is then loaded as soon as the game session is exited. The Lua environment the menu runs in is not sandboxed and can directly interfere with the user's system. There are currently no known workarounds. 10 https://nvd.nist.gov/vuln/detail/CVE-2022-35978
CVE-2016-1908 The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2016-1908
CVE-2022-21907 HTTP Protocol Stack Remote Code Execution Vulnerability. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-21907
CVE-2022-23218 The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-23218
CVE-2022-23219 The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-23219
CVE-2022-0318 Heap-based Buffer Overflow in vim/vim prior to 8.2. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0318
CVE-2022-1927 Buffer Over-read in GitHub repository vim/vim prior to 8.2. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1927
CVE-2022-31813 Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31813
CVE-2022-2042 Use After Free in GitHub repository vim/vim prior to 8.2. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2042
CVE-2022-2207 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2207
CVE-2022-2210 Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2210
CVE-2022-32081 MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32081
CVE-2022-32091 MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32091
CVE-2022-34265 An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34265
CVE-2022-34169 The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. No future releases of Apache Xalan Java to address this issue are expected. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34169
CVE-2022-2143 The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2143
CVE-2022-37434 zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-37434
CVE-2022-28750 Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fails to properly parse STUN error codes, which can result in memory corruption and could allow a malicious actor to crash the application. In versions older than 4.8.12.20211115, this vulnerability could also be leveraged to execute arbitrary code. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-28750
CVE-2022-38221 A buffer overflow in the FTcpListener thread in The Isle Evrima (the dedicated server on Windows and Linux) 0.9.88.07 before 2022-08-12 allows a remote attacker to crash any server with an accessible RCON port, or possibly execute arbitrary code. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-38221
CVE-2022-34294 totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34294
CVE-2022-36523 D-Link Go-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to command injection via /htdocs/upnpinc/gena.php. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36523
CVE-2022-36525 D-Link Go-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Buffer Overflow via authenticationcgi_main. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36525
CVE-2022-36344 An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License' bundled with multiple products for corporate users as in Ichitaro through Pro5 and others. Since the affected product starts another program with an unquoted file path, a malicious file may be executed with the privilege of the Windows service if it is placed in a certain path. Affected products are bundled with the following product series: Office and Office Integrated Software, ATOK, Hanako, JUST PDF, Shuriken, Homepage Builder, JUST School, JUST Smile Class, JUST Smile, JUST Frontier, JUST Jump, and Tri-De DetaProtect. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36344
CVE-2022-30264 The Emerson ROC and FloBoss RTU product lines through 2022-05-02 perform insecure filesystem operations. They utilize the ROC protocol (4000/TCP, 5000/TCP) for communications between a master terminal and RTUs. Opcode 203 of this protocol allows a master terminal to transfer files to and from the flash filesystem and carrying out arbitrary file and directory read, write, and delete operations. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-30264
CVE-2022-36272 Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36272
CVE-2022-36273 Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36273
CVE-2022-36599 Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/model/delete URI via models Lists. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36599
CVE-2022-36242 Clinic's Patient Management System v1.0 is vulnerable to SQL Injection via /pms/update_medicine.php?id=. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36242
CVE-2021-39085 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 215888. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2021-39085
CVE-2022-2847 A vulnerability, which was classified as critical, has been found in SourceCodester Guest Management System. This issue affects some unknown processing of the file /guestmanagement/front.php. The manipulation of the argument rid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206489 was assigned to this vulnerability. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2847
CVE-2022-2662 Sequi PortBloque S has a improper authentication issues which may allow an attacker to bypass the authentication process and gain user-level access to the device. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2662
CVE-2022-34256 Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to access other user's data. Exploitation of this issue does not require user interaction. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34256
CVE-2022-37437 When using Ingest Actions to configure a destination that resides on Amazon Simple Storage Service (S3) in Splunk Web, TLS certificate validation is not correctly performed and tested for the destination. The vulnerability only affects connections between Splunk Enterprise and an Ingest Actions Destination through Splunk Web and only applies to environments that have configured TLS certificate validation. It does not apply to Destinations configured directly in the outputs.conf configuration file. The vulnerability affects Splunk Enterprise version 9.0.0 and does not affect versions below 9.0.0, including the 8.1.x and 8.2.x versions. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-37437
CVE-2022-1400 Use of Hard-coded Cryptographic Key vulnerability in the WebReportsApi.dll of Exago Web Reports, as used in the Device42 Asset Management Appliance, allows an attacker to leak session IDs and elevate privileges. This issue affects: Device42 CMDB versions prior to 18.01.00. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1400
CVE-2022-36190 GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36190
CVE-2022-22455 IBM Security Verify Governance Identity Manager 10.0 virtual appliance component performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 224989. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22455
CVE-2022-2870 A vulnerability was found in laravel 5.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206501 was assigned to this vulnerability. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2870
CVE-2022-35121 Novel-Plus v3.6.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /service/impl/BookServiceImpl.java. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35121
CVE-2022-35516 DedeCMS v5.7.93 - v5.7.96 was discovered to contain a remote code execution vulnerability in login.php. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35516
CVE-2022-23747 In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-23747
CVE-2022-23764 The vulnerability causing from insufficient verification procedures for downloaded files during WebCube update. Remote attackers can bypass this verification logic to update both digitally signed and unauthorized files, enabling remote code execution. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-23764
CVE-2022-2336 Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as `admin` and password as `admin`. This allows Softing to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the `admin` password. There is no warning or prompt to ask the user to change the default password, and to change the password, many steps are required. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2336
CVE-2022-35147 DoraCMS v2.18 and earlier allows attackers to bypass login authentication via a crafted HTTP request. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35147
CVE-2022-35598 A SQL injection vulnerability in ConnectionFactoryDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter username. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35598
CVE-2022-35599 A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter productcode. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35599
CVE-2022-35601 A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35601
CVE-2022-35602 A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter user. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35602
CVE-2022-35603 A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35603
CVE-2022-35604 A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter 'searchTxt'. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35604
CVE-2022-35605 A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as 'users', 'pass', etc. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35605
CVE-2022-35606 A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameter 'customerCode.' 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35606
CVE-2022-35153 FusionPBX 5.0.1 was discovered to contain a command injection vulnerability via /fax/fax_send.php. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35153
CVE-2022-35154 Shopro Mall System v1.3.8 was discovered to contain a SQL injection vulnerability via the value parameter. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35154
CVE-2022-35164 LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35164
CVE-2022-2876 A vulnerability, which was classified as critical, was found in SourceCodester Student Management System. Affected is an unknown function of the file index.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-206634 is the identifier assigned to this vulnerability. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2876
CVE-2022-35175 Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /blotter/blotter.php. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35175
CVE-2022-35975 The GitOps Tools Extension for VSCode can make it easier to manage Flux objects. A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users using the VSCode extension to manage clusters that are shared amongst other users are affected by this issue. The only safe mitigation is to update to the latest version of the extension. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35975
CVE-2022-37061 All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the root privileges. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-37061
CVE-2022-35976 The GitOps Tools Extension for VSCode relies on kubeconfigs in order to communicate with Kubernetes clusters. A specially crafted kubeconfig leads to arbitrary code execution on behalf of the user running VSCode. Users relying on kubeconfigs that are generated or altered by other processes or users are affected by this issue. Please note that the vulnerability is specific to this extension, and the same kubeconfig would not result in arbitrary code execution when used with kubectl. Using only trust-worthy kubeconfigs is a safe mitigation. However, updating to the latest version of the extension is still highly recommended. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35976
CVE-2022-22730 Improper authentication in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22730
CVE-2022-25899 Authentication bypass for the Open AMT Cloud Toolkit software maintained by Intel(R) before versions 2.0.2 and 2.2.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-25899
CVE-2022-36722 Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the title parameter at /librarian/history.php. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36722
CVE-2022-36725 Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the M_Id parameter at /student/dele.php. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36725
CVE-2022-36727 Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at /staff/delete.php. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36727
CVE-2022-36728 Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the RollNo parameter at /staff/delstu.php. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36728
CVE-2022-36729 Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the M_Id parameter at /librarian/del.php. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36729
CVE-2022-30601 Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable information disclosure and escalation of privilege via network access. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-30601
CVE-2022-36947 Unsafe Parsing of a PNG tRNS chunk in FastStone Image Viewer through 7.5 results in a stack buffer overflow. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36947
CVE-2020-36599 lib/omniauth/failure_endpoint.rb in OmniAuth before 1.9.2 (and before 2.0) does not escape the message_key value. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2020-36599
CVE-2022-35540 Hardcoded JWT Secret in AgileConfig <1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35540
CVE-2022-36220 Kiosk breakout (without quit password) in Safe Exam Browser (Windows) <3.4.0, which allows an attacker to achieve code execution via the browsers' print dialog. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36220
CVE-2022-34615 Mealie 1.0.0beta3 employs weak password requirements which allows attackers to potentially gain unauthorized access to the application via brute-force attacks. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34615
CVE-2022-35201 Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35201
CVE-2022-36605 Yimioa v6.1 was discovered to contain a SQL injection vulnerability via the orderbyGET parameter. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36605
CVE-2022-36606 Ywoa before v6.1 was discovered to contain a SQL injection vulnerability via /oa/setup/checkPool?database. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36606
CVE-2022-36578 jizhicms v2.3.1 has SQL injection in the background. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36578
CVE-2022-23459 Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx use of the Value class may lead to memory corruption via a double free or via a use after free. The value class has a default assignment operator which may be used with pointer types which may point to alterable data where the pointer itself is not updated. This issue exists on the current commit of the jsonxx project. The project itself has been archived and updates are not expected. Users are advised to find a replacement. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-23459
CVE-2022-37175 Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-37175
CVE-2022-36030 Project-nexus is a general-purpose blog website framework. Affected versions are subject to SQL injection due to a lack of sensitization of user input. This issue has not yet been patched. Users are advised to restrict user input and to upgrade when a new release becomes available. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36030
CVE-2022-34916 Apache Flume versions 1.4.0 through 1.10.0 are vulnerable to a remote code execution (RCE) attack when a configuration uses a JMS Source with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI to allow only the use of the java protocol or no protocol. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34916
CVE-2022-36198 Multiple SQL injections detected in Bus Pass Management System 1.0 via buspassms/admin/view-enquiry.php, buspassms/admin/pass-bwdates-reports-details.php, buspassms/admin/changeimage.php, buspassms/admin/search-pass.php, buspassms/admin/edit-category-detail.php, and buspassms/admin/edit-pass-detail.php 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36198
CVE-2022-2927 Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2927
CVE-2022-34149 Authentication Bypass vulnerability in miniOrange WP OAuth Server plugin <= 3.0.4 at WordPress. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34149
CVE-2022-34858 Authentication Bypass vulnerability in miniOrange OAuth 2.0 client for SSO plugin <= 1.11.3 at WordPress. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34858
CVE-2022-35150 Baijicms v4 was discovered to contain an arbitrary file upload vulnerability. 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35150
CVE-2022-33649 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. 9.6 https://nvd.nist.gov/vuln/detail/CVE-2022-33649
CVE-2022-38193 There is a code injection vulnerability in Esri Portal for ArcGIS versions 10.8.1 and below that may allow a remote, unauthenticated attacker to pass strings which could potentially cause arbitrary code execution in a victims browser. 9.6 https://nvd.nist.gov/vuln/detail/CVE-2022-38193
CVE-2022-26842 A reflected cross-site scripting (xss) vulnerability exists in the charts tab selection functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability. 9.6 https://nvd.nist.gov/vuln/detail/CVE-2022-26842
CVE-2021-32642 radsecproxy is a generic RADIUS proxy that supports both UDP and TLS (RadSec) RADIUS transports. Missing input validation in radsecproxy's `naptr-eduroam.sh` and `radsec-dynsrv.sh` scripts can lead to configuration injection via crafted radsec peer discovery DNS records. Users are subject to Information disclosure, Denial of Service, Redirection of Radius connection to a non-authenticated server leading to non-authenticated network access. Updated example scripts are available in the master branch and 1.9 release. Note that the scripts are not part of the installation package and are not updated automatically. If you are using the examples, you have to update them manually. The dyndisc scripts work independently of the radsecproxy code. The updated scripts can be used with any version of radsecproxy. 9.4 https://nvd.nist.gov/vuln/detail/CVE-2021-32642
CVE-2017-14611 SSRF (Server Side Request Forgery) in Cockpit 0.13.0 allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts via the url parameter, related to use of the discontinued aheinze/fetch_url_contents component. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2017-14611
CVE-2022-1996 Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2022-1996
CVE-2022-36308 Airspan AirVelocity 1500 web management UI displays SNMP credentials in plaintext on software versions older than 15.18.00.2511, and stores SNMPv3 credentials unhashed on the filesystem, enabling anyone with web access to use these credentials to manipulate the eNodeB over SNMP. This issue may affect other AirVelocity and AirSpeed models. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2022-36308
CVE-2022-1399 An Argument Injection or Modification vulnerability in the "Change Secret" username field as used in the Discovery component of Device42 CMDB allows a local attacker to run arbitrary code on the appliance with root privileges. This issue affects: Device42 CMDB version 18.01.00 and prior versions. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2022-1399
CVE-2022-35122 An access control issue in Ecowitt GW1100 Series Weather Stations <=GW1100B_v2.1.5 allows unauthenticated attackers to access sensitive information including device and local WiFi passwords. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2022-35122
CVE-2022-22489 IBM MQ 8.0, (9.0, 9.1, 9.2 LTS), and (9.1 and 9.2 CD) are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226339. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2022-22489
CVE-2020-27794 A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing a crash. 9.1 https://nvd.nist.gov/vuln/detail/CVE-2020-27794

OTHER VULNERABILITIES
CVE Number Description Base Score Reference
CVE-2021-42321 Microsoft Exchange Server Remote Code Execution Vulnerability 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-42321
CVE-2022-0729 Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0729
CVE-2022-23277 Microsoft Exchange Server Remote Code Execution Vulnerability. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-23277
CVE-2021-21944 Two heap-based buffer overflow vulnerabilities exist in the TIFF parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer oveflow takes place trying to copy the first 12 bits from local variable. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-21944
CVE-2021-21945 Two heap-based buffer overflow vulnerabilities exist in the TIFF parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer oveflow takes place trying to copy the second 12 bits from local variable. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-21945
CVE-2021-21946 Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer overflow takes place when the `SOF3` precision is lower than 9. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-21946
CVE-2021-21947 Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer overflow takes place when the `SOF3` precision is greater or equal than 9. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-21947
CVE-2022-30670 RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization vulnerability which could lead to privilege escalation. An authenticated attacker could leverage this vulnerability to achieve full administrator privileges. Exploitation of this issue does not require user interaction. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-30670
CVE-2022-2162 Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53 allowed a remote attacker to bypass file system access via a crafted HTML page. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2162
CVE-2022-2163 Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2163
CVE-2022-2294 Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2294
CVE-2022-2295 Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2295
CVE-2022-2296 Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2296
CVE-2022-2477 Use after free in Guest View in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2477
CVE-2022-2480 Use after free in Service Worker API in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2480
CVE-2022-2481 Use after free in Views in Google Chrome prior to 103.0.5060.134 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via UI interaction. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2481
CVE-2022-2603 Use after free in Omnibox in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2603
CVE-2022-2604 Use after free in Safe Browsing in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2604
CVE-2022-2606 Use after free in Managed devices API in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enable a specific Enterprise policy to potentially exploit heap corruption via a crafted HTML page. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2606
CVE-2022-2608 Use after free in Overview Mode in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2608
CVE-2022-2609 Use after free in Nearby Share in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2609
CVE-2022-2613 Use after free in Input in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific UI interactions. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2613
CVE-2022-2614 Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2614
CVE-2022-2617 Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2617
CVE-2022-2620 Use after free in WebUI in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2620
CVE-2022-2621 Use after free in Extensions in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2621
CVE-2022-2623 Use after free in Offline in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2623
CVE-2022-2624 Heap buffer overflow in PDF in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2624
CVE-2022-35624 In Nordic nRF5 SDK for Mesh 5.0, a heap overflow vulnerability can be triggered by sending a series of segmented packets with SegO > SegN 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35624
CVE-2022-38359 Cross-site request forgery attacks can be carried out against the Eyes of Network web application, due to an absence of adequate protections. An attacker can, for instance, delete the admin user by directing an authenticated user to the URL https://<target-address>/module/admin_user/index.php?DataTables_Table_0_length=10&user_selected%5B%5D=1&user_mgt_list=delete_user&action=submit by means of a crafted link. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-38359
CVE-2022-36309 Airspan AirVelocity 1500 software versions prior to 15.18.00.2511 have a root command injection vulnerability in the ActiveBank parameter of the recoverySubmit.cgi script running on the eNodeB's web management UI. This issue may affect other AirVelocity and AirSpeed models. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36309
CVE-2022-36310 Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had NET-SNMP-EXTEND-MIB enabled on its snmpd service, enabling an attacker with SNMP write abilities to execute commands as root on the eNodeB. This issue may affect other AirVelocity and AirSpeed models. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36310
CVE-2022-36312 Airspan AirVelocity 1500 software version 15.18.00.2511 lacks CSRF protections in the eNodeB's web management UI. This issue may affect other AirVelocity and AirSpeed models. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36312
CVE-2022-35239 The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated attacker uploads a specially crafted PHP file. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35239
CVE-2022-38362 Apache Airflow Docker's Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-38362
CVE-2022-2846 A vulnerability classified as problematic was found in Calendar Event Multi View Plugin. This vulnerability affects unknown code of the file /wp/?cpmvc_id=1&cpmvc_do_action=mvparse&f=datafeed&calid=1&month_index=1&method=adddetails&id=2. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The identifier of this vulnerability is VDB-206488. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2846
CVE-2020-14321 In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-14321
CVE-2022-2661 Sequi PortBloque S has an improper authorization vulnerability, which may allow a low-privileged user to perform administrative functions using specifically crafted requests. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2661
CVE-2022-34254 Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could be abused by an attacker to inject malicious scripts into the vulnerable endpoint. A low privileged attacker could leverage this vulnerability to read local files and to perform Stored XSS. Exploitation of this issue does not require user interaction. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34254
CVE-2022-34255 Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in Privilege escalation. An attacker with a low privilege account could leverage this vulnerability to perform an account takeover for a victim. Exploitation of this issue does not require user interaction. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34255
CVE-2022-35011 PNGDec commit 8abf6be was discovered to contain a global buffer overflow via inflate_fast at /src/inffast.c. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35011
CVE-2022-1410 OS Command Injection vulnerability in the db_optimize component of Device42 Asset Management Appliance allows an authenticated attacker to execute remote code on the device. This issue affects: Device42 CMDB version 18.01.00 and prior versions. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1410
CVE-2022-23765 This vulnerability occured by sending a malicious POST request to a specific page while logged in random user from some family of IPTIME NAS. Remote attackers can steal root privileges by changing the password of the root through a POST request. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-23765
CVE-2022-2867 libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2867
CVE-2022-2869 libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further exploitation. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2869
CVE-2022-21139 Inadequate encryption strength for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-21139
CVE-2022-23182 Improper access control in the Intel(R) Data Center Manager software before version 4.1 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-23182
CVE-2022-35167 Printix Cloud Print Management v1.3.1149.0 for Windows was discovered to contain insecure permissions. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35167
CVE-2022-2886 A vulnerability, which was classified as critical, was found in Laravel 5.1. Affected is an unknown function. The manipulation leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-206688. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2886
CVE-2022-35909 In Jellyfin before 10.8, the /users endpoint has incorrect access control for admin functionality. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35909
CVE-2022-36224 XunRuiCMS V4.5.6 is vulnerable to Cross Site Request Forgery (CSRF). 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36224
CVE-2022-36225 EyouCMS V1.5.8-UTF8-SP1 is vulnerable to Cross Site Request Forgery (CSRF) via the background, column management function and add. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36225
CVE-2022-36577 An issue was discovered in jizhicms v2.3.1. There is a CSRF vulnerability that can add a admin. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36577
CVE-2022-36579 Wellcms 2.2.0 is vulnerable to Cross Site Request Forgery (CSRF). 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36579
CVE-2022-36170 MapGIS 10.5 Pro IGServer has hardcoded credentials in the front-end and can lead to escalation of privileges and arbitrary file deletion. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36170
CVE-2022-36157 XXL-JOB all versions as of 11 July 2022 are vulnerable to Insecure Permissions resulting in the ability to execute admin function with low Privilege account. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36157
CVE-2022-2909 A vulnerability was found in SourceCodester Simple and Nice Shopping Cart Script. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /mkshop/Men/profile.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206845 was assigned to this vulnerability. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2909
CVE-2022-2921 Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notrinoserp prior to v0.7. This results in privilege escalation to a system administrator account. An attacker can gain access to protected functionality such as create/update companies, install/update languages, install/activate extensions, install/activate themes and other permissive actions. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2921
CVE-2022-2557 The Team WordPress plugin before 4.1.2 contains a file which could allow any authenticated users to download arbitrary files from the server via a path traversal vector. Furthermore, the file will also be deleted after its content is returned to the user 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2557
CVE-2022-2594 The Advanced Custom Fields WordPress plugin before 5.12.3, Advanced Custom Fields Pro WordPress plugin before 5.12.3 allows unauthenticated users to upload files allowed in a default WP configuration (so PHP is not possible) if there is a frontend form available. This vulnerability was introduced in the 5.0 rewrite and did not exist prior to that release. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2594
CVE-2022-34347 Cross-Site Request Forgery (CSRF) vulnerability in W3 Eden Download Manager plugin <= 3.2.48 at WordPress. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34347
CVE-2022-36346 Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Max Foundry MaxButtons plugin <= 9.2 at WordPress. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36346
CVE-2022-2390 Apps developed with Google Play Services SDK incorrectly had the mutability flag set to PendingIntents that were passed to the Notification service. As Google Play services SDK is so widely used, this bug affects many applications. For an application affected, this bug will let the attacker, gain the access to all non-exported providers and/or gain the access to other providers the victim has permissions. We recommend upgrading to version 18.0.2 of the Play Service SDK as well as rebuilding and redeploying apps. 8.4 https://nvd.nist.gov/vuln/detail/CVE-2022-2390
CVE-2022-22021 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. 8.3 https://nvd.nist.gov/vuln/detail/CVE-2022-22021
CVE-2022-33636 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. 8.3 https://nvd.nist.gov/vuln/detail/CVE-2022-33636
CVE-2022-1665 A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it shouldn't. These kernel builds don't have the secure boot lockdown patches applied to it and can bypass the secure boot validations, allowing the attacker to load another non-trusted code. 8.2 https://nvd.nist.gov/vuln/detail/CVE-2022-1665
CVE-2022-32245 SAP BusinessObjects Business Intelligence Platform (Open Document) - versions 420, 430, allows an unauthenticated attacker to retrieve sensitive information plain text over the network. On successful exploitation, the attacker can view any data available for a business user and put load on the application by an automated attack. Thus, completely compromising confidentiality but causing a limited impact on the availability of the application. 8.2 https://nvd.nist.gov/vuln/detail/CVE-2022-32245
CVE-2021-1585 A vulnerability in the Cisco Adaptive Security Device Manager (ASDM) Launcher could allow an unauthenticated, remote attacker to execute arbitrary code on a user's operating system. This vulnerability is due to a lack of proper signature verification for specific code exchanged between the ASDM and the Launcher. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position on the network to intercept the traffic between the Launcher and the ASDM and then inject arbitrary code. A successful exploit could allow the attacker to execute arbitrary code on the user's operating system with the level of privileges assigned to the ASDM Launcher. A successful exploit may require the attacker to perform a social engineering attack to persuade the user to initiate communication from the Launcher to the ASDM. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2021-1585
CVE-2022-31625 In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2022-31625
CVE-2022-1965 Multiple products of CODESYS implement a improper error handling. A low privilege remote attacker may craft a request, which is not properly processed by the error handling. In consequence, the file referenced by the request could be deleted. User interaction is not required. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2022-1965
CVE-2022-32212 A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.16.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2022-32212
CVE-2022-31163 TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, as well as those prior to 1.2.10 when used with the Ruby data source tzinfo-data, are vulnerable to relative path traversal. With the Ruby data source, time zones are defined in Ruby files. There is one file per time zone. Time zone files are loaded with `require` on demand. In the affected versions, `TZInfo::Timezone.get` fails to validate time zone identifiers correctly, allowing a new line character within the identifier. With Ruby version 1.9.3 and later, `TZInfo::Timezone.get` can be made to load unintended files with `require`, executing them within the Ruby process. Versions 0.3.61 and 1.2.10 include fixes to correctly validate time zone identifiers. Versions 2.0.0 and later are not vulnerable. Version 0.3.61 can still load arbitrary files from the Ruby load path if their name follows the rules for a valid time zone identifier and the file has a prefix of `tzinfo/definition` within a directory in the load path. Applications should ensure that untrusted files are not placed in a directory on the load path. As a workaround, the time zone identifier can be validated before passing to `TZInfo::Timezone.get` by ensuring it matches the regular expression `\\A[A-Za-z0-9+\\-_]+(?:\\/[A-Za-z0-9+\\-_]+)*\\z`. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2022-31163
CVE-2022-2868 libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2022-2868
CVE-2022-36171 MapGIS IGServer 10.5.6.11 is vulnerable to Arbitrary file deletion. 8.1 https://nvd.nist.gov/vuln/detail/CVE-2022-36171
CVE-2021-3968 vim is vulnerable to Heap-based Buffer Overflow 8 https://nvd.nist.gov/vuln/detail/CVE-2021-3968
CVE-2022-2625 A vulnerability found in postgresql. On this security issue an attack requires permission to create non-temporary objects in at least one schema, ability to lure or wait for an administrator to create or update an affected extension in that schema, and ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, the attacker can run arbitrary code as the victim role, which may be a superuser. Known-affected extensions include both PostgreSQL-bundled and non-bundled extensions. PostgreSQL blocks this attack in the core server, so there's no need to modify individual extensions. 8 https://nvd.nist.gov/vuln/detail/CVE-2022-2625
CVE-2022-21225 Improper access control in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. 8 https://nvd.nist.gov/vuln/detail/CVE-2022-21225
CVE-2022-26017 Improper access control in the Intel(R) DSA software for before version 22.2.14 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. 8 https://nvd.nist.gov/vuln/detail/CVE-2022-26017
CVE-2021-36852 Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking plugin <= 1.10.5 at WordPress. 8 https://nvd.nist.gov/vuln/detail/CVE-2021-36852
CVE-2020-0683 An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2020-0683
CVE-2021-21048 Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-21048
CVE-2021-21058 Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-21058
CVE-2021-21059 Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-21059
CVE-2021-21062 Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-21062
CVE-2021-21063 Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-21063
CVE-2021-21071 Adobe Animate version 21.0.3 (and earlier) is affected by a Memory Corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-21071
CVE-2021-3770 vim is vulnerable to Heap-based Buffer Overflow 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-3770
CVE-2021-3778 vim is vulnerable to Heap-based Buffer Overflow 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-3778
CVE-2021-3872 vim is vulnerable to Heap-based Buffer Overflow 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-3872
CVE-2021-3927 vim is vulnerable to Heap-based Buffer Overflow 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-3927
CVE-2021-3928 vim is vulnerable to Use of Uninitialized Variable 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-3928
CVE-2021-3974 vim is vulnerable to Use After Free 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-3974
CVE-2021-3973 vim is vulnerable to Heap-based Buffer Overflow 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-3973
CVE-2021-43019 Adobe Creative Cloud version 5.5 (and earlier) are affected by a privilege escalation vulnerability in the resources leveraged by the Setup.exe service. An unauthenticated attacker could leverage this vulnerability to remove files and escalate privileges under the context of SYSTEM . An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability on the product installer. User interaction is required before product installation to abuse this vulnerability. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-43019
CVE-2021-4019 vim is vulnerable to Heap-based Buffer Overflow 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-4019
CVE-2021-3984 vim is vulnerable to Heap-based Buffer Overflow 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-3984
CVE-2021-4069 vim is vulnerable to Use After Free 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-4069
CVE-2021-4136 vim is vulnerable to Heap-based Buffer Overflow 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-4136
CVE-2021-4173 vim is vulnerable to Use After Free 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-4173
CVE-2021-4187 vim is vulnerable to Use After Free 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-4187
CVE-2021-4192 vim is vulnerable to Use After Free 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-4192
CVE-2022-0128 vim is vulnerable to Out-of-bounds Read 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0128
CVE-2022-0261 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0261
CVE-2021-45844 Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-45844
CVE-2022-23033 arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm (p2m_remove_mapping, guest_physmap_remove_page, and p2m_set_entry with mfn set to INVALID_MFN) do not actually clear the pagetable entry if the entry doesn't have the valid bit set. It is possible to have a valid pagetable entry without the valid bit set when a guest operating system uses set/way cache maintenance instructions. For instance, a guest issuing a set/way cache maintenance instruction, then calling the XENMEM_decrease_reservation hypercall to give back memory pages to Xen, might be able to retain access to those pages even after Xen started reusing them for other purposes. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-23033
CVE-2022-0351 Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0351
CVE-2022-0359 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0359
CVE-2022-0361 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0361
CVE-2022-0368 Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0368
CVE-2022-0392 Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0392
CVE-2022-0407 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0407
CVE-2022-0408 Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0408
CVE-2022-0413 Use After Free in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0413
CVE-2022-0417 Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0417
CVE-2022-0443 Use After Free in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0443
CVE-2022-23946 A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon GCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-23946
CVE-2022-23947 A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon DCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-23947
CVE-2022-0554 Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0554
CVE-2022-23803 A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadXYCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-23803
CVE-2022-23804 A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadIJCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-23804
CVE-2022-0629 Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0629
CVE-2022-0685 Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0685
CVE-2022-0943 Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0943
CVE-2022-1154 Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1154
CVE-2022-1160 heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1160
CVE-2022-1381 global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1381
CVE-2022-1616 Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1616
CVE-2022-1619 Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1619
CVE-2022-1621 Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1621
CVE-2022-1629 Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1629
CVE-2022-28838 Acrobat Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-28838
CVE-2021-0153 Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-0153
CVE-2021-0154 Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-0154
CVE-2021-0159 Improper input validation in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-0159
CVE-2021-0188 Return of pointer value outside of expected range in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-0188
CVE-2021-0189 Use of out-of-range pointer offset in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-0189
CVE-2021-0190 Uncaught exception in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-0190
CVE-2021-33122 Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-33122
CVE-2021-33123 Improper access control in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-33123
CVE-2022-1733 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1733
CVE-2022-1769 Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1769
CVE-2022-1735 Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1735
CVE-2022-1785 Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1785
CVE-2022-1796 Use After Free in GitHub repository vim/vim prior to 8.2.4979. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1796
CVE-2022-1851 Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1851
CVE-2022-1886 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1886
CVE-2022-1898 Use After Free in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1898
CVE-2022-1897 Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1897
CVE-2022-1942 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1942
CVE-2022-1968 Use After Free in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1968
CVE-2022-2000 Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2000
CVE-2022-2124 Buffer Over-read in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2124
CVE-2022-2125 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2125
CVE-2022-2126 Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2126
CVE-2022-2129 Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2129
CVE-2022-1720 Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1720
CVE-2022-2175 Buffer Over-read in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2175
CVE-2022-2182 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2182
CVE-2022-2183 Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2183
CVE-2022-2206 Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2206
CVE-2022-2257 Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2257
CVE-2022-2264 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2264
CVE-2022-2284 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2284
CVE-2022-2285 Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2285
CVE-2022-2286 Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2286
CVE-2022-2288 Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2288
CVE-2022-2289 Use After Free in GitHub repository vim/vim prior to 9.0. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2289
CVE-2022-2304 Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2304
CVE-2022-2343 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2343
CVE-2022-2344 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2344
CVE-2022-2345 Use After Free in GitHub repository vim/vim prior to 9.0.0046. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2345
CVE-2022-2522 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2522
CVE-2022-20319 In DreamServices, there is a possible way to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-189574230 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-20319
CVE-2022-20325 In Media, there is a possible code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-186473060 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-20325
CVE-2022-20329 In Wifi, there is a possible way to enable Wifi without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-183410556 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-20329
CVE-2022-20331 In the Framework, there is a possible way to enable a work profile without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-181785557 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-20331
CVE-2022-2819 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2819
CVE-2022-2816 Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2816
CVE-2022-2817 Use After Free in GitHub repository vim/vim prior to 9.0.0213. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2817
CVE-2021-30490 upsMonitor in ViewPower (aka ViewPowerHTML) 1.04-21012 through 1.04-21353 has insecure permissions for the service binary that enable an Authenticated User to modify files, allowing for privilege escalation. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-30490
CVE-2022-37393 Zimbra's sudo configuration permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. As part of its intended functionality, zmslapd can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-37393
CVE-2020-10728 A flaw was found in automationbroker/apb container in versions up to and including 2.0.4-1. This container grants all users sudoer permissions allowing an unauthorized user with access to the running container the ability to escalate their own privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10728
CVE-2022-34998 JPEGDEC commit be4843c was discovered to contain a global buffer overflow via JPEGDecodeMCU at /src/jpeg.inl. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34998
CVE-2022-35003 JPEGDEC commit be4843c was discovered to contain a global buffer overflow via ucDitherBuffer at /src/jpeg.inl. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35003
CVE-2022-36139 SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via SWF::Writer::writeByte(unsigned char). 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36139
CVE-2022-36142 SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via SWF::Reader::getU30(). 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36142
CVE-2022-36143 SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via __interceptor_strlen.part at /sanitizer_common/sanitizer_common_interceptors.inc. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36143
CVE-2022-36144 SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via base64_encode. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36144
CVE-2022-37781 fdkaac v1.0.3 was discovered to contain a heap buffer overflow via __interceptor_memcpy.part.46 at /sanitizer_common/sanitizer_common_interceptors.inc. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-37781
CVE-2022-38227 XPDF commit ffaf11c was discovered to contain a stack overflow via __asan_memcpy at asan_interceptors_memintrinsics.cpp. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-38227
CVE-2022-38228 XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-38228
CVE-2022-38229 XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-38229
CVE-2022-38231 XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::getChar() at /xpdf/Stream.cc. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-38231
CVE-2022-38236 XPDF commit ffaf11c was discovered to contain a global-buffer overflow via Lexer::getObj(Object*) at /xpdf/Lexer.cc. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-38236
CVE-2022-38237 XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readScan() at /xpdf/Stream.cc. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-38237
CVE-2022-38238 XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::lookChar() at /xpdf/Stream.cc. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-38238
CVE-2022-37459 Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a "Retbleed" issue. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-37459
CVE-2022-2845 Buffer Over-read in GitHub repository vim/vim prior to 9.0.0218. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2845
CVE-2022-30262 The Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 mishandle firmware integrity. They utilize the BSAP-IP protocol to transmit firmware updates. Firmware updates are supplied as CAB archive files containing a binary firmware image. In all cases, firmware images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-30262
CVE-2022-31262 An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to insufficient folder permissions, an attacker can hijack the %ProgramData%\\GOG.com folder structure and change the GalaxyCommunication service executable to a malicious file, resulting in code execution as SYSTEM. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-31262
CVE-2022-2849 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2849
CVE-2022-2862 Use After Free in GitHub repository vim/vim prior to 9.0.0221. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2862
CVE-2022-28751 The Zoom Client for Meetings for MacOS (Standard and for IT Admin) before version 5.11.3 contains a vulnerability in the package signature validation during the update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-28751
CVE-2022-28752 Zoom Rooms for Conference Rooms for Windows versions before 5.11.0 are susceptible to a Local Privilege Escalation vulnerability. A local low-privileged malicious user could exploit this vulnerability to escalate their privileges to the SYSTEM user. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-28752
CVE-2022-29549 An issue was discovered in Qualys Cloud Agent 4.8.0-49. It executes programs at various full pathnames without first making ownership and permission checks (e.g., to help ensure that a program was installed by root) and without integrity checks (e.g., a checksum comparison against known legitimate programs). Also, the vendor recommendation is to install this agent software with root privileges. Thus, privilege escalation is possible on systems where any of these pathnames is controlled by a non-root user. An example is /opt/firebird/bin/isql, where the /opt/firebird directory is often owned by the firebird user. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-29549
CVE-2022-37025 An improper privilege management vulnerability in McAfee Security Scan Plus (MSS+) before 4.1.262.1 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. This could result in the user gaining elevated permissions and being able to execute arbitrary code due to lack of an integrity check of the configuration file. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-37025
CVE-2021-23223 Improper initialization for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-23223
CVE-2021-33060 Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-33060
CVE-2021-33847 Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable escalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-33847
CVE-2021-37409 Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-37409
CVE-2022-21148 Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-21148
CVE-2022-21181 Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-21181
CVE-2022-21229 Improper buffer restrictions for some Intel(R) NUC 9 Extreme Laptop Kit drivers before version 2.2.0.22 may allow an authenticated user to potentially enable escalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-21229
CVE-2022-21807 Uncontrolled search path elements in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-21807
CVE-2022-21812 Improper access control in the Intel(R) HAXM software before version 7.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-21812
CVE-2022-25841 Uncontrolled search path elements in the Intel(R) Datacenter Group Event Android application, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-25841
CVE-2022-25966 Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-25966
CVE-2022-25999 Uncontrolled search path element in the Intel(R) Enpirion(R) Digital Power Configurator GUI software, all versions may allow an authenticated user to potentially enable escalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-25999
CVE-2022-26344 Incorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-26344
CVE-2022-26374 Uncontrolled search path in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-26374
CVE-2022-26844 Insufficiently protected credentials in the installation binaries for Intel(R) SEAPI in all versions may allow an authenticated user to potentially enable escalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-26844
CVE-2022-28696 Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-28696
CVE-2022-28757 The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.6 contains a vulnerability in the auto update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-28757
CVE-2022-37047 The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from CVE-2022-27940. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-37047
CVE-2022-37048 The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. NOTE: this is different from CVE-2022-27941. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-37048
CVE-2022-37049 The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150. NOTE: this is different from CVE-2022-27942. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-37049
CVE-2022-2889 Use After Free in GitHub repository vim/vim prior to 9.0.0225. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2889
CVE-2022-2930 Unverified Password Change in GitHub repository octoprint/octoprint prior to 1.8.3. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2930
CVE-2022-25942 An out-of-bounds read vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-25942
CVE-2022-25972 An out-of-bounds write vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-25972
CVE-2022-26061 A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-26061
CVE-1999-0236 ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. 7.5 https://nvd.nist.gov/vuln/detail/CVE-1999-0236
CVE-2015-3193 The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key information via an attack against use of a (1) Diffie-Hellman (DH) or (2) Diffie-Hellman Ephemeral (DHE) ciphersuite. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2015-3193
CVE-2017-8516 Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, Microsoft SQL Server 2014, and Microsoft SQL Server 2016 allows an information disclosure vulnerability when it improperly enforces permissions, aka "Microsoft SQL Server Analysis Services Information Disclosure Vulnerability". 7.5 https://nvd.nist.gov/vuln/detail/CVE-2017-8516
CVE-2021-25122 When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-25122
CVE-2021-30639 A vulnerability in Apache Tomcat allows an attacker to remotely trigger a denial of service. An error introduced as part of a change to improve error handling during non-blocking I/O meant that the error flag associated with the Request object was not reset between requests. This meant that once a non-blocking I/O error occurred, all future requests handled by that request object would fail. Users were able to trigger non-blocking I/O errors, e.g. by dropping a connection, thereby creating the possibility of triggering a DoS. Applications that do not use non-blocking I/O are not exposed to this vulnerability. This issue affects Apache Tomcat 10.0.3 to 10.0.4; 9.0.44; 8.5.64. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-30639
CVE-2021-42340 The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was closed. This created a memory leak that, over time, could lead to a denial of service via an OutOfMemoryError. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-42340
CVE-2022-27191 The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-27191
CVE-2022-24675 encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-24675
CVE-2022-28327 The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-28327
CVE-2022-29536 In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-29536
CVE-2022-1620 NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-1620
CVE-2022-30522 If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30522
CVE-2022-30556 Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30556
CVE-2022-24946 Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC iQ-R Series R12CCPU-V firmware versions "16" and prior, Mitsubishi Electric MELSEC-Q Series Q03UDECPU the first 5 digits of serial No. "24061" and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU the first 5 digits of serial No. "24061" and prior, Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-Q Series Q12DCCPU-V all versions, Mitsubishi Electric MELSEC-Q Series Q24DHCCPU-V(G) all versions, Mitsubishi Electric MELSEC-Q Series Q24/26DHCCPU-LS all versions, Mitsubishi Electric MELSEC-L series L02/06/26CPU(-P) the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-L series L26CPU-(P)BT the first 5 digits of serial number "24051" and prior and Mitsubishi Electric MELIPC Series MI5122-VW firmware versions "05" and prior allows a remote unauthenticated attacker to cause a denial of service (DoS) condition in Ethernet communications by sending specially crafted packets. A system reset of the products is required for recovery. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-24946
CVE-2022-32082 MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table->get_ref_count() == 0 in dict0dict.cc. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32082
CVE-2022-32084 MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32084
CVE-2022-32085 MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_func_in::cleanup/Item::cleanup_processor. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32085
CVE-2022-32087 MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_args::walk_args. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32087
CVE-2022-32088 MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32088
CVE-2022-32089 MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component st_select_lex_unit::exclude_level. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32089
CVE-2022-2048 In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2048
CVE-2022-26305 An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only matching the serial number and issuer string of the used certificate with that of a trusted certificate. This is not sufficient to verify that the macro was actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a serial number and an issuer string identical to a trusted certificate which LibreOffice would present as belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-26305
CVE-2022-2509 A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2509
CVE-2022-35796 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35796
CVE-2021-37150 Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-37150
CVE-2022-25763 Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-25763
CVE-2022-28129 Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-28129
CVE-2022-31779 Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31779
CVE-2022-31780 Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-31780
CVE-2022-36324 A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE W-1700 IEEE 802.11ac family (All versions), SCALANCE W-700 IEEE 802.11ax family (All versions), SCALANCE W-700 IEEE 802.11n family (All versions), SCALANCE XB-200 switch family (All versions), SCALANCE XC-200 switch family (All versions), SCALANCE XF-200BA switch family (All versions), SCALANCE XM-400 Family (All versions), SCALANCE XP-200 switch family (All versions), SCALANCE XR-300WG switch family (All versions), SCALANCE XR-500 Family (All versions). Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36324
CVE-2022-28131 Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-28131
CVE-2022-30630 Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30630
CVE-2022-30631 Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30631
CVE-2022-30632 Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30632
CVE-2022-30633 Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30633
CVE-2022-30635 Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30635
CVE-2022-38150 In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert and automatically restart through forged HTTP/1 backend responses. An attack uses a crafted reason phrase of the backend response status line. This is fixed in 7.0.3 and 7.1.1. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-38150
CVE-2022-33992 DNRD (aka Domain Name Relay Daemon) 2.20.3 forwards and caches DNS queries with the CD (aka checking disabled) bit set to 1. This leads to disabling of DNSSEC protection provided by upstream resolvers. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33992
CVE-2022-33988 dproxy-nexgen (aka dproxy nexgen) re-uses the DNS transaction id (TXID) value from client queries, which allows attackers (able to send queries to the resolver) to conduct DNS cache-poisoning attacks because the TXID value is known to the attacker. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33988
CVE-2022-33990 Misinterpretation of special domain name characters in dproxy-nexgen (aka dproxy nexgen) leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33990
CVE-2022-36524 D-Link GO-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Static Default Credentials via /etc/init0.d/S80telnetd.sh. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36524
CVE-2022-36526 D-Link GO-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Authentication Bypass via function phpcgi_main in cgibin. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36526
CVE-2022-24949 A privilege escalation to root exists in Eternal Terminal prior to version 6.2.0. This is due to the combination of a race condition, buffer overflow, and logic bug all in PipeSocketHandler::listen(). 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-24949
CVE-2022-24950 A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users' SSH authorization socket, enabling the attacker to login to other systems as the targeted users. The bug is in UserTerminalRouter::getInfoForId(). 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-24950
CVE-2022-38216 An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds writes, potentially crashing the Mapbox process. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-38216
CVE-2022-33939 CENTUM VP / CS 3000 controller FCS (CP31, CP33, CP345, CP401, and CP451) contains an issue in processing communication packets, which may lead to resource consumption. If this vulnerability is exploited, an attacker may cause a denial of service (DoS) condition in ADL communication by sending a specially crafted packet to the affected product. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-33939
CVE-2022-35734 'Hulu / ????' App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35734
CVE-2022-38184 There is an improper access control vulnerability in Portal for ArcGIS versions 10.8.1 and below which could allow a remote, unauthenticated attacker to access an API that may induce Esri Portal for ArcGIS to read arbitrary URLs. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-38184
CVE-2020-14322 In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-14322
CVE-2022-2831 A loaded (and valid) image can be crafted such that an out-of-bounds read or write occurs when the image converted to thumbnail that is flipped vertically. Crash occured in source/blender/blendthumb/src/blendthumb_extract.cc 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2831
CVE-2022-2832 When rendering with headless builds, show an error instead of crashing. Previously GPU_backend_init was called indirectly from DRW_opengl_context_create, a new function is now called from the window manager (GPU_backend_init_once), so it's possible to check if the GPU has a back-end. This also disables the bgl Python module when building WITH_HEADLESS. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2832
CVE-2022-2833 Endless Infinite loop in Blender-thumnailing due to logical bugs. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2833
CVE-2021-42052 IPESA e-Flow 3.3.6 allows path traversal for reading any file within the web root directory via the lib/js/build/STEResource.res path and the R query parameter. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-42052
CVE-2022-1401 Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42 Asset Management Appliance allows an unauthenticated attacker to read sensitive server files with root permissions. This issue affects: Device42 CMDB versions prior to 18.01.00. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-1401
CVE-2021-45454 Ampere Altra before SRP 1.08b and Altra Max? before SRP 2.05 allow information disclosure of power telemetry via HWmon. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-45454
CVE-2022-36186 A Null Pointer dereference vulnerability exists in GPAC 2.1-DEV-revUNKNOWN-master via the function gf_filter_pid_set_property_full () at filter_core/filter_pid.c:5250,which causes a Denial of Service (DoS). This vulnerability was fixed in commit b43f9d1. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36186
CVE-2022-38149 HashiCorp Consul Template through 0.29.1 inserts Sensitive Information into a Log File. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-38149
CVE-2022-1069 A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-1069
CVE-2022-1748 Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-1748
CVE-2022-2335 A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2335
CVE-2022-2337 A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2337
CVE-2022-2547 A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2547
CVE-2021-30070 An issue was discovered in HestiaCP before v1.3.5. Attackers are able to arbitrarily install packages due to values taken from the pgk [] parameter in the update request being transmitted to the operating system's package manager. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-30070
CVE-2022-37060 FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains directory traversal characters to disclose the contents of files located outside of the server's restricted path. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-37060
CVE-2022-37062 All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and download it. A successful exploit could allow the attacker to extract usernames and hashed passwords. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-37062
CVE-2022-37422 Payara through 5.2022.2 allows directory traversal without authentication. This affects Payara Server, Payara Micro, and Payara Server Embedded. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-37422
CVE-2022-21160 Improper buffer restrictions for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable denial of service via network access. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-21160
CVE-2022-21197 Improper input validation for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable denial of service via network access. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-21197
CVE-2022-30296 Insufficiently protected credentials in the Intel(R) Datacenter Group Event iOS application, all versions, may allow an unauthenticated user to potentially enable information disclosure via network access. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30296
CVE-2022-37768 libjpeg commit 281daa9 was discovered to contain an infinite loop via the component Frame::ParseTrailer. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-37768
CVE-2022-2049 In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service via the package upload function. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2049
CVE-2022-2074 In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service using the Variable Project Template. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2074
CVE-2022-2075 In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service targeting the build information request validation. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2075
CVE-2022-23460 Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx json parsing may lead to stack exhaustion in an address sanitized (ASAN) build. This issue may lead to Denial of Service if the program using the jsonxx library crashes. This issue exists on the current commit of the jsonxx project and the project itself has been archived. Updates are not expected. Users are advised to find a replacement. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-23460
CVE-2020-27793 An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c. This could allow an attacker to cause a crash, and perform a denail of service attack. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-27793
CVE-2020-27795 A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command "adf" has no or wrong argument, anal_fcn_data (core, input + 1) --> RAnalFunction *fcn = r_anal_get_fcn_in (core->anal, core->offset, -1); returns null pointer for fcn causing segmentation fault later in ensure_fcn_range (fcn). 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-27795
CVE-2022-38493 Rhonabwy 0.9.99 through 1.1.x before 1.1.7 doesn't check the RSA private key length before RSA-OAEP decryption. This allows attackers to cause a Denial of Service via a crafted JWE (JSON Web Encryption) token. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-38493
CVE-2021-3513 A flaw was found in keycloak where a brute force attack is possible even when the permanent lockout feature is enabled. This is due to a wrong error message displayed when wrong credentials are entered. The highest threat from this vulnerability is to confidentiality. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-3513
CVE-2022-2544 The Ninja Job Board WordPress plugin before 1.3.3 does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated Directory Listing which allows the download of uploaded resumes. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2544
CVE-2022-2551 The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated visitors accessing the main installer endpoint of the plugin, if the installer script has been run once by an administrator, allowing download of the full site backup without authenticating. 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2551
CVE-2022-29154 An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file). 7.4 https://nvd.nist.gov/vuln/detail/CVE-2022-29154
CVE-2021-3796 vim is vulnerable to Use After Free 7.3 https://nvd.nist.gov/vuln/detail/CVE-2021-3796
CVE-2022-36263 StreamLabs Desktop Application 1.9.0 is vulnerable to Incorrect Access Control via obs64.exe. An attacker can execute arbitrary code via a crafted .exe file. 7.3 https://nvd.nist.gov/vuln/detail/CVE-2022-36263
CVE-2020-10390 OS Command Injection in export.php (vulnerable function called from include/functions-article.php) in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by saving the code to be executed as the wkhtmltopdf path via admin/save-settings.php. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2020-10390
CVE-2022-36323 A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE SC-600 family (All versions < V2.3.1), SCALANCE W-1700 IEEE 802.11ac family (All versions), SCALANCE W-700 IEEE 802.11ax family (All versions), SCALANCE W-700 IEEE 802.11n family (All versions), SCALANCE XB-200 switch family (All versions), SCALANCE XC-200 switch family (All versions), SCALANCE XF-200BA switch family (All versions), SCALANCE XM-400 Family (All versions), SCALANCE XP-200 switch family (All versions), SCALANCE XR-300WG switch family (All versions), SCALANCE XR-500 Family (All versions). Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-36323
CVE-2022-36293 Buffer overflow vulnerability in Nintendo Wi-Fi Network Adaptor WAP-001 All versions allows an attacker with an administrative privilege to execute arbitrary code via unspecified vectors. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-36293
CVE-2022-36381 OS command injection vulnerability in Nintendo Wi-Fi Network Adaptor WAP-001 All versions allows an attacker with an administrative privilege to execute arbitrary OS commands via unspecified vectors. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-36381
CVE-2020-1756 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, insufficient input escaping was applied to the PHP unit webrunner admin tool. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2020-1756
CVE-2022-34253 Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an XML Injection vulnerability in the Widgets Module. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution. Exploitation of this issue does not require user interaction. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-34253
CVE-2022-36215 DedeBIZ v6 was discovered to contain a remote code execution vulnerability in sys_info.php. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-36215
CVE-2022-36216 DedeCMS v5.7.94 - v5.7.97 was discovered to contain a remote code execution vulnerability in member_toadmin.php. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-36216
CVE-2022-1373 The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. An attacker can craft a zip file to load an arbitrary dll and execute code. Using the "restore configuration" feature to upload a zip file containing a path traversal file may cause a file to be created and executed upon touching the disk. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-1373
CVE-2022-2334 The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-2334
CVE-2021-37289 Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows attackers to execute system command as root via etc_ro/web/syscmd.asp. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2021-37289
CVE-2022-2593 The Better Search Replace WordPress plugin before 1.4.1 does not properly sanitise and escape table data before inserting it into a SQL query, which could allow high privilege users to perform SQL Injection attacks 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-2593
CVE-2022-33900 PHP Object Injection vulnerability in Easy Digital Downloads plugin <= 3.0.1 at WordPress. 7.2 https://nvd.nist.gov/vuln/detail/CVE-2022-33900
CVE-2020-12825 libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption. 7.1 https://nvd.nist.gov/vuln/detail/CVE-2020-12825
CVE-2021-4166 vim is vulnerable to Out-of-bounds Read 7.1 https://nvd.nist.gov/vuln/detail/CVE-2021-4166
CVE-2022-0393 Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. 7.1 https://nvd.nist.gov/vuln/detail/CVE-2022-0393
CVE-2022-2287 Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. 7.1 https://nvd.nist.gov/vuln/detail/CVE-2022-2287
CVE-2020-27792 A heap-based buffer over write vulnerability was found in GhostScript's lp8000_print_page() function in gdevlp8k.c file. An attacker could trick a user to open a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service. 7.1 https://nvd.nist.gov/vuln/detail/CVE-2020-27792
CVE-2021-25329 The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue. 7 https://nvd.nist.gov/vuln/detail/CVE-2021-25329
CVE-2022-21881 Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21879. 7 https://nvd.nist.gov/vuln/detail/CVE-2022-21881
CVE-2021-40776 Adobe Lightroom Classic 10.3 (and earlier) are affected by a privilege escalation vulnerability in the Offline Lightroom Classic installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product installation to abuse this vulnerability. 7 https://nvd.nist.gov/vuln/detail/CVE-2021-40776
CVE-2022-24951 A race condition exists in Eternal Terminal prior to version 6.2.0 which allows a local attacker to hijack Eternal Terminal's IPC socket, enabling access to Eternal Terminal clients which attempt to connect in the future. 7 https://nvd.nist.gov/vuln/detail/CVE-2022-24951
CVE-2022-36307 The AirVelocity 1500 prints SNMP credentials on its physically accessible serial port during boot. This was fixed in AirVelocity 1500 software version 15.18.00.2511 and may affect other AirVelocity and AirSpeed models. 6.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36307
CVE-2022-28697 Improper access control in firmware for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable escalation of privilege via physical access. 6.8 https://nvd.nist.gov/vuln/detail/CVE-2022-28697
CVE-2021-25738 Loading specially-crafted yaml with the Kubernetes Java Client library can lead to code execution. 6.7 https://nvd.nist.gov/vuln/detail/CVE-2021-25738
CVE-2021-33103 Unintended intermediary in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 6.7 https://nvd.nist.gov/vuln/detail/CVE-2021-33103
CVE-2021-33124 Out-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 6.7 https://nvd.nist.gov/vuln/detail/CVE-2021-33124
CVE-2022-2503 Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5 6.7 https://nvd.nist.gov/vuln/detail/CVE-2022-2503
CVE-2022-21172 Out of bounds write for some Intel(R) PROSet/Wireless WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. 6.7 https://nvd.nist.gov/vuln/detail/CVE-2022-21172
CVE-2022-0213 vim is vulnerable to Heap-based Buffer Overflow 6.6 https://nvd.nist.gov/vuln/detail/CVE-2022-0213
CVE-2015-5361 Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client and server. The design intent of the ftps-extensions option (which is disabled by default) is to provide similar functionality when the SRX secures the FTP/FTPS client. As the control channel is encrypted, the FTP ALG cannot inspect the port specific information and will open a wider TCP data channel (gate) from client IP to server IP on all destination TCP ports. In FTP/FTPS client environments to an enterprise network or the Internet, this is the desired behavior as it allows firewall policy to be written to FTP/FTPS servers on well-known control ports without using a policy with destination IP ANY and destination port ANY. Issue The ftps-extensions option is not intended or recommended where the SRX secures the FTPS server, as the wide data channel session (gate) will allow the FTPS client temporary access to all TCP ports on the FTPS server. The data session is associated to the control channel and will be closed when the control channel session closes. Depending on the configuration of the FTPS server, supporting load-balancer, and SRX inactivity-timeout values, the server/load-balancer and SRX may keep the control channel open for an extended period of time, allowing an FTPS client access for an equal duration.? Note that the ftps-extensions option is not enabled by default. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2015-5361
CVE-2021-30640 A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2021-30640
CVE-2022-0001 Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-0001
CVE-2022-0002 Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-0002
CVE-2022-0996 A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-0996
CVE-2022-22411 IBM Spectrum Scale Data Access Services (DAS) 5.1.3.1 could allow an authenticated user to insert code which could allow the attacker to manipulate cluster resources due to excessive permissions. IBM X-Force ID: 223016. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-22411
CVE-2022-1705 Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-1705
CVE-2022-32148 Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32148
CVE-2022-2605 Out of bounds read in Dawn in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2605
CVE-2022-2610 Insufficient policy enforcement in Background Fetch in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2610
CVE-2022-2612 Side-channel information leakage in Keyboard input in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2612
CVE-2022-2615 Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2615
CVE-2022-2616 Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the Omnibox (URL bar) via a crafted Chrome Extension. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2616
CVE-2022-2618 Insufficient validation of untrusted input in Internals in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a malicious file . 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2618
CVE-2022-2622 Insufficient validation of untrusted input in Safe Browsing in Google Chrome on Windows prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a crafted file. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2622
CVE-2022-24952 Several denial of service vulnerabilities exist in Eternal Terminal prior to version 6.2.0, including a DoS triggered remotely by an invalid sequence number and a local bug triggered by invalid input sent directly to the IPC socket. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-24952
CVE-2022-36306 An authenticated attacker can enumerate and download sensitive files, including the eNodeB's web management UI's TLS private key, the web server binary, and the web server configuration file. These vulnerabilities were found in AirVelocity 1500 running software version 9.3.0.01249, were still present in 15.18.00.2511, and may affect other AirVelocity and AirSpeed models. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36306
CVE-2021-39087 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow an authenticated user to obtain sensitive information due to improper permission controls. IBM X-Force ID: 216109. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2021-39087
CVE-2022-35007 PNGDec commit 8abf6be was discovered to contain a heap buffer overflow via __interceptor_fwrite.part.57 at sanitizer_common_interceptors.inc. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35007
CVE-2022-35008 PNGDec commit 8abf6be was discovered to contain a stack overflow via /linux/main.cpp. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35008
CVE-2022-35009 PNGDec commit 8abf6be was discovered to contain a memory allocation problem via asan_malloc_linux.cpp. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35009
CVE-2022-35010 PNGDec commit 8abf6be was discovered to contain a heap buffer overflow via asan_interceptors_memintrinsics.cpp. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35010
CVE-2022-35012 PNGDec commit 8abf6be was discovered to contain a heap buffer overflow via SaveBMP at /linux/main.cpp. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35012
CVE-2022-35013 PNGDec commit 8abf6be was discovered to contain a FPE via SaveBMP at /linux/main.cpp. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35013
CVE-2022-35100 SWFTools commit 772e55a2 was discovered to contain a segmentation violation via gfxline_getbbox at /lib/gfxtools.c. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35100
CVE-2022-35433 ffjpeg commit caade60a69633d74100bd3c2528bddee0b6a1291 was discovered to contain a memory leak via /src/jfif.c. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35433
CVE-2022-35447 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b04de. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35447
CVE-2022-35448 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b55af. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35448
CVE-2022-35449 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0466. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35449
CVE-2022-35450 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b84b1. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35450
CVE-2022-35451 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b03b5. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35451
CVE-2022-35452 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0b2c. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35452
CVE-2022-35453 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c08a6. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35453
CVE-2022-35454 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b05aa. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35454
CVE-2022-35455 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0d63. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35455
CVE-2022-35456 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x617087. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35456
CVE-2022-35458 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b05ce. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35458
CVE-2022-35459 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e412a. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35459
CVE-2022-35460 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x61731f. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35460
CVE-2022-35461 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0a32. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35461
CVE-2022-35462 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0bc3. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35462
CVE-2022-35463 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0478. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35463
CVE-2022-35464 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6171b2. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35464
CVE-2022-35465 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0414. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35465
CVE-2022-35466 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0473. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35466
CVE-2022-35467 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41b8. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35467
CVE-2022-35468 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e420d. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35468
CVE-2022-35469 OTFCC v0.10.4 was discovered to contain a segmentation violation via /x86_64-linux-gnu/libc.so.6+0xbb384. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35469
CVE-2022-35470 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x65fc97. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35470
CVE-2022-35471 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41b0. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35471
CVE-2022-35472 OTFCC v0.10.4 was discovered to contain a global overflow via /release-x64/otfccdump+0x718693. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35472
CVE-2022-35473 OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe9a7. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35473
CVE-2022-35474 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b544e. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35474
CVE-2022-35475 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41a8. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35475
CVE-2022-35476 OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbc0b. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35476
CVE-2022-35477 OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe954. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35477
CVE-2022-35478 OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6babea. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35478
CVE-2022-35479 OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbbb6. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35479
CVE-2022-35481 OTFCC v0.10.4 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35481
CVE-2022-35482 OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x65f724. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35482
CVE-2022-35483 OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x5266a8. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35483
CVE-2022-35484 OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6b6a8f. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35484
CVE-2022-35485 OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x703969. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35485
CVE-2022-35486 OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6badae. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35486
CVE-2022-32453 HTTP header injection vulnerability in Cybozu Office 10.0.0 to 10.8.5 may allow a remote attacker to obtain and/or alter the data of the product via unspecified vectors. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32453
CVE-2022-36024 py-cord is a an API wrapper for Discord written in Python. Bots creating using py-cord version 2.0.0 are vulnerable to remote shutdown if they are added to the server with the `application.commands` scope without the `bot` scope. Currently, it appears that all public bots that use slash commands are affected. This issue has been patched in version 2.0.1. There are currently no recommended workarounds - please upgrade to a patched version. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36024
CVE-2021-23168 Out of bounds read for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2021-23168
CVE-2021-44545 Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2021-44545
CVE-2022-21212 Improper input validation for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-21212
CVE-2022-25228 CandidATS Version 3.0.0 Beta allows an authenticated user to inject SQL queries in '/index.php?m=settings&a=show' via the 'userID' parameter, in '/index.php?m=candidates&a=show' via the 'candidateID', in '/index.php?m=joborders&a=show' via the 'jobOrderID' and '/index.php?m=companies&a=show' via the 'companyID' parameter 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-25228
CVE-2022-2568 A privilege escalation flaw was found in the Ansible Automation Platform. This flaw allows a remote authenticated user with 'change user' permissions to modify the account settings of the superuser account and also remove the superuser privileges. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2568
CVE-2022-37769 libjpeg commit 281daa9 was discovered to contain a segmentation fault via HuffmanDecoder::Get at huffmandecoder.hpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-37769
CVE-2022-37770 libjpeg commit 281daa9 was discovered to contain a segmentation fault via LineMerger::GetNextLowpassLine at linemerger.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-37770
CVE-2022-34621 Mealie 1.0.0beta3 was discovered to contain an Insecure Direct Object Reference (IDOR) vulnerability which allows attackers to modify user passwords and other attributes via modification of the user_id parameter. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34621
CVE-2022-2555 The Yotpo Reviews for WooCommerce WordPress plugin through 2.0.4 lacks nonce check when updating its settings, which could allow attacker to make a logged in admin change them via a CSRF attack. 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2555
CVE-2022-2164 Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page. 6.3 https://nvd.nist.gov/vuln/detail/CVE-2022-2164
CVE-2021-45085 XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an about: page, as demonstrated by ephy-about:overview when a user visits an XSS payload page often enough to place that page on the Most Visited list. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2021-45085
CVE-2021-45087 XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2021-45087
CVE-2021-45088 XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an error page. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2021-45088
CVE-2021-46426 phpIPAM 1.4.4 allows Reflected XSS and CSRF via app/admin/subnets/find_free_section_subnets.php of the subnets functionality. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2021-46426
CVE-2022-34305 In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-34305
CVE-2022-34007 EQS Integrity Line Professional through 2022-07-01 allows a stored XSS via a crafted whistleblower entry. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-34007
CVE-2022-36266 In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a stored XSS vulnerability. As the binary file /home/www/cgi-bin/login.cgi does not check if the user is authenticated, a malicious actor can craft a specific request on the login.cgi endpoint that contains a base32 encoded XSS payload that will be accepted and stored. A successful attack will results in the injection of malicious scripts into the user settings page. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-36266
CVE-2022-28755 The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading to additional attacks including the potential for remote code execution through launching executables from arbitrary paths. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-28755
CVE-2022-38358 Improper neutralization of input during web page generation leaves the Eyes of Network web application vulnerable to cross-site scripting attacks at /module/admin_notifiers/rules.php and /module/report_event/indext.php via the parameters rule_notification, rule_name, and rule_name_old, and at /module/admin_user/add_modify_user.php via the parameters user_name and user_email. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-38358
CVE-2022-36311 Airspan AirVelocity 1500 prior to software version 15.18.00.2511 is vulnerable to injection leading to XSS in the SNMP community field in the eNodeB's web management UI. This issue may affect other AirVelocity and AirSpeed models. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-36311
CVE-2022-36530 An issue was discovered in rageframe2 2.6.37. There is a XSS vulnerability in the user agent related parameters of the info.php page. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-36530
CVE-2022-2843 A vulnerability was found in MotoPress Timetable and Event Schedule. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /wp-admin/admin-ajax.php of the component Quick Edit. The manipulation of the argument post_title with the input <img src=x onerror=alert`2`> leads to cross site scripting. The attack may be launched remotely. VDB-206486 is the identifier assigned to this vulnerability. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-2843
CVE-2022-2844 A vulnerability classified as problematic has been found in MotoPress Timetable and Event Schedule up to 1.4.06. This affects an unknown part of the file /wp/?cpmvc_id=1&cpmvc_do_action=mvparse&f=datafeed&calid=1&month_index=1&method=adddetails&id=2 of the component Calendar Handler. The manipulation of the argument Subject/Location/Description leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-206487. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-2844
CVE-2020-14320 In Moodle before 3.9.1, 3.8.4 and 3.7.7, the filter in the admin task log required extra sanitizing to prevent a reflected XSS risk. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2020-14320
CVE-2022-34257 Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-34257
CVE-2022-25799 An open redirect vulnerability exists in CERT/CC VINCE software prior to 1.5.0. An attacker could send a link that has a specially crafted URL and convince the user to click the link. When an authenticated user clicks the link, the authenticated user's browser could be redirected to a malicious site that is designed to impersonate a legitimate website. The attacker could trick the user and potentially acquire sensitive information such as the user's credentials. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-25799
CVE-2022-35133 A cross-site scripting (XSS) vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-35133
CVE-2022-35151 kkFileView v4.1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the urls and currentUrl parameters at /controller/OnlinePreviewController.java. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-35151
CVE-2021-30071 A cross-site scripting (XSS) vulnerability in /admin/list_key.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2021-30071
CVE-2022-28715 Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-28715
CVE-2022-29487 Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-29487
CVE-2022-30604 Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-30604
CVE-2022-33151 Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows remote attackers to inject an arbitrary script via unspecified vectors. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-33151
CVE-2022-35212 osCommerce2 before v2.3.4.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the function tep_db_error(). 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-35212
CVE-2022-35213 Ecommerce-CodeIgniter-Bootstrap before commit 56465f was discovered to contain a cross-site scripting (XSS) vulnerability via the function base_url() at /blog/blogpublish.php. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-35213
CVE-2022-0542 Cross-site Scripting (XSS) - DOM in GitHub repository chatwoot/chatwoot prior to 2.7.0. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-0542
CVE-2022-35554 Multiple reflected XSS vulnerabilities occur when handling error message of BPC SmartVista version 3.28.0 allowing an attacker to execute javascript code at client side. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-35554
CVE-2022-36251 Clinic's Patient Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via patients.php. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-36251
CVE-2022-2932 Cross-site Scripting (XSS) - Reflected in GitHub repository bustle/mobiledoc-kit prior to 0.14.2. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-2932
CVE-2022-34857 Reflected Cross-Site Scripting (XSS) vulnerability in smartypants SP Project & Document Manager plugin <= 4.59 at WordPress 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-34857
CVE-2022-35654 Pega Platform from 8.5.4 to 8.7.3 is affected by an XSS issue with an unauthenticated user and the redirect parameter. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-35654
CVE-2022-35655 Pega Platform from 7.3 to 8.7.3 is affected by an XSS issue due to a misconfiguration of a datapage setting. 6.1 https://nvd.nist.gov/vuln/detail/CVE-2022-35655
CVE-2017-3738 There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository. 5.9 https://nvd.nist.gov/vuln/detail/CVE-2017-3738
CVE-2019-1559 If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q). 5.9 https://nvd.nist.gov/vuln/detail/CVE-2019-1559
CVE-2022-21541 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N). 5.9 https://nvd.nist.gov/vuln/detail/CVE-2022-21541
CVE-2022-34624 Mealie1.0.0beta3 does not terminate download tokens after a user logs out, allowing attackers to perform a man-in-the-middle attack via a crafted GET request. 5.9 https://nvd.nist.gov/vuln/detail/CVE-2022-34624
CVE-2021-46778 Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the contention level on scheduler queues an attacker may potentially leak sensitive information. 5.6 https://nvd.nist.gov/vuln/detail/CVE-2021-46778
CVE-2020-14379 A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker's configuration files, leading to denial of service and information disclosure. 5.6 https://nvd.nist.gov/vuln/detail/CVE-2020-14379
CVE-2018-19841 The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2018-19841
CVE-2021-3875 vim is vulnerable to Heap-based Buffer Overflow 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-3875
CVE-2021-4193 vim is vulnerable to Out-of-bounds Read 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-4193
CVE-2022-0156 vim is vulnerable to Use After Free 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-0156
CVE-2022-0319 Out-of-bounds Read in vim/vim prior to 8.2. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-0319
CVE-2022-23034 A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled. PV guests can request two forms of mappings. When both are in use for any individual mapping, unmapping of such a mapping can be requested in two steps. The reference count for such a mapping would then mistakenly be decremented twice. Underflow of the counters gets detected, resulting in the triggering of a hypervisor bug check. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-23034
CVE-2022-24130 xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-24130
CVE-2022-0714 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-0714
CVE-2022-1420 Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-1420
CVE-2022-28774 Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be restricted. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-28774
CVE-2022-1674 NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-1674
CVE-2021-0155 Unchecked return value in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-0155
CVE-2021-33117 Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-33117
CVE-2021-33149 Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-33149
CVE-2022-1771 Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-1771
CVE-2022-21123 Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-21123
CVE-2022-21125 Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-21125
CVE-2022-21166 Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-21166
CVE-2022-20651 A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. Cisco ADSM must be deployed in a shared workstation environment for this issue to be exploited. This vulnerability is due to the storage of unencrypted credentials in certain logs. An attacker could exploit this vulnerability by accessing the logs on an affected system. A successful exploit could allow the attacker to view the credentials of other users of the shared device. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-20651
CVE-2022-2208 NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2208
CVE-2022-2231 NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2231
CVE-2022-21509 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-21509
CVE-2022-21527 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-21527
CVE-2022-21528 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-21528
CVE-2022-1962 Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-1962
CVE-2022-20317 In SystemUI, there is a possible way to unexpectedly enable the external speaker due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-190199063 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-20317
CVE-2022-20322 In PackageManager, there is a possible installed package disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187176993 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-20322
CVE-2022-20323 In PackageManager, there is a possible package installation disclosure due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187176203 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-20323
CVE-2022-20324 In Framework, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187042120 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-20324
CVE-2022-20326 In Telephony, there is a possible disclosure of SIM identifiers due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-185235527 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-20326
CVE-2021-33235 Buffer overflow vulnerability in write_node in htmldoc through 1.9.11 allows attackers to cause a denial of service via htmldoc/htmldoc/html.cxx:588. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-33235
CVE-2021-33236 Buffer Overflow vulnerability in write_header in htmldoc through 1.9.11 allows attackers to casue a denial of service via /htmldoc/htmldoc/html.cxx:273. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-33236
CVE-2022-29959 Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering environment for the ControlWave and Bristol Babcock line of RTUs. This environment provides access control functionality through user authentication and privilege management. The credentials for various users are stored insecurely in the SecUsers.ini file by using a simple string transformation rather than a cryptographic mechanism. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-29959
CVE-2022-38194 In Esri Portal for ArcGIS versions 10.8.1, a system property is not properly encrypted. This may lead to a local user reading sensitive information from a properties file. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-38194
CVE-2022-34999 JPEGDEC commit be4843c was discovered to contain a FPE via DecodeJPEG at /src/jpeg.inl. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-34999
CVE-2022-35000 JPEGDEC commit be4843c was discovered to contain a segmentation fault via fseek at /libio/fseek.c. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35000
CVE-2022-35002 JPEGDEC commit be4843c was discovered to contain a segmentation fault via TIFFSHORT at /src/jpeg.inl. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35002
CVE-2022-35004 JPEGDEC commit be4843c was discovered to contain a FPE via TIFFSHORT at /src/jpeg.inl. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35004
CVE-2022-35101 SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memset-vec-unaligned-erms.S. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35101
CVE-2022-35104 SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::reset() at /xpdf/Stream.cc. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35104
CVE-2022-35105 SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via /bin/png2swf+0x552cea. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35105
CVE-2022-35106 SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::computeTableChecksum(unsigned char*, int) at /xpdf/FoFiTrueType.cc. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35106
CVE-2022-35107 SWFTools commit 772e55a2 was discovered to contain a stack overflow via vfprintf at /stdio-common/vfprintf.c. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35107
CVE-2022-35108 SWFTools commit 772e55a2 was discovered to contain a segmentation violation via DCTStream::getChar() at /xpdf/Stream.cc. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35108
CVE-2022-35109 SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at /gfxpoly/stroke.c. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35109
CVE-2022-35110 SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35110
CVE-2022-35111 SWFTools commit 772e55a2 was discovered to contain a stack overflow via __sanitizer::StackDepotNode::hash(__sanitizer::StackTrace const&) at /sanitizer_common/sanitizer_stackdepot.cpp. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35111
CVE-2022-35113 SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via swf_DefineLosslessBitsTagToImage at /modules/swfbits.c. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35113
CVE-2022-35114 SWFTools commit 772e55a2 was discovered to contain a segmentation violation via extractFrame at /readers/swf.c. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35114
CVE-2022-35434 jpeg-quantsmooth before commit 8879454 contained a floating point exception (FPE) via /jpeg-quantsmooth/jpegqs+0x4f5d6c. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35434
CVE-2022-36140 SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF::DeclareFunction2::write(SWF::Writer*, SWF::Context*). 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36140
CVE-2022-36141 SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF::MethodBody::write(SWF::Writer*, SWF::Context*). 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36141
CVE-2022-36145 SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF::Reader::getWord(). 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36145
CVE-2022-36146 SWFMill commit 53d7690 was discovered to contain a memory allocation issue via operator new[](unsigned long) at asan_new_delete.cpp. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36146
CVE-2022-36148 fdkaac commit 53fe239 was discovered to contain a floating point exception (FPE) via wav_open at /src/wav_reader.c. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36148
CVE-2022-36149 tifig v0.2.2 was discovered to contain a heap-use-after-free via temInfoEntry(). 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36149
CVE-2022-36150 tifig v0.2.2 was discovered to contain a heap-buffer overflow via __asan_memmove at /asan/asan_interceptors_memintrinsics.cpp. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36150
CVE-2022-36151 tifig v0.2.2 was discovered to contain a segmentation violation via getType() at /common/bbox.cpp. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36151
CVE-2022-36152 tifig v0.2.2 was discovered to contain a memory leak via operator new[](unsigned long) at /asan/asan_new_delete.cpp. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36152
CVE-2022-36153 tifig v0.2.2 was discovered to contain a segmentation violation via std::vector<unsigned int, std::allocator<unsigned int> >::size() const at /bits/stl_vector.h. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36153
CVE-2022-36155 tifig v0.2.2 was discovered to contain a resource allocation issue via operator new(unsigned long) at asan_new_delete.cpp. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36155
CVE-2022-37439 In Splunk Enterprise and Universal Forwarder versions in the following table, indexing a specially crafted ZIP file using the file monitoring input can result in a crash of the application. Attempts to restart the application would result in a crash and would require manually removing the malformed file. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-37439
CVE-2022-38230 XPDF commit ffaf11c was discovered to contain a floating point exception (FPE) via DCTStream::decodeImage() at /xpdf/Stream.cc. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-38230
CVE-2022-38233 XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::readMCURow() at /xpdf/Stream.cc. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-38233
CVE-2022-38234 XPDF commit ffaf11c was discovered to contain a segmentation violation via Lexer::getObj(Object*) at /xpdf/Lexer.cc. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-38234
CVE-2022-38235 XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::getChar() at /xpdf/Stream.cc. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-38235
CVE-2022-36191 A heap-buffer-overflow had occurred in function gf_isom_dovi_config_get of isomedia/avc_ext.c:2490, as demonstrated by MP4Box. This vulnerability was fixed in commit fef6242. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36191
CVE-2022-35165 An issue in AP4_SgpdAtom::AP4_SgpdAtom() of Bento4-1.6.0-639 allows attackers to cause a Denial of Service (DoS) via a crafted mp4 input. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35165
CVE-2022-35166 libjpeg commit 842c7ba was discovered to contain an infinite loop via the component JPEG::ReadInternal. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35166
CVE-2022-2874 NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2874
CVE-2020-27787 A Segmentaation fault was found in UPX in invert_pt_dynamic() function in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2020-27787
CVE-2020-27790 A floating point exception issue was discovered in UPX in PackLinuxElf64::invert_pt_dynamic() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service. The highest impact is to Availability. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2020-27790
CVE-2020-27788 An out-of-bounds read access vulnerability was discovered in UPX in PackLinuxElf64::canPack() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2020-27788
CVE-2021-26254 Out of bounds read for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable denial of service via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-26254
CVE-2021-26950 Out of bounds read in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denial of service via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-26950
CVE-2021-44470 Incorrect default permissions for the Intel(R) Connect M Android application before version 1.7.4 may allow an authenticated user to potentially enable information disclosure via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-44470
CVE-2022-21140 Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable information disclosure via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-21140
CVE-2022-21152 Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable information disclosure via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-21152
CVE-2022-23403 Improper input validation in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-23403
CVE-2022-24378 Improper initialization in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-24378
CVE-2022-27500 Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may allow an authenticated user to potentially enable information disclosure via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-27500
CVE-2022-29507 Insufficiently protected credentials in the Intel(R) Team Blue mobile application in all versions may allow an authenticated user to potentially enable information disclosure via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-29507
CVE-2022-30944 Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable information disclosure via local access. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-30944
CVE-2022-36233 Tenda AC9 V15.03.2.13 is vulnerable to Buffer Overflow via httpd, form_fast_setting_wifi_set. httpd. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-36233
CVE-2022-2789 Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data Authenticity, and can display logic that is different than the compiled logic. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2789
CVE-2021-3659 A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability. 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-3659
CVE-2020-10388 The way the Referer header in article.php is handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored (Blind) XSS (injecting arbitrary web script or HTML) in admin/report-referrers.php (vulnerable file admin/include/functions-articles.php). 5.4 https://nvd.nist.gov/vuln/detail/CVE-2020-10388
CVE-2022-28753 Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714 contains an improper access control vulnerability. As a result, a malicious actor can join a meeting which they are authorized to join without appearing to the other participants, can admit themselves into the meeting from the waiting room, and can become host and cause other meeting disruptions. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-28753
CVE-2022-28754 Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714 contains an improper access control vulnerability. As a result, a malicious actor can join a meeting which they are authorized to join without appearing to the other participants, can admit themselves into the meeting from the waiting room, and can become host and cause other meeting disruptions. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-28754
CVE-2022-24654 Authenticated stored cross-site scripting (XSS) vulnerability in "Field Server Address" field in INTELBRAS ATA 200 Firmware 74.19.10.21 allows attackers to inject JavaScript code through a crafted payload. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-24654
CVE-2022-38192 A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS may allow a remote, authenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user’s browser. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-38192
CVE-2022-30575 The Web Console component of TIBCO Software Inc.'s TIBCO Data Science - Workbench, TIBCO Statistica, TIBCO Statistica - Estore Edition, and TIBCO Statistica Trial contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker with network access to execute scripts targeting the affected system or the victim's local system. Affected releases are TIBCO Software Inc.'s TIBCO Data Science - Workbench: versions 14.0.0 and below, TIBCO Statistica: versions 14.0.0 and below, TIBCO Statistica - Estore Edition: versions 14.0.0 and below, and TIBCO Statistica Trial: versions 14.0.0 and below. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-30575
CVE-2022-30576 The Web Console component of TIBCO Software Inc.'s TIBCO Data Science - Workbench, TIBCO Statistica, TIBCO Statistica - Estore Edition, and TIBCO Statistica Trial contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Data Science - Workbench: versions 14.0.0 and below, TIBCO Statistica: versions 14.0.0 and below, TIBCO Statistica - Estore Edition: versions 14.0.0 and below, and TIBCO Statistica Trial: versions 14.0.0 and below. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-30576
CVE-2022-38189 A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS may allow a remote, authenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user’s browser. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-38189
CVE-2021-39035 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213965. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2021-39035
CVE-2022-2871 Cross-site Scripting (XSS) - Stored in GitHub repository notrinos/notrinoserp prior to 0.7. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-2871
CVE-2022-35174 A stored cross-site scripting (XSS) vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-35174
CVE-2022-37063 All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting (XSS) due to improper input sanitization. An authenticated remote attacker can execute arbitrary JavaScript code in the web management interface. A successful exploit could allow the attacker to insert malicious JavaScript code. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-37063
CVE-2021-32862 The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert. When using nbconvert to generate an HTML version of a user-controllable notebook, it is possible to inject arbitrary HTML which may lead to cross-site scripting (XSS) vulnerabilities if these HTML notebooks are served by a web server (eg: nbviewer). 5.4 https://nvd.nist.gov/vuln/detail/CVE-2021-32862
CVE-2020-23466 Cross Site Scripting (XSS) vulnerability exists in the phpgurukul Online Marriage Registration System 1.0 allows attackers to run arbitrary code via the wzipcode field. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2020-23466
CVE-2022-1021 Insecure Storage of Sensitive Information in GitHub repository chatwoot/chatwoot prior to 2.6.0. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-1021
CVE-2022-35910 In Jellyfin before 10.8, stored XSS allows theft of an admin access token. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-35910
CVE-2022-37254 DolphinPHP 1.5.1 is vulnerable to Cross Site Scripting (XSS) via Background - > System - > system function - > configuration management. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-37254
CVE-2022-1340 Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-1340
CVE-2022-2890 Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-2890
CVE-2021-36857 Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in wpshopmart Testimonial Builder plugin <= 1.6.1 at WordPress. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2021-36857
CVE-2021-3442 A flaw was found in the Red Hat OpenShift API Management product. User input is not validated allowing an authenticated user to inject scripts into some text boxes leading to a XSS attack. The highest threat from this vulnerability is to data confidentiality. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2021-3442
CVE-2022-2600 The Auto-hyperlink URLs WordPress plugin through 5.4.1 does not set rel="noopener noreferer" on generated links, which can lead to Tab Nabbing by giving the target site access to the source tab through the window.opener DOM object. 5.4 https://nvd.nist.gov/vuln/detail/CVE-2022-2600
CVE-2017-15906 The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2017-15906
CVE-2021-21012 Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object vulnerability (IDOR) in the checkout module. Successful exploitation could lead to sensitive information disclosure. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2021-21012
CVE-2021-21022 Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object reference (IDOR) in the product module. Successful exploitation could lead to unauthorized access to restricted resources. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2021-21022
CVE-2021-33037 Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ignored the transfer encoding header if the client declared it would only accept an HTTP/1.0 response; - Tomcat honoured the identify encoding; and - Tomcat did not ensure that, if present, the chunked encoding was the final encoding. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2021-33037
CVE-2022-29526 Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-29526
CVE-2022-30532 In affected versions of Octopus Deploy, there is no logging of changes to artifacts within Octopus Deploy. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-30532
CVE-2022-21540 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-21540
CVE-2022-21549 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle GraalVM Enterprise Edition: 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-21549
CVE-2022-33993 Misinterpretation of special domain name characters in DNRD (aka Domain Name Relay Daemon) 2.20.3 leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-33993
CVE-2022-33989 dproxy-nexgen (aka dproxy nexgen) uses a static UDP source port (selected randomly only at boot time) in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-33989
CVE-2022-33991 dproxy-nexgen (aka dproxy nexgen) forwards and caches DNS queries with the CD (aka checking disabled) bit set to 1. This leads to disabling of DNSSEC protection provided by upstream resolvers. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-33991
CVE-2022-2838 In Eclipse Sphinx™ before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-2838
CVE-2021-39086 IBM Sterling File Gateway 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 215889. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2021-39086
CVE-2020-1755 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For headers could be used to spoof a user's IP, in order to bypass remote address checks. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2020-1755
CVE-2022-34259 Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-34259
CVE-2022-38392 A certain 5400 RPM OEM hard drive, as shipped with laptop PCs in approximately 2005, allows physically proximate attackers to cause a denial of service (device malfunction and system crash) via a resonant-frequency attack with the audio signal from the Rhythm Nation music video. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-38392
CVE-2022-2338 Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. The default the administration interface is accessible via plaintext HTTP protocol, facilitating the attack. The HTTP request may contain the session cookie in the request, which may be captured for use in authenticating to the server. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-2338
CVE-2022-30693 Information disclosure vulnerability in the system configuration of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to obtain the data of the product via unspecified vectors. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-30693
CVE-2022-36023 Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. If a gateway client application sends a malformed request to a gateway peer it may crash the peer node. Version 2.4.6 checks for the malformed gateway request and returns an error to the gateway client. There are no known workarounds, users must upgrade to version 2.4.6. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-36023
CVE-2022-1901 In affected versions of Octopus Deploy it is possible to unmask sensitive variables by using variable preview. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-1901
CVE-2022-34623 Mealie1.0.0beta3 is vulnerable to user enumeration via timing response discrepancy between users and non-users when an invalid password message is displayed during an authentication attempt. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-34623
CVE-2022-35692 Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to leak minor information of another user's account detials. Exploitation of this issue does not require user interaction. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-35692
CVE-2022-2552 The Duplicator WordPress plugin before 1.4.7.1 does not authenticate or authorize visitors before displaying information about the system such as server software, php version and full file system path to the site. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-2552
CVE-2022-2558 The Simple Job Board WordPress plugin before 2.10.0 is susceptible to Directory Listing which allows the public listing of uploaded resumes in certain configurations. 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-2558
CVE-2017-3641 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2017-3641
CVE-2018-2759 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2018-2759
CVE-2018-2777 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2018-2777
CVE-2018-2781 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2018-2781
CVE-2018-2810 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2018-2810
CVE-2018-3063 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2018-3063
CVE-2018-3162 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2018-3162
CVE-2018-3173 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2018-3173
CVE-2018-3200 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2018-3200
CVE-2018-3277 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2018-3277
CVE-2018-3282 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2018-3282
CVE-2019-2481 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2019-2481
CVE-2020-10387 Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to download files from the server using a dot-dot-slash sequence (../) via the GET parameter file. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2020-10387
CVE-2020-24402 Magento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect permissions vulnerability in the Integrations component. This vulnerability could be abused by authenticated users with permissions to the Resource Access API to delete customer details via the REST API without authorization. 4.9 https://nvd.nist.gov/vuln/detail/CVE-2020-24402
CVE-2022-21515 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 5.7.38 and prior and 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-21515
CVE-2022-21517 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-21517
CVE-2022-21525 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-21525
CVE-2022-21526 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-21526
CVE-2022-21529 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-21529
CVE-2022-21530 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-21530
CVE-2022-21531 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-21531
CVE-2022-21534 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-21534
CVE-2022-21537 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.9 https://nvd.nist.gov/vuln/detail/CVE-2022-21537
CVE-2020-10391 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-article.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10391
CVE-2020-10392 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-category.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10392
CVE-2020-10393 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-field.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10393
CVE-2020-10394 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-glossary.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10394
CVE-2020-10395 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-group.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10395
CVE-2020-10396 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-language.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10396
CVE-2020-10397 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-news.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10397
CVE-2020-10398 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-template.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10398
CVE-2020-10399 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-user.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10399
CVE-2020-10400 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/article-collaboration.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10400
CVE-2020-10401 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-article.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10401
CVE-2020-10402 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-category.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10402
CVE-2020-10403 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-comment.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10403
CVE-2020-10404 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-field.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10404
CVE-2020-10405 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-glossary.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10405
CVE-2020-10406 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-group.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10406
CVE-2020-10407 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-news.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10407
CVE-2020-10408 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-subscriber.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10408
CVE-2020-10409 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-template.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10409
CVE-2020-10410 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-user.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10410
CVE-2020-10411 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/email-harvester.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10411
CVE-2020-10412 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/import-csv.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10412
CVE-2020-10413 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/import-html.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10413
CVE-2020-10414 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/index-attachments.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10414
CVE-2020-10415 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/index.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10415
CVE-2020-10416 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/kb-backup.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10416
CVE-2020-10417 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-articles.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10417
CVE-2020-10418 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-attachments.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10418
CVE-2020-10419 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-categories.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10419
CVE-2020-10420 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-comments.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10420
CVE-2020-10421 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-departments.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10421
CVE-2020-10422 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-drafts.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10422
CVE-2020-10423 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-feedbacks.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10423
CVE-2020-10424 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-fields.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10424
CVE-2020-10425 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-glossary.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10425
CVE-2020-10426 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-groups.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10426
CVE-2020-10427 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-languages.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10427
CVE-2020-10428 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-news.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10428
CVE-2020-10429 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-settings.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10429
CVE-2020-10430 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-subscribers.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10430
CVE-2020-10431 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-templates.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10431
CVE-2020-10432 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-tickets.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10432
CVE-2020-10433 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-users.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10433
CVE-2020-10434 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-versions.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10434
CVE-2020-10435 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/my-languages.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10435
CVE-2020-10436 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/my-profile.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10436
CVE-2020-10437 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/optimize-database.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10437
CVE-2020-10438 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/reply-ticket.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10438
CVE-2020-10439 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-article-discussed.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10439
CVE-2020-10440 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-article-mailed.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10440
CVE-2020-10441 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-article-monthly.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10441
CVE-2020-10442 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-article-popular.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10442
CVE-2020-10443 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-article-printed.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10443
CVE-2020-10444 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-article-rated.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10444
CVE-2020-10445 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-article.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10445
CVE-2020-10446 The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-category.php by adding a question mark (?) followed by the payload. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10446
CVE-2022-36325 A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE SC-600 family (All versions < V2.3.1), SCALANCE W-1700 IEEE 802.11ac family (All versions), SCALANCE W-700 IEEE 802.11ax family (All versions), SCALANCE W-700 IEEE 802.11n family (All versions), SCALANCE XB-200 switch family (All versions), SCALANCE XC-200 switch family (All versions), SCALANCE XF-200BA switch family (All versions), SCALANCE XM-400 Family (All versions), SCALANCE XP-200 switch family (All versions), SCALANCE XR-300WG switch family (All versions), SCALANCE XR-500 Family (All versions). Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2022-36325
CVE-2022-2152 The Duplicate Page and Post WordPress plugin before 2.8 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2152
CVE-2022-34156 'Hulu / ????' App for iOS versions prior to 3.0.81 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34156
CVE-2022-34258 Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker with admin privileges to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2022-34258
CVE-2022-35117 Clinic's Patient Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via update_medicine_details.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Packing text box under the Update Medical Details module. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2022-35117
CVE-2022-2885 Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2885
CVE-2021-36847 Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WebbaPlugins Webba Booking plugin <= 4.2.21 at WordPress. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2021-36847
CVE-2022-0446 The Simple Banner WordPress plugin before 2.12.0 does not properly sanitize its "Simple Banner Text" Settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. 4.8 https://nvd.nist.gov/vuln/detail/CVE-2022-0446
CVE-2022-1322 The Coming Soon - Under Construction WordPress plugin through 1.1.9 does not sanitize and escape some of its settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed 4.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1322
CVE-2022-23035 Insufficient cleanup of passed-through device IRQs The management of IRQs associated with physical devices exposed to x86 HVM guests involves an iterative operation in particular when cleaning up after the guest's use of the device. In the case where an interrupt is not quiescent yet at the time this cleanup gets invoked, the cleanup attempt may be scheduled to be retried. When multiple interrupts are involved, this scheduling of a retry may get erroneously skipped. At the same time pointers may get cleared (resulting in a de-reference of NULL) and freed (resulting in a use-after-free), while other code would continue to assume them to be valid. 4.6 https://nvd.nist.gov/vuln/detail/CVE-2022-23035
CVE-2022-35656 Pega Platform from 8.3 to 8.7.3 vulnerability may allow authenticated security administrators to alter CSRF settings directly. 4.5 https://nvd.nist.gov/vuln/detail/CVE-2022-35656
CVE-2022-21522 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). 4.4 https://nvd.nist.gov/vuln/detail/CVE-2022-21522
CVE-2022-35821 Azure Sphere Information Disclosure Vulnerability. 4.4 https://nvd.nist.gov/vuln/detail/CVE-2022-35821
CVE-2020-10710 A flaw was found where the Plaintext Candlepin password is disclosed while updating Red Hat Satellite through the satellite-installer. This flaw allows an attacker with sufficiently high privileges, such as root, to retrieve the Candlepin plaintext password. 4.4 https://nvd.nist.gov/vuln/detail/CVE-2020-10710
CVE-2022-21240 Out of bounds read for some Intel(R) PROSet/Wireless WiFi products may allow a privileged user to potentially enable information disclosure via local access. 4.4 https://nvd.nist.gov/vuln/detail/CVE-2022-21240
CVE-2022-26074 Incomplete cleanup in a firmware subsystem for Intel(R) SPS before versions SPS_E3_04.08.04.330.0 and SPS_E3_04.01.04.530.0 may allow a privileged user to potentially enable denial of service via local access. 4.4 https://nvd.nist.gov/vuln/detail/CVE-2022-26074
CVE-2022-28709 Improper access control in the firmware for some Intel(R) E810 Ethernet Controllers before version 1.6.1.9 may allow a privileged user to potentially enable denial of service via local access. 4.4 https://nvd.nist.gov/vuln/detail/CVE-2022-28709
CVE-2020-10504 CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request. 4.3 https://nvd.nist.gov/vuln/detail/CVE-2020-10504
CVE-2022-2165 Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. 4.3 https://nvd.nist.gov/vuln/detail/CVE-2022-2165
CVE-2022-2479 Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page. 4.3 https://nvd.nist.gov/vuln/detail/CVE-2022-2479
CVE-2022-2611 Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. 4.3 https://nvd.nist.gov/vuln/detail/CVE-2022-2611
CVE-2022-2619 Insufficient validation of untrusted input in Settings in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted HTML page. 4.3 https://nvd.nist.gov/vuln/detail/CVE-2022-2619
CVE-2022-25986 Browse restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Scheduler. 4.3 https://nvd.nist.gov/vuln/detail/CVE-2022-25986
CVE-2022-29891 Browse restriction bypass vulnerability in Custom Ap of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Custom App via unspecified vectors. 4.3 https://nvd.nist.gov/vuln/detail/CVE-2022-29891
CVE-2022-32283 Browse restriction bypass vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Cabinet via unspecified vectors. 4.3 https://nvd.nist.gov/vuln/detail/CVE-2022-32283
CVE-2022-32544 Operation restriction bypass vulnerability in Project of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to alter the data of Project via unspecified vectors. 4.3 https://nvd.nist.gov/vuln/detail/CVE-2022-32544
CVE-2022-32583 Operation restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to alter the data of Scheduler via unspecified vectors. 4.3 https://nvd.nist.gov/vuln/detail/CVE-2022-32583
CVE-2022-33311 Browse restriction bypass vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Address Book via unspecified vectors. 4.3 https://nvd.nist.gov/vuln/detail/CVE-2022-33311
CVE-2022-35204 Vitejs Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim's service. 4.3 https://nvd.nist.gov/vuln/detail/CVE-2022-35204
CVE-2022-1251 The Ask me WordPress theme before 6.8.4 does not perform nonce checks when processing POST requests to the Edit Profile page, allowing an attacker to trick a user to change their profile information by sending a crafted request. 4.3 https://nvd.nist.gov/vuln/detail/CVE-2022-1251
CVE-2022-20330 In Bluetooth, there is a possible way to connect or disconnect bluetooth devices without user awareness due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-181962588 3.5 https://nvd.nist.gov/vuln/detail/CVE-2022-20330
CVE-2022-37438 In Splunk Enterprise versions in the following table, an authenticated user can craft a dashboard that could potentially leak information (for example, username, email, and real name) about Splunk users, when visited by another user through the drilldown component. The vulnerability requires user access to create and share dashboards using Splunk Web. 3.5 https://nvd.nist.gov/vuln/detail/CVE-2022-37438
CVE-2021-21046 Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to cause an application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 3.3 https://nvd.nist.gov/vuln/detail/CVE-2021-21046
CVE-2022-0158 vim is vulnerable to Heap-based Buffer Overflow 3.3 https://nvd.nist.gov/vuln/detail/CVE-2022-0158
CVE-2022-20280 In MMSProvider, there is a possible read of protected data due to improper input validationSQL injection. This could lead to local information disclosure of sms/mms data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-204117261 3.3 https://nvd.nist.gov/vuln/detail/CVE-2022-20280
CVE-2022-20318 In PackageInstaller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-194694069 3.3 https://nvd.nist.gov/vuln/detail/CVE-2022-20318
CVE-2022-20320 In ActivityManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187956596 3.3 https://nvd.nist.gov/vuln/detail/CVE-2022-20320
CVE-2022-20321 In Settings, there is a possible way for an application without permissions to read content of WiFi QR codes due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187176859 3.3 https://nvd.nist.gov/vuln/detail/CVE-2022-20321
CVE-2022-20328 In PackageManager, there is a possible way to determine whether an app is installed due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-184948501 3.3 https://nvd.nist.gov/vuln/detail/CVE-2022-20328
CVE-2021-23188 Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an authenticated user to potentially enable information disclosure via local access. 3.3 https://nvd.nist.gov/vuln/detail/CVE-2021-23188
CVE-2020-14394 An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service. 3.2 https://nvd.nist.gov/vuln/detail/CVE-2020-14394
CVE-2022-30629 Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. 3.1 https://nvd.nist.gov/vuln/detail/CVE-2022-30629
CVE-2022-20327 In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-185126813 2.8 https://nvd.nist.gov/vuln/detail/CVE-2022-20327
CVE-2022-2047 In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario. 2.7 https://nvd.nist.gov/vuln/detail/CVE-2022-2047
CVE-2022-2841 A vulnerability was found in CrowdStrike Falcon 6.31.14505.0/6.42.15610. It has been classified as problematic. Affected is the Uninstallation Handler which makes it possible to circumvent and disable the security feature. The manipulation leads to missing authorization. The identifier of this vulnerability is VDB-206880. 2.7 https://nvd.nist.gov/vuln/detail/CVE-2022-2841
CVE-1999-0498 TFTP is not running in a restricted directory, allowing a remote attacker to access sensitive information such as password files. https://nvd.nist.gov/vuln/detail/CVE-1999-0498
CVE-1999-0167 In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system. https://nvd.nist.gov/vuln/detail/CVE-1999-0167
CVE-1999-0627 The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. https://nvd.nist.gov/vuln/detail/CVE-1999-0627
CVE-1999-0117 AIX passwd allows local users to gain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0117
CVE-1999-0168 The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions. https://nvd.nist.gov/vuln/detail/CVE-1999-0168
CVE-1999-0214 Denial of service by sending forged ICMP unreachable packets. https://nvd.nist.gov/vuln/detail/CVE-1999-0214
CVE-1999-0312 HP ypbind allows attackers with root privileges to modify NIS data. https://nvd.nist.gov/vuln/detail/CVE-1999-0312
CVE-1999-0124 Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow an intruder to read any files that can be accessed by the gopher daemon. https://nvd.nist.gov/vuln/detail/CVE-1999-0124
CVE-1999-0334 In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0334
CVE-1999-0181 The wall daemon can be used for denial of service, social engineering attacks, or to execute remote commands. https://nvd.nist.gov/vuln/detail/CVE-1999-0181
CVE-1999-0338 AIX Licensed Program Product performance tools allow local users to gain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0338
CVE-1999-0337 AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled. https://nvd.nist.gov/vuln/detail/CVE-1999-0337
CVE-1999-0207 Remote attacker can execute commands through Majordomo using the Reply-To field and a "lists" command. https://nvd.nist.gov/vuln/detail/CVE-1999-0207
CVE-1999-0232 Buffer overflow in NCSA WebServer (version 1.5c) gives remote access. https://nvd.nist.gov/vuln/detail/CVE-1999-0232
CVE-1999-0235 Buffer overflow in NCSA WebServer (1.4.1 and below) gives remote access. https://nvd.nist.gov/vuln/detail/CVE-1999-0235
CVE-1999-0242 Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords. https://nvd.nist.gov/vuln/detail/CVE-1999-0242
CVE-1999-0151 The SATAN session key may be disclosed if the user points the web browser to other sites, possibly allowing root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0151
CVE-1999-0172 FormMail CGI program allows remote execution of commands. https://nvd.nist.gov/vuln/detail/CVE-1999-0172
CVE-1999-0203 In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program. https://nvd.nist.gov/vuln/detail/CVE-1999-0203
CVE-1999-0155 The ghostscript command with the -dSAFER option allows remote attackers to execute commands. https://nvd.nist.gov/vuln/detail/CVE-1999-0155
CVE-1999-0245 Some configurations of NIS+ in Linux allowed attackers to log in as the user "+". https://nvd.nist.gov/vuln/detail/CVE-1999-0245
CVE-1999-0218 Livingston portmaster machines could be rebooted via a series of commands. https://nvd.nist.gov/vuln/detail/CVE-1999-0218
CVE-1999-0073 Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0073
CVE-1999-0099 Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. https://nvd.nist.gov/vuln/detail/CVE-1999-0099
CVE-1999-0241 Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. https://nvd.nist.gov/vuln/detail/CVE-1999-0241
CVE-1999-0080 Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command. https://nvd.nist.gov/vuln/detail/CVE-1999-0080
CVE-1999-0316 Buffer overflow in Linux splitvt command gives root access to local users. https://nvd.nist.gov/vuln/detail/CVE-1999-0316
CVE-1999-0123 Race condition in Linux mailx command allows local users to read user files. https://nvd.nist.gov/vuln/detail/CVE-1999-0123
CVE-1999-0208 rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. https://nvd.nist.gov/vuln/detail/CVE-1999-0208
CVE-1999-0143 Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys. https://nvd.nist.gov/vuln/detail/CVE-1999-0143
CVE-1999-0142 The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts. https://nvd.nist.gov/vuln/detail/CVE-1999-0142
CVE-1999-0078 pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. https://nvd.nist.gov/vuln/detail/CVE-1999-0078
CVE-1999-0522 The permissions for a system-critical NIS+ table (e.g. passwd) are inappropriate. https://nvd.nist.gov/vuln/detail/CVE-1999-0522
CVE-1999-0509 Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands. https://nvd.nist.gov/vuln/detail/CVE-1999-0509
CVE-1999-0138 The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0138
CVE-1999-0175 The convert.bas program in the Novell web server allows a remote attackers to read any file on the system that is internally accessible by the web server. https://nvd.nist.gov/vuln/detail/CVE-1999-0175
CVE-1999-0137 The dip program on many Linux systems allows local users to gain root access via a buffer overflow. https://nvd.nist.gov/vuln/detail/CVE-1999-0137
CVE-1999-0023 Local user gains root privileges via buffer overflow in rdist, via lookup() function. https://nvd.nist.gov/vuln/detail/CVE-1999-0023
CVE-1999-0135 admintool in Solaris allows a local user to write to arbitrary files and gain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0135
CVE-1999-0136 Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and gain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0136
CVE-1999-0133 fm_fls license server for Adobe Framemaker allows local users to overwrite arbitrary files and gain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0133
CVE-1999-0319 Buffer overflow in xmcd 2.1 allows local users to gain access through a user resource setting. https://nvd.nist.gov/vuln/detail/CVE-1999-0319
CVE-1999-0246 HP Remote Watch allows a remote user to gain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0246
CVE-1999-0206 MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0206
CVE-1999-0234 Bash treats any character with a value of 255 as a command separator. https://nvd.nist.gov/vuln/detail/CVE-1999-0234
CVE-1999-0277 The WorkMan program can be used to overwrite any file to get root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0277
CVE-1999-0336 Buffer overflow in mstm in HP-UX allows local users to gain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0336
CVE-1999-0050 Buffer overflow in HP-UX newgrp program. https://nvd.nist.gov/vuln/detail/CVE-1999-0050
CVE-1999-0129 Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. https://nvd.nist.gov/vuln/detail/CVE-1999-0129
CVE-1999-0043 Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others. https://nvd.nist.gov/vuln/detail/CVE-1999-0043
CVE-1999-0045 List of arbitrary files on Web host via nph-test-cgi script. https://nvd.nist.gov/vuln/detail/CVE-1999-0045
CVE-1999-0297 Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable. https://nvd.nist.gov/vuln/detail/CVE-1999-0297
CVE-1999-0128 Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. https://nvd.nist.gov/vuln/detail/CVE-1999-0128
CVE-1999-0127 swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0127
CVE-1999-0260 The jj CGI program allows command execution via shell metacharacters. https://nvd.nist.gov/vuln/detail/CVE-1999-0260
CVE-1999-0626 A version of rusers is running that exposes valid user information to any entity on the network. https://nvd.nist.gov/vuln/detail/CVE-1999-0626
CVE-1999-0582 A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc. https://nvd.nist.gov/vuln/detail/CVE-1999-0582
CVE-1999-0576 A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories. https://nvd.nist.gov/vuln/detail/CVE-1999-0576
CVE-1999-0575 A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking. https://nvd.nist.gov/vuln/detail/CVE-1999-0575
CVE-1999-0572 .reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks. https://nvd.nist.gov/vuln/detail/CVE-1999-0572
CVE-1999-0550 A router's routing tables can be obtained from arbitrary hosts. https://nvd.nist.gov/vuln/detail/CVE-1999-0550
CVE-1999-0535 A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness. https://nvd.nist.gov/vuln/detail/CVE-1999-0535
CVE-1999-0534 A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input. https://nvd.nist.gov/vuln/detail/CVE-1999-0534
CVE-1999-0525 IP traceroute is allowed from arbitrary hosts. https://nvd.nist.gov/vuln/detail/CVE-1999-0525
CVE-1999-0521 An NIS domain name is easily guessable. https://nvd.nist.gov/vuln/detail/CVE-1999-0521
CVE-1999-0519 A NETBIOS/SMB share password is the default, null, or missing. https://nvd.nist.gov/vuln/detail/CVE-1999-0519
CVE-1999-0518 A NETBIOS/SMB share password is guessable. https://nvd.nist.gov/vuln/detail/CVE-1999-0518
CVE-1999-0517 An SNMP community name is the default (e.g. public), null, or missing. https://nvd.nist.gov/vuln/detail/CVE-1999-0517
CVE-1999-0511 IP forwarding is enabled on a machine which is not a router or firewall. https://nvd.nist.gov/vuln/detail/CVE-1999-0511
CVE-1999-0510 A router or firewall allows source routed packets from arbitrary hosts. https://nvd.nist.gov/vuln/detail/CVE-1999-0510
CVE-1999-0504 A Windows NT local user or administrator account has a default, null, blank, or missing password. https://nvd.nist.gov/vuln/detail/CVE-1999-0504
CVE-1999-0503 A Windows NT local user or administrator account has a guessable password. https://nvd.nist.gov/vuln/detail/CVE-1999-0503
CVE-1999-0499 NETBIOS share information may be published through SNMP registry keys in NT. https://nvd.nist.gov/vuln/detail/CVE-1999-0499
CVE-1999-0345 Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. https://nvd.nist.gov/vuln/detail/CVE-1999-0345
CVE-1999-0274 Denial of service in Windows NT DNS servers through malicious packet which contains a response to a query that wasn't made. https://nvd.nist.gov/vuln/detail/CVE-1999-0274
CVE-1999-0253 IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL. https://nvd.nist.gov/vuln/detail/CVE-1999-0253
CVE-1999-0252 Buffer overflow in listserv allows arbitrary command execution. https://nvd.nist.gov/vuln/detail/CVE-1999-0252
CVE-1999-0251 Denial of service in talk program allows remote attackers to disrupt a user's display. https://nvd.nist.gov/vuln/detail/CVE-1999-0251
CVE-1999-0249 Windows NT RSHSVC program allows remote users to execute arbitrary commands. https://nvd.nist.gov/vuln/detail/CVE-1999-0249
CVE-1999-0217 Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems. https://nvd.nist.gov/vuln/detail/CVE-1999-0217
CVE-1999-0204 Sendmail 8.6.9 allows remote attackers to execute root commands, using ident. https://nvd.nist.gov/vuln/detail/CVE-1999-0204
CVE-1999-0202 The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands. https://nvd.nist.gov/vuln/detail/CVE-1999-0202
CVE-1999-0201 A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user. https://nvd.nist.gov/vuln/detail/CVE-1999-0201
CVE-1999-0180 in.rshd allows users to login with a NULL username and execute commands. https://nvd.nist.gov/vuln/detail/CVE-1999-0180
CVE-1999-0173 FormMail CGI program can be used by web servers other than the host server that the program resides on. https://nvd.nist.gov/vuln/detail/CVE-1999-0173
CVE-1999-0171 Denial of service in syslog by sending it a large number of superfluous messages. https://nvd.nist.gov/vuln/detail/CVE-1999-0171
CVE-1999-0170 Remote attackers can mount an NFS file system in Ultrix or OSF, even if it is denied on the access list. https://nvd.nist.gov/vuln/detail/CVE-1999-0170
CVE-1999-0166 NFS allows users to use a "cd .." command to access other directories besides the exported file system. https://nvd.nist.gov/vuln/detail/CVE-1999-0166
CVE-1999-0163 In older versions of Sendmail, an attacker could use a pipe character to execute root commands. https://nvd.nist.gov/vuln/detail/CVE-1999-0163
CVE-1999-0100 Remote access in AIX innd 1.5.1, using control messages. https://nvd.nist.gov/vuln/detail/CVE-1999-0100
CVE-1999-0051 Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX. https://nvd.nist.gov/vuln/detail/CVE-1999-0051
CVE-1999-0049 Csetup under IRIX allows arbitrary file creation or overwriting. https://nvd.nist.gov/vuln/detail/CVE-1999-0049
CVE-1999-0081 wu-ftp allows files to be overwritten via the rnfr command. https://nvd.nist.gov/vuln/detail/CVE-1999-0081
CVE-1999-0966 Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0]. https://nvd.nist.gov/vuln/detail/CVE-1999-0966
CVE-1999-0174 The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack. https://nvd.nist.gov/vuln/detail/CVE-1999-0174
CVE-1999-0046 Buffer overflow of rlogin program using TERM environmental variable. https://nvd.nist.gov/vuln/detail/CVE-1999-0046
CVE-1999-0041 Buffer overflow in NLS (Natural Language Service). https://nvd.nist.gov/vuln/detail/CVE-1999-0041
CVE-1999-0868 ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN. https://nvd.nist.gov/vuln/detail/CVE-1999-0868
CVE-1999-0612 A version of finger is running that exposes valid user information to any entity on the network. https://nvd.nist.gov/vuln/detail/CVE-1999-0612
CVE-1999-0318 Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. https://nvd.nist.gov/vuln/detail/CVE-1999-0318
CVE-1999-0165 NFS cache poisoning. https://nvd.nist.gov/vuln/detail/CVE-1999-0165
CVE-1999-0106 Finger redirection allows finger bombs. https://nvd.nist.gov/vuln/detail/CVE-1999-0106
CVE-1999-0105 finger allows recursive searches by using a long string of @ symbols. https://nvd.nist.gov/vuln/detail/CVE-1999-0105
CVE-1999-0292 Denial of service through Winpopup using large user names. https://nvd.nist.gov/vuln/detail/CVE-1999-0292
CVE-1999-0280 Remote command execution in Microsoft Internet Explorer using .lnk and .url files. https://nvd.nist.gov/vuln/detail/CVE-1999-0280
CVE-1999-0042 Buffer overflow in University of Washington's implementation of IMAP and POP servers. https://nvd.nist.gov/vuln/detail/CVE-1999-0042
CVE-1999-0038 Buffer overflow in xlock program allows local users to execute commands as root. https://nvd.nist.gov/vuln/detail/CVE-1999-0038
CVE-1999-0040 Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. https://nvd.nist.gov/vuln/detail/CVE-1999-0040
CVE-1999-0037 Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail. https://nvd.nist.gov/vuln/detail/CVE-1999-0037
CVE-1999-0259 cfingerd lists all users on a system via search.**@target. https://nvd.nist.gov/vuln/detail/CVE-1999-0259
CVE-1999-0064 Buffer overflow in AIX lquerylv program gives root access to local users. https://nvd.nist.gov/vuln/detail/CVE-1999-0064
CVE-1999-0035 Race condition in signal handling routine in ftpd, allowing read/write arbitrary files. https://nvd.nist.gov/vuln/detail/CVE-1999-0035
CVE-1999-0034 Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. https://nvd.nist.gov/vuln/detail/CVE-1999-0034
CVE-1999-0799 Buffer overflow in bootpd 2.4.3 and earlier via a long boot file location. https://nvd.nist.gov/vuln/detail/CVE-1999-0799
CVE-1999-0281 Denial of service in IIS using long URLs. https://nvd.nist.gov/vuln/detail/CVE-1999-0281
CVE-1999-0275 Denial of service in Windows NT DNS servers by flooding port 53 with too many characters. https://nvd.nist.gov/vuln/detail/CVE-1999-0275
CVE-1999-0083 getcwd() file descriptor leak in FTP. https://nvd.nist.gov/vuln/detail/CVE-1999-0083
CVE-1999-0033 Command execution in Sun systems via buffer overflow in the at program. https://nvd.nist.gov/vuln/detail/CVE-1999-0033
CVE-1999-0957 MajorCool mj_key_cache program allows local users to modify files via a symlink attack. https://nvd.nist.gov/vuln/detail/CVE-1999-0957
CVE-1999-0628 The rwho/rwhod service is running, which exposes machine status and user information. https://nvd.nist.gov/vuln/detail/CVE-1999-0628
CVE-1999-0541 A password for accessing a WWW URL is guessable. https://nvd.nist.gov/vuln/detail/CVE-1999-0541
CVE-1999-0533 A DNS server allows inverse queries. https://nvd.nist.gov/vuln/detail/CVE-1999-0533
CVE-1999-0532 A DNS server allows zone transfers. https://nvd.nist.gov/vuln/detail/CVE-1999-0532
CVE-1999-0195 Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. https://nvd.nist.gov/vuln/detail/CVE-1999-0195
CVE-1999-0184 When compiled with the -DALLOW_UPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records. https://nvd.nist.gov/vuln/detail/CVE-1999-0184
CVE-1999-0169 NFS allows attackers to read and write any file on the system by specifying a false UID. https://nvd.nist.gov/vuln/detail/CVE-1999-0169
CVE-1999-0156 wu-ftpd FTP daemon allows any user and password combination. https://nvd.nist.gov/vuln/detail/CVE-1999-0156
CVE-1999-0150 The Perl fingerd program allows arbitrary command execution from remote users. https://nvd.nist.gov/vuln/detail/CVE-1999-0150
CVE-1999-0147 The aglimpse CGI program of the Glimpse package allows remote execution of arbitrary commands. https://nvd.nist.gov/vuln/detail/CVE-1999-0147
CVE-1999-0111 RIP v1 is susceptible to spoofing. https://nvd.nist.gov/vuln/detail/CVE-1999-0111
CVE-1999-0076 Buffer overflow in wu-ftp from PASV command causes a core dump. https://nvd.nist.gov/vuln/detail/CVE-1999-0076
CVE-1999-0074 Listening TCP ports are sequentially allocated, allowing spoofing attacks. https://nvd.nist.gov/vuln/detail/CVE-1999-0074
CVE-1999-0176 The Webgais program allows a remote user to execute arbitrary commands. https://nvd.nist.gov/vuln/detail/CVE-1999-0176
CVE-1999-0030 root privileges via buffer overflow in xlock command on SGI IRIX systems. https://nvd.nist.gov/vuln/detail/CVE-1999-0030
CVE-1999-0029 root privileges via buffer overflow in ordist command on SGI IRIX systems. https://nvd.nist.gov/vuln/detail/CVE-1999-0029
CVE-1999-0028 root privileges via buffer overflow in login/scheme command on SGI IRIX systems. https://nvd.nist.gov/vuln/detail/CVE-1999-0028
CVE-1999-0027 root privileges via buffer overflow in eject command on SGI IRIX systems. https://nvd.nist.gov/vuln/detail/CVE-1999-0027
CVE-1999-0026 root privileges via buffer overflow in pset command on SGI IRIX systems. https://nvd.nist.gov/vuln/detail/CVE-1999-0026
CVE-1999-0122 Buffer overflow in AIX lchangelv gives root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0122
CVE-1999-0566 An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. https://nvd.nist.gov/vuln/detail/CVE-1999-0566
CVE-1999-0238 php.cgi allows attackers to read any file on the system. https://nvd.nist.gov/vuln/detail/CVE-1999-0238
CVE-1999-0152 The DG/UX finger daemon allows remote command execution through shell metacharacters. https://nvd.nist.gov/vuln/detail/CVE-1999-0152
CVE-1999-0024 DNS cache poisoning via BIND, by predictable query IDs. https://nvd.nist.gov/vuln/detail/CVE-1999-0024
CVE-1999-0237 Remote execution of arbitrary commands through Guestbook CGI program. https://nvd.nist.gov/vuln/detail/CVE-1999-0237
CVE-1999-0183 Linux implementations of TFTP would allow access to files outside the restricted directory. https://nvd.nist.gov/vuln/detail/CVE-1999-0183
CVE-1999-0177 The uploader program in the WebSite web server allows a remote attacker to execute arbitrary programs. https://nvd.nist.gov/vuln/detail/CVE-1999-0177
CVE-1999-0071 Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. https://nvd.nist.gov/vuln/detail/CVE-1999-0071
CVE-1999-0079 Remote attackers can cause a denial of service in FTP by issuing multiple PASV commands, causing the server to run out of available ports. https://nvd.nist.gov/vuln/detail/CVE-1999-0079
CVE-1999-0965 Race condition in xterm allows local users to modify arbitrary files via the logging option. https://nvd.nist.gov/vuln/detail/CVE-1999-0965
CVE-1999-0956 The NeXT NetInfo _writers property allows local users to gain root privileges or conduct a denial of service. https://nvd.nist.gov/vuln/detail/CVE-1999-0956
CVE-1999-0667 The ARP protocol allows any host to spoof ARP replies and poison the ARP cache to conduct IP address spoofing or a denial of service. https://nvd.nist.gov/vuln/detail/CVE-1999-0667
CVE-1999-0955 Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command. https://nvd.nist.gov/vuln/detail/CVE-1999-0955
CVE-1999-0267 Buffer overflow in NCSA HTTP daemon v1.3 allows remote command execution. https://nvd.nist.gov/vuln/detail/CVE-1999-0267
CVE-1999-0294 All records in a WINS database can be deleted through SNMP for a denial of service. https://nvd.nist.gov/vuln/detail/CVE-1999-0294
CVE-1999-0272 Denial of service in Slmail v2.5 through the POP3 port. https://nvd.nist.gov/vuln/detail/CVE-1999-0272
CVE-1999-0090 Buffer overflow in AIX rcp command allows local users to obtain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0090
CVE-1999-0061 File creation and deletion, and remote execution, in the BSD line printer daemon (lpd). https://nvd.nist.gov/vuln/detail/CVE-1999-0061
CVE-1999-0192 Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable. https://nvd.nist.gov/vuln/detail/CVE-1999-0192
CVE-1999-0072 Buffer overflow in AIX xdat gives root access to local users. https://nvd.nist.gov/vuln/detail/CVE-1999-0072
CVE-1999-0091 Buffer overflow in AIX writesrv command allows local users to obtain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0091
CVE-1999-0089 Buffer overflow in AIX libDtSvc library can allow local users to gain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0089
CVE-1999-0097 The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). https://nvd.nist.gov/vuln/detail/CVE-1999-0097
CVE-1999-0094 AIX piodmgrsu command allows local users to gain additional group privileges. https://nvd.nist.gov/vuln/detail/CVE-1999-0094
CVE-1999-0093 AIX nslookup command allows local users to obtain root access by not dropping privileges correctly. https://nvd.nist.gov/vuln/detail/CVE-1999-0093
CVE-1999-0092 Various vulnerabilities in the AIX portmir command allows local users to obtain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0092
CVE-1999-0967 Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol. https://nvd.nist.gov/vuln/detail/CVE-1999-0967
CVE-1999-0216 Denial of service of inetd on Linux through SYN and RST packets. https://nvd.nist.gov/vuln/detail/CVE-1999-0216
CVE-1999-0306 buffer overflow in HP xlock program. https://nvd.nist.gov/vuln/detail/CVE-1999-0306
CVE-1999-0340 Buffer overflow in Linux Slackware crond program allows local users to gain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0340
CVE-1999-0244 Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root. https://nvd.nist.gov/vuln/detail/CVE-1999-0244
CVE-1999-0193 Denial of service in Ascend and 3com routers, which can be rebooted by sending a zero length TCP option. https://nvd.nist.gov/vuln/detail/CVE-1999-0193
CVE-1999-0017 FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. https://nvd.nist.gov/vuln/detail/CVE-1999-0017
CVE-1999-0107 Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters. https://nvd.nist.gov/vuln/detail/CVE-1999-0107
CVE-1999-0341 Buffer overflow in the Linux mail program "deliver" allows local users to gain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0341
CVE-1999-0331 Buffer overflow in Internet Explorer 4.0(1). https://nvd.nist.gov/vuln/detail/CVE-1999-0331
CVE-1999-0293 AAA authentication on Cisco systems allows attackers to execute commands without authorization. https://nvd.nist.gov/vuln/detail/CVE-1999-0293
CVE-1999-0284 Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command. https://nvd.nist.gov/vuln/detail/CVE-1999-0284
CVE-1999-0279 Excite for Web Servers (EWS) allows remote command execution via shell metacharacters. https://nvd.nist.gov/vuln/detail/CVE-1999-0279
CVE-1999-0273 Denial of service through Solaris 2.5.1 telnet by sending ^D characters. https://nvd.nist.gov/vuln/detail/CVE-1999-0273
CVE-1999-0114 Local users can execute commands as other users, and read other users' files, through the filter command in the Elm elm-2.4 mail package using a symlink attack. https://nvd.nist.gov/vuln/detail/CVE-1999-0114
CVE-1999-0513 ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. https://nvd.nist.gov/vuln/detail/CVE-1999-0513
CVE-1999-0086 AIX routed allows remote users to modify sensitive files. https://nvd.nist.gov/vuln/detail/CVE-1999-0086
CVE-1999-0271 Progressive Networks Real Video server (pnserver) can be crashed remotely. https://nvd.nist.gov/vuln/detail/CVE-1999-0271
CVE-1999-0013 Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user. https://nvd.nist.gov/vuln/detail/CVE-1999-0013
CVE-1999-0264 htmlscript CGI program allows remote read access to files. https://nvd.nist.gov/vuln/detail/CVE-1999-0264
CVE-1999-0486 Denial of service in AOL Instant Messenger when a remote attacker sends a malicious hyperlink to the receiving client, potentially causing a system crash. https://nvd.nist.gov/vuln/detail/CVE-1999-0486
CVE-1999-0304 mmap function in BSD allows local attackers in the kmem group to modify memory through devices. https://nvd.nist.gov/vuln/detail/CVE-1999-0304
CVE-1999-0012 Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names. https://nvd.nist.gov/vuln/detail/CVE-1999-0012
CVE-1999-0258 Bonk variation of teardrop IP fragmentation denial of service. https://nvd.nist.gov/vuln/detail/CVE-1999-0258
CVE-1999-0290 The WinGate telnet proxy allows remote attackers to cause a denial of service via a large number of connections to localhost. https://nvd.nist.gov/vuln/detail/CVE-1999-0290
CVE-1999-0795 The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches. https://nvd.nist.gov/vuln/detail/CVE-1999-0795
CVE-1999-0514 UDP messages to broadcast addresses are allowed, allowing for a Fraggle attack that can cause a denial of service by flooding the target. https://nvd.nist.gov/vuln/detail/CVE-1999-0514
CVE-1999-0502 A Unix account has a default, null, blank, or missing password. https://nvd.nist.gov/vuln/detail/CVE-1999-0502
CVE-1999-0330 Linux bdash game has a buffer overflow that allows local users to gain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0330
CVE-1999-0060 Attackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet to the discard port, which is used by the Java Configurator tool. https://nvd.nist.gov/vuln/detail/CVE-1999-0060
CVE-1999-0537 A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc. https://nvd.nist.gov/vuln/detail/CVE-1999-0537
CVE-1999-0507 An account on a router, firewall, or other network device has a guessable password. https://nvd.nist.gov/vuln/detail/CVE-1999-0507
CVE-1999-0257 Nestea variation of teardrop IP fragmentation denial of service. https://nvd.nist.gov/vuln/detail/CVE-1999-0257
CVE-1999-0098 Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities. https://nvd.nist.gov/vuln/detail/CVE-1999-0098
CVE-1999-0303 Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. https://nvd.nist.gov/vuln/detail/CVE-1999-0303
CVE-1999-0508 An account on a router, firewall, or other network device has a default, null, blank, or missing password. https://nvd.nist.gov/vuln/detail/CVE-1999-0508
CVE-1999-0501 A Unix account has a guessable password. https://nvd.nist.gov/vuln/detail/CVE-1999-0501
CVE-1999-0494 Denial of service in WinGate proxy through a buffer overflow in POP3. https://nvd.nist.gov/vuln/detail/CVE-1999-0494
CVE-1999-0102 Buffer overflow in SLmail 3.x allows attackers to execute commands using a large FROM line. https://nvd.nist.gov/vuln/detail/CVE-1999-0102
CVE-1999-0213 libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. https://nvd.nist.gov/vuln/detail/CVE-1999-0213
CVE-1999-0516 An SNMP community name is guessable. https://nvd.nist.gov/vuln/detail/CVE-1999-0516
CVE-1999-0339 Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0339
CVE-1999-0333 HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack. https://nvd.nist.gov/vuln/detail/CVE-1999-0333
CVE-1999-0269 Netscape Enterprise servers may list files through the PageServices query. https://nvd.nist.gov/vuln/detail/CVE-1999-0269
CVE-1999-0159 Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases. https://nvd.nist.gov/vuln/detail/CVE-1999-0159
CVE-1999-0310 SSH 1.2.25 on HP-UX allows access to new user accounts. https://nvd.nist.gov/vuln/detail/CVE-1999-0310
CVE-1999-0162 The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering. https://nvd.nist.gov/vuln/detail/CVE-1999-0162
CVE-1999-0546 The Windows NT guest account is enabled. https://nvd.nist.gov/vuln/detail/CVE-1999-0546
CVE-1999-0506 A Windows NT domain user or administrator account has a default, null, blank, or missing password. https://nvd.nist.gov/vuln/detail/CVE-1999-0506
CVE-1999-0505 A Windows NT domain user or administrator account has a guessable password. https://nvd.nist.gov/vuln/detail/CVE-1999-0505
CVE-1999-0343 A malicious Palace server can force a client to execute arbitrary programs. https://nvd.nist.gov/vuln/detail/CVE-1999-0343
CVE-1999-0254 A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information. https://nvd.nist.gov/vuln/detail/CVE-1999-0254
CVE-1999-0342 Linux PAM modules allow local users to gain root access using temporary files. https://nvd.nist.gov/vuln/detail/CVE-1999-0342
CVE-1999-0321 Buffer overflow in Solaris kcms_configure command allows local users to gain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0321
CVE-1999-0937 BNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable. https://nvd.nist.gov/vuln/detail/CVE-1999-0937
CVE-1999-0936 BNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters. https://nvd.nist.gov/vuln/detail/CVE-1999-0936
CVE-1999-0698 Denial of service in IP protocol logger (ippl) on Red Hat and Debian Linux. https://nvd.nist.gov/vuln/detail/CVE-1999-0698
CVE-1999-0665 An application-critical Windows NT registry key has an inappropriate value. https://nvd.nist.gov/vuln/detail/CVE-1999-0665
CVE-1999-0664 An application-critical Windows NT registry key has inappropriate permissions. https://nvd.nist.gov/vuln/detail/CVE-1999-0664
CVE-1999-0663 A system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified. https://nvd.nist.gov/vuln/detail/CVE-1999-0663
CVE-1999-0662 A system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete. https://nvd.nist.gov/vuln/detail/CVE-1999-0662
CVE-1999-0657 WinGate is being used. https://nvd.nist.gov/vuln/detail/CVE-1999-0657
CVE-1999-0654 The OS/2 or POSIX subsystem in NT is enabled. https://nvd.nist.gov/vuln/detail/CVE-1999-0654
CVE-1999-0653 A component service related to NIS+ is running. https://nvd.nist.gov/vuln/detail/CVE-1999-0653
CVE-1999-0651 The rsh/rlogin service is running. https://nvd.nist.gov/vuln/detail/CVE-1999-0651
CVE-1999-0641 The UUCP service is running. https://nvd.nist.gov/vuln/detail/CVE-1999-0641
CVE-1999-0640 The Gopher service is running. https://nvd.nist.gov/vuln/detail/CVE-1999-0640
CVE-1999-0639 The chargen service is running. https://nvd.nist.gov/vuln/detail/CVE-1999-0639
CVE-1999-0638 The daytime service is running. https://nvd.nist.gov/vuln/detail/CVE-1999-0638
CVE-1999-0637 The systat service is running. https://nvd.nist.gov/vuln/detail/CVE-1999-0637
CVE-1999-0636 The discard service is running. https://nvd.nist.gov/vuln/detail/CVE-1999-0636
CVE-1999-0632 The RPC portmapper service is running. https://nvd.nist.gov/vuln/detail/CVE-1999-0632
CVE-1999-0630 The NT Alerter and Messenger services are running. https://nvd.nist.gov/vuln/detail/CVE-1999-0630
CVE-1999-0629 The ident/identd service is running. https://nvd.nist.gov/vuln/detail/CVE-1999-0629
CVE-1999-0625 The rpc.rquotad service is running. https://nvd.nist.gov/vuln/detail/CVE-1999-0625
CVE-1999-0624 The rstat/rstatd service is running. https://nvd.nist.gov/vuln/detail/CVE-1999-0624
CVE-1999-0618 The rexec service is running. https://nvd.nist.gov/vuln/detail/CVE-1999-0618
CVE-1999-0613 The rpc.sprayd service is running. https://nvd.nist.gov/vuln/detail/CVE-1999-0613
CVE-1999-0611 A system-critical Windows NT registry key has an inappropriate value. https://nvd.nist.gov/vuln/detail/CVE-1999-0611
CVE-1999-0603 In Windows NT, an inappropriate user is a member of a group, e.g. Administrator, Backup Operators, Domain Admins, Domain Guests, Power Users, Print Operators, Replicators, System Operators, etc. https://nvd.nist.gov/vuln/detail/CVE-1999-0603
CVE-1999-0602 A network intrusion detection system (IDS) does not properly reassemble fragmented packets. https://nvd.nist.gov/vuln/detail/CVE-1999-0602
CVE-1999-0601 A network intrusion detection system (IDS) does not properly handle data within TCP handshake packets. https://nvd.nist.gov/vuln/detail/CVE-1999-0601
CVE-1999-0600 A network intrusion detection system (IDS) does not verify the checksum on a packet. https://nvd.nist.gov/vuln/detail/CVE-1999-0600
CVE-1999-0599 A network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers. https://nvd.nist.gov/vuln/detail/CVE-1999-0599
CVE-1999-0598 A network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection. https://nvd.nist.gov/vuln/detail/CVE-1999-0598
CVE-1999-0597 A Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire. https://nvd.nist.gov/vuln/detail/CVE-1999-0597
CVE-1999-0596 A Windows NT log file has an inappropriate maximum size or retention period. https://nvd.nist.gov/vuln/detail/CVE-1999-0596
CVE-1999-0594 A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive. https://nvd.nist.gov/vuln/detail/CVE-1999-0594
CVE-1999-0592 The Logon box of a Windows NT system displays the name of the last user who logged in. https://nvd.nist.gov/vuln/detail/CVE-1999-0592
CVE-1999-0591 An event log in Windows NT has inappropriate access permissions. https://nvd.nist.gov/vuln/detail/CVE-1999-0591
CVE-1999-0589 A system-critical Windows NT registry key has inappropriate permissions. https://nvd.nist.gov/vuln/detail/CVE-1999-0589
CVE-1999-0588 A filter in a router or firewall allows unusual fragmented packets. https://nvd.nist.gov/vuln/detail/CVE-1999-0588
CVE-1999-0587 A WWW server is not running in a restricted file system, e.g. through a chroot, thus allowing access to system-critical data. https://nvd.nist.gov/vuln/detail/CVE-1999-0587
CVE-1999-0586 A network service is running on a nonstandard port. https://nvd.nist.gov/vuln/detail/CVE-1999-0586
CVE-1999-0584 A Windows NT file system is not NTFS. https://nvd.nist.gov/vuln/detail/CVE-1999-0584
CVE-1999-0583 There is a one-way or two-way trust relationship between Windows NT domains. https://nvd.nist.gov/vuln/detail/CVE-1999-0583
CVE-1999-0581 The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions. https://nvd.nist.gov/vuln/detail/CVE-1999-0581
CVE-1999-0580 The HKEY_LOCAL_MACHINE key in a Windows NT system has inappropriate, system-critical permissions. https://nvd.nist.gov/vuln/detail/CVE-1999-0580
CVE-1999-0579 A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys. https://nvd.nist.gov/vuln/detail/CVE-1999-0579
CVE-1999-0578 A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. https://nvd.nist.gov/vuln/detail/CVE-1999-0578
CVE-1999-0577 A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories. https://nvd.nist.gov/vuln/detail/CVE-1999-0577
CVE-1999-0571 A router's configuration service or management interface (such as a web server or telnet) is configured to allow connections from arbitrary hosts. https://nvd.nist.gov/vuln/detail/CVE-1999-0571
CVE-1999-0570 Windows NT is not using a password filter utility, e.g. PASSFILT.DLL. https://nvd.nist.gov/vuln/detail/CVE-1999-0570
CVE-1999-0569 A URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory if it does not contain an index.html file. https://nvd.nist.gov/vuln/detail/CVE-1999-0569
CVE-1999-0568 rpc.admind in Solaris is not running in a secure mode. https://nvd.nist.gov/vuln/detail/CVE-1999-0568
CVE-1999-0565 A Sendmail alias allows input to be piped to a program. https://nvd.nist.gov/vuln/detail/CVE-1999-0565
CVE-1999-0564 An attacker can force a printer to print arbitrary documents (e.g. if the printer doesn't require a password) or to become disabled. https://nvd.nist.gov/vuln/detail/CVE-1999-0564
CVE-1999-0561 IIS has the #exec function enabled for Server Side Include (SSI) files. https://nvd.nist.gov/vuln/detail/CVE-1999-0561
CVE-1999-0560 A system-critical Windows NT file or directory has inappropriate permissions. https://nvd.nist.gov/vuln/detail/CVE-1999-0560
CVE-1999-0559 A system-critical Unix file or directory has inappropriate permissions. https://nvd.nist.gov/vuln/detail/CVE-1999-0559
CVE-1999-0556 Two or more Unix accounts have the same UID. https://nvd.nist.gov/vuln/detail/CVE-1999-0556
CVE-1999-0555 A Unix account with a name other than "root" has UID 0, i.e. root privileges. https://nvd.nist.gov/vuln/detail/CVE-1999-0555
CVE-1999-0554 NFS exports system-critical data to the world, e.g. / or a password file. https://nvd.nist.gov/vuln/detail/CVE-1999-0554
CVE-1999-0549 Windows NT automatically logs in an administrator upon rebooting. https://nvd.nist.gov/vuln/detail/CVE-1999-0549
CVE-1999-0548 A superfluous NFS server is running, but it is not importing or exporting any file systems. https://nvd.nist.gov/vuln/detail/CVE-1999-0548
CVE-1999-0547 An SSH server allows authentication through the .rhosts file. https://nvd.nist.gov/vuln/detail/CVE-1999-0547
CVE-1999-0539 A trust relationship exists between two Unix hosts. https://nvd.nist.gov/vuln/detail/CVE-1999-0539
CVE-1999-0530 A system is operating in "promiscuous" mode which allows it to perform packet sniffing. https://nvd.nist.gov/vuln/detail/CVE-1999-0530
CVE-1999-0529 A router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.g. 10.x.x.x, 127.x.x.x, 217.x.x.x, etc. https://nvd.nist.gov/vuln/detail/CVE-1999-0529
CVE-1999-0528 A router or firewall forwards external packets that claim to come from inside the network that the router/firewall is in front of. https://nvd.nist.gov/vuln/detail/CVE-1999-0528
CVE-1999-0527 The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writeable by world, a real password file is obtainable, or executable commands such as "ls" can be overwritten. https://nvd.nist.gov/vuln/detail/CVE-1999-0527
CVE-1999-0523 ICMP echo (ping) is allowed from arbitrary hosts. https://nvd.nist.gov/vuln/detail/CVE-1999-0523
CVE-1999-0520 A system-critical NETBIOS/SMB share has inappropriate access control. https://nvd.nist.gov/vuln/detail/CVE-1999-0520
CVE-1999-0515 An unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv. https://nvd.nist.gov/vuln/detail/CVE-1999-0515
CVE-1999-0512 A mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers. https://nvd.nist.gov/vuln/detail/CVE-1999-0512
CVE-1999-0497 Anonymous FTP is enabled. https://nvd.nist.gov/vuln/detail/CVE-1999-0497
CVE-1999-0495 A remote attacker can gain access to a file system using .. (dot dot) when accessing SMB shares. https://nvd.nist.gov/vuln/detail/CVE-1999-0495
CVE-1999-0465 Remote attackers can crash Lynx and Internet Explorer using an IMG tag with a large width parameter. https://nvd.nist.gov/vuln/detail/CVE-1999-0465
CVE-1999-0454 A remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso. https://nvd.nist.gov/vuln/detail/CVE-1999-0454
CVE-1999-0453 An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP). https://nvd.nist.gov/vuln/detail/CVE-1999-0453
CVE-1999-0452 A service or application has a backdoor password that was placed there by the developer. https://nvd.nist.gov/vuln/detail/CVE-1999-0452
CVE-1999-0448 IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request. https://nvd.nist.gov/vuln/detail/CVE-1999-0448
CVE-1999-0401 A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files. https://nvd.nist.gov/vuln/detail/CVE-1999-0401
CVE-1999-0399 The DCC server command in the Mirc 5.5 client doesn't filter characters from file names properly, allowing remote attackers to place a malicious file in a different location, possibly allowing the attacker to execute commands. https://nvd.nist.gov/vuln/detail/CVE-1999-0399
CVE-1999-0398 In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login. https://nvd.nist.gov/vuln/detail/CVE-1999-0398
CVE-1999-0397 The demo version of the Quakenbush NT Password Appraiser sends passwords across the network in plaintext. https://nvd.nist.gov/vuln/detail/CVE-1999-0397
CVE-1999-0394 DPEC Online Courseware allows an attacker to change another user's password without knowing the original password. https://nvd.nist.gov/vuln/detail/CVE-1999-0394
CVE-1999-0361 NetWare version of LaserFiche stores usernames and passwords unencrypted, and allows administrative changes without logging. https://nvd.nist.gov/vuln/detail/CVE-1999-0361
CVE-1999-0355 Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service. https://nvd.nist.gov/vuln/detail/CVE-1999-0355
CVE-1999-0286 In some NT web servers, appending a space at the end of a URL may allow attackers to read source code for active pages. https://nvd.nist.gov/vuln/detail/CVE-1999-0286
CVE-1999-0285 Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection. https://nvd.nist.gov/vuln/detail/CVE-1999-0285
CVE-1999-0276 mSQL v2.0.1 and below allows remote execution through a buffer overflow. https://nvd.nist.gov/vuln/detail/CVE-1999-0276
CVE-1999-0255 Buffer overflow in ircd allows arbitrary command execution. https://nvd.nist.gov/vuln/detail/CVE-1999-0255
CVE-1999-0243 Linux cfingerd could be exploited to gain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0243
CVE-1999-0240 Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy. https://nvd.nist.gov/vuln/detail/CVE-1999-0240
CVE-1999-0231 Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access. https://nvd.nist.gov/vuln/detail/CVE-1999-0231
CVE-1999-0226 Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service. https://nvd.nist.gov/vuln/detail/CVE-1999-0226
CVE-1999-0220 Attackers can do a denial of service of IRC by crashing the server. https://nvd.nist.gov/vuln/detail/CVE-1999-0220
CVE-1999-0205 Denial of service in Sendmail 8.6.11 and 8.6.12. https://nvd.nist.gov/vuln/detail/CVE-1999-0205
CVE-1999-0200 Windows NT FTP server (WFTP) with the guest account enabled without a password allows an attacker to log into the FTP server using any username and password. https://nvd.nist.gov/vuln/detail/CVE-1999-0200
CVE-1999-0198 finger .@host on some systems may print information on some user accounts. https://nvd.nist.gov/vuln/detail/CVE-1999-0198
CVE-1999-0197 finger 0@host on some systems may print information on some user accounts. https://nvd.nist.gov/vuln/detail/CVE-1999-0197
CVE-1999-0402 wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself. https://nvd.nist.gov/vuln/detail/CVE-1999-0402
CVE-1999-0391 The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user. https://nvd.nist.gov/vuln/detail/CVE-1999-0391
CVE-1999-0392 Buffer overflow in Thomas Boutell's cgic library version up to 1.05. https://nvd.nist.gov/vuln/detail/CVE-1999-0392
CVE-1999-0063 Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port. https://nvd.nist.gov/vuln/detail/CVE-1999-0063
CVE-1999-0119 Windows NT 4.0 beta allows users to read and delete shares. https://nvd.nist.gov/vuln/detail/CVE-1999-0119
CVE-1999-0121 Buffer overflow in dtaction command gives root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0121
CVE-1999-0357 Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets. https://nvd.nist.gov/vuln/detail/CVE-1999-0357
CVE-1999-0356 ControlIT v4.5 and earlier uses weak encryption to store usernames and passwords in an address book. https://nvd.nist.gov/vuln/detail/CVE-1999-0356
CVE-1999-0352 ControlIT 4.5 and earlier (aka Remotely Possible) has weak password encryption. https://nvd.nist.gov/vuln/detail/CVE-1999-0352
CVE-1999-0461 Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address. https://nvd.nist.gov/vuln/detail/CVE-1999-0461
CVE-1999-0459 Local users can perform a denial of service in Alpha Linux, using MILO to force a reboot. https://nvd.nist.gov/vuln/detail/CVE-1999-0459
CVE-1999-0373 Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root. https://nvd.nist.gov/vuln/detail/CVE-1999-0373
CVE-1999-0291 The WinGate proxy is installed without a password, which allows remote attackers to redirect connections without authentication. https://nvd.nist.gov/vuln/detail/CVE-1999-0291
CVE-1999-0365 The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry. https://nvd.nist.gov/vuln/detail/CVE-1999-0365
CVE-1999-0350 Race condition in the db_loader program in ClearCase gives local users root access by setting SUID bits. https://nvd.nist.gov/vuln/detail/CVE-1999-0350
CVE-1999-0368 Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. https://nvd.nist.gov/vuln/detail/CVE-1999-0368
CVE-1999-0371 Lynx allows a local user to overwrite sensitive files through /tmp symlinks. https://nvd.nist.gov/vuln/detail/CVE-1999-0371
CVE-1999-0404 Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution. https://nvd.nist.gov/vuln/detail/CVE-1999-0404
CVE-1999-0714 Vulnerability in Compaq Tru64 UNIX edauth command. https://nvd.nist.gov/vuln/detail/CVE-1999-0714
CVE-1999-0375 Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Research allows remote attackers to execute commands. https://nvd.nist.gov/vuln/detail/CVE-1999-0375
CVE-1999-0374 Debian GNU/Linux cfengine package is susceptible to a symlink attack. https://nvd.nist.gov/vuln/detail/CVE-1999-0374
CVE-1999-0396 A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service. https://nvd.nist.gov/vuln/detail/CVE-1999-0396
CVE-1999-0406 Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege. https://nvd.nist.gov/vuln/detail/CVE-1999-0406
CVE-1999-0476 A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user. https://nvd.nist.gov/vuln/detail/CVE-1999-0476
CVE-1999-0438 Remote attackers can perform a denial of service in WebRamp systems by sending a malicious UDP packet to port 5353, changing its IP address. https://nvd.nist.gov/vuln/detail/CVE-1999-0438
CVE-1999-0437 Remote attackers can perform a denial of service in WebRamp systems by sending a malicious string to the HTTP port. https://nvd.nist.gov/vuln/detail/CVE-1999-0437
CVE-1999-0435 MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM. https://nvd.nist.gov/vuln/detail/CVE-1999-0435
CVE-1999-0431 Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service. https://nvd.nist.gov/vuln/detail/CVE-1999-0431
CVE-1999-0426 The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing. https://nvd.nist.gov/vuln/detail/CVE-1999-0426
CVE-1999-0419 When the Microsoft SMTP service attempts to send a message to a server and receives a 4xx error code, it quickly and repeatedly attempts to redeliver the message, causing a denial of service. https://nvd.nist.gov/vuln/detail/CVE-1999-0419
CVE-1999-0414 In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the connection. https://nvd.nist.gov/vuln/detail/CVE-1999-0414
CVE-1999-0222 Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL. https://nvd.nist.gov/vuln/detail/CVE-1999-0222
CVE-1999-0221 Denial of service of Ascend routers through port 150 (remote administration). https://nvd.nist.gov/vuln/detail/CVE-1999-0221
CVE-2000-0019 IMail POP3 daemon uses weak encryption, which allows local users to read files. https://nvd.nist.gov/vuln/detail/CVE-2000-0019
CVE-1999-0411 Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access. https://nvd.nist.gov/vuln/detail/CVE-1999-0411
CVE-1999-0422 In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set. https://nvd.nist.gov/vuln/detail/CVE-1999-0422
CVE-1999-0420 umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program. https://nvd.nist.gov/vuln/detail/CVE-1999-0420
CVE-1999-0425 talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes. https://nvd.nist.gov/vuln/detail/CVE-1999-0425
CVE-1999-0424 talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes. https://nvd.nist.gov/vuln/detail/CVE-1999-0424
CVE-1999-0433 XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. https://nvd.nist.gov/vuln/detail/CVE-1999-0433
CVE-1999-0480 Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack. https://nvd.nist.gov/vuln/detail/CVE-1999-0480
CVE-1999-0469 Internet Explorer 5.0 allows window spoofing, allowing a remote attacker to spoof a legitimate web site and capture information from the client. https://nvd.nist.gov/vuln/detail/CVE-1999-0469
CVE-1999-0467 The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote attacker to read arbitrary files using the "template" parameter. https://nvd.nist.gov/vuln/detail/CVE-1999-0467
CVE-1999-0475 A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail. https://nvd.nist.gov/vuln/detail/CVE-1999-0475
CVE-1999-0474 The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory. https://nvd.nist.gov/vuln/detail/CVE-1999-0474
CVE-1999-0439 Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file. https://nvd.nist.gov/vuln/detail/CVE-1999-0439
CVE-1999-0472 The SNMP default community name "public" is not properly removed in NetApps C630 Netcache, even if the administrator tries to disable it. https://nvd.nist.gov/vuln/detail/CVE-1999-0472
CVE-1999-0471 The remote proxy server in Winroute allows a remote attacker to reconfigure the proxy without authentication through the "cancel" button. https://nvd.nist.gov/vuln/detail/CVE-1999-0471
CVE-1999-0287 Vulnerability in the Wguest CGI program. https://nvd.nist.gov/vuln/detail/CVE-1999-0287
CVE-1999-0444 Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files. https://nvd.nist.gov/vuln/detail/CVE-1999-0444
CVE-1999-0684 Denial of service in Sendmail 8.8.6 in HPUX. https://nvd.nist.gov/vuln/detail/CVE-1999-0684
CVE-1999-0492 The ffingerd 1.19 allows remote attackers to identify users on the target system based on its responses. https://nvd.nist.gov/vuln/detail/CVE-1999-0492
CVE-1999-0712 A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable. https://nvd.nist.gov/vuln/detail/CVE-1999-0712
CVE-1999-0807 The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users. https://nvd.nist.gov/vuln/detail/CVE-1999-0807
CVE-1999-0194 Denial of service in in.comsat allows attackers to generate messages. https://nvd.nist.gov/vuln/detail/CVE-1999-0194
CVE-1999-0229 Denial of service in Windows NT IIS server using ..\\.. https://nvd.nist.gov/vuln/detail/CVE-1999-0229
CVE-1999-0762 When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information. https://nvd.nist.gov/vuln/detail/CVE-1999-0762
CVE-1999-0771 The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack. https://nvd.nist.gov/vuln/detail/CVE-1999-0771
CVE-1999-0772 Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301. https://nvd.nist.gov/vuln/detail/CVE-1999-0772
CVE-1999-0775 Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list. https://nvd.nist.gov/vuln/detail/CVE-1999-0775
CVE-1999-0730 The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack. https://nvd.nist.gov/vuln/detail/CVE-1999-0730
CVE-1999-0929 Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests. https://nvd.nist.gov/vuln/detail/CVE-1999-0929
CVE-1999-0748 Buffer overflows in Red Hat net-tools package. https://nvd.nist.gov/vuln/detail/CVE-1999-0748
CVE-1999-0938 MBone SDR Package allows remote attackers to execute commands via shell metacharacters in Session Initiation Protocol (SIP) messages. https://nvd.nist.gov/vuln/detail/CVE-1999-0938
CVE-1999-0916 WebTrends software stores account names and passwords in a file which does not have restricted access permissions. https://nvd.nist.gov/vuln/detail/CVE-1999-0916
CVE-1999-0140 Denial of service in RAS/PPTP on NT systems. https://nvd.nist.gov/vuln/detail/CVE-1999-0140
CVE-1999-0752 Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake. https://nvd.nist.gov/vuln/detail/CVE-1999-0752
CVE-1999-0809 Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed". https://nvd.nist.gov/vuln/detail/CVE-1999-0809
CVE-1999-0810 Denial of service in Samba NETBIOS name service daemon (nmbd). https://nvd.nist.gov/vuln/detail/CVE-1999-0810
CVE-1999-0224 Denial of service in Windows NT messenger service through a long username. https://nvd.nist.gov/vuln/detail/CVE-1999-0224
CVE-1999-0813 Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges. https://nvd.nist.gov/vuln/detail/CVE-1999-0813
CVE-1999-0732 The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links. https://nvd.nist.gov/vuln/detail/CVE-1999-0732
CVE-1999-0767 Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable. https://nvd.nist.gov/vuln/detail/CVE-1999-0767
CVE-1999-0817 Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet. https://nvd.nist.gov/vuln/detail/CVE-1999-0817
CVE-1999-0953 WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers. https://nvd.nist.gov/vuln/detail/CVE-1999-0953
CVE-1999-0907 sccw allows local users to read arbitrary files. https://nvd.nist.gov/vuln/detail/CVE-1999-0907
CVE-1999-0940 Buffer overflow in mutt mail client allows remote attackers to execute commands via malformed MIME messages. https://nvd.nist.gov/vuln/detail/CVE-1999-0940
CVE-2000-0047 Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message. https://nvd.nist.gov/vuln/detail/CVE-2000-0047
CVE-1999-0880 Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly. https://nvd.nist.gov/vuln/detail/CVE-1999-0880
CVE-1999-0879 Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file. https://nvd.nist.gov/vuln/detail/CVE-1999-0879
CVE-1999-0942 UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes. https://nvd.nist.gov/vuln/detail/CVE-1999-0942
CVE-1999-0893 userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack. https://nvd.nist.gov/vuln/detail/CVE-1999-0893
CVE-1999-0902 ypserv allows local administrators to modify password tables. https://nvd.nist.gov/vuln/detail/CVE-1999-0902
CVE-1999-0901 ypserv allows a local user to modify the GECOS and login shells of other users. https://nvd.nist.gov/vuln/detail/CVE-1999-0901
CVE-1999-0900 Buffer overflow in rpc.yppasswdd allows a local user to gain privileges via MD5 hash generation. https://nvd.nist.gov/vuln/detail/CVE-1999-0900
CVE-1999-0944 IBM WebSphere ikeyman tool uses weak encryption to store a password for a key database that is used for SSL connections. https://nvd.nist.gov/vuln/detail/CVE-1999-0944
CVE-1999-0903 genfilt in the AIX Packet Filtering Module does not properly filter traffic to destination ports greater than 32767. https://nvd.nist.gov/vuln/detail/CVE-1999-0903
CVE-1999-0882 Falcon web server allows remote attackers to determine the absolute path of the web root via long file names. https://nvd.nist.gov/vuln/detail/CVE-1999-0882
CVE-1999-0830 Buffer overflow in SCO UnixWare Xsco command via a long argument. https://nvd.nist.gov/vuln/detail/CVE-1999-0830
CVE-1999-0829 HP Secure Web Console uses weak encryption. https://nvd.nist.gov/vuln/detail/CVE-1999-0829
CVE-1999-0827 By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. https://nvd.nist.gov/vuln/detail/CVE-1999-0827
CVE-1999-0843 Denial of service in Cisco routers running NAT via a PORT command from an FTP client to a Telnet port. https://nvd.nist.gov/vuln/detail/CVE-1999-0843
CVE-1999-0863 Buffer overflow in FreeBSD seyon via HOME environmental variable, -emulator argument, -modems argument, or the GUI. https://nvd.nist.gov/vuln/detail/CVE-1999-0863
CVE-1999-0985 CC Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry. https://nvd.nist.gov/vuln/detail/CVE-1999-0985
CVE-1999-0984 Matt's Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry. https://nvd.nist.gov/vuln/detail/CVE-1999-0984
CVE-1999-0983 Whois Internic Lookup program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry. https://nvd.nist.gov/vuln/detail/CVE-1999-0983
CVE-1999-0845 Buffer overflow in SCO su program allows local users to gain root access via a long username. https://nvd.nist.gov/vuln/detail/CVE-1999-0845
CVE-1999-0317 Buffer overflow in Linux su command gives root access to local users. https://nvd.nist.gov/vuln/detail/CVE-1999-0317
CVE-1999-0847 Buffer overflow in free internet chess server (FICS) program, xboard. https://nvd.nist.gov/vuln/detail/CVE-1999-0847
CVE-1999-0856 login in Slackware 7.0 allows remote attackers to identify valid users on the system by reporting an encryption error when an account is locked or does not exist. https://nvd.nist.gov/vuln/detail/CVE-1999-0856
CVE-1999-0846 Denial of service in MDaemon 2.7 via a large number of connection attempts. https://nvd.nist.gov/vuln/detail/CVE-1999-0846
CVE-1999-0862 Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain privileges by reading a plaintext password file. https://nvd.nist.gov/vuln/detail/CVE-1999-0862
CVE-1999-0988 UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack. https://nvd.nist.gov/vuln/detail/CVE-1999-0988
CVE-1999-0990 Error messages generated by gdm with the VerboseAuth setting allows an attacker to identify valid users on a system. https://nvd.nist.gov/vuln/detail/CVE-1999-0990
CVE-1999-0982 The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file. https://nvd.nist.gov/vuln/detail/CVE-1999-0982
CVE-1999-1009 The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system. https://nvd.nist.gov/vuln/detail/CVE-1999-1009
CVE-1999-0289 The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL. https://nvd.nist.gov/vuln/detail/CVE-1999-0289
CVE-1999-1003 War FTP Daemon 1.70 allows remote attackers to cause a denial of service by flooding it with connections. https://nvd.nist.gov/vuln/detail/CVE-1999-1003
CVE-1999-0993 Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed. https://nvd.nist.gov/vuln/detail/CVE-1999-0993
CVE-1999-0935 classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form. https://nvd.nist.gov/vuln/detail/CVE-1999-0935
CVE-1999-1001 Cisco Cache Engine allows a remote attacker to gain access via a null username and password. https://nvd.nist.gov/vuln/detail/CVE-1999-1001
CVE-1999-1000 The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics. https://nvd.nist.gov/vuln/detail/CVE-1999-1000
CVE-1999-0998 Cisco Cache Engine allows an attacker to replace content in the cache. https://nvd.nist.gov/vuln/detail/CVE-1999-0998
CVE-2000-0020 DNS PRO allows remote attackers to conduct a denial of service via a large number of connections. https://nvd.nist.gov/vuln/detail/CVE-2000-0020
CVE-2000-0017 Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter. https://nvd.nist.gov/vuln/detail/CVE-2000-0017
CVE-2000-0034 Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." https://nvd.nist.gov/vuln/detail/CVE-2000-0034
CVE-2000-0040 glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command. https://nvd.nist.gov/vuln/detail/CVE-2000-0040
CVE-2000-0038 glFtpD includes a default glftpd user account with a default password and a UID of 0. https://nvd.nist.gov/vuln/detail/CVE-2000-0038
CVE-2000-0028 Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function. https://nvd.nist.gov/vuln/detail/CVE-2000-0028
CVE-1999-0892 Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font. https://nvd.nist.gov/vuln/detail/CVE-1999-0892
CVE-2000-0010 WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter. https://nvd.nist.gov/vuln/detail/CVE-2000-0010
CVE-2000-0008 FTPPro allows local users to read sensitive information, which is stored in plain text. https://nvd.nist.gov/vuln/detail/CVE-2000-0008
CVE-1999-0154 IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL. https://nvd.nist.gov/vuln/detail/CVE-1999-0154
CVE-2000-0069 The recover program in Solstice Backup allows local users to restore sensitive files. https://nvd.nist.gov/vuln/detail/CVE-2000-0069
CVE-2000-0085 Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag. https://nvd.nist.gov/vuln/detail/CVE-2000-0085
CVE-1999-0894 Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals. https://nvd.nist.gov/vuln/detail/CVE-1999-0894
CVE-2000-0084 CuteFTP uses weak encryption to store password information in its tree.dat file. https://nvd.nist.gov/vuln/detail/CVE-2000-0084
CVE-2000-0081 Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by using hexadecimal codes to specify the javascript\: protocol, e.g. j&#x41;vascript. https://nvd.nist.gov/vuln/detail/CVE-2000-0081
CVE-2000-0074 PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions. https://nvd.nist.gov/vuln/detail/CVE-2000-0074
CVE-2000-0067 CyberCash Merchant Connection Kit (MCK) allows local users to modify files via a symlink attack. https://nvd.nist.gov/vuln/detail/CVE-2000-0067
CVE-2000-0066 WebSite Pro allows remote attackers to determine the real pathname of webdirectories via a malformed URL request. https://nvd.nist.gov/vuln/detail/CVE-2000-0066
CVE-2000-0065 Buffer overflow in InetServ 3.0 allows remote attackers to execute commands via a long GET request. https://nvd.nist.gov/vuln/detail/CVE-2000-0065
CVE-1999-0595 A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. https://nvd.nist.gov/vuln/detail/CVE-1999-0595
CVE-2000-0115 IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page. https://nvd.nist.gov/vuln/detail/CVE-2000-0115
CVE-2000-0093 An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5. https://nvd.nist.gov/vuln/detail/CVE-2000-0093
CVE-2000-0126 Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack. https://nvd.nist.gov/vuln/detail/CVE-2000-0126
CVE-2000-0109 The mcsp Client Site Processor system (MultiCSP) in Standard and Poor's ComStock is installed with several accounts that have no passwords or easily guessable default passwords. https://nvd.nist.gov/vuln/detail/CVE-2000-0109
CVE-2000-0137 The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. https://nvd.nist.gov/vuln/detail/CVE-2000-0137
CVE-2000-0136 The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. https://nvd.nist.gov/vuln/detail/CVE-2000-0136
CVE-2000-0135 The @Retail shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. https://nvd.nist.gov/vuln/detail/CVE-2000-0135
CVE-2000-0134 The Check It Out shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. https://nvd.nist.gov/vuln/detail/CVE-2000-0134
CVE-2000-0123 The shopping cart application provided with Filemaker allows remote users to modify sensitive purchase information via hidden form fields. https://nvd.nist.gov/vuln/detail/CVE-2000-0123
CVE-2000-0110 The WebSiteTool shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. https://nvd.nist.gov/vuln/detail/CVE-2000-0110
CVE-2000-0108 The Intellivend shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. https://nvd.nist.gov/vuln/detail/CVE-2000-0108
CVE-2000-0106 The EasyCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. https://nvd.nist.gov/vuln/detail/CVE-2000-0106
CVE-2000-0104 The Shoptron shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. https://nvd.nist.gov/vuln/detail/CVE-2000-0104
CVE-2000-0103 The SmartCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. https://nvd.nist.gov/vuln/detail/CVE-2000-0103
CVE-2000-0102 The SalesCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. https://nvd.nist.gov/vuln/detail/CVE-2000-0102
CVE-2000-0101 The Make-a-Store OrderPage shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. https://nvd.nist.gov/vuln/detail/CVE-2000-0101
CVE-2000-0114 Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory. https://nvd.nist.gov/vuln/detail/CVE-2000-0114
CVE-2000-0129 Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file. https://nvd.nist.gov/vuln/detail/CVE-2000-0129
CVE-2000-0145 The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions. https://nvd.nist.gov/vuln/detail/CVE-2000-0145
CVE-2000-0143 The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP. https://nvd.nist.gov/vuln/detail/CVE-2000-0143
CVE-2000-0142 The authentication protocol in Timbuktu Pro 2.0b650 allows remote attackers to cause a denial of service via connections to port 407 and 1417. https://nvd.nist.gov/vuln/detail/CVE-2000-0142
CVE-2000-0182 iPlanet Web Server 4.1 allows remote attackers to cause a denial of service via a large number of GET commands, which consumes memory and causes a kernel panic. https://nvd.nist.gov/vuln/detail/CVE-2000-0182
CVE-2000-0220 ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event. https://nvd.nist.gov/vuln/detail/CVE-2000-0220
CVE-1999-0427 Eudora 4.1 allows remote attackers to perform a denial of service by sending attachments with long file names. https://nvd.nist.gov/vuln/detail/CVE-1999-0427
CVE-1999-0590 A system does not present an appropriate legal message or warning to a user who is accessing it. https://nvd.nist.gov/vuln/detail/CVE-1999-0590
CVE-1999-0585 A Windows NT administrator account has the default name of Administrator. https://nvd.nist.gov/vuln/detail/CVE-1999-0585
CVE-1999-0812 Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations. https://nvd.nist.gov/vuln/detail/CVE-1999-0812
CVE-2000-0031 The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack. https://nvd.nist.gov/vuln/detail/CVE-2000-0031
CVE-1999-0307 Buffer overflow in HP-UX cstm program allows local users to gain root privileges. https://nvd.nist.gov/vuln/detail/CVE-1999-0307
CVE-1999-0758 Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL. https://nvd.nist.gov/vuln/detail/CVE-1999-0758
CVE-1999-0359 ptylogin in Unix systems allows users to perform a denial of service by locking out modems, dial out with that modem, or obtain passwords. https://nvd.nist.gov/vuln/detail/CVE-1999-0359
CVE-2001-0352 SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point allow remote attackers to obtain the WEP encryption key by reading it from a MIB when the value should be write-only, via (1) dot11WEPDefaultKeyValue in the dot11WEPDefaultKeysTable of the IEEE 802.11b MIB, or (2) ap128bWepKeyValue in the ap128bWEPKeyTable in the Symbol MIB. https://nvd.nist.gov/vuln/detail/CVE-2001-0352
CVE-2003-0769 Cross-site scripting (XSS) vulnerability in the ICQ Web Front guestbook (guestbook.html) allows remote attackers to insert arbitrary web script and HTML via the message field. https://nvd.nist.gov/vuln/detail/CVE-2003-0769
CVE-2003-0742 SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program. https://nvd.nist.gov/vuln/detail/CVE-2003-0742
CVE-2003-0658 Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules. https://nvd.nist.gov/vuln/detail/CVE-2003-0658
CVE-2021-26639 This vulnerability is caused by the lack of validation of input values for specific functions if WISA Smart Wing CMS. Remote attackers can use this vulnerability to leak all files in the server without logging in system. https://nvd.nist.gov/vuln/detail/CVE-2021-26639
CVE-2022-35148 maccms10 v2021.1000.1081 to v2022.1000.3031 was discovered to contain a SQL injection vulnerability via the table parameter at database/columns.html. https://nvd.nist.gov/vuln/detail/CVE-2022-35148
CVE-2022-35173 An issue was discovered in Nginx NJS v0.7.5. The JUMP offset for a break instruction was not set to a correct offset during code generation, leading to a segmentation violation. https://nvd.nist.gov/vuln/detail/CVE-2022-35173
CVE-2022-35198 Contract Management System v2.0 contains a weak default password which gives attackers to access database connection information. https://nvd.nist.gov/vuln/detail/CVE-2022-35198
CVE-2021-23179 Out of bounds read in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow a privileged user to potentially enable information disclosure via local access. https://nvd.nist.gov/vuln/detail/CVE-2021-23179
CVE-2021-26257 Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denial of service via local access. https://nvd.nist.gov/vuln/detail/CVE-2021-26257
CVE-2021-33126 Improper access control in the firmware for some Intel(R) 700 and 722 Series Ethernet Controllers and Adapters before versions 8.5 and 1.5.5 may allow a privileged user to potentially enable denial of service via local access. https://nvd.nist.gov/vuln/detail/CVE-2021-33126
CVE-2021-33128 Improper access control in the firmware for some Intel(R) E810 Ethernet Controllers before version 1.6.0.6 may allow a privileged user to potentially enable denial of service via local access. https://nvd.nist.gov/vuln/detail/CVE-2021-33128
CVE-2022-21233 Improper isolation of shared resources in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. https://nvd.nist.gov/vuln/detail/CVE-2022-21233
CVE-2022-21793 Insufficient control flow management in the Intel(R) Ethernet 500 Series Controller drivers for VMWare before version 1.11.4.0 and in the Intel(R) Ethernet 700 Series Controller drivers for VMWare before version 2.1.5.0 may allow an authenticated user to potentially enable a denial of service via local access. https://nvd.nist.gov/vuln/detail/CVE-2022-21793
CVE-2022-26373 Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. https://nvd.nist.gov/vuln/detail/CVE-2022-26373
CVE-2022-27493 Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable an escalation of privilege via local access. https://nvd.nist.gov/vuln/detail/CVE-2022-27493
CVE-2022-28858 Improper buffer restriction in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via local access. https://nvd.nist.gov/vuln/detail/CVE-2022-28858
CVE-2022-32579 Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via physical access. https://nvd.nist.gov/vuln/detail/CVE-2022-32579
CVE-2022-33209 Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via local access. https://nvd.nist.gov/vuln/detail/CVE-2022-33209
CVE-2022-34345 Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via physical access. https://nvd.nist.gov/vuln/detail/CVE-2022-34345
CVE-2022-34488 Improper buffer restrictions in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via local access. https://nvd.nist.gov/vuln/detail/CVE-2022-34488
CVE-2022-29805 A Java Deserialization vulnerability in the Fishbowl Server in Fishbowl Inventory before 2022.4.1 allows remote attackers to execute arbitrary code via a crafted XML payload. https://nvd.nist.gov/vuln/detail/CVE-2022-29805
CVE-2022-2788 Emerson Electric's Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: '\\..\\Filename', also known as a ZipSlip attack, through an upload procedure which enables attackers to implant a malicious .BLZ file on the PLC. The file can transfer through the engineering station onto Windows in a way that executes the malicious code. https://nvd.nist.gov/vuln/detail/CVE-2022-2788
CVE-2022-36008 Frontier is Substrate's Ethereum compatibility layer. A security issue was discovered affecting parsing of the RPC result of the exit reason in case of EVM reversion. In release build, this would cause the exit reason being incorrectly parsed and returned by RPC. In debug build, this would cause an overflow panic. No action is needed unless you have a bridge node that needs to distinguish different reversion exit reasons and you used RPC for this. There are currently no known workarounds. https://nvd.nist.gov/vuln/detail/CVE-2022-36008
CVE-2022-36009 gomatrixserverlib is a Go library for matrix protocol federation. Dendrite is a Matrix homeserver written in Go, an alternative to Synapse. The power level parsing within gomatrixserverlib was failing to parse the `"events_default"` key of the `m.room.power_levels` event, defaulting the event default power level to zero in all cases. Power levels are the matrix terminology for user access level. In rooms where the `"events_default"` power level had been changed, this could result in events either being incorrectly authorised or rejected by Dendrite servers. gomatrixserverlib contains a fix as of commit `723fd49` and Dendrite 0.9.3 has been updated accordingly. Matrix rooms where the `"events_default"` power level has not been changed from the default of zero are not vulnerable. Users are advised to upgrade. There are no known workarounds for this issue. https://nvd.nist.gov/vuln/detail/CVE-2022-36009
CVE-2022-36031 Directus is a free and open-source data platform for headless content management. The Directus process can be aborted by having an authorized user update the `filename_disk` value to a folder and accessing that file through the `/assets` endpoint. This vulnerability has been patched and release v9.15.0 contains the fix. Users are advised to upgrade. Users unable to upgrade may prevent this problem by making sure no (untrusted) non-admin users have permissions to update the `filename_disk` field on `directus_files`. https://nvd.nist.gov/vuln/detail/CVE-2022-36031
CVE-2022-2790 Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-347 Improper Verification of Cryptographic Signature, and does not properly verify compiled logic (PDT files) and data blocks data (BLD/BLK files). https://nvd.nist.gov/vuln/detail/CVE-2022-2790
CVE-2022-2792 Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-284 Improper Access Control, and stores project data in a directory with improper access control lists. https://nvd.nist.gov/vuln/detail/CVE-2022-2792
CVE-2022-2793 Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of data packets after establishing a connection for the SRTP protocol. https://nvd.nist.gov/vuln/detail/CVE-2022-2793
CVE-2022-30036 MA Lighting grandMA2 Light has a password of root for the root account. NOTE: The vendor's position is that the product was designed for isolated networks. Also, the successor product, grandMA3, is not affected by this vulnerability. https://nvd.nist.gov/vuln/detail/CVE-2022-30036
CVE-2020-27836 A flaw was found in cluster-ingress-operator. A change to how the router-default service allows only certain IP source ranges could allow an attacker to access resources that would otherwise be restricted to specified IP ranges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.. https://nvd.nist.gov/vuln/detail/CVE-2020-27836
CVE-2021-24910 The Transposh WordPress Translation WordPress plugin before 1.0.8 does not sanitise and escape the a parameter via an AJAX action (available to both unauthenticated and authenticated users when the curl library is installed) before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue https://nvd.nist.gov/vuln/detail/CVE-2021-24910
CVE-2021-24911 The Transposh WordPress Translation WordPress plugin before 1.0.8 does not sanitise and escape the tk0 parameter from the tp_translation AJAX action, leading to Stored Cross-Site Scripting, which will trigger in the admin dashboard of the plugin. The minimum role needed to perform such attack depends on the plugin "Who can translate ?" setting. https://nvd.nist.gov/vuln/detail/CVE-2021-24911
CVE-2021-24912 The Transposh WordPress Translation WordPress plugin before 1.0.8 does not have CSRF check in its tp_translation AJAX action, which could allow attackers to make authorised users add a translation. Given the lack of sanitisation in the tk0 parameter, this could lead to a Stored Cross-Site Scripting issue which will be executed in the context of a logged in admin https://nvd.nist.gov/vuln/detail/CVE-2021-24912
CVE-2021-3481 A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability. https://nvd.nist.gov/vuln/detail/CVE-2021-3481
CVE-2021-3521 There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a "binding signature." RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another party to add a malicious subkey to a legitimate public key, RPM could wrongly trust a malicious signature. The greatest impact of this flaw is to data integrity. To exploit this flaw, an attacker must either compromise an RPM repository or convince an administrator to install an untrusted RPM or public key. It is strongly recommended to only use RPMs and public keys from trusted sources. https://nvd.nist.gov/vuln/detail/CVE-2021-3521
CVE-2021-3586 A flaw was found in servicemesh-operator. The NetworkPolicy resources installed for Maistra do not properly specify which ports may be accessed, allowing access to all ports on these resources from any pod. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. https://nvd.nist.gov/vuln/detail/CVE-2021-3586
CVE-2021-3590 A flaw was found in Foreman project. A credential leak was identified which will expose Azure Compute Profile password through JSON of the API output. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. https://nvd.nist.gov/vuln/detail/CVE-2021-3590
CVE-2021-3639 A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threat from this liability is to confidentiality and integrity. https://nvd.nist.gov/vuln/detail/CVE-2021-3639
CVE-2022-1932 The Rezgo Online Booking WordPress plugin before 4.1.8 does not sanitise and escape some parameters before outputting them back in a page, leading to a Reflected Cross-Site Scripting, which can be exploited either via a LFI in an AJAX action, or direct call to the affected file https://nvd.nist.gov/vuln/detail/CVE-2022-1932
CVE-2022-25810 The Transposh WordPress Translation WordPress plugin through 1.0.8 exposes a couple of sensitive actions such has “tp_reset� under the Utilities tab (/wp-admin/admin.php?page=tp_utils), which can be used/executed as the lowest-privileged user. Basically all Utilities functionalities are vulnerable this way, which involves resetting configurations and backup/restore operations. https://nvd.nist.gov/vuln/detail/CVE-2022-25810
CVE-2022-25811 The Transposh WordPress Translation WordPress plugin through 1.0.8 does not sanitise and escape the order and orderby parameters before using them in a SQL statement, leading to a SQL injection https://nvd.nist.gov/vuln/detail/CVE-2022-25811
CVE-2022-25812 The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high privilege users such as admin to perform RCE https://nvd.nist.gov/vuln/detail/CVE-2022-25812
CVE-2022-2172 The LinkWorth WordPress plugin before 3.3.4 does not implement nonce checks, which could allow attackers to make a logged in admin change settings via a CSRF attack. https://nvd.nist.gov/vuln/detail/CVE-2022-2172
CVE-2022-2198 The WPQA Builder WordPress plugin before 5.7 which is a companion plugin to the Hilmer and Discy , does not check authorization before displaying private messages, allowing any logged in user to read other users private message using the message id, which can easily be brute forced. https://nvd.nist.gov/vuln/detail/CVE-2022-2198
CVE-2022-2275 The WP Edit Menu WordPress plugin before 1.5.0 does not have CSRF in an AJAX action, which could allow attackers to make a logged in admin delete arbitrary posts/pages from the blog via a CSRF attack https://nvd.nist.gov/vuln/detail/CVE-2022-2275
CVE-2022-2276 The WP Edit Menu WordPress plugin before 1.5.0 does not have authorisation and CSRF in an AJAX action, which could allow unauthenticated attackers to delete arbitrary posts/pages from the blog https://nvd.nist.gov/vuln/detail/CVE-2022-2276
CVE-2022-2312 The Student Result or Employee Database WordPress plugin before 1.7.5 does not have CSRF in its AJAX actions, allowing attackers to make logged in user with a role as low as contributor to add/edit and delete students via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site scripting https://nvd.nist.gov/vuln/detail/CVE-2022-2312
CVE-2022-2361 The WP Social Chat WordPress plugin before 6.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks. https://nvd.nist.gov/vuln/detail/CVE-2022-2361
CVE-2022-2362 The Download Manager WordPress plugin before 3.2.50 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based download blocking restrictions. https://nvd.nist.gov/vuln/detail/CVE-2022-2362
CVE-2022-2375 The WP Sticky Button WordPress plugin before 1.4.1 does not have authorisation and CSRF checks when saving its settings, allowing unauthenticated users to update them. Furthermore, due to the lack of escaping in some of them, it could lead to Stored Cross-Site Scripting issues https://nvd.nist.gov/vuln/detail/CVE-2022-2375
CVE-2022-2377 The Directorist WordPress plugin before 7.3.0 does not have authorisation and CSRF checks in an AJAX action, allowing any authenticated users to send arbitrary emails on behalf of the blog https://nvd.nist.gov/vuln/detail/CVE-2022-2377
CVE-2022-2382 The Product Slider for WooCommerce WordPress plugin before 2.5.7 has flawed CSRF checks and lack authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber to call them. One in particular could allow them to delete arbitrary blog options. https://nvd.nist.gov/vuln/detail/CVE-2022-2382
CVE-2022-2383 The Feed Them Social WordPress plugin before 3.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting https://nvd.nist.gov/vuln/detail/CVE-2022-2383
CVE-2022-2388 The WP Coder WordPress plugin before 2.5.3 does not have CSRF check in place when deleting code created by the plugin, which could allow attackers to make a logged in admin delete arbitrary ones via a CSRF attack https://nvd.nist.gov/vuln/detail/CVE-2022-2388
CVE-2022-2389 The Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder & Marketing Automation By Autonami WordPress plugin before 2.1.2 does not have authorisation and CSRF checks in one of its AJAX action, allowing any authenticated users, such as subscriber to create automations https://nvd.nist.gov/vuln/detail/CVE-2022-2389
CVE-2022-2392 The Lana Downloads Manager WordPress plugin before 1.8.0 is affected by an arbitrary file download vulnerability that can be exploited by users with "Contributor" permissions or higher. https://nvd.nist.gov/vuln/detail/CVE-2022-2392
CVE-2022-2407 The WP phpMyAdmin WordPress plugin before 5.2.0.4 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup) https://nvd.nist.gov/vuln/detail/CVE-2022-2407
CVE-2022-2532 The Feed Them Social WordPress plugin before 3.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting https://nvd.nist.gov/vuln/detail/CVE-2022-2532
CVE-2022-2873 An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system. https://nvd.nist.gov/vuln/detail/CVE-2022-2873
CVE-2022-34770 Tabit - sensitive information disclosure. Several APIs on the web system display, without authorization, sensitive information such as health statements, previous bills in a specific restaurant, alcohol consumption and smoking habits. Each of the described API’s, has in its URL one or more MongoDB ID which is not so simple to enumerate. However, they each receive a ‘tiny URL’ in Tabit’s domain, in the form of https://tbit.be/{suffix} with suffix being a 5 characters long string containing numbers, lower- and upper-case letters. It is not so simple to enumerate them all, but really easy to find some that work and lead to a personal endpoint. This is both an example of OWASP: API4 - rate limiting and OWASP: API1 - Broken object level authorization. Furthermore, the redirect URL disclosed the MongoDB IDs discussed above, and we could use them to query other endpoints disclosing more personal information. For example: The URL https://tabitisrael.co.il/online-reservations/health-statement?orgId={org_id}&healthStatementId={health_statement_id} is used to invite friends to fill a health statement before attending the restaurant. We can use the health_statement_id to access the https://tgm-api.tabit.cloud/health-statement/{health_statement_id} API which disclose medical information as well as id number. https://nvd.nist.gov/vuln/detail/CVE-2022-34770
CVE-2022-34771 Tabit - arbitrary SMS send on Tabits behalf. The resend OTP API of tabit allows an adversary to send messages on tabits behalf to anyone registered on the system - the API receives the parameters: phone number, and CustomMessage, We can use that API to craft malicious messages to any user of the system. In addition, the API probably has some kind of template injection potential. When entering {{OTP}} in the custom message field it is formatted into an OTP. https://nvd.nist.gov/vuln/detail/CVE-2022-34771
CVE-2022-34772 Tabit - password enumeration. Description: Tabit - password enumeration. The passwords for the Tabit system is a 4 digit OTP. One can resend OTP and try logging in indefinitely. Once again, this is an example of OWASP: API4 - Rate limiting. https://nvd.nist.gov/vuln/detail/CVE-2022-34772
CVE-2022-34773 Tabit - HTTP Method manipulation. https://bridge.tabit.cloud/configuration/addresses-query - can be POST-ed to add addresses to the DB. This is an example of OWASP:API8 – Injection. https://nvd.nist.gov/vuln/detail/CVE-2022-34773
CVE-2022-34774 Tabit - Arbitrary account modification. One of the endpoints mapped by the tiny URL, was a page where an adversary can modify personal details, such as email addresses and phone numbers of a specific user in a restaurant's loyalty program. Possibly allowing account takeover (the mail can be used to reset password). https://nvd.nist.gov/vuln/detail/CVE-2022-34774
CVE-2022-34775 Tabit - Excessive data exposure. Another endpoint mapped by the tiny url, was one for reservation cancellation, containing the MongoDB ID of the reservation, and organization. This can be used to query the http://tgm-api.tabit.cloud/rsv/management/{reservationId}?organization={orgId} API which returns a lot of data regarding the reservation (OWASP: API3): Name, mail, phone number, the number of visits of the user to this specific restaurant, the money he spent there, the money he spent on alcohol, whether he left a deposit etc. This information can easily be used for a phishing attack. https://nvd.nist.gov/vuln/detail/CVE-2022-34775
CVE-2022-34776 Tabit - giftcard stealth. Several APIs on the web system display, without authorization, sensitive information such as health statements, previous bills in a specific restaurant, alcohol consumption and smoking habits. Each of the described APIs, has in its URL one or more MongoDB ID which is not so simple to enumerate. However, they each receive a 'tiny URL' in tabits domain, in the form of https://tbit.be/{suffix} with suffix being a 5 character long string containing numbers, lower and upper case letters. It is not so simple to enumerate them all, but really easy to find some that work and lead to a personal endpoint. Furthermore, the redirect URL disclosed the MongoDB IDs discussed above, and we could use them to query other endpoints disclosing more personal information. https://nvd.nist.gov/vuln/detail/CVE-2022-34776
CVE-2022-37133 D-link DIR-816 A2_v1.10CNB04.img reboots the router without authentication via /goform/doReboot. No authentication is required, and reboot is executed when the function returns at the end. https://nvd.nist.gov/vuln/detail/CVE-2022-37133
CVE-2022-37134 D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/form2Wan.cgi. When wantype is 3, l2tp_usrname will be decrypted by base64, and the result will be stored in v94, which does not check the size of l2tp_usrname, resulting in stack overflow. https://nvd.nist.gov/vuln/detail/CVE-2022-37134
CVE-2022-35583 wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to get initial access into the target's system by injecting iframe tag with initial asset IP address on it's source. This allows the attacker to takeover the whole infrastructure by accessing their internal assets. https://nvd.nist.gov/vuln/detail/CVE-2022-35583
CVE-2022-28598 Frappe ERPNext 12.29.0 is vulnerable to XSS where the software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output that is used as a web page that is served to other users. https://nvd.nist.gov/vuln/detail/CVE-2022-28598
CVE-2022-31237 Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an improper preservation of permissions vulnerability in SyncIQ. A low privileged local attacker may potentially exploit this vulnerability, leading to limited information disclosure. https://nvd.nist.gov/vuln/detail/CVE-2022-31237
CVE-2022-31238 Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain a process invoked with sensitive information vulnerability. A CLI user may potentially exploit this vulnerability, leading to information disclosure. https://nvd.nist.gov/vuln/detail/CVE-2022-31238
CVE-2022-32480 Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated attacker may potentially exploit this vulnerability, leading to information disclosure. https://nvd.nist.gov/vuln/detail/CVE-2022-32480
CVE-2022-33932 Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services. https://nvd.nist.gov/vuln/detail/CVE-2022-33932
CVE-2022-1930 An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the eth-account PyPI package, when an attacker is able to supply arbitrary input to the encode_structured_data method https://nvd.nist.gov/vuln/detail/CVE-2022-1930
CVE-2022-28710 An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability. https://nvd.nist.gov/vuln/detail/CVE-2022-28710
CVE-2022-28712 A cross-site scripting (xss) vulnerability exists in the videoAddNew functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability. https://nvd.nist.gov/vuln/detail/CVE-2022-28712
CVE-2022-29468 A cross-site request forgery (CSRF) vulnerability exists in WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to increased privileges. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability. https://nvd.nist.gov/vuln/detail/CVE-2022-29468
CVE-2022-2842 A vulnerability classified as critical has been found in SourceCodester Gym Management System. This affects an unknown part of the file login.php. The manipulation of the argument user_email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-206451. https://nvd.nist.gov/vuln/detail/CVE-2022-2842
CVE-2022-30534 An OS command injection vulnerability exists in the aVideoEncoder chunkfile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability. https://nvd.nist.gov/vuln/detail/CVE-2022-30534
CVE-2022-30547 A directory traversal vulnerability exists in the unzipDirectory functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability. https://nvd.nist.gov/vuln/detail/CVE-2022-30547
CVE-2022-30605 A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to increased privileges. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability. https://nvd.nist.gov/vuln/detail/CVE-2022-30605
CVE-2022-30690 A cross-site scripting (xss) vulnerability exists in the image403 functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability. https://nvd.nist.gov/vuln/detail/CVE-2022-30690
CVE-2022-32282 An improper password check exists in the login functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. An attacker that owns a users' password hash will be able to use it to directly login into the account, leading to increased privileges. https://nvd.nist.gov/vuln/detail/CVE-2022-32282
CVE-2022-32572 An os command injection vulnerability exists in the aVideoEncoder wget functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability. https://nvd.nist.gov/vuln/detail/CVE-2022-32572
CVE-2022-32761 An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability. https://nvd.nist.gov/vuln/detail/CVE-2022-32761
CVE-2022-32768 Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request by an authenticated user can lead to unauthorized access and takeover of resources. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules plugin, allowing an attacker to bypass authentication by guessing a sequential ID, allowing them to take over the another user's streams. https://nvd.nist.gov/vuln/detail/CVE-2022-32768
CVE-2022-32769 Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request by an authenticated user can lead to unauthorized access and takeover of resources. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Playlists plugin, allowing an attacker to bypass authentication by guessing a sequential ID, allowing them to take over the another user's playlists. https://nvd.nist.gov/vuln/detail/CVE-2022-32769
CVE-2022-32770 A cross-site scripting (xss) vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability.This vulnerability arrises from the "toast" parameter which is inserted into the document with insufficient sanitization. https://nvd.nist.gov/vuln/detail/CVE-2022-32770
CVE-2022-32771 A cross-site scripting (xss) vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability.This vulnerability arrises from the "success" parameter which is inserted into the document with insufficient sanitization. https://nvd.nist.gov/vuln/detail/CVE-2022-32771
CVE-2022-32772 A cross-site scripting (xss) vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability.This vulnerability arrises from the "msg" parameter which is inserted into the document with insufficient sanitization. https://nvd.nist.gov/vuln/detail/CVE-2022-32772
CVE-2022-32777 An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. The session cookie and the pass cookie miss the HttpOnly flag, making them accessible via JavaScript. The session cookie also misses the secure flag, which allows the session cookie to be leaked over non-HTTPS connections. This could allow an attacker to steal the session cookie via crafted HTTP requests.This vulnerabilty is for the session cookie which can be leaked via JavaScript. https://nvd.nist.gov/vuln/detail/CVE-2022-32777
CVE-2022-32778 An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. The session cookie and the pass cookie miss the HttpOnly flag, making them accessible via JavaScript. The session cookie also misses the secure flag, which allows the session cookie to be leaked over non-HTTPS connections. This could allow an attacker to steal the session cookie via crafted HTTP requests.This vulnerability is for the pass cookie, which contains the hashed password and can be leaked via JavaScript. https://nvd.nist.gov/vuln/detail/CVE-2022-32778
CVE-2022-33147 A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the aVideoEncoder functionality which can be used to add new videos, allowing an attacker to inject SQL by manipulating the videoDownloadedLink or duration parameter. https://nvd.nist.gov/vuln/detail/CVE-2022-33147
CVE-2022-33148 A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules plugin, allowing an attacker to inject SQL by manipulating the title parameter. https://nvd.nist.gov/vuln/detail/CVE-2022-33148
CVE-2022-33149 A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the CloneSite plugin, allowing an attacker to inject SQL by manipulating the url parameter. https://nvd.nist.gov/vuln/detail/CVE-2022-33149
CVE-2022-34652 A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules plugin, allowing an attacker to inject SQL by manipulating the description parameter. https://nvd.nist.gov/vuln/detail/CVE-2022-34652
CVE-2022-38171 Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readSymbolDictSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2021-30860 (Apple CoreGraphics). https://nvd.nist.gov/vuln/detail/CVE-2022-38171
CVE-2021-29891 IBM OPENBMC OP910 and OP940 could allow a privileged user to upload an improper site identity certificate that may cause it to lose network services. IBM X-Force ID: 207221. https://nvd.nist.gov/vuln/detail/CVE-2021-29891
CVE-2022-38667 HTTP applications (servers) based on Crow through 1.0+4 may allow a Use-After-Free and code execution when HTTP pipelining is used. https://nvd.nist.gov/vuln/detail/CVE-2022-38667
CVE-2022-38668 HTTP applications (servers) based on Crow through 1.0+4 may reveal potentially sensitive data from stack memory when fulfilling a request for a static file smaller than 16 KB. https://nvd.nist.gov/vuln/detail/CVE-2022-38668
CVE-2022-2923 NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240. https://nvd.nist.gov/vuln/detail/CVE-2022-2923
CVE-2022-35191 D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service (DoS) via a crafted HTTP connection request. https://nvd.nist.gov/vuln/detail/CVE-2022-35191
CVE-2019-25075 HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request. https://nvd.nist.gov/vuln/detail/CVE-2019-25075
CVE-2021-28861 Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. https://nvd.nist.gov/vuln/detail/CVE-2021-28861
CVE-2021-42232 TP-Link Archer A7 Archer A7(US)_V5_210519 is affected by a command injection vulnerability in /usr/bin/tddp. The vulnerability is caused by the program taking part of the received data packet as part of the command. This will cause an attacker to execute arbitrary commands on the router. https://nvd.nist.gov/vuln/detail/CVE-2021-42232
CVE-2022-33916 OPC UA .NET Standard Reference Server 1.04.368 allows a remote attacker to cause the application to access sensitive information. https://nvd.nist.gov/vuln/detail/CVE-2022-33916
CVE-2022-34919 The file upload wizard in Zengenti Contensis Classic before 15.2.1.79 does not correctly check that a user has authenticated. By uploading a crafted aspx file, it is possible to execute arbitrary commands. https://nvd.nist.gov/vuln/detail/CVE-2022-34919
CVE-2020-35992 Fiserv Prologue through 2020-12-16 does not properly protect the database password. If an attacker were to gain access to the configuration file (specifically, the LogPassword attribute within appconfig.ini), they would be able to decrypt the password stored within the configuration file. This would yield cleartext credentials for the database (to gain access to financial records of customers stored within the database), and in some cases would allow remote login to the database. https://nvd.nist.gov/vuln/detail/CVE-2020-35992
CVE-2022-35733 Missing authentication for critical function vulnerability in UNIMO Technology digital video recorders (UDR-JA1004/JA1008/JA1016 firmware versions v1.0.20.13 and earlier, and UDR-JA1016 firmware versions v2.0.20.13 and earlier) allows a remote unauthenticated attacker to execute an arbitrary OS command by sending a specially crafted request to the affected device web interface. https://nvd.nist.gov/vuln/detail/CVE-2022-35733
CVE-2022-2829 Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. https://nvd.nist.gov/vuln/detail/CVE-2022-2829
CVE-2022-21208 The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk. https://nvd.nist.gov/vuln/detail/CVE-2022-21208
CVE-2022-24298 All versions of package freeopcua/freeopcua are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False. https://nvd.nist.gov/vuln/detail/CVE-2022-24298
CVE-2022-24381 All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk. https://nvd.nist.gov/vuln/detail/CVE-2022-24381
CVE-2022-25231 The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) by sending a specifically crafted OPC UA message with a special OPC UA NodeID, when the requested memory allocation exceeds the v8’s memory limit. https://nvd.nist.gov/vuln/detail/CVE-2022-25231
CVE-2022-25302 All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a missing handler for failed casting when unvalidated data is forwarded to boost::get function in OpcUaNodeIdBase.h. Exploiting this vulnerability is possible when sending a specifically crafted OPC UA message with a special encoded NodeId. https://nvd.nist.gov/vuln/detail/CVE-2022-25302
CVE-2022-25304 All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk. https://nvd.nist.gov/vuln/detail/CVE-2022-25304
CVE-2022-25761 The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk. https://nvd.nist.gov/vuln/detail/CVE-2022-25761
CVE-2022-25888 The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk. https://nvd.nist.gov/vuln/detail/CVE-2022-25888
CVE-2022-27637 Reflected cross-site scripting vulnerability in PukiWiki versions 1.5.1 to 1.5.3 allows a remote attacker to inject an arbitrary script via unspecified vectors. https://nvd.nist.gov/vuln/detail/CVE-2022-27637
CVE-2022-34486 Path traversal vulnerability in PukiWiki versions 1.4.5 to 1.5.3 allows a remote authenticated attacker with an administrative privilege to execute a malicious script via unspecified vectors. https://nvd.nist.gov/vuln/detail/CVE-2022-34486
CVE-2022-36350 Stored cross-site scripting vulnerability in PukiWiki versions 1.3.1 to 1.5.3 allows a remote attacker to inject an arbitrary script via unspecified vectors. https://nvd.nist.gov/vuln/detail/CVE-2022-36350
CVE-2022-2796 Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.4. https://nvd.nist.gov/vuln/detail/CVE-2022-2796
CVE-2022-1989 All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users. https://nvd.nist.gov/vuln/detail/CVE-2022-1989
CVE-2022-2956 A vulnerability classified as problematic has been found in ConsoleTVs Noxen. Affected is an unknown function of the file /Noxen-master/users.php. The manipulation of the argument create_user_username with the input ">--redacted-- leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-207000 https://nvd.nist.gov/vuln/detail/CVE-2022-2956
CVE-2021-42627 The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page. https://nvd.nist.gov/vuln/detail/CVE-2021-42627
CVE-2022-35203 An access control issue in TrendNet TV-IP572PI v1.0 allows unauthenticated attackers to access sensitive system information. https://nvd.nist.gov/vuln/detail/CVE-2022-35203
CVE-2022-36261 An arbitrary file deletion vulnerability was discovered in taocms 3.0.2, that allows attacker to delete file in server when request url; test.txt https://nvd.nist.gov/vuln/detail/CVE-2022-36261
CVE-2022-37199 JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/user/list. https://nvd.nist.gov/vuln/detail/CVE-2022-37199
CVE-2022-37223 JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/role/list. https://nvd.nist.gov/vuln/detail/CVE-2022-37223
CVE-2022-35278 In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an address or queue. https://nvd.nist.gov/vuln/detail/CVE-2022-35278
CVE-2020-35509 A flaw was found in keycloak affecting versions 11.0.3 and 12.0.0. An expired certificate would be accepted by the direct-grant authenticator because of missing time stamp validations. The highest threat from this vulnerability is to data confidentiality and integrity. https://nvd.nist.gov/vuln/detail/CVE-2020-35509
CVE-2021-20298 A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability. https://nvd.nist.gov/vuln/detail/CVE-2021-20298
CVE-2021-20304 A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability. https://nvd.nist.gov/vuln/detail/CVE-2021-20304
CVE-2021-20316 A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share. https://nvd.nist.gov/vuln/detail/CVE-2021-20316
CVE-2021-23177 An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to change the ACL of a file on the system and gain more privileges. https://nvd.nist.gov/vuln/detail/CVE-2021-23177
CVE-2021-31566 An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system. https://nvd.nist.gov/vuln/detail/CVE-2021-31566
CVE-2021-3670 MaxQueryDuration not honoured in Samba AD DC LDAP https://nvd.nist.gov/vuln/detail/CVE-2021-3670
CVE-2021-3690 A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability. https://nvd.nist.gov/vuln/detail/CVE-2021-3690
CVE-2021-3701 A flaw was found in ansible-runner where the default temporary files configuration in ansible-2.0.0 are written to world R/W locations. This flaw allows an attacker to pre-create the directory, resulting in reading private information or forcing ansible-runner to write files as the legitimate user in a place they did not expect. The highest threat from this vulnerability is to confidentiality and integrity. https://nvd.nist.gov/vuln/detail/CVE-2021-3701
CVE-2021-3702 A race condition flaw was found in ansible-runner, where an attacker could watch for rapid creation and deletion of a temporary directory, substitute their directory at that name, and then have access to ansible-runner's private_data_dir the next time ansible-runner made use of the private_data_dir. The highest Threat out of this flaw is to integrity and confidentiality. https://nvd.nist.gov/vuln/detail/CVE-2021-3702
CVE-2021-3714 A flaw was found in the Linux kernels memory deduplication mechanism. Previous work has shown that memory deduplication can be attacked via a local exploitation mechanism. The same technique can be used if an attacker can upload page sized files and detect the change in access time from a networked service to determine if the page has been merged. https://nvd.nist.gov/vuln/detail/CVE-2021-3714
CVE-2021-3736 A flaw was found in the Linux kernel. A memory leak problem was found in mbochs_ioctl in samples/vfio-mdev/mbochs.c in Virtual Function I/O (VFIO) Mediated devices. This flaw could allow a local attacker to leak internal kernel information. https://nvd.nist.gov/vuln/detail/CVE-2021-3736
CVE-2021-3759 A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability. https://nvd.nist.gov/vuln/detail/CVE-2021-3759
CVE-2021-3763 A flaw was found in the Red Hat AMQ Broker management console in version 7.8 where an existing user is able to access some limited information even when the role the user is assigned to should not be allow access to the management console. The main impact is to confidentiality as this flaw means some role bindings are incorrectly checked, some privileged meta information such as queue names and configuration details are disclosed but the impact is limited as not all information is accessible and there is no affect to integrity. https://nvd.nist.gov/vuln/detail/CVE-2021-3763
CVE-2021-3764 A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability. https://nvd.nist.gov/vuln/detail/CVE-2021-3764
CVE-2021-3798 A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via C_CreateObject, nor when C_DeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid curve attack. https://nvd.nist.gov/vuln/detail/CVE-2021-3798
CVE-2021-3800 A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition. https://nvd.nist.gov/vuln/detail/CVE-2021-3800
CVE-2021-3827 A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. By exploiting this behavior, an attacker can bypass the MFA authentication by sending a SOAP request with an AuthnRequest and Authorization header with the user's credentials. The highest threat from this vulnerability is to confidentiality and integrity. https://nvd.nist.gov/vuln/detail/CVE-2021-3827
CVE-2021-3839 A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate `msg->payload.inflight.num_queues`, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability. https://nvd.nist.gov/vuln/detail/CVE-2021-3839
CVE-2021-3905 A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments. https://nvd.nist.gov/vuln/detail/CVE-2021-3905
CVE-2022-28882 A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker. https://nvd.nist.gov/vuln/detail/CVE-2022-28882
CVE-2022-28883 A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl unpack function crashes. This can lead to a possible scanning engine crash. The exploit can be triggered remotely by an attacker. https://nvd.nist.gov/vuln/detail/CVE-2022-28883
CVE-2022-29476 Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in 8 Degree Themes otification Bar for WordPress plugin <= 1.1.8 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-29476
CVE-2022-2965 Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp prior to 0.7. https://nvd.nist.gov/vuln/detail/CVE-2022-2965
CVE-2022-33142 Authenticated (subscriber+) Denial Of Service (DoS) vulnerability in WordPlus WordPress Better Messages plugin <= 1.9.10.57 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-33142
CVE-2022-34648 Authenticated (author+) Stored Cross-Site Scripting (XSS) vulnerability in dmitrylitvinov Uploading SVG, WEBP and ICO files plugin <= 1.0.1 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-34648
CVE-2022-34658 Multiple Authenticated (contributor+) Persistent Cross-Site Scripting (XSS) vulnerabilities in W3 Eden Download Manager plugin <= 3.2.48 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-34658
CVE-2022-34868 Authenticated Arbitrary Settings Update vulnerability in YooMoney ?Kassa ??? WooCommerce plugin <= 2.3.0 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-34868
CVE-2022-35235 Authenticated (admin+) Arbitrary File Read vulnerability in XplodedThemes WPide plugin <= 2.6 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-35235
CVE-2022-35242 Unauthenticated plugin settings change vulnerability in 59sec THE Leads Management System: 59sec LITE plugin <= 3.4.1 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-35242
CVE-2022-35726 Broken Authentication vulnerability in yotuwp Video Gallery plugin <= 1.3.4.5 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-35726
CVE-2022-36282 Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Roman Pronskiy's Search Exclude plugin <= 1.2.6 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-36282
CVE-2022-36285 Authenticated Arbitrary File Upload vulnerability in dmitrylitvinov Uploading SVG, WEBP and ICO files plugin <= 1.0.1 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-36285
CVE-2022-36288 Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in W3 Eden Download Manager plugin <= 3.2.48 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-36288
CVE-2022-36292 Cross-Site Request Forgery (CSRF) vulnerabilities in WPChill Gallery PhotoBlocks plugin <= 1.2.6 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-36292
CVE-2022-36341 Authenticated (subscriber+) plugin settings change leading to Stored Cross-Site Scripting (XSS) vulnerability in Akash soni's AS – Create Pinterest Pinboard Pages plugin <= 1.0 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-36341
CVE-2022-36347 Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alpine Press Alpine PhotoTile for Pinterest plugin <= 1.3.1 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-36347
CVE-2022-36379 Cross-Site Request Forgery (CSRF) leading to plugin settings update in YooMoney ?Kassa ??? WooCommerce plugin <= 2.3.0 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-36379
CVE-2022-36389 Cross-Site Request Forgery (CSRF) vulnerability in WordPlus Better Messages plugin <= 1.9.9.148 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-36389
CVE-2022-36394 Authenticated (author+) SQL Injection (SQLi) vulnerability in Contest Gallery plugin <= 17.0.4 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-36394
CVE-2022-36405 Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in amCharts: Charts and Maps plugin <= 1.4 at WordPress. https://nvd.nist.gov/vuln/detail/CVE-2022-36405
CVE-2022-37111 BlueCMS 1.6 has SQL injection in line 132 of admin/article.php https://nvd.nist.gov/vuln/detail/CVE-2022-37111
CVE-2022-37112 BlueCMS 1.6 has SQL injection in line 55 of admin/model.php https://nvd.nist.gov/vuln/detail/CVE-2022-37112
CVE-2022-37113 Bluecms 1.6 has SQL injection in line 132 of admin/area.php https://nvd.nist.gov/vuln/detail/CVE-2022-37113
CVE-2022-2946 Use After Free in GitHub repository vim/vim prior to 9.0.0245. https://nvd.nist.gov/vuln/detail/CVE-2022-2946
CVE-2022-37428 PowerDNS Recursor up to and including 4.5.9, 4.6.2 and 4.7.1, when protobuf logging is enabled, has Improper Cleanup upon a Thrown Exception, leading to a denial of service (daemon crash) via a DNS query that leads to an answer with specific properties. https://nvd.nist.gov/vuln/detail/CVE-2022-37428
CVE-2022-38663 Jenkins Git Plugin 4.11.4 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log provided by the Git Username and Password (`gitUsernamePassword`) credentials binding. https://nvd.nist.gov/vuln/detail/CVE-2022-38663
CVE-2022-38664 Jenkins Job Configuration History Plugin 1165.v8cc9fd1f4597 and earlier does not escape the job name on the System Configuration History page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure job names. https://nvd.nist.gov/vuln/detail/CVE-2022-38664
CVE-2022-38665 Jenkins CollabNet Plugins Plugin 2.0.8 and earlier stores a RabbitMQ password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. https://nvd.nist.gov/vuln/detail/CVE-2022-38665
CVE-2022-1513 A potential vulnerability was reported in Lenovo PCManager prior to version 5.0.10.4191 that may allow code execution when visiting a specially crafted website. https://nvd.nist.gov/vuln/detail/CVE-2022-1513
CVE-2022-35115 IceWarp WebClient DC2 - Update 2 Build 9 (13.0.2.9) was discovered to contain a SQL injection vulnerability via the search parameter at /webmail/server/webmail.php. https://nvd.nist.gov/vuln/detail/CVE-2022-35115
CVE-2022-38172 ServiceNow through San Diego Patch 3 allows XSS via the name field during creation of a new dashboard for the Performance Analytics dashboard. https://nvd.nist.gov/vuln/detail/CVE-2022-38172
CVE-2022-38463 ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality. https://nvd.nist.gov/vuln/detail/CVE-2022-38463
CVE-2020-35511 A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file. https://nvd.nist.gov/vuln/detail/CVE-2020-35511
CVE-2021-3917 A flaw was found in the coreos-installer, where it writes the Ignition config to the target system with world-readable access permissions. This flaw allows a local attacker to have read access to potentially sensitive data. The highest threat from this vulnerability is to confidentiality. https://nvd.nist.gov/vuln/detail/CVE-2021-3917
CVE-2021-3975 A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash. https://nvd.nist.gov/vuln/detail/CVE-2021-3975
CVE-2021-3995 A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to unmount FUSE filesystems that belong to certain other users who have a UID that is a prefix of the UID of the attacker in its string form. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems. https://nvd.nist.gov/vuln/detail/CVE-2021-3995
CVE-2021-3996 A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves (like /tmp) or mounted in a world-writable directory. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems. https://nvd.nist.gov/vuln/detail/CVE-2021-3996
CVE-2021-3997 A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp. https://nvd.nist.gov/vuln/detail/CVE-2021-3997
CVE-2022-2938 A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects. https://nvd.nist.gov/vuln/detail/CVE-2022-2938
CVE-2022-31676 VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine. https://nvd.nist.gov/vuln/detail/CVE-2022-31676