Vulnerability Summary for the Week of August 8, 2022

08/15/2022 10:52 AM EDT

Original release date: August 15, 2022 | Last revised: August 16, 2022

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no high vulnerabilities recorded this week.

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no medium vulnerabilities recorded this week.

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no low vulnerabilities recorded this week.

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
accusoft — imagegear An out-of-bounds write vulnerability exists in the PSD Header processing memory allocation functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-29465
MISC
acrontum — filesystem-template The package @acrontum/filesystem-template before 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input. 2022-08-05 not yet calculated CVE-2022-21186
CONFIRM
CONFIRM
adobe — acrobat_reader
 
Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-08-11 not yet calculated CVE-2022-35665
MISC
adobe — acrobat_reader
 
Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-08-11 not yet calculated CVE-2022-35670
MISC
adobe — acrobat_reader
 
Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-08-11 not yet calculated CVE-2022-35671
MISC
adobe — acrobat_reader
 
Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-08-11 not yet calculated CVE-2022-35678
MISC
adobe — acrobat_reader
 
Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-08-11 not yet calculated CVE-2022-35666
MISC
adobe — acrobat_reader
 
Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-08-11 not yet calculated CVE-2022-35667
MISC
adobe — acrobat_reader
 
Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an Improper Input Validation vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-08-11 not yet calculated CVE-2022-35668
MISC
adobe — framemaker Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-08-11 not yet calculated CVE-2022-35675
MISC
adobe — framemaker
 
Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-08-11 not yet calculated CVE-2022-35673
MISC
adobe — framemaker
 
Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-08-11 not yet calculated CVE-2022-34264
MISC
adobe — framemaker
 
Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-08-11 not yet calculated CVE-2022-35674
MISC
adobe — framemaker
 
Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-08-11 not yet calculated CVE-2022-35677
MISC
adobe — framemaker
 
Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-08-11 not yet calculated CVE-2022-35676
MISC
adobe — illustrator Adobe Illustrator versions 26.3.1 (and earlier) and 25.4.6 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-08-11 not yet calculated CVE-2022-34261
MISC
adobe — illustrator Adobe Illustrator versions 26.3.1 (and earlier) and 25.4.6 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-08-11 not yet calculated CVE-2022-34263
MISC
adobe — illustrator
 
Adobe Illustrator versions 26.3.1 (and earlier) and 25.4.6 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-08-11 not yet calculated CVE-2022-34262
MISC
adobe — illustrator
 
Adobe Illustrator versions 26.3.1 (and earlier) and 25.4.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-08-11 not yet calculated CVE-2022-34260
MISC
adobe — premiere_elements Adobe Premiere Elements version 2020v20 (and earlier) is affected by an Uncontrolled Search Path Element which could lead to Privilege Escalation. An attacker could leverage this vulnerability to obtain admin using an existing low-privileged user. Exploitation of this issue does not require user interaction. 2022-08-11 not yet calculated CVE-2022-34235
MISC
adobe — web_content_management_core_components Adobe Experience Manager Core Components version 2.20.6 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser. Exploitation of this issue requires a low author privilege access. 2022-08-10 not yet calculated CVE-2022-35697
MISC
agentejo — cockpit Insufficient Session Expiration in GitHub repository cockpit-hq/cockpit prior to 2.2.0. 2022-08-08 not yet calculated CVE-2022-2713
MISC
CONFIRM
airspan — airspot_5410 In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. The ping functionality can be called without user authentication when crafting a malicious http request by injecting code in one of the parameters allowing for remote code execution. This vulnerability is exploited via the binary file /home/www/cgi-bin/diagnostics.cgi that accepts unauthenticated requests and unsanitized data. As a result, a malicious actor can craft a specific request and interact remotely with the device. 2022-08-08 not yet calculated CVE-2022-36267
MISC
MISC
MISC
airspan — airspot_5410 In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a stored XSS vulnerability. As the binary file /home/www/cgi-bin/login.cgi does not check if the user is authenticated, a malicious actor can craft a specific request on the login.cgi endpoint that contains a base32 encoded XSS payload that will be accepted and stored. A successful attack will results in the injection of malicious scripts into the user settings page. 2022-08-08 not yet calculated CVE-2022-36266
MISC
MISC
airspan — airspot_5410 In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Hidden system command web page. After performing a reverse engineering of the firmware, it was discovered that a hidden page not listed in the administration management interface allows a user to execute Linux commands on the device with root privileges. An authenticated malicious threat actor can use this page to fully compromise the device. 2022-08-08 not yet calculated CVE-2022-36265
MISC
MISC
airspan — airspot_5410 In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists an Unauthenticated remote Arbitrary File Upload vulnerability which allows overwriting arbitrary files. A malicious actor can remotely upload a file of their choice and overwrite any file in the system by manipulating the filename and append a relative path that will be interpreted during the upload process. Using this method, it is possible to rewrite any file in the system or upload a new file. 2022-08-08 not yet calculated CVE-2022-36264
MISC
MISC
alphaware_-_simple_e-commerce_system — alphaware_-_simple_e-commerce_system A vulnerability, which was classified as problematic, has been found in SourceCodester Alphaware Simple E-Commerce System. Affected by this issue is some unknown functionality of the file stockin.php. The manipulation of the argument id with the input ‘”><script>alert(/xss/)</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-205670 is the identifier assigned to this vulnerability. 2022-08-05 not yet calculated CVE-2022-2682
MISC
MISC
alphaware_e-commerce_system — alphaware_e-commerce_system A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System. It has been declared as critical. This vulnerability affects unknown code of the file admin_feature.php of the component Background Management Page. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-205666 is the identifier assigned to this vulnerability. 2022-08-05 not yet calculated CVE-2022-2678
MISC
MISC
amd — athlon_3050ge_firmware Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the contention level on scheduler queues an attacker may potentially leak sensitive information. 2022-08-10 not yet calculated CVE-2021-46778
MISC
apache — avro_rust_sdk It is possible to crash (panic) an application by providing a corrupted data to be read. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue. 2022-08-09 not yet calculated CVE-2022-36125
MISC
apache — avro_rust_sdk
 
It is possible for a Reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue. 2022-08-09 not yet calculated CVE-2022-36124
MISC
apache — avro_rust_sdk
 
It is possible to provide data to be read that leads the reader to loop in cycles endlessly, consuming CPU. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue. 2022-08-09 not yet calculated CVE-2022-35724
MISC
apache — opensearch
 
OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. Versions 2.0.0.0 and 2.1.0.0 of the security plugin are affected by an information disclosure vulnerability. Requests to an OpenSearch cluster configured with advanced access control features document level security (DLS), field level security (FLS), and/or field masking will not be filtered when the query’s search pattern matches an aliased index. OpenSearch Dashboards creates an alias to `.kibana` by default, so filters with the index pattern of `*` to restrict access to documents or fields will not be applied. This issue allows requests to access sensitive information when customer have acted to restrict access that specific information. OpenSearch 2.2.0, which is compatible with OpenSearch Security 2.2.0.0, contains the fix for this issue. There is no recommended work around. 2022-08-12 not yet calculated CVE-2022-35980
CONFIRM
MISC
MISC
apache — traffic_server Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. 2022-08-10 not yet calculated CVE-2022-28129
CONFIRM
DEBIAN
apache — traffic_server Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. 2022-08-10 not yet calculated CVE-2021-37150
CONFIRM
DEBIAN
apache — traffic_server Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. 2022-08-10 not yet calculated CVE-2022-31779
CONFIRM
DEBIAN
apache — traffic_server Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. 2022-08-10 not yet calculated CVE-2022-31780
CONFIRM
DEBIAN
apache — traffic_server Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. 2022-08-10 not yet calculated CVE-2022-25763
CONFIRM
DEBIAN
apache — traffic_server Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 8.0.0 to 9.0.2. 2022-08-10 not yet calculated CVE-2022-31778
CONFIRM
DEBIAN
apartment_visitor_management_system — apartment_visitor_management_system
 
A vulnerability was found in SourceCodester Apartment Visitor Management System. It has been classified as problematic. This affects an unknown part of the file profile.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-206169 was assigned to this vulnerability. 2022-08-11 not yet calculated CVE-2022-2773
MISC
apartment_visitor_management_system — apartment_visitor_management_system
 
A vulnerability was found in SourceCodester Apartment Visitor Management System and classified as critical. Affected by this issue is some unknown functionality of the file action-visitor.php. The manipulation of the argument editid/remark leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-206168. 2022-08-11 not yet calculated CVE-2022-2772
MISC
apartment_visitors_management_system — apartment_visitors_management_system A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been classified as critical. This affects an unknown part of the file index.php. The manipulation of the argument username with the input ‘ AND (SELECT 4955 FROM (SELECT(SLEEP(5)))RSzF) AND ‘htiy’=’htiy leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205665 was assigned to this vulnerability. 2022-08-05 not yet calculated CVE-2022-2677
MISC
MISC
apartment_visitors_management_system — apartment_visitors_management_system A vulnerability has been found in SourceCodester Apartment Visitor Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /manage-apartment.php. The manipulation of the argument Apartment Number with the input <script>alert(1)</script> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205672. 2022-08-05 not yet calculated CVE-2022-2684
MISC
MISC
arista — cloudvision_portal This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal (CVP) where under a certain set of conditions, user passwords can be leaked in the Audit and System logs. The impact of this vulnerability is that the CVP user login passwords might be leaked to other authenticated users. 2022-08-05 not yet calculated CVE-2022-29071
MISC
artica — pandora_fms A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via module massive operation name field. 2022-08-05 not yet calculated CVE-2021-46681
CONFIRM
CONFIRM
asustor — adm A stack-based buffer overflow vulnerability was found inside ADM when using WebDAV due to the lack of data size validation. An attacker can exploit this vulnerability to run arbitrary code. Affected ADM versions include: 3.5.9.RUE3 and below, 4.0.5.RVI1 and below as well as 4.1.0.RJD1 and below. 2022-08-05 not yet calculated CVE-2022-37398
MISC
asuswrt — asuswrt A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-26376
MISC
atlassian — jira_data_center Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Reflected Cross-Site Scripting (RXSS) vulnerability in the TeamManagement.jspa endpoint. The affected versions are before version 8.20.8. 2022-08-10 not yet calculated CVE-2022-36801
N/A
autodesk — autodesk_3ds_max
 
A Stack-based Buffer Overflow Vulnerability in Autodesk 3ds Max 2022, 2021, and 2020 may lead to code execution through the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer when parsing ActionScript Byte Code files. This vulnerability may allow arbitrary code execution on affected installations of Autodesk 3ds Max. 2022-08-10 not yet calculated CVE-2022-25793
MISC
automated_beer_parlour_billing_system — automated_beer_parlour_billing_system
 
A vulnerability, which was classified as critical, was found in SourceCodester Automated Beer Parlour Billing System. This affects an unknown part of the component Login. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-206247. 2022-08-12 not yet calculated CVE-2022-2801
MISC
best_fee_management_system — best_fee_management_system A vulnerability was found in SourceCodester Best Fee Management System. It has been rated as critical. Affected by this issue is the function login of the file admin_class.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-205658 is the identifier assigned to this vulnerability. 2022-08-05 not yet calculated CVE-2022-2674
MISC
bookwyrm — bookwyrm
 
BookWyrm is a social network for tracking your reading, talking about books, writing reviews, and discovering what to read next. Some links in BookWyrm may be vulnerable to tabnabbing, a form of phishing that gives attackers an opportunity to redirect a user to a malicious site. The issue was patched in version 0.4.5. 2022-08-12 not yet calculated CVE-2022-35953
CONFIRM
MISC
br-automation — studio Improper Input Validation vulnerability in the project upload mechanism in B&R Automation Studio version >=4.0 may allow an unauthenticated network attacker to execute code. 2022-08-11 not yet calculated CVE-2021-22289
MISC
church_management_system — church_management_system A vulnerability classified as critical has been found in SourceCodester Church Management System 1.0. Affected is an unknown function of the file /login.php. The manipulation of the argument username with the input ‘ OR (SELECT 7064 FROM(SELECT COUNT(*),CONCAT(0x71627a7671,(SELECT (ELT(7064=7064,1))),0x716b707871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)– jURL leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205668. 2022-08-05 not yet calculated CVE-2022-2680
MISC
MISC
cisco — adaptive_security_appliance_and_firepower_threat_defense
 
A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device. A successful exploit could allow the attacker to retrieve the RSA private key. The following conditions may be observed on an affected device: This vulnerability will apply to approximately 5 percent of the RSA keys on a device that is running a vulnerable release of Cisco ASA Software or Cisco FTD Software; not all RSA keys are expected to be affected due to mathematical calculations applied to the RSA key. The RSA key could be valid but have specific characteristics that make it vulnerable to the potential leak of the RSA private key. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic. See the Indicators of Compromise section for more information on the detection of this type of RSA key. The RSA key could be malformed and invalid. A malformed RSA key is not functional, and a TLS client connection to a device that is running Cisco ASA Software or Cisco FTD Software that uses the malformed RSA key will result in a TLS signature failure, which means a vulnerable software release created an invalid RSA signature that failed verification. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic. 2022-08-10 not yet calculated CVE-2022-20866
CISCO
cisco — adaptive_security_appliance_software A vulnerability in the Clientless SSL VPN (WebVPN) component of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks. This vulnerability is due to improper validation of input that is passed to the Clientless SSL VPN component. An attacker could exploit this vulnerability by convincing a targeted user to visit a website that can pass malicious requests to an ASA device that has the Clientless SSL VPN feature enabled. A successful exploit could allow the attacker to conduct browser-based attacks, including cross-site scripting attacks, against the targeted user. 2022-08-10 not yet calculated CVE-2022-20713
CISCO
cisco — broadworks A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. 2022-08-10 not yet calculated CVE-2022-20869
CISCO
cisco — identity_services_engine A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to obtain sensitive information. This vulnerability is due to excessive verbosity in a specific REST API output. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to obtain sensitive information, including administrative credentials for an external authentication server. Note: To successfully exploit this vulnerability, the attacker must have valid ERS administrative credentials. 2022-08-10 not yet calculated CVE-2022-20914
CISCO
cisco — small_business_routers Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. 2022-08-10 not yet calculated CVE-2022-20827
CISCO
cisco — small_business_routers Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. 2022-08-10 not yet calculated CVE-2022-20842
CISCO
cisco — small_business_routers Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. 2022-08-10 not yet calculated CVE-2022-20841
CISCO
cisco — unified_communications_manager A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to delete arbitrary files from an affected system. This vulnerability exists because the affected software does not properly validate HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow the attacker to delete arbitrary files from the affected system. 2022-08-10 not yet calculated CVE-2022-20816
CISCO
cisco — webex_meetings Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface. For more information about these vulnerabilities, see the Details section of this advisory. 2022-08-10 not yet calculated CVE-2022-20852
CISCO
cisco — webex_meetings Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface. For more information about these vulnerabilities, see the Details section of this advisory. 2022-08-10 not yet calculated CVE-2022-20820
CISCO
clamav — clamav A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code execution. The vulnerability is due to improper bounds checking that may result in a multi-byte heap buffer overwflow write. An attacker could exploit this vulnerability by placing a crafted CDB ClamAV signature database file in the ClamAV database directory. An exploit could allow the attacker to run code as the clamav user. 2022-08-10 not yet calculated CVE-2022-20792
CISCO
clinic’s_patient_management_system — clinic’s_patient_management_system Clinic’s Patient Management System v1.0 is vulnerable to SQL injection via /pms/update_user.php?id=. 2022-08-10 not yet calculated CVE-2022-36750
MISC
clinic’s_patient_management_system — clinic’s_patient_management_system Clinic’s Patient Management System v1.0 has arbitrary code execution via url: ip/pms/users.php. 2022-08-10 not yet calculated CVE-2022-36270
MISC
codeigniter — codeigniter_shield
 
Shield is an authentication and authorization framework for CodeIgniter 4. This vulnerability may allow [SameSite Attackers](canitakeyoursubdomain.name/) to bypass the [CodeIgniter4 CSRF protection](codeigniter4.github.io/userguide/libraries/security.html) mechanism with CodeIgniter Shield. For this attack to succeed, the attacker must have direct (or indirect, e.g., XSS) control over a subdomain site (e.g., `https://a.example.com/`) of the target site (e.g., `http://example.com/`). Upgrade to **CodeIgniter v4.2.3 or later** and **Shield v1.0.0-beta.2 or later**. As a workaround: set `ConfigSecurity::$csrfProtection` to `’session,’`remove old session data right after login (immediately after ID and password match) and regenerate CSRF token right after login (immediately after ID and password match) 2022-08-12 not yet calculated CVE-2022-35943
MISC
MISC
MISC
CONFIRM
company_website/cms — company_website/cms A vulnerability was found in SourceCodester Company Website CMS and classified as critical. Affected by this issue is some unknown functionality of the file site-settings.php of the component Cookie Handler. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-205826 is the identifier assigned to this vulnerability. 2022-08-08 not yet calculated CVE-2022-2702
MISC
MISC
company_website_cms — company_website_cms A vulnerability, which was classified as critical, was found in SourceCodester Company Website CMS. Affected is an unknown function of the file /dashboard/add-service.php of the component Add Service Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. VDB-206022 is the identifier assigned to this vulnerability. 2022-08-11 not yet calculated CVE-2022-2750
MISC
company_website_cms — company_website_cms A vulnerability was found in SourceCodester Company Website CMS. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add-blog.php. The manipulation leads to cross site scripting. The attack may be launched remotely. VDB-205838 is the identifier assigned to this vulnerability. 2022-08-09 not yet calculated CVE-2022-2725
N/A
company_website_cms — company_website_cms A vulnerability was found in SourceCodester Company Website CMS and classified as critical. This issue affects some unknown processing. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205817 was assigned to this vulnerability. 2022-08-06 not yet calculated CVE-2022-2694
MISC
MISC
company_website_cms — company_website_cms
 
A vulnerability, which was classified as problematic, has been found in SourceCodester Company Website CMS. This issue affects some unknown processing of the file /dashboard/contact. The manipulation of the argument phone leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206165 was assigned to this vulnerability. 2022-08-11 not yet calculated CVE-2022-2769
MISC
MISC
company_website_cms — company_website_cms
 
A vulnerability was found in SourceCodester Company Website CMS 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard/settings. The manipulation leads to improper authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206161 was assigned to this vulnerability. 2022-08-11 not yet calculated CVE-2022-2765
MISC
MISC
company_website_cms — company_website_cms
 
A vulnerability was found in SourceCodester Company Website CMS and classified as critical. Affected by this issue is some unknown functionality of the file /dashboard/add-portfolio.php. The manipulation of the argument ufile leads to unrestricted upload. The attack may be launched remotely. The identifier of this vulnerability is VDB-206024. 2022-08-11 not yet calculated CVE-2022-2751
MISC
company_website_cms– company_website_cms
 
A vulnerability was found in SourceCodester Company Website CMS. It has been declared as critical. This vulnerability affects unknown code of the file /dashboard/add-blog.php of the component Add Blog. The manipulation of the argument ufile leads to unrestricted upload. The attack can be initiated remotely. VDB-205882 is the identifier assigned to this vulnerability. 2022-08-11 not yet calculated CVE-2022-2740
MISC
company_website_cms– company_website_cms
 
A vulnerability was found in SourceCodester Company Website CMS. It has been classified as critical. This affects an unknown part of the file /dashboard/updatelogo.php of the component Background Upload Logo Icon. The manipulation of the argument xfile/ufile leads to unrestricted upload. It is possible to initiate the attack remotely. The identifier VDB-205881 was assigned to this vulnerability. 2022-08-11 not yet calculated CVE-2022-2736
MISC
complete_online_job_search_system — complete_online_job_search_system Complete Online Job Search System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the CATEGORY parameter at /category/controller.php?action=edit. 2022-08-05 not yet calculated CVE-2022-35162
MISC
complete_online_job_search_system — complete_online_job_search_system Complete Online Job Search System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the U_NAME parameter at /category/controller.php?action=edit. 2022-08-05 not yet calculated CVE-2022-35163
MISC
dd-wrt — dd-wrt A memory corruption vulnerability exists in the httpd unescape functionality of DD-WRT Revision 32270 – Revision 48599. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-27631
MISC
dell — bios
 
Prior Dell BIOS versions contain an Improper Authentication vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability by bypassing drive security mechanisms in order to gain access to the system. 2022-08-09 not yet calculated CVE-2022-29083
CONFIRM
dell — wyse_management_suite Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability with which an attacker with no access to create rules could potentially exploit this vulnerability and create rules. 2022-08-10 not yet calculated CVE-2022-33924
CONFIRM
dell — wyse_management_suite Dell Wyse Management Suite 3.6.1 and below contains a Session Fixation vulnerability. A unauthenticated attacker could exploit this by taking advantage of a user with multiple active sessions in order to hijack a user’s session. 2022-08-10 not yet calculated CVE-2022-33927
CONFIRM
dell — wyse_management_suite Dell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. A remote malicious user could exploit this vulnerability in order to retain access to a file repository after it has been revoked. 2022-08-10 not yet calculated CVE-2022-33926
CONFIRM
dell — wyse_management_suite Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An remote authenticated attacker could potentially exploit this vulnerability by bypassing access controls in order to download reports containing sensitive information. 2022-08-10 not yet calculated CVE-2022-33925
CONFIRM
dell — wyse_management_suite Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An attacker with no access to Alert Classification page could potentially exploit this vulnerability, leading to the change the alert categories. 2022-08-10 not yet calculated CVE-2022-33931
CONFIRM
dell — wyse_management_suite WMS 3.7 contains a Path Traversal Vulnerability in Device API. An attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. 2022-08-10 not yet calculated CVE-2022-34365
CONFIRM
dell — wyse_management_suite Dell Wyse Management Suite 3.6.1 and below contains an Plain-text Password Storage Vulnerability in UI. An attacker with low privileges could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. 2022-08-10 not yet calculated CVE-2022-33928
CONFIRM
dell — wyse_management_suite Dell Wyse Management Suite 3.6.1 and below contains Information Disclosure in Devices error pages. An attacker could potentially exploit this vulnerability, leading to the disclosure of certain sensitive information. The attacker may be able to use the exposed information to access and further vulnerability research. 2022-08-10 not yet calculated CVE-2022-33930
CONFIRM
dell — wyse_management_suite Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in EndUserSummary page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user’s web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. 2022-08-10 not yet calculated CVE-2022-33929
CONFIRM
dell — wyse_management_suite Dell Wyse Management Suite 3.6.1 and below contains a Sensitive Data Exposure vulnerability. A low privileged malicious user could potentially exploit this vulnerability in order to obtain credentials. The attacker may be able to use the exposed credentials to access the target device and perform unauthorized actions. 2022-08-10 not yet calculated CVE-2022-29090
CONFIRM
digi — connectport_x2d
 
An attacker may be able to execute malicious actions due to the lack of device access protections and device permissions when using the web application. This could lead to uploading python files which can be later executed. 2022-08-10 not yet calculated CVE-2022-2634
MISC
electronic_medical_records_system — electronic_medical_records_system A vulnerability has been found in SourceCodester Electronic Medical Records System and classified as critical. This vulnerability affects unknown code of the file register.php of the component UPDATE Statement Handler. The manipulation of the argument pconsultation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205816. 2022-08-06 not yet calculated CVE-2022-2693
MISC
MISC
electronic_medical_records_system — electronic_medical_records_system A vulnerability was found in SourceCodester Electronic Medical Records System and classified as critical. Affected by this issue is some unknown functionality of the component POST Request Handler. The manipulation of the argument user_email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205664. 2022-08-05 not yet calculated CVE-2022-2676
MISC
MISC
embedthis — goahead websda.c in GoAhead WebServer 2.1.8 has insufficient nonce entropy because the nonce calculation relies on the hardcoded onceuponatimeinparadise value, which does not follow the secret-data guideline for HTTP Digest Access Authentication in RFC 7616 section 3.3 (or RFC 2617 section 3.2.1). NOTE: 2.1.8 is a version from 2003; however, the affected websda.c code appears in multiple derivative works that may be used in 2021. Recent GoAhead software is unaffected. 2022-08-08 not yet calculated CVE-2021-41615
MISC
MISC
employee_management_system — employee_management_system A vulnerability was found in SourceCodester Employee Management System. It has been classified as critical. Affected is an unknown function of the file /process/eprocess.php. The manipulation of the argument mailuid/pwd leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205836. 2022-08-09 not yet calculated CVE-2022-2723
N/A
N/A
employee_management_system — employee_management_system A vulnerability has been found in SourceCodester Employee Management System and classified as critical. This vulnerability affects unknown code of the file eloginwel.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-205834 is the identifier assigned to this vulnerability. 2022-08-09 not yet calculated CVE-2022-2715
MISC
MISC
employee_management_system — employee_management_system A vulnerability was found in SourceCodester Employee Management System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /process/aprocess.php. The manipulation of the argument mailuid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205837 was assigned to this vulnerability. 2022-08-09 not yet calculated CVE-2022-2724
N/A
N/A
ersi — arcreader An out-of-bounds read vulnerability exists when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) which allow an unauthenticated attacker to induce an information disclosure issue in the context of the current user. 2022-08-12 not yet calculated CVE-2021-29112
CONFIRM
ersi — arcreader
 
A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) allows an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. 2022-08-12 not yet calculated CVE-2021-29117
CONFIRM
ersi — arcreader
 
An out-of-bounds read vulnerability exists when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) which allow an unauthenticated attacker to induce an information disclosure issue in the context of the current user. 2022-08-12 not yet calculated CVE-2021-29118
CONFIRM
estsoft — alyac An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-29886
MISC
estsoft — alyac An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-32543
MISC
ethereum — go_ethereum Go Ethereum (aka geth) through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain blocks, aka Riskless Uncle Making (RUM), as exploited in the wild in 2020 through 2022. 2022-08-05 not yet calculated CVE-2022-37450
MISC
MISC
MISC
MISC
evmos — ethermint Ethermint is an Ethereum library. In Ethermint running versions before `v0.17.2`, the contract `selfdestruct` invocation permanently removes the corresponding bytecode from the internal database storage. However, due to a bug in the `DeleteAccount`function, all contracts that used the identical bytecode (i.e shared the same `CodeHash`) will also stop working once one contract invokes `selfdestruct`, even though the other contracts did not invoke the `selfdestruct` OPCODE. This vulnerability has been patched in Ethermint version v0.18.0. The patch has state machine-breaking changes for applications using Ethermint, so a coordinated upgrade procedure is required. A workaround is available. If a contract is subject to DoS due to this issue, the user can redeploy the same contract, i.e. with identical bytecode, so that the original contract’s code is recovered. The new contract deployment restores the `bytecode hash -> bytecode` entry in the internal state. 2022-08-05 not yet calculated CVE-2022-35936
MISC
MISC
CONFIRM
exim — exim Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set. 2022-08-07 not yet calculated CVE-2022-37452
MISC
MISC
MISC
MISC
MISC
MISC
exim — exim Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc. 2022-08-06 not yet calculated CVE-2022-37451
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
expense_management_system — expense_management_system A vulnerability was found in SourceCodester Expense Management System. It has been rated as critical. This issue affects the function fetch_report_credit of the file report.php of the component POST Parameter Handler. The manipulation of the argument from/to leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-205811. 2022-08-06 not yet calculated CVE-2022-2688
MISC
eyoucms — eyoucms An issue was discovered in EyouCMS 1.5.8. There is a Storage XSS vulnerability that can allows an attacker to execute arbitrary Web scripts or HTML by injecting a special payload via the title parameter in the foreground contribution, allowing the attacker to obtain sensitive information. 2022-08-10 not yet calculated CVE-2022-35509
MISC
f-secure — endpoint_protection_products A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the aerdl.dll component used in certain WithSecure products unpacker function crashes which leads to scanning engine crash. The exploit can be triggered remotely by an attacker. 2022-08-10 not yet calculated CVE-2022-28881
MISC
MISC
fast_food_ordering_system — fast_food_ordering_system A vulnerability, which was classified as problematic, was found in oretnom23 Fast Food Ordering System. This affects an unknown part of the component Menu List Page. The manipulation of the argument Description leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205725 was assigned to this vulnerability. 2022-08-06 not yet calculated CVE-2022-2686
MISC
MISC
feep — libtar The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak. 2022-08-10 not yet calculated CVE-2021-33646
MISC
feep — libtar The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak. 2022-08-10 not yet calculated CVE-2021-33645
MISC
feep — libtar An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read. 2022-08-10 not yet calculated CVE-2021-33643
MISC
feep — libtar An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read. 2022-08-10 not yet calculated CVE-2021-33644
MISC
fork — fork
 
A cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the “publish_on_date” Parameter 2022-08-12 not yet calculated CVE-2022-35587
MISC
fork — fork
 
A cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the “publish_on_time” Parameter. 2022-08-12 not yet calculated CVE-2022-35589
MISC
forkcms — forkcms
 
A cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote attackers to inject JavaScript via the “end_date” Parameter 2022-08-12 not yet calculated CVE-2022-35590
MISC
forkcms — forkcms
 
A stored cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote attackers to inject JavaScript via the “start_date” Parameter 2022-08-12 not yet calculated CVE-2022-35585
MISC
fortinet — fortiproxy A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments. 2022-08-05 not yet calculated CVE-2022-22299
CONFIRM
foxit — pdf_reader Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow an exportXFAData NULL pointer dereference. 2022-08-06 not yet calculated CVE-2022-27944
MISC
MISC
foxit — pdf_reader Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow a NULL pointer dereference when this.Span is used for oState of Collab.addStateModel, because this.Span.text can be NULL. 2022-08-06 not yet calculated CVE-2022-26979
MISC
MISC
freshtomato — freshtomato A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.The `freshtomato-arm` has a vulnerable URL-decoding feature that can lead to memory corruption. 2022-08-05 not yet calculated CVE-2022-28665
MISC
freshtomato — freshtomato A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.The `freshtomato-mips` has a vulnerable URL-decoding feature that can lead to memory corruption. 2022-08-05 not yet calculated CVE-2022-28664
MISC
garage_management_system — garage_management_system A vulnerability was found in SourceCodester Garage Management System. It has been classified as critical. Affected is an unknown function of the file createUser.php. The manipulation of the argument userName/uemail leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205656. 2022-08-05 not yet calculated CVE-2022-2672
MISC
garage_management_system — garage_management_system A vulnerability was found in SourceCodester Garage Management System and classified as critical. This issue affects some unknown processing of the file removeUser.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205655. 2022-08-05 not yet calculated CVE-2022-2671
MISC
gas_agency_management_system — gas_agency_management_system
 
A vulnerability classified as critical was found in SourceCodester Gas Agency Management System. Affected by this vulnerability is an unknown functionality of the file /gasmark/assets/myimages/oneWord.php. The manipulation of the argument shell leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206173 was assigned to this vulnerability. 2022-08-12 not yet calculated CVE-2022-2779
N/A
N/A
gas_agency_management_system — gas_agency_management_system
 
A vulnerability has been found in SourceCodester Gas Agency Management System and classified as critical. This vulnerability affects unknown code of the file gasmark/login.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-206248. 2022-08-12 not yet calculated CVE-2022-2802
MISC
MISC
gitea — gitea
 
In Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to improper access controls, an attacker could assign any issue to any project in Gitea (there was no permission check for fetching the issue). As a result, the attacker would get access to private issue titles. 2022-08-12 not yet calculated CVE-2022-38183
MISC
MISC
gitlab — gitlab_ce/ee An improper access control check in GitLab CE/EE affecting all versions starting from 13.7 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1 allows a malicious authenticated user to view a public project’s Deploy Key’s public fingerprint and name when that key has write permission. Note that GitLab never asks for nor stores the private key. 2022-08-05 not yet calculated CVE-2022-2095
CONFIRM
MISC
MISC
gitlab — gitlab_ce/ee An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.6 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1, allowed a project member to filter issues by contact and organization. 2022-08-05 not yet calculated CVE-2022-2539
MISC
CONFIRM
gitlab — gitlab_ce/ee An issue has been discovered in GitLab EE affecting all versions starting from 12.5 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. GitLab was not performing correct authentication on Grafana API under specific conditions allowing unauthenticated users to perform queries through a path traversal vulnerability. 2022-08-05 not yet calculated CVE-2022-2531
MISC
CONFIRM
MISC
gitlab — gitlab_ce/ee An issue has been discovered in GitLab CE/EE affecting all versions starting from 9.3 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. GitLab was returning contributor emails due to improper data handling in the Datadog integration. 2022-08-05 not yet calculated CVE-2022-2534
MISC
CONFIRM
gitlab — gitlab_ce/ee An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. Membership changes are not reflected in TODO for confidential notes, allowing a former project members to read updates via TODOs. 2022-08-05 not yet calculated CVE-2022-2512
MISC
CONFIRM
gitlab — gitlab_ce/ee A lack of cascading deletes in GitLab CE/EE affecting all versions starting from 13.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1 allows a malicious Group Owner to retain a usable Group Access Token even after the Group is deleted, though the APIs usable by that token are limited. 2022-08-05 not yet calculated CVE-2022-2307
CONFIRM
MISC
gitlab — gitlab_ce/ee An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible to gain access to a private project through an email invite by using other user’s email address as an unverified secondary email. 2022-08-05 not yet calculated CVE-2022-2326
MISC
MISC
CONFIRM
gitlab — gitlab_ce/ee An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible for malicious group or project maintainers to change their corresponding group or project visibility by crafting a malicious POST request. 2022-08-05 not yet calculated CVE-2022-2456
MISC
MISC
CONFIRM
gitlab — gitlab_ce/ee Insufficient validation in GitLab CE/EE affecting all versions from 12.10 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 allows an authenticated and authorised user to import a project that includes branch names which are 40 hexadecimal characters, which could be abused in supply chain attacks where a victim pinned to a specific Git commit of the project. 2022-08-05 not yet calculated CVE-2022-2417
MISC
CONFIRM
gitlab — gitlab_ce/ee A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1. A stored XSS flaw in job error messages allows attackers to perform arbitrary actions on behalf of victims at client side. 2022-08-05 not yet calculated CVE-2022-2500
CONFIRM
MISC
MISC
gitlab — gitlab_ce/ee An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. A malicious maintainer could exfiltrate an integration’s access token by modifying the integration URL such that authenticated requests are sent to an attacker controlled server. 2022-08-05 not yet calculated CVE-2022-2497
MISC
CONFIRM
MISC
gitlab — gitlab_ce/ee An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible for group members to bypass 2FA enforcement enabled at the group level by using Resource Owner Password Credentials grant to obtain an access token without using 2FA. 2022-08-05 not yet calculated CVE-2022-2303
MISC
MISC
CONFIRM
gitlab — gitlab_ee An issue in pipeline subscriptions in GitLab EE affecting all versions from 12.8 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 triggered new pipelines with the person who created the tag as the pipeline creator instead of the subscription’s author. 2022-08-05 not yet calculated CVE-2022-2498
MISC
CONFIRM
MISC
gitlab — gitlab_ee An improper access control issue in GitLab EE affecting all versions from 12.0 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 allows an attacker to bypass IP allow-listing and download artifacts. This attack only bypasses IP allow-listing, proper permissions are still required. 2022-08-05 not yet calculated CVE-2022-2501
CONFIRM
MISC
MISC
gitlab — gitlab_ee An issue has been discovered in GitLab EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible for email invited members to join a project even after the Group Owner has enabled the setting to prevent members from being added to projects in a group, if the invite was sent before the setting was enabled. 2022-08-05 not yet calculated CVE-2022-2459
MISC
MISC
CONFIRM
gitlab — gitlab_ee An issue has been discovered in GitLab EE affecting all versions starting from 13.10 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. GitLab’s Jira integration has an insecure direct object reference vulnerability that may be exploited by an attacker to leak Jira issues. 2022-08-05 not yet calculated CVE-2022-2499
CONFIRM
MISC
MISC
go — go A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service. 2022-08-10 not yet calculated CVE-2022-32189
MISC
MISC
MISC
MISC
MISC
FEDORA
go — go Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. 2022-08-10 not yet calculated CVE-2022-30629
MISC
MISC
MISC
MISC
MISC
go — go Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. 2022-08-10 not yet calculated CVE-2022-30631
MISC
MISC
MISC
MISC
MISC
go — go Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures. 2022-08-10 not yet calculated CVE-2022-30635
MISC
MISC
MISC
MISC
MISC
go — go Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators. 2022-08-10 not yet calculated CVE-2022-30632
MISC
MISC
MISC
MISC
MISC
go — go Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the ‘any’ field tag. 2022-08-10 not yet calculated CVE-2022-30633
MISC
MISC
MISC
MISC
MISC
go — go Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document. 2022-08-10 not yet calculated CVE-2022-28131
MISC
MISC
MISC
MISC
MISC
go — go Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in the working directory named either “..com” or “..exe” by calling Cmd.Run, Cmd.Start, Cmd.Output, or Cmd.CombinedOutput when Cmd.Path is unset. 2022-08-10 not yet calculated CVE-2022-30580
MISC
MISC
MISC
MISC
MISC
go — go Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. 2022-08-10 not yet calculated CVE-2022-1705
MISC
MISC
MISC
MISC
MISC
MISC
go — go Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. 2022-08-10 not yet calculated CVE-2022-1962
MISC
MISC
MISC
MISC
MISC
go — go Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack. 2022-08-10 not yet calculated CVE-2022-29804
MISC
MISC
MISC
MISC
MISC
go — go Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. 2022-08-10 not yet calculated CVE-2022-32148
MISC
MISC
MISC
MISC
MISC
go — go
 
Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators. 2022-08-10 not yet calculated CVE-2022-30630
MISC
MISC
MISC
MISC
MISC
google — android In stealReceiveChannel of EventThread.cpp, there is a possible way to interfere with process communication due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-232541124 2022-08-10 not yet calculated CVE-2022-20344
MISC
google — android In dm_bow_dtr and related functions of dm-bow.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195565510References: Upstream kernel 2022-08-11 not yet calculated CVE-2022-20371
MISC
google — android In WifiP2pManager, there is a possible toobtain WiFi P2P MAC address without user consent due to missing permission check. This could lead to local information disclosure without additional execution privileges needed. User interaction is not needed forexploitationProduct: AndroidVersions: Android-13Android ID: A-192244925 2022-08-12 not yet calculated CVE-2022-20312
MISC
google — android In PackageManager, there is a possible installed package disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187176993 2022-08-12 not yet calculated CVE-2022-20322
MISC
google — android In addProviderRequestListener of LocationManagerService.java, there is a possible way to learn which packages request location information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-222473855 2022-08-10 not yet calculated CVE-2022-20352
MISC
google — android In Bluetooth, there is a possible cleanup failure due to an uncaught exception. This could lead to remote denial of service in Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224545125 2022-08-12 not yet calculated CVE-2022-20253
MISC
google — android In Messaging, there is a possible way to attach a private file to an SMS message due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-217185011 2022-08-11 not yet calculated CVE-2022-20241
MISC
google — android In WifiScanningPreferenceController and BluetoothScanningPreferenceController, there is a possible admin restriction bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-228315522 2022-08-10 not yet calculated CVE-2022-20349
MISC
google — android In USB Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure of installed packages with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-180104273 2022-08-11 not yet calculated CVE-2021-0975
MISC
google — android In LocationManager, there is a possible way to get location information due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-219835125 2022-08-12 not yet calculated CVE-2022-20261
MISC
google — android In Messaging, there is a possible way to attach files to a message without proper access checks due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-226134095 2022-08-11 not yet calculated CVE-2022-20250
MISC
google — android In onDefaultNetworkChanged of Vpn.java, there is a possible way to disable VPN due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-219546241 2022-08-10 not yet calculated CVE-2022-20354
MISC
google — android In Core Utilities, there is a possible log information disclosure. This could lead to local information disclosure of sensitive browsing data with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-190199986 2022-08-11 not yet calculated CVE-2022-20243
MISC
google — android In get of PacProxyService.java, there is a possible system service crash due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-219498290 2022-08-10 not yet calculated CVE-2022-20355
MISC
google — android In LocaleManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-225881167 2022-08-11 not yet calculated CVE-2022-20251
MISC
google — android In AppSearchManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-204082784 2022-08-12 not yet calculated CVE-2022-20287
MISC
google — android In LteRrcNrProAsnDecode of LteRrcNr_Codec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-180956894References: N/A 2022-08-11 not yet calculated CVE-2022-20375
MISC
google — android In exynos5_i2c_irq of (TBD), there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195480799References: N/A 2022-08-11 not yet calculated CVE-2022-20372
MISC
google — android ‘remap_pfn_range’ here may map out of size kernel memory (for example, may map the kernel area), and because the ‘vma->vm_page_prot’ can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID: A-233972091 2022-08-10 not yet calculated CVE-2022-20239
MISC
google — android In Bluetooth, there is a possible way to bypass compiler exploit mitigations due to a configuration error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-221893030 2022-08-12 not yet calculated CVE-2022-20258
MISC
google — android In setChecked of SecureNfcPreferenceController.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-228314987 2022-08-10 not yet calculated CVE-2022-20360
MISC
google — android In startSync of AbstractThreadedSyncAdapter.java, there is a possible way to access protected content of content providers due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-203229608 2022-08-10 not yet calculated CVE-2022-20358
MISC
google — android In writeToParcel of SurfaceControl.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-214999987 2022-08-10 not yet calculated CVE-2022-20357
MISC
google — android In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224547584 2022-08-11 not yet calculated CVE-2022-20252
MISC
google — android Product: AndroidVersions: Android kernelAndroid ID: A-211727306References: N/A 2022-08-11 not yet calculated CVE-2022-20384
MISC
google — android In Media, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-229858836 2022-08-11 not yet calculated CVE-2022-20247
MISC
google — android Product: AndroidVersions: Android kernelAndroid ID: A-215730643References: N/A 2022-08-11 not yet calculated CVE-2022-20370
MISC
google — android Product: AndroidVersions: Android kernelAndroid ID: A-218701042References: N/A 2022-08-11 not yet calculated CVE-2022-20402
MISC
google — android In ActivityManager, there is a possible way to check another process’s capabilities due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-218338453 2022-08-12 not yet calculated CVE-2022-20262
MISC
google — android On specific devices, there is a possible bypass of configuration integrity due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-201078231References: N/A 2022-08-11 not yet calculated CVE-2022-20374
MISC
google — android Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel 2022-08-11 not yet calculated CVE-2022-20368
MISC
google — android In SAEMM_RetrievEPLMNList of SAEMM_ContextManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure post-authentication with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-226446030References: N/A 2022-08-11 not yet calculated CVE-2022-20401
MISC
google — android In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if more than 100 bluetooth devices have been connected with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-201083240 2022-08-11 not yet calculated CVE-2022-20244
MISC
google — android In WindowManager, there is a possible method to create a recording of the lock screen due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-215005011 2022-08-11 not yet calculated CVE-2022-20245
MISC
google — android In LocaleManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-226900861 2022-08-11 not yet calculated CVE-2022-20249
MISC
google — android In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223375145References: Upstream kernel 2022-08-11 not yet calculated CVE-2022-20369
MISC
google — android In ActivityManager, there is a way to read process state for other users due to a missing permission check. This could lead to local information disclosure of app usage with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-217935264 2022-08-12 not yet calculated CVE-2022-20263
MISC
google — android In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-192663798 2022-08-12 not yet calculated CVE-2022-20310
MISC
google — android In trusty_log_seq_start of trusty-log.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216130110References: N/A 2022-08-11 not yet calculated CVE-2022-20376
MISC
google — android In WindowManager, there is a possible bypass of the restrictions for starting activities from the background due to an incorrect UID/permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-230493191 2022-08-11 not yet calculated CVE-2022-20246
MISC
google — android In Core Utilities, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privilege, preventing processes from validating URIs correctly, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-171966843 2022-08-12 not yet calculated CVE-2022-20338
MISC
google — android In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-225178325References: N/A 2022-08-11 not yet calculated CVE-2022-20400
MISC
google — android In AllocateInternalBuffers of g3aa_buffer_allocator.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222408847References: N/A 2022-08-11 not yet calculated CVE-2022-20383
MISC
google — android In (TBD) of (TBD), there is a possible out of bounds write due to kernel stack overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-214245176References: Upstream kernel 2022-08-11 not yet calculated CVE-2022-20382
MISC
google — android Product: AndroidVersions: Android kernelAndroid ID: A-188935887References: N/A 2022-08-11 not yet calculated CVE-2022-20381
MISC
google — android Product: AndroidVersions: Android kernelAndroid ID: A-212625740References: N/A 2022-08-11 not yet calculated CVE-2022-20380
MISC
google — android In lwis_buffer_alloc of lwis_buffer.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-209436980References: N/A 2022-08-11 not yet calculated CVE-2022-20379
MISC
google — android Product: AndroidVersions: Android kernelAndroid ID: A-234657153References: N/A 2022-08-11 not yet calculated CVE-2022-20378
MISC
google — android In TBD of keymaster_ipc.cpp, there is a possible to force gatekeeper, fingerprint, and faceauth to use a known HMAC key. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222339795References: N/A 2022-08-11 not yet calculated CVE-2022-20377
MISC
google — android In Task.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-185810717 2022-08-10 not yet calculated CVE-2021-39696
MISC
google — android In ConnectivityService, there is a possible bypass of network permissions due to a missing permission check. This could lead to local information disclosure of tethering interfaces with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-162952629 2022-08-12 not yet calculated CVE-2022-20341
MISC
google — android In st21nfc_loc_set_polaritymode of fc/st21nfc.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-208269510References: N/A 2022-08-11 not yet calculated CVE-2022-20373
MISC
google — android In shouldAllowFgsWhileInUsePermissionLocked of ActiveServices.java, there is a possible way to start foreground service from background due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-215003903 2022-08-10 not yet calculated CVE-2022-20356
MISC
google — android In SettingsProvider, there is a possible way to read or change the default ringtone due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222687217 2022-08-12 not yet calculated CVE-2022-20255
MISC
google — android In onSaveRingtone of DefaultRingtonePreference.java, there is a possible inappropriate file read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221041256 2022-08-10 not yet calculated CVE-2022-20353
MISC
google — android A vulnerability using PendingIntent in Knox VPN prior to SMR Aug-2022 Release 1 allows attackers to access content providers with system privilege. 2022-08-05 not yet calculated CVE-2022-33725
MISC
google — android In Settings, there is a possible way to connect to an open network bypassing DISALLOW_CONFIG_WIFI restriction due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227619193 2022-08-11 not yet calculated CVE-2022-20248
MISC
google — android Product: AndroidVersions: Android kernelAndroid ID: A-216363416References: N/A 2022-08-11 not yet calculated CVE-2022-20405
MISC
google — android An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local attacker to read uninitialized memory. 2022-08-05 not yet calculated CVE-2022-33716
MISC
google — android A missing input validation before memory read in SEM TA prior to SMR Aug-2022 Release 1 allows local attackers to read out of bound memory. 2022-08-05 not yet calculated CVE-2022-33717
MISC
google — android An improper access control vulnerability in Wi-Fi Service prior to SMR AUG-2022 Release 1 allows untrusted applications to manipulate the list of apps that can use mobile data. 2022-08-05 not yet calculated CVE-2022-33718
MISC
google — android Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause integer overflow to heap overflow. 2022-08-05 not yet calculated CVE-2022-33719
MISC
google — android Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut. 2022-08-05 not yet calculated CVE-2022-33720
MISC
google — android In Settings, there is a possible way to determine whether an app is installed without query permissions, due to side channel information disclosure. This could lead to local information disclosure of an installed package, without proper query permissions, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-189122911 2022-08-11 not yet calculated CVE-2021-0734
MISC
google — android In the Audio HAL, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222572821 2022-08-12 not yet calculated CVE-2022-20256
MISC
google — android Implicit Intent hijacking vulnerability in Smart View prior to SMR Aug-2022 Release 1 allows attacker to access connected device MAC address. 2022-08-05 not yet calculated CVE-2022-33722
MISC
google — android A vulnerable code in onCreate of BluetoothScanDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack. 2022-08-05 not yet calculated CVE-2022-33723
MISC
google — android In Midi, there is a possible way to learn about private midi devices due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-203549963 2022-08-12 not yet calculated CVE-2022-20290
MISC
google — android Exposure of sensitive information in Bluetooth prior to SMR Aug-2022 Release 1 allows local attackers to access connected BT macAddress via Settings.Gloabal. 2022-08-05 not yet calculated CVE-2022-33728
MISC
google — android Unprotected dynamic receiver in Samsung Galaxy Friends prior to SMR Aug-2022 Release 1 allows attacker to launch activity. 2022-08-05 not yet calculated CVE-2022-33726
MISC
google — android In RestrictionsManager, there is a possible way to send a broadcast that should be restricted to system apps due to a permissions bypass. This could lead to local escalation of privilege on an enterprise managed device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-210468836 2022-08-12 not yet calculated CVE-2022-20268
MISC
google — android Product: AndroidVersions: Android kernelAndroid ID: A-210916981References: N/A 2022-08-11 not yet calculated CVE-2022-20407
MISC
google — android Improper restriction of broadcasting Intent in ConfirmConnectActivity of?NFC prior to SMR Aug-2022 Release 1 leaks MAC address of the connected Bluetooth device. 2022-08-05 not yet calculated CVE-2022-33729
MISC
google — android A vulnerability using PendingIntent in DeX for PC prior to SMR Aug-2022 Release 1 allows attackers to access files with system privilege. 2022-08-05 not yet calculated CVE-2022-33721
MISC
google — android Product: AndroidVersions: Android kernelAndroid ID: A-207975764References: N/A 2022-08-11 not yet calculated CVE-2022-20403
MISC
google — android In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-201794303 2022-08-12 not yet calculated CVE-2022-20296
MISC
google — android Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components. 2022-08-05 not yet calculated CVE-2022-33731
MISC
google — android Improper access control vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows local attackers to scan and connect to PC by unprotected binder call. 2022-08-05 not yet calculated CVE-2022-33732
MISC
google — android Product: AndroidVersions: Android kernelAndroid ID: A-204782372References: N/A 2022-08-11 not yet calculated CVE-2022-20408
MISC
google — android Heap-based buffer overflow vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows arbitrary code execution by physical attackers. 2022-08-05 not yet calculated CVE-2022-33730
MISC
google — android In PackageManager, there is a possible way to get information about installed packages ignoring limitations introduced in Android 11 due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-188913056 2022-08-11 not yet calculated CVE-2021-0735
MISC
google — android Improper access control and path traversal vulnerability in LauncherProvider prior to SMR Aug-2022 Release 1 allow local attacker to access files of One UI. 2022-08-05 not yet calculated CVE-2022-33715
MISC
google — android A vulnerable code in onCreate of SecDevicePickerDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack. 2022-08-05 not yet calculated CVE-2022-33727
MISC
google — android Exposure of Sensitive Information in Samsung Dialer application?prior to SMR Aug-2022 Release 1 allows local attackers to access ICCID via log. 2022-08-05 not yet calculated CVE-2022-33724
MISC
google — android In Content, there is a possible way to determinate the user’s account due to side channel information disclosure. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-199751919 2022-08-12 not yet calculated CVE-2022-20304
MISC
google — android In Companion, there is a possible way to keep a service running with elevated importance without showing foreground service notification due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-211757348 2022-08-12 not yet calculated CVE-2022-20266
MISC
google — android In Settings, there is a possible way to bypass factory reset permissions due to a permissions bypass. This could lead to local escalation of privilege with physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-212804898 2022-08-12 not yet calculated CVE-2022-20265
MISC
google — android In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to trick the victim to grant notification access to the wrong app due to improper input validation. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-228178437 2022-08-10 not yet calculated CVE-2022-20350
MISC
google — android In PermissionController, there is a possible way to grant some permissions without user consent due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-207672635 2022-08-12 not yet calculated CVE-2022-20271
MISC
google — android In updateAudioTrackInfoFromESDS_MPEG4Audio of MPEG4Extractor.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-230493653 2022-08-10 not yet calculated CVE-2022-20346
MISC
google — android Product: AndroidVersions: Android kernelAndroid ID: A-205714161References: N/A 2022-08-11 not yet calculated CVE-2022-20404
MISC
google — android Improper access control vulnerability in SemWifiApBroadcastReceiver prior to SMR Aug-2022 Release 1 allows attacker to reset a setting value related to mobile hotspot. 2022-08-05 not yet calculated CVE-2022-33714
MISC
google — android Product: AndroidVersions: Android kernelAndroid ID: A-184676385References: N/A 2022-08-11 not yet calculated CVE-2022-20406
MISC
google — android In KeyChain, there is a possible spoof keychain chooser activity request due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-191876118 2022-08-12 not yet calculated CVE-2022-20314
MISC
google — android In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-230494481 2022-08-10 not yet calculated CVE-2022-20345
MISC
google — android In btif_dm_auth_cmpl_evt of btif_dm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-231161832 2022-08-10 not yet calculated CVE-2022-20361
MISC
google — android In AppSearchManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-204082360 2022-08-12 not yet calculated CVE-2022-20288
MISC
google — android In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-228450811 2022-08-10 not yet calculated CVE-2022-20347
MISC
google — android In Telephony, there is a possible leak of ICCID and EID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-221431393 2022-08-12 not yet calculated CVE-2022-20259
MISC
google — android In the Phone app, there is a possible crash loop due to resource exhaustion. This could lead to local persistent denial of service in the Phone app with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-220865698 2022-08-12 not yet calculated CVE-2022-20260
MISC
google — android In updateState of LocationServicesWifiScanningPreferenceController.java, there is a possible admin restriction bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-228315529 2022-08-10 not yet calculated CVE-2022-20348
MISC
google — android In several functions of mali_gralloc_reference.cpp, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-212804042References: N/A 2022-08-11 not yet calculated CVE-2022-20180
MISC
google — android In Telephony, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231986212 2022-08-11 not yet calculated CVE-2022-20242
MISC
google — android In Wi-Fi, there is a permissions bypass. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-223377547 2022-08-12 not yet calculated CVE-2022-20254
MISC
google — android In construct_transaction of lwis_ioctl.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-225877459References: N/A 2022-08-11 not yet calculated CVE-2022-20367
MISC
google — android In Bluetooth, there is a possible way to pair a display only device without PIN confirmation due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222289114 2022-08-12 not yet calculated CVE-2022-20257
MISC
google — android Product: AndroidVersions: Android kernelAndroid ID: A-229632566References: N/A 2022-08-11 not yet calculated CVE-2022-20365
MISC
google — android In Telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of phone accounts with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231986341 2022-08-12 not yet calculated CVE-2022-20284
MISC
google — android In the Framework, there is a possible way to enable a work profile without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-181785557 2022-08-12 not yet calculated CVE-2022-20331
MISC
google — android In bluetooth, there is a possible way to enable or disable bluetooth connection without user consent due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-211646835 2022-08-12 not yet calculated CVE-2022-20267
MISC
google — android In BuildDevIDResponse of miscdatabuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-229621649References: N/A 2022-08-11 not yet calculated CVE-2022-20237
MISC
google — android In ioctl_dpm_clk_update of lwis_ioctl.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-225877745References: N/A 2022-08-11 not yet calculated CVE-2022-20366
MISC
google — android In AppWidget, there is a possible way to start an activity from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-204083104 2022-08-12 not yet calculated CVE-2022-20282
MISC
google — android In PackageInstaller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-203683960 2022-08-12 not yet calculated CVE-2022-20289
MISC
google — android In bdi_put and bdi_unregister of backing-dev.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182815710References: Upstream kernel 2022-08-11 not yet calculated CVE-2022-20158
MISC
google — android In Accounts, there is a possible way to write sensitive information to the system log due to insufficient log filtering. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-205130113 2022-08-12 not yet calculated CVE-2022-20278
MISC
google — android
 
In LauncherApps, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-202298672 2022-08-12 not yet calculated CVE-2022-20293
MISC
google — android
 
In MMSProvider, there is a possible read of protected data due to improper input validationSQL injection. This could lead to local information disclosure of sms/mms data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-204117261 2022-08-12 not yet calculated CVE-2022-20280
MISC
google — android
 
In PackageInstaller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-194694094 2022-08-12 not yet calculated CVE-2022-20309
MISC
google — android
 
In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-202160584 2022-08-12 not yet calculated CVE-2022-20295
MISC
google — android
 
In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-204877302 2022-08-12 not yet calculated CVE-2022-20279
MISC
google — android
 
In Bluetooth, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-230756082 2022-08-12 not yet calculated CVE-2022-20362
MISC
google — android
 
In AppOpsService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-203430648 2022-08-12 not yet calculated CVE-2022-20291
MISC
google — android
 
In Settings, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-201561699 2022-08-12 not yet calculated CVE-2022-20297
MISC
google — android
 
In Bluetooth, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-209062898 2022-08-12 not yet calculated CVE-2022-20269
MISC
google — android
 
In Content, there is a possible way to learn gmail account name on the device due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-209005023 2022-08-12 not yet calculated CVE-2022-20270
MISC
google — android
 
In Bluetooth, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-179161657 2022-08-12 not yet calculated CVE-2022-20333
MISC
google — android
 
In Settings, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-202975040 2022-08-12 not yet calculated CVE-2022-20292
MISC
google — android
 
In hostapd, there is a possible insecure configuration due to an insecure default value. This could lead to remote denial of service of the wifi hotspot with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-197874458 2022-08-12 not yet calculated CVE-2022-20308
MISC
google — android
 
In Bluetooth, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233069336 2022-08-12 not yet calculated CVE-2022-20283
MISC
google — android
 
In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-230868108 2022-08-12 not yet calculated CVE-2022-20285
MISC
google — android
 
In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-205706731 2022-08-12 not yet calculated CVE-2022-20276
MISC
google — android
 
In Telephony, there is a possible disclosure of SIM identifiers due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-185235527 2022-08-12 not yet calculated CVE-2022-20326
MISC
google — android
 
In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-205836975 2022-08-12 not yet calculated CVE-2022-20275
MISC
google — android
 
In Connectivity, there is a possible bypass the restriction of starting activity from background due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-230866011 2022-08-12 not yet calculated CVE-2022-20286
MISC
google — android
 
In PermissionController, there is a possible misunderstanding about the default SMS application’s permission set due to misleading text. This could lead to local information disclosure with User privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-207672568 2022-08-12 not yet calculated CVE-2022-20272
MISC
google — android
 
In Keyguard, there is a missing permission check. This could lead to local escalation of privilege and prevention of screen timeout with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-206470146 2022-08-12 not yet calculated CVE-2022-20274
MISC
google — android
 
In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-201416182 2022-08-12 not yet calculated CVE-2022-20298
MISC
google — android
 
In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-205145497 2022-08-12 not yet calculated CVE-2022-20277
MISC
google — android
 
In Content, there is a possible way to learn about an account present on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-202160705 2022-08-12 not yet calculated CVE-2022-20294
MISC
google — android
 
In AlarmManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-198782887 2022-08-12 not yet calculated CVE-2022-20307
MISC
google — android
 
In Settings, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if the attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-200746457 2022-08-12 not yet calculated CVE-2022-20302
MISC
google — android
 
In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-143534321 2022-08-12 not yet calculated CVE-2022-20342
MISC
google — android
 
In ActivityManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187956596 2022-08-12 not yet calculated CVE-2022-20320
MISC
google — android
 
In PackageInstaller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-194694069 2022-08-12 not yet calculated CVE-2022-20318
MISC
google — android
 
In DreamServices, there is a possible way to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-189574230 2022-08-12 not yet calculated CVE-2022-20319
MISC
google — android
 
In Settings, there is a possible installed application disclosure due to a missing permission check. This could lead to local information disclosure of applications allow-listed to use the network during VPN lockdown mode with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-177239688 2022-08-12 not yet calculated CVE-2022-20336
MISC
google — android
 
In Settings, there is a possible way for an application without permissions to read content of WiFi QR codes due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187176859 2022-08-12 not yet calculated CVE-2022-20321
MISC
google — android
 
In SELinux policy, there is a possible way of inferring which websites are being opened in the browser due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-166269532 2022-08-12 not yet calculated CVE-2022-20340
MISC
google — android
 
In Core, there is a possible way to start an activity from the background due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-204083967 2022-08-12 not yet calculated CVE-2022-20281
MISC
google — android
 
In Android, there is a possible access of network neighbor table information due to an insecure SEpolicy configuration. This could lead to local information disclosure of network topography with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-171572148 2022-08-12 not yet calculated CVE-2022-20339
MISC
google — android
 
In Wifi, there is a possible way to enable Wifi without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-183410556 2022-08-12 not yet calculated CVE-2022-20329
MISC
google — android
 
In Framework, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187042120 2022-08-12 not yet calculated CVE-2022-20324
MISC
google — android
 
In Wifi Slice, there is a possible way to adjust Wi-Fi settings even when the permission has been disabled due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-178014725 2022-08-12 not yet calculated CVE-2022-20335
MISC
google — android
 
In ActivityManager, there is a possible disclosure of installed packages due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-191058227 2022-08-12 not yet calculated CVE-2022-20315
MISC
google — android
 
In Camera Provider HAL, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-199680794 2022-08-12 not yet calculated CVE-2022-20306
MISC
google — android
 
In Content, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-200956614 2022-08-12 not yet calculated CVE-2022-20301
MISC
google — android
 
In ContentService, there is a possible way to check if the given account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-201415895 2022-08-12 not yet calculated CVE-2022-20299
MISC
google — android
 
In Bluetooth, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-206478022 2022-08-12 not yet calculated CVE-2022-20273
MISC
google — android
 
In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-180019130 2022-08-12 not yet calculated CVE-2022-20332
MISC
google — android
 
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-192663553 2022-08-12 not yet calculated CVE-2022-20311
MISC
google — android
 
In Bluetooth, there is a possible way to connect or disconnect bluetooth devices without user awareness due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-181962588 2022-08-12 not yet calculated CVE-2022-20330
MISC
google — android
 
In Bluetooth, there are possible process crashes due to dereferencing a null pointer. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-178800552 2022-08-12 not yet calculated CVE-2022-20334
MISC
google — android
 
In PackageManager, there is a possible way to determine whether an app is installed due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-184948501 2022-08-12 not yet calculated CVE-2022-20328
MISC
google — android
 
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-192206329 2022-08-12 not yet calculated CVE-2022-20313
MISC
google — android
 
In ContentService, there is a possible way to determine if an account is on the device without GET_ACCOUNTS permission due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-200573021 2022-08-12 not yet calculated CVE-2022-20303
MISC
google — android
 
In Media, there is a possible code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-186473060 2022-08-12 not yet calculated CVE-2022-20325
MISC
google — android
 
In PackageManager, there is a possible package installation disclosure due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187176203 2022-08-12 not yet calculated CVE-2022-20323
MISC
google — android
 
In Content, there is a possible way to check if the given account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-200956588 2022-08-12 not yet calculated CVE-2022-20300
MISC
google — android
 
In ContentService, there is a possible disclosure of available account types due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-199751623 2022-08-12 not yet calculated CVE-2022-20305
MISC
google — android
 
In SystemUI, there is a possible way to unexpectedly enable the external speaker due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-190199063 2022-08-12 not yet calculated CVE-2022-20317
MISC
google — android
 
In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-185126813 2022-08-12 not yet calculated CVE-2022-20327
MISC
google — android
 
In ContentResolver, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-190726121 2022-08-12 not yet calculated CVE-2022-20316
MISC
google — chrome Insufficient policy enforcement in Background Fetch in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. 2022-08-12 not yet calculated CVE-2022-2610
MISC
MISC
google — chrome
 
Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the Omnibox (URL bar) via a crafted Chrome Extension. 2022-08-12 not yet calculated CVE-2022-2616
MISC
MISC
google — chrome
 
Use after free in Extensions in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions. 2022-08-12 not yet calculated CVE-2022-2621
MISC
MISC
google — chrome
 
Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-08-12 not yet calculated CVE-2022-2614
MISC
MISC
google — chrome
 
Use after free in Overview Mode in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. 2022-08-12 not yet calculated CVE-2022-2608
MISC
MISC
google — chrome
 
Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions. 2022-08-12 not yet calculated CVE-2022-2617
MISC
MISC
google — chrome
 
Use after free in WebUI in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. 2022-08-12 not yet calculated CVE-2022-2620
MISC
MISC
google — chrome
 
Insufficient validation of untrusted input in Safe Browsing in Google Chrome on Windows prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a crafted file. 2022-08-12 not yet calculated CVE-2022-2622
MISC
MISC
google — chrome
 
Use after free in Input in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific UI interactions. 2022-08-12 not yet calculated CVE-2022-2613
MISC
MISC
google — chrome
 
Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. 2022-08-12 not yet calculated CVE-2022-2615
MISC
MISC
google — chrome
 
Use after free in Managed devices API in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enable a specific Enterprise policy to potentially exploit heap corruption via a crafted HTML page. 2022-08-12 not yet calculated CVE-2022-2606
MISC
MISC
google — chrome
 
Use after free in Safe Browsing in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-08-12 not yet calculated CVE-2022-2604
MISC
MISC
google — chrome
 
Use after free in Offline in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. 2022-08-12 not yet calculated CVE-2022-2623
MISC
MISC
google — chrome
 
Out of bounds write in Chrome OS Audio Server in Google Chrome on Chrome OS prior to 102.0.5005.125 allowed a remote attacker to potentially exploit heap corruption via crafted audio metadata. 2022-08-12 not yet calculated CVE-2022-2587
MISC
MISC
google — chrome
 
Use after free in Nearby Share in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. 2022-08-12 not yet calculated CVE-2022-2609
MISC
MISC
google — chrome
 
Insufficient validation of untrusted input in Settings in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted HTML page. 2022-08-12 not yet calculated CVE-2022-2619
MISC
MISC
google — chrome
 
Out of bounds read in Dawn in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-08-12 not yet calculated CVE-2022-2605
MISC
MISC
google — chrome
 
Use after free in Omnibox in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-08-12 not yet calculated CVE-2022-2603
MISC
MISC
google — chrome
 
Heap buffer overflow in PDF in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. 2022-08-12 not yet calculated CVE-2022-2624
MISC
MISC
google — chrome
 
Use after free in Tab Strip in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. 2022-08-12 not yet calculated CVE-2022-2607
MISC
MISC
google — chrome
 
Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. 2022-08-12 not yet calculated CVE-2022-2611
MISC
MISC
google — chrome
 
Insufficient validation of untrusted input in Internals in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a malicious file . 2022-08-12 not yet calculated CVE-2022-2618
MISC
MISC
google — chrome
 
Side-channel information leakage in Keyboard input in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. 2022-08-12 not yet calculated CVE-2022-2612
MISC
MISC
google — play_services_sdk
 
Apps developed with Google Play Services SDK incorrectly had the mutability flag set to PendingIntents that were passed to the Notification service. As Google Play services SDK is so widely used, this bug affects many applications. For an application affected, this bug will let the attacker, gain the access to all non-exported providers and/or gain the access to other providers the victim has permissions. We recommend upgrading to version 18.0.2 of the Play Service SDK as well as rebuilding and redeploying apps. 2022-08-12 not yet calculated CVE-2022-2390
CONFIRM
CONFIRM
gumstix — overo_sbc
 
The Gumstix Overo SBC on the VSKS board through 2022-08-09, as used on the Orlan-10 and other platforms, allows unrestricted remapping of the NOR flash memory containing the bitstream for the FPGA. 2022-08-11 not yet calculated CVE-2022-38161
MISC
MISC
MISC
gym_management_system — gym_management_system A vulnerability, which was classified as critical, was found in SourceCodester Gym Management System. Affected is an unknown function. The manipulation of the argument user_pass leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-205734 is the identifier assigned to this vulnerability. 2022-08-06 not yet calculated CVE-2022-2687
MISC
MISC
gym_management_system — gym_management_system A vulnerability was found in SourceCodester Gym Management System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /mygym/admin/login.php. The manipulation of the argument admin_email/admin_pass leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205855. 2022-08-09 not yet calculated CVE-2022-2727
MISC
MISC
gym_management_system — gym_management_system A vulnerability was found in SourceCodester Gym Management System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /mygym/admin/index.php. The manipulation of the argument edit_tran leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205856. 2022-08-09 not yet calculated CVE-2022-2728
MISC
MISC
gym_management_system — gym_management_system A vulnerability, which was classified as critical, was found in SourceCodester Gym Management System. This affects an unknown part of the file login.php. The manipulation of the argument user_login with the input 123@xx.com’ OR (SELECT 9084 FROM(SELECT COUNT(*),CONCAT(0x7178767871,(SELECT (ELT(9084=9084,1))),0x71767a6271,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)– dPvW leads to sql injection. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-205833 was assigned to this vulnerability. 2022-08-08 not yet calculated CVE-2022-2708
MISC
gym_management_system — gym_management_system A vulnerability was found in SourceCodester Gym Management System. It has been classified as critical. This affects an unknown part of the component Exercises Module. The manipulation of the argument exer leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205827. 2022-08-08 not yet calculated CVE-2022-2703
MISC
MISC
gym_management_system — gym_management_system A vulnerability classified as critical has been found in SourceCodester Gym Management System. This affects an unknown part of the component GET Parameter Handler. The manipulation of the argument day leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205821 was assigned to this vulnerability. 2022-08-08 not yet calculated CVE-2022-2700
MISC
MISC
gym_management_system — gym_management_system
 
A vulnerability was found in SourceCodester Gym Management System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /mygym/admin/index.php?view_exercises. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206017 was assigned to this vulnerability. 2022-08-11 not yet calculated CVE-2022-2749
MISC
MISC
gym_management_system — gym_management_system
 
A vulnerability, which was classified as problematic, has been found in SourceCodester Gym Management System. Affected by this issue is some unknown functionality. The manipulation leads to clickjacking. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-206246 is the identifier assigned to this vulnerability. 2022-08-12 not yet calculated CVE-2022-2800
MISC
MISC
gym_management_system — gym_management_system
 
A vulnerability, which was classified as critical, was found in SourceCodester Gym Management System. This affects an unknown part of the file /admin/add_trainers.php of the component Add New Trainer. The manipulation of the argument trainer_name leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-206013 was assigned to this vulnerability. 2022-08-11 not yet calculated CVE-2022-2745
MISC
gym_management_system — gym_management_system
 
A vulnerability classified as problematic has been found in SourceCodester Gym Management System. Affected is an unknown function of the file delete_user.php. The manipulation of the argument delete_user leads to denial of service. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-206172. 2022-08-11 not yet calculated CVE-2022-2776
MISC
gym_management_system — gym_management_system
 
A vulnerability, which was classified as critical, has been found in SourceCodester Gym Management System. Affected by this issue is some unknown functionality of the file /admin/add_exercises.php of the component Background Management. The manipulation of the argument exer_img leads to unrestricted upload. The attack may be launched remotely. The identifier of this vulnerability is VDB-206012. 2022-08-11 not yet calculated CVE-2022-2744
MISC
hestiacp — control_panel Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6. 2022-08-05 not yet calculated CVE-2022-2626
MISC
CONFIRM
hewlett_packard — ilo_5
 
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A highly privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5). 2022-08-12 not yet calculated CVE-2022-28634
MISC
hewlett_packard — ilo_5
 
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A low privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5). 2022-08-12 not yet calculated CVE-2022-28629
MISC
hewlett_packard — ilo_5
 
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5). 2022-08-12 not yet calculated CVE-2022-28628
MISC
hewlett_packard — ilo_5
 
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality and integrity, and a partial loss of availability. User interaction is required to exploit this vulnerability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5). 2022-08-12 not yet calculated CVE-2022-28630
MISC
hewlett_packard — ilo_5
 
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A highly privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5). 2022-08-12 not yet calculated CVE-2022-28626
MISC
hewlett_packard — ilo_5
 
A local disclosure of sensitive information and a local unauthorized data modification vulnerability were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to read and write to the iLO 5 firmware file system resulting in a complete loss of confidentiality and a partial loss of integrity and availability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5). 2022-08-12 not yet calculated CVE-2022-28633
MISC
hewlett_packard — ilo_5
 
A potential local arbitrary code execution and a local denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to potentially execute arbitrary code in an isolated process resulting in a complete loss of confidentiality, integrity, and availability within that process. In addition, an unprivileged user could exploit a denial of service (DoS) vulnerability in an isolated process resulting in a complete loss of availability within that process. A successful attack depends on conditions beyond the attackers control. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5). 2022-08-12 not yet calculated CVE-2022-28635
MISC
hewlett_packard — ilo_5
 
A potential local arbitrary code execution and a local denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to potentially execute arbitrary code in an isolated process resulting in a complete loss of confidentiality, integrity, and availability within that process. In addition, an unprivileged user could exploit a denial of service (DoS) vulnerability in an isolated process resulting in a complete loss of availability within that process. A successful attack depends on conditions beyond the attackers control. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5). 2022-08-12 not yet calculated CVE-2022-28636
MISC
hewlett_packard — ilo_5
 
A potential arbitrary code execution and a denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could exploit this vulnerability in an adjacent network to potentially execute arbitrary code in an isolated process resulting in a complete loss of confidentiality, integrity, and availability within that process. In addition, an unprivileged user could exploit a denial of service (DoS) vulnerability in an isolated process resulting in a complete loss of availability within that process. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5). 2022-08-12 not yet calculated CVE-2022-28632
MISC
hewlett_packard — ilo_5
 
A potential arbitrary code execution and a denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could exploit this vulnerability in an adjacent network to potentially execute arbitrary code in an isolated process resulting in a complete loss of confidentiality, integrity, and availability within that process. In addition, an unprivileged user could exploit a denial of service (DoS) vulnerability in an isolated process resulting in a complete loss of availability within that process. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5). 2022-08-12 not yet calculated CVE-2022-28631
MISC
hewlett_packard — ilo_5
 
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5). 2022-08-12 not yet calculated CVE-2022-28627
MISC
huawei — magic_ui Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality. 2022-08-10 not yet calculated CVE-2021-40040
MISC
huawei — magic_ui The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality. 2022-08-10 not yet calculated CVE-2021-40030
MISC
MISC
huawei — magic_ui The video framework has the memory overwriting vulnerability caused by addition overflow. Successful exploitation of this vulnerability may affect the availability. 2022-08-10 not yet calculated CVE-2021-40034
MISC
MISC
huawei — multiple_products The diag-router module has a vulnerability in intercepting excessive long and short instructions. Successful exploitation of this vulnerability will cause the diag-router module to crash. 2022-08-10 not yet calculated CVE-2022-37001
MISC
huawei — multiple_products
 
The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background. 2022-08-10 not yet calculated CVE-2022-37002
MISC
MISC
huawei — multiple_products
 
The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. 2022-08-10 not yet calculated CVE-2022-37005
MISC
MISC
huawei — multiple_products
 
The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability. 2022-08-10 not yet calculated CVE-2022-37004
MISC
MISC
huawei — multiple_products
 
The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to files. 2022-08-10 not yet calculated CVE-2022-37003
MISC
MISC
huawei — multiple_products
 
The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability. 2022-08-10 not yet calculated CVE-2022-37008
MISC
MISC
huawei — multiple_products
 
Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service availability. 2022-08-10 not yet calculated CVE-2022-37006
MISC
huawei — multiple_products
 
The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability. 2022-08-10 not yet calculated CVE-2022-37007
MISC
MISC
ibm — infosphere_information_server IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: 231202. 2022-08-10 not yet calculated CVE-2022-35715
XF
CONFIRM
ibm — robotic_process_automation_as_a_service IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to obtain sensitive Azure bot credential information. IBM X-Force ID: 226342. 2022-08-10 not yet calculated CVE-2022-22490
CONFIRM
XF
ibm — robotic_process_automation_for_cloud_pak IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 230634. 2022-08-10 not yet calculated CVE-2022-35280
CONFIRM
XF
ibm — spectrum_scale_das
 
IBM Spectrum Scale Data Access Services (DAS) 5.1.3.1 could allow an authenticated user to insert code which could allow the attacker to manipulate cluster resources due to excessive permissions. IBM X-Force ID: 223016. 2022-08-10 not yet calculated CVE-2022-22411
XF
CONFIRM
ibm — workload_scheduler IBM Workload Scheduler 9.4 and 9.5 could allow a local user to overwrite key system files which would cause the system to crash. IBM X-Force ID: 221187. 2022-08-10 not yet calculated CVE-2022-22369
XF
CONFIRM
imagemagick — imagemagick
 
In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This was fixed in upstream ImageMagick version 7.1.0-30. 2022-08-10 not yet calculated CVE-2022-2719
MISC
inductiveautomation — ignition Due to an XML external entity reference, the software parses XML in the backup/restore functionality without XML security flags, which may lead to a XXE attack while restoring the backup. 2022-08-05 not yet calculated CVE-2022-1704
MISC
interview_management_system — interview_management_system A vulnerability was found in SourceCodester Interview Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /addQuestion.php. The manipulation of the argument question with the input <script>alert(1)</script> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205673 was assigned to this vulnerability. 2022-08-05 not yet calculated CVE-2022-2685
MISC
MISC
MISC
interview_management_system — interview_management_system A vulnerability was found in SourceCodester Interview Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /viewReport.php. The manipulation of the argument id with the input (UPDATEXML(9729,CONCAT(0x2e,0x716b707071,(SELECT (ELT(9729=9729,1))),0x7162766a71),7319)) leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205667. 2022-08-05 not yet calculated CVE-2022-2679
MISC
MISC
ittiam — libmpeg2 Ittiam libmpeg2 before 2022-07-27 uses memcpy with overlapping memory blocks in impeg2_mc_fullx_fully_8x8. 2022-08-05 not yet calculated CVE-2022-37416
MISC
MISC
jetbrains — ktor
 
In JetBrains Ktor before 2.1.0 the wrong authentication provider could be selected in some cases 2022-08-12 not yet calculated CVE-2022-38180
CONFIRM
CONFIRM
jetbrains — ktor
 
JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Download attack 2022-08-12 not yet calculated CVE-2022-38179
CONFIRM
CONFIRM
jetbrains — teamcity In JetBrains TeamCity before 2022.04.3 the private SSH key could be written to the server log in some cases 2022-08-10 not yet calculated CVE-2022-38133
MISC
kapersky — kapersky_vpn_secure_connection
 
Kaspersky VPN Secure Connection for Windows version up to 21.5 was vulnerable to arbitrary file deletion via abuse of its ‘Delete All Service Data And Reports’ feature by the local authenticated attacker. 2022-08-05 not yet calculated CVE-2022-27535
MISC
MISC
MISC
kavita — kavita Server-Side Request Forgery (SSRF) in GitHub repository kareadita/kavita prior to 0.5.4.1. 2022-08-10 not yet calculated CVE-2022-2756
MISC
CONFIRM
keysight — multiple_products
 
A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile() method in the Keysight Sensor Management Server (SMS). This allows an unauthenticated remote attacker to upload arbitrary files to the SMS host. 2022-08-10 not yet calculated CVE-2022-38129
MISC
keysight — multiple_products
 
The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip() method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single parameter. An unauthenticated, remote attacker can specify an UNC path for the database file (i.e., <attacker-host>sms lt;attacker-db.zip>), effectively controlling the content of the database to be restored. 2022-08-10 not yet calculated CVE-2022-38130
MISC
kuka — systemsoftware_v/kss The KUKA SystemSoftware V/KSS in versions prior to 8.6.5 is prone to improper access control as an unauthorized attacker can directly read and write robot configurations when access control is not available or not enabled (default). 2022-08-10 not yet calculated CVE-2022-2242
CONFIRM
library_management_system — library_management_system
 
A vulnerability classified as problematic was found in SourceCodester Library Management System. This vulnerability affects unknown code of the file /qr/I/. The manipulation of the argument error leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-206164. 2022-08-11 not yet calculated CVE-2022-2768
MISC
library_management_system — library_management_system
 
A vulnerability was found in SourceCodester Library Management System. It has been declared as critical. This vulnerability affects unknown code of the file librarian/student.php. The manipulation of the argument title leads to sql injection. The attack can be initiated remotely. VDB-206170 is the identifier assigned to this vulnerability. 2022-08-11 not yet calculated CVE-2022-2774
MISC
linux — linux_kernel A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem. 2022-08-05 not yet calculated CVE-2022-1012
MISC
linux — linux_kernel A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem. 2022-08-05 not yet calculated CVE-2022-1973
MISC
linux — linux_kernel
 
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5 2022-08-12 not yet calculated CVE-2022-2503
CONFIRM
loan_management_system — loan_management_system A vulnerability was found in SourceCodester Loan Management System and classified as critical. This issue affects some unknown processing of the file delete_lplan.php. The manipulation of the argument lplan_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205619. 2022-08-05 not yet calculated CVE-2022-2667
MISC
MISC
loan_management_system — loan_management_system
 
A vulnerability was found in SourceCodester Loan Management System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument password leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-206162 is the identifier assigned to this vulnerability. 2022-08-11 not yet calculated CVE-2022-2766
MISC
MISC
loopback — loopback_filter
 
Improper input validation on the `contains` LoopBack filter may allow for arbitrary SQL injection. When the extended filter property `contains` is permitted to be interpreted by the Postgres connector, it is possible to inject arbitrary SQL which may affect the confidentiality and integrity of data stored on the connected database. A patch was released in version 5.5.1. This affects users who does any of the following: – Connect to the database via the DataSource with `allowExtendedProperties: true` setting OR – Uses the connector’s CRUD methods directly OR – Uses the connector’s other methods to interpret the LoopBack filter. Users who are unable to upgrade should do the following if applicable: – Remove `allowExtendedProperties: true` DataSource setting – Add `allowExtendedProperties: false` DataSource setting – When passing directly to the connector functions, manually sanitize the user input for the `contains` LoopBack filter beforehand. 2022-08-12 not yet calculated CVE-2022-35942
CONFIRM
MISC
mc-kill-port — mc-kill-port All versions of package mc-kill-port are vulnerable to Arbitrary Command Execution via the kill function, due to missing sanitization of the port argument. 2022-08-10 not yet calculated CVE-2022-25973
CONFIRM
CONFIRM
megatech — msnswitch_firmware An authentication-bypass issue in the component MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh of Mega System Technologies Inc MSNSwitch MNT.2408 allows unauthenticated attackers to arbitrarily configure settings within the application, leading to remote code execution. 2022-08-10 not yet calculated CVE-2022-32429
MISC
microsoft — azure_batch Azure Batch Node Agent Elevation of Privilege Vulnerability. 2022-08-09 not yet calculated CVE-2022-33646
N/A
microsoft — azure_real_time_operating_system_guix_studio Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30175, CVE-2022-30176, CVE-2022-34687, CVE-2022-35773, CVE-2022-35779. 2022-08-09 not yet calculated CVE-2022-35806
N/A
microsoft — azure_real_time_operating_system_guix_studio Azure RTOS GUIX Studio Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-34685. 2022-08-09 not yet calculated CVE-2022-34686
N/A
microsoft — azure_real_time_operating_system_guix_studio Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30175, CVE-2022-30176, CVE-2022-35773, CVE-2022-35779, CVE-2022-35806. 2022-08-09 not yet calculated CVE-2022-34687
N/A
microsoft — azure_real_time_operating_system_guix_studio Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30175, CVE-2022-30176, CVE-2022-34687, CVE-2022-35779, CVE-2022-35806. 2022-08-09 not yet calculated CVE-2022-35773
N/A
microsoft — azure_real_time_operating_system_guix_studio Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30175, CVE-2022-30176, CVE-2022-34687, CVE-2022-35773, CVE-2022-35806. 2022-08-09 not yet calculated CVE-2022-35779
N/A
microsoft — azure_real_time_operating_system_guix_studio Azure RTOS GUIX Studio Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-34686. 2022-08-09 not yet calculated CVE-2022-34685
N/A
microsoft — azure_real_time_operating_system_guix_studio Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30175, CVE-2022-34687, CVE-2022-35773, CVE-2022-35779, CVE-2022-35806. 2022-08-09 not yet calculated CVE-2022-30176
N/A
microsoft — azure_real_time_operating_system_guix_studio Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30176, CVE-2022-34687, CVE-2022-35773, CVE-2022-35779, CVE-2022-35806. 2022-08-09 not yet calculated CVE-2022-30175
N/A
microsoft — azure_site_recovery Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35814
N/A
microsoft — azure_site_recovery Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35813
N/A
microsoft — azure_site_recovery Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35802
N/A
microsoft — azure_site_recovery Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35772. 2022-08-09 not yet calculated CVE-2022-35824
N/A
microsoft — azure_site_recovery Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35817
N/A
microsoft — azure_site_recovery Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35816
N/A
microsoft — azure_site_recovery Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35810
N/A
microsoft — azure_site_recovery Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35801
N/A
microsoft — azure_site_recovery Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35815
N/A
microsoft — azure_site_recovery Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35807
N/A
microsoft — azure_site_recovery Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35818
N/A
microsoft — azure_site_recovery Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35809
N/A
microsoft — azure_site_recovery Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35811
N/A
microsoft — azure_site_recovery Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35799
N/A
microsoft — azure_site_recovery Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35812
N/A
microsoft — azure_site_recovery Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35800
N/A
microsoft — azure_site_recovery Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35808
N/A
microsoft — azure_site_recovery Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818. 2022-08-09 not yet calculated CVE-2022-35819
N/A
microsoft — azure_site_recovery_vmware_to_azure Azure Site Recovery Denial of Service Vulnerability. 2022-08-09 not yet calculated CVE-2022-35776
N/A
microsoft — azure_site_recovery_vmware_to_azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35785
N/A
microsoft — azure_site_recovery_vmware_to_azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35784
N/A
microsoft — azure_site_recovery_vmware_to_azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35780
N/A
microsoft — azure_site_recovery_vmware_to_azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35782
N/A
microsoft — azure_site_recovery_vmware_to_azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35783
N/A
microsoft — azure_site_recovery_vmware_to_azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35791
N/A
microsoft — azure_site_recovery_vmware_to_azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35781
N/A
microsoft — azure_site_recovery_vmware_to_azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35786
N/A
microsoft — azure_site_recovery_vmware_to_azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35787
N/A
microsoft — azure_site_recovery_vmware_to_azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35774
N/A
microsoft — azure_site_recovery_vmware_to_azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35775
N/A
microsoft — azure_site_recovery_vmware_to_azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35788
N/A
microsoft — azure_site_recovery_vmware_to_azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35789
N/A
microsoft — azure_site_recovery_vmware_to_azure Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35824. 2022-08-09 not yet calculated CVE-2022-35772
N/A
microsoft — azure_site_recovery_vmware_to_azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35774, CVE-2022-35775, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819. 2022-08-09 not yet calculated CVE-2022-35790
N/A
microsoft — azure_sphere Azure Sphere Information Disclosure Vulnerability. 2022-08-09 not yet calculated CVE-2022-35821
N/A
microsoft — edge
 
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. 2022-08-09 not yet calculated CVE-2022-35796
N/A
microsoft — edge_chromium Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. 2022-08-09 not yet calculated CVE-2022-33636
N/A
microsoft — edge_chromium Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. 2022-08-09 not yet calculated CVE-2022-33649
N/A
microsoft — excel Microsoft Excel Security Feature Bypass Vulnerability. 2022-08-09 not yet calculated CVE-2022-33631
N/A
microsoft — exchange_server Microsoft Exchange Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21979, CVE-2022-34692. 2022-08-09 not yet calculated CVE-2022-30134
N/A
microsoft — exchange_server Microsoft Exchange Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30134, CVE-2022-34692. 2022-08-09 not yet calculated CVE-2022-21979
N/A
microsoft — exchange_server Microsoft Exchange Server Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21980, CVE-2022-24477. 2022-08-09 not yet calculated CVE-2022-24516
N/A
microsoft — exchange_server Microsoft Exchange Server Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24477, CVE-2022-24516. 2022-08-09 not yet calculated CVE-2022-21980
N/A
microsoft — exchange_server Microsoft Exchange Server Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21980, CVE-2022-24516. 2022-08-09 not yet calculated CVE-2022-24477
N/A
microsoft — exchange_server Microsoft Exchange Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21979, CVE-2022-30134. 2022-08-09 not yet calculated CVE-2022-34692
N/A
microsoft — multiple products Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35762, CVE-2022-35763, CVE-2022-35764, CVE-2022-35765. 2022-08-09 not yet calculated CVE-2022-35792
N/A
microsoft — multiple_products Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34702, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767, CVE-2022-35794. 2022-08-09 not yet calculated CVE-2022-34714
N/A
microsoft — multiple_products Windows Network File System Remote Code Execution Vulnerability. 2022-08-09 not yet calculated CVE-2022-34715
N/A
microsoft — multiple_products Windows Defender Credential Guard Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-34704, CVE-2022-34712. 2022-08-09 not yet calculated CVE-2022-34710
N/A
microsoft — multiple_products Windows Bluetooth Service Remote Code Execution Vulnerability. 2022-08-09 not yet calculated CVE-2022-30144
N/A
microsoft — multiple_products Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35762, CVE-2022-35763, CVE-2022-35765, CVE-2022-35792. 2022-08-09 not yet calculated CVE-2022-35764
N/A
microsoft — multiple_products Microsoft ATA Port Driver Elevation of Privilege Vulnerability. 2022-08-09 not yet calculated CVE-2022-35760
N/A
microsoft — multiple_products Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35762, CVE-2022-35764, CVE-2022-35765, CVE-2022-35792. 2022-08-09 not yet calculated CVE-2022-35763
N/A
microsoft — multiple_products Windows Defender Credential Guard Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-34705. 2022-08-09 not yet calculated CVE-2022-35771
N/A
microsoft — multiple_products Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-34707, CVE-2022-35768. 2022-08-09 not yet calculated CVE-2022-35761
N/A
microsoft — multiple_products Windows Defender Credential Guard Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-34710, CVE-2022-34712. 2022-08-09 not yet calculated CVE-2022-34704
N/A
microsoft — multiple_products Windows Partition Management Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33670. 2022-08-09 not yet calculated CVE-2022-34703
N/A
microsoft — multiple_products Windows Partition Management Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-34703. 2022-08-09 not yet calculated CVE-2022-33670
N/A
microsoft — multiple_products Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35763, CVE-2022-35764, CVE-2022-35765, CVE-2022-35792. 2022-08-09 not yet calculated CVE-2022-35762
N/A
microsoft — multiple_products Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34702, CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35767, CVE-2022-35794. 2022-08-09 not yet calculated CVE-2022-35766
N/A
microsoft — multiple_products Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-34707, CVE-2022-35761. 2022-08-09 not yet calculated CVE-2022-35768
N/A
microsoft — multiple_products Windows Kernel Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-34708. 2022-08-09 not yet calculated CVE-2022-30197
N/A
microsoft — multiple_products Windows Defender Credential Guard Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35771. 2022-08-09 not yet calculated CVE-2022-34705
N/A
microsoft — multiple_products Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35744. 2022-08-09 not yet calculated CVE-2022-30133
N/A
microsoft — multiple_products Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35743. 2022-08-09 not yet calculated CVE-2022-34713
N/A
microsoft — multiple_products Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability. 2022-08-09 not yet calculated CVE-2022-34706
N/A
microsoft — multiple_products Windows Defender Credential Guard Security Feature Bypass Vulnerability. 2022-08-09 not yet calculated CVE-2022-34709
N/A
microsoft — multiple_products Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35762, CVE-2022-35763, CVE-2022-35764, CVE-2022-35792. 2022-08-09 not yet calculated CVE-2022-35765
N/A
microsoft — multiple_products Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34702, CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35794. 2022-08-09 not yet calculated CVE-2022-35767
N/A
microsoft — multiple_products Windows Win32k Elevation of Privilege Vulnerability. 2022-08-09 not yet calculated CVE-2022-34699
N/A
microsoft — multiple_products Windows Bluetooth Driver Elevation of Privilege Vulnerability. 2022-08-09 not yet calculated CVE-2022-35820
N/A
microsoft — multiple_products Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767, CVE-2022-35794. 2022-08-09 not yet calculated CVE-2022-34702
N/A
microsoft — multiple_products Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-35747. 2022-08-09 not yet calculated CVE-2022-35769
N/A
microsoft — multiple_products Windows Kernel Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30197. 2022-08-09 not yet calculated CVE-2022-34708
N/A
microsoft — multiple_products Windows Fax Service Elevation of Privilege Vulnerability. 2022-08-09 not yet calculated CVE-2022-34690
N/A
microsoft — multiple_products Active Directory Domain Services Elevation of Privilege Vulnerability. 2022-08-09 not yet calculated CVE-2022-34691
N/A
microsoft — multiple_products Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35761, CVE-2022-35768. 2022-08-09 not yet calculated CVE-2022-34707
N/A
microsoft — multiple_products Windows Defender Credential Guard Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-34704, CVE-2022-34710. 2022-08-09 not yet calculated CVE-2022-34712
N/A
microsoft — multiple_products Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability. 2022-08-09 not yet calculated CVE-2022-34701
N/A
microsoft — multiple_products Windows Hyper-V Remote Code Execution Vulnerability. 2022-08-09 not yet calculated CVE-2022-34696
N/A
microsoft — multiple_products Windows WebBrowser Control Remote Code Execution Vulnerability. 2022-08-09 not yet calculated CVE-2022-30194
N/A
microsoft — multiple_products
 
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34702, CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767. 2022-08-09 not yet calculated CVE-2022-35794
N/A
microsoft — multiple_products
 
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35755. 2022-08-09 not yet calculated CVE-2022-35793
N/A
microsoft — multiple_products
 
Windows Hello Security Feature Bypass Vulnerability. 2022-08-09 not yet calculated CVE-2022-35797
N/A
microsoft — multiple_products
 
Windows Error Reporting Service Elevation of Privilege Vulnerability. 2022-08-09 not yet calculated CVE-2022-35795
N/A
microsoft — office Microsoft Office Remote Code Execution Vulnerability. 2022-08-09 not yet calculated CVE-2022-34717
N/A
microsoft — office_online_server Microsoft Excel Remote Code Execution Vulnerability. 2022-08-09 not yet calculated CVE-2022-33648
N/A
microsoft — powershell .NET Spoofing Vulnerability. 2022-08-09 not yet calculated CVE-2022-34716
N/A
microsoft — smb_client SMB Client and Server Remote Code Execution Vulnerability. 2022-08-09 not yet calculated CVE-2022-35804
N/A
microsoft — system_center_operations_manager System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability. 2022-08-09 not yet calculated CVE-2022-33640
N/A
microsoft — visual_studio Visual Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35825, CVE-2022-35826, CVE-2022-35827. 2022-08-09 not yet calculated CVE-2022-35777
N/A
microsoft — visual_studio Visual Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35777, CVE-2022-35826, CVE-2022-35827. 2022-08-09 not yet calculated CVE-2022-35825
N/A
microsoft — visual_studio Visual Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35777, CVE-2022-35825, CVE-2022-35826. 2022-08-09 not yet calculated CVE-2022-35827
N/A
microsoft — visual_studio Visual Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35777, CVE-2022-35825, CVE-2022-35827. 2022-08-09 not yet calculated CVE-2022-35826
N/A
microweber — microweber Cross-site Scripting (XSS) – Stored in GitHub repository microweber/microweber prior to 1.3.1. 2022-08-11 not yet calculated CVE-2022-2777
MISC
CONFIRM
neo4j — apoc
 
Neo4j APOC (Awesome Procedures on Cypher) before 4.3.0.7 and 4.x before 4.4.0.8 allows Directory Traversal to sibling directories via apoc.log.stream. 2022-08-12 not yet calculated CVE-2022-37423
MISC
MISC
netapp — storagegrid
 
Linux deployments of StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to view limited metrics information and modify alert email recipients and content. 2022-08-10 not yet calculated CVE-2022-23238
MISC
nextcloud — nextcloud_talk
 
Nextcloud Talk is a video and audio conferencing app for Nextcloud. Prior to versions 12.2.7, 13.0.7, and 14.0.3, password protected conversations are susceptible to brute force attacks if the attacker has the link/conversation token. It is recommended that the Nextcloud Talk application is upgraded to 12.2.7, 13.0.7 or 14.0.3. There are currently no known workarounds available apart from not having password protected conversations. 2022-08-12 not yet calculated CVE-2022-35932
MISC
MISC
MISC
CONFIRM
MISC
MISC
MISC
MISC
MISC
nvidia — gpu NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it may double-free some resources. An attacker may exploit this vulnerability with other vulnerabilities to cause denial of service, code execution, and information disclosure. 2022-08-05 not yet calculated CVE-2022-31614
MISC
nvidia — gpu NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a null pointer, which may lead to denial of service. 2022-08-05 not yet calculated CVE-2022-31618
MISC
nvidia — gpu NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows the guest VM to allocate resources for which the guest is not authorized. This vulnerability may lead to loss of data integrity and confidentiality, denial of service, or information disclosure. 2022-08-05 not yet calculated CVE-2022-31609
MISC
online_admission_system — online_admission_system
 
A vulnerability classified as problematic has been found in SourceCodester Online Admission System. This affects an unknown part of the file /index.php. The manipulation of the argument student_add leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-206163. 2022-08-11 not yet calculated CVE-2022-2767
MISC
MISC
online_class_and_exam_scheduling_system — online_class_and_exam_scheduling_system A vulnerability classified as critical has been found in SourceCodester Online Class and Exam Scheduling System 1.0. Affected is an unknown function of the file /pages/class_sched.php. The manipulation of the argument class with the input ‘||(SELECT 0x684d6b6c WHERE 5993=5993 AND (SELECT 2096 FROM(SELECT COUNT(*),CONCAT(0x717a786b71,(SELECT (ELT(2096=2096,1))),0x717a626271,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a))||’ leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-205830 is the identifier assigned to this vulnerability. 2022-08-08 not yet calculated CVE-2022-2706
MISC
MISC
online_class_and_exam_scheduling_system — online_class_and_exam_scheduling_system A vulnerability classified as critical was found in SourceCodester Online Class and Exam Scheduling System 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/faculty_sched.php. The manipulation of the argument faculty with the input ‘ OR (SELECT 2078 FROM(SELECT COUNT(*),CONCAT(0x716a717071,(SELECT (ELT(2078=2078,1))),0x717a706a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)– uYCM leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205831. 2022-08-08 not yet calculated CVE-2022-2707
MISC
MISC
online_student_admission_system — online_student_admission_system A vulnerability classified as problematic was found in SourceCodester Online Student Admission System. Affected by this vulnerability is an unknown functionality of the file edit-profile.php of the component Student User Page. The manipulation with the input <script>alert(/xss/)</script> leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205669 was assigned to this vulnerability. 2022-08-05 not yet calculated CVE-2022-2681
MISC
MISC
openemr — openemr Cross-site Scripting (XSS) – DOM in GitHub repository openemr/openemr prior to 7.0.0.1. 2022-08-09 not yet calculated CVE-2022-2729
CONFIRM
MISC
openemr — openemr Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.1. 2022-08-09 not yet calculated CVE-2022-2730
MISC
CONFIRM
openemr — openemr Cross-site Scripting (XSS) – Reflected in GitHub repository openemr/openemr prior to 7.0.0.1. 2022-08-09 not yet calculated CVE-2022-2733
CONFIRM
MISC
openemr — openemr Cross-site Scripting (XSS) – Reflected in GitHub repository openemr/openemr prior to 7.0.0.1. 2022-08-09 not yet calculated CVE-2022-2731
CONFIRM
MISC
openemr — openemr Improper Restriction of Rendered UI Layers or Frames in GitHub repository openemr/openemr prior to 7.0.0.1. 2022-08-09 not yet calculated CVE-2022-2734
CONFIRM
MISC
openemr — openemr Improper Privilege Management in GitHub repository openemr/openemr prior to 7.0.0.1. 2022-08-09 not yet calculated CVE-2022-2732
MISC
CONFIRM
palo_alto_networks — multiple_products
 
A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target. To be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator. If exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack. We have taken prompt action to address this issue in our PAN-OS software. All software updates for this issue are expected to be released no later than the week of August 15, 2022. This issue does not impact Panorama M-Series or Panorama virtual appliances. This issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them. 2022-08-10 not yet calculated CVE-2022-0028
CONFIRM
private_cloud_management_platform — private_cloud_management_platform A vulnerability classified as critical has been found in Private Cloud Management Platform. Affected is an unknown function of the file /management/api/rcx_management/global_config_query of the component POST Request Handler. The manipulation leads to improper authentication. It is possible to launch the attack remotely. VDB-205614 is the identifier assigned to this vulnerability. 2022-08-05 not yet calculated CVE-2022-2664
MISC
pulse_secure — pulse_connect_secure
 
In Ivanti Pulse Secure Pulse Connect Secure (PCS) before 9.1R12, the administrator password is stored in the HTML source code of the “Maintenance > Push Configuration > Targets > Target Name” targets.cgi screen. A read-only administrative user can escalate to a read-write administrative role. 2022-08-12 not yet calculated CVE-2021-44720
MISC
MISC
rashim — michlol Michlol – rashim web interface Insecure direct object references (IDOR). First of all, the attacker needs to login. After he performs log into the system there are some functionalities that the specific user is not allowed to perform. However all the attacker needs to do in order to achieve his goals is to change the value of the ptMsl parameter and then the attacker can access sensitive data that he not supposed to access because its belong to another user. 2022-08-05 not yet calculated CVE-2022-34769
MISC
red_hat — process_automation_7_business_central
 
XML external entity injection(XXE) is a vulnerability that allows an attacker to interfere with an application’s processing of XML data. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. The software processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output. Here, XML external entity injection lead to External Service interaction & Internal file read in Business Central and also Kie-Server APIs. 2022-08-10 not yet calculated CVE-2022-2458
MISC
red_hat — process_automation_7_business_central
 
A flaw was found in Red Hat Process Automation Manager 7 where an attacker can benefit from a brute force attack against Administration Console as the application does not limit the number of unsuccessful login attempts. 2022-08-10 not yet calculated CVE-2022-2457
MISC
redhat — single_sign-on_7_keycloak An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled 2022-08-05 not yet calculated CVE-2022-2668
MISC
rigatur — online_booking_and_hotel_management_system A vulnerability was found in Rigatur Online Booking and Hotel Management System aff6409. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php of the component POST Request Handler. The manipulation of the argument email/pass leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205657 was assigned to this vulnerability. 2022-08-05 not yet calculated CVE-2022-2673
MISC
samsung — cameralyzer Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22, 3.4.22 and 3.5.51 allows attackers to access external storage as Cameralyzer privilege. 2022-08-05 not yet calculated CVE-2022-36832
MISC
samsung — charm PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. 2022-08-05 not yet calculated CVE-2022-36830
MISC
samsung — charm Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. 2022-08-05 not yet calculated CVE-2022-33734
MISC
samsung — charm Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. 2022-08-05 not yet calculated CVE-2022-33733
MISC
samsung — charm PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. 2022-08-05 not yet calculated CVE-2022-36829
MISC
samsung — checkout SQL injection vulnerability via IAPService in Samsung Checkout prior to version 5.0.53.1 allows attackers to access IAP information. 2022-08-05 not yet calculated CVE-2022-36839
MISC
samsung — game_launcher Exposure of Sensitive Information vulnerability in Game Launcher prior to version 6.0.07 allows local attacker to access app data with user interaction. 2022-08-05 not yet calculated CVE-2022-36834
MISC
samsung — game_optimizing_service Improper Privilege Management vulnerability in Game Optimizing Service prior to versions 3.3.04.0 in Android 10, and 3.5.04.8 in Android 11 and above allows local attacker to execute hidden function for developer by changing package name. 2022-08-05 not yet calculated CVE-2022-36833
MISC
samsung — mtower
 
TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive Memory Allocation via a large len value, as demonstrated by a Numaker-PFM-M2351 TEE kernel crash. 2022-08-11 not yet calculated CVE-2022-38155
MISC
MISC
samsung — notes Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung Notes permission. 2022-08-05 not yet calculated CVE-2022-36831
MISC
samsung — samsung_internet_browser Implicit Intent hijacking vulnerability in Samsung Internet Browser prior to version 17.0.7.34 allows attackers to access arbitrary files. 2022-08-05 not yet calculated CVE-2022-36835
MISC
samsung — update_setup DLL hijacking vulnerability in Samsung Update Setup prior to version 2.2.9.50 allows attackers to execute arbitrary code. 2022-08-05 not yet calculated CVE-2022-36840
MISC
sap — authenticator Under certain conditions SAP Authenticator for Android allows an attacker to access information which would otherwise be restricted. 2022-08-10 not yet calculated CVE-2022-35290
MISC
MISC
sap — businessobjects_business_intelligence SAP BusinessObjects Business Intelligence Platform (Open Document) – versions 430, 430, allows an unauthenticated attacker to retrieve sensitive information plain text over the network. On successful exploitation, the attacker can view any data available for a business user and put load on the application by an automated attack. Thus, completely compromising confidentiality but causing a limited impact on the availability of the application. 2022-08-10 not yet calculated CVE-2022-32245
MISC
MISC
sap — enable_now_manager Due to insecure session management, SAP Enable Now allows an unauthenticated attacker to gain access to user’s account. On successful exploitation, an attacker can view or modify user data causing limited impact on confidentiality and integrity of the application. 2022-08-10 not yet calculated CVE-2022-35293
MISC
MISC
semcms — semcms A vulnerability classified as critical has been found in SEMCMS. This affects an unknown part of the file Ant_Check.php. The manipulation of the argument DID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205839. 2022-08-09 not yet calculated CVE-2022-2726
N/A
N/A
siemens — multiple_products
 
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions), CP-8021 MASTER MODULE (All versions), CP-8022 MASTER MODULE WITH GPRS (All versions). The component allows to activate a web server module which provides unauthenticated access to its web pages. This could allow an attacker to retrieve debug-level information from the component such as internal network topology or connected systems. 2022-08-10 not yet calculated CVE-2021-46304
CONFIRM
siemens — scalance
 
A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE SC-600 family (All versions < V2.3.1), SCALANCE W-1700 IEEE 802.11ac family (All versions), SCALANCE W-700 IEEE 802.11ax family (All versions), SCALANCE W-700 IEEE 802.11n family (All versions), SCALANCE XB-200 switch family (All versions), SCALANCE XC-200 switch family (All versions), SCALANCE XF-200BA switch family (All versions), SCALANCE XM-400 Family (All versions), SCALANCE XP-200 switch family (All versions), SCALANCE XR-300WG switch family (All versions), SCALANCE XR-500 Family (All versions). Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS. 2022-08-10 not yet calculated CVE-2022-36325
CONFIRM
siemens — scalance_devices
 
A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE W-1700 IEEE 802.11ac family (All versions), SCALANCE W-700 IEEE 802.11ax family (All versions), SCALANCE W-700 IEEE 802.11n family (All versions), SCALANCE XB-200 switch family (All versions), SCALANCE XC-200 switch family (All versions), SCALANCE XF-200BA switch family (All versions), SCALANCE XM-400 Family (All versions), SCALANCE XP-200 switch family (All versions), SCALANCE XR-300WG switch family (All versions), SCALANCE XR-500 Family (All versions). Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack. 2022-08-10 not yet calculated CVE-2022-36324
CONFIRM
siemens — scalance_devices
 
A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE SC-600 family (All versions < V2.3.1), SCALANCE W-1700 IEEE 802.11ac family (All versions), SCALANCE W-700 IEEE 802.11ax family (All versions), SCALANCE W-700 IEEE 802.11n family (All versions), SCALANCE XB-200 switch family (All versions), SCALANCE XC-200 switch family (All versions), SCALANCE XF-200BA switch family (All versions), SCALANCE XM-400 Family (All versions), SCALANCE XP-200 switch family (All versions), SCALANCE XR-300WG switch family (All versions), SCALANCE XR-500 Family (All versions). Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. 2022-08-10 not yet calculated CVE-2022-36323
CONFIRM
siemens — simcenter_star_ccm+ A vulnerability has been identified in Simcenter STAR-CCM+ (All versions only if the Power-on-Demand public license server is used). Affected applications expose user, host and display name of users, when the public license server is used. This could allow an attacker to retrieve this information. 2022-08-10 not yet calculated CVE-2022-34659
CONFIRM
siemens — teamcenter A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.5), Teamcenter V14.0 (All versions < V14.0.0.2). File Server Cache service in Teamcenter is vulnerable to denial of service by entering infinite loops and using up CPU cycles. This could allow an attacker to cause denial of service condition. 2022-08-10 not yet calculated CVE-2022-34661
CONFIRM
siemens — teamcenter A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.5), Teamcenter V14.0 (All versions < V14.0.0.2). File Server Cache service in Teamcenter consist of a functionality that is vulnerable to command injection. This could potentially allow an attacker to perform remote code execution. 2022-08-10 not yet calculated CVE-2022-34660
CONFIRM
simple_e-learning_system — simple_e-learning_system A vulnerability classified as critical was found in SourceCodester Simple E-Learning System. Affected by this vulnerability is an unknown functionality of the file classroom.php. The manipulation of the argument post_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205615. 2022-08-05 not yet calculated CVE-2022-2665
MISC
simple_e-learning_system — simple_e-learning_system A vulnerability was found in SourceCodester Simple E-Learning System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /claire_blake. The manipulation of the argument phoneNumber leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205820. 2022-08-08 not yet calculated CVE-2022-2699
MISC
MISC
simple_e-learning_system — simple_e-learning_system A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument searchPost leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205819. 2022-08-08 not yet calculated CVE-2022-2698
MISC
MISC
simple_e-learning_system — simple_e-learning_system A vulnerability was found in SourceCodester Simple E-Learning System. It has been classified as critical. Affected is an unknown function of the file comment_frame.php. The manipulation of the argument post_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-205818 is the identifier assigned to this vulnerability. 2022-08-08 not yet calculated CVE-2022-2697
MISC
MISC
simple_e-learning_system — simple_e-learning_system A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as problematic. This vulnerability affects unknown code of the file downloadFiles.php. The manipulation of the argument download leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205828. 2022-08-08 not yet calculated CVE-2022-2704
MISC
MISC
simple_e-learning_system — simple_e-learning_system A vulnerability classified as problematic was found in SourceCodester Simple E-Learning System. This vulnerability affects unknown code of the file /claire_blake. The manipulation of the argument Bio leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-205822 is the identifier assigned to this vulnerability. 2022-08-08 not yet calculated CVE-2022-2701
MISC
MISC
simple_food_ordering_system — simple_food_ordering_system A vulnerability, which was classified as problematic, was found in SourceCodester Simple Food Ordering System 1.0. This affects an unknown part of the file /login.php. The manipulation of the argument email/password with the input “><ScRiPt>alert(1)</sCrIpT> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205671. 2022-08-05 not yet calculated CVE-2022-2683
MISC
MISC
simple_online_book_store_system — simple_online_book_store_system
 
A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Book Store System. Affected is an unknown function of the file /obs/book.php. The manipulation of the argument bookisbn leads to sql injection. It is possible to launch the attack remotely. VDB-206166 is the identifier assigned to this vulnerability. 2022-08-11 not yet calculated CVE-2022-2770
MISC
simple_online_book_store_system — simple_online_book_store_system
 
A vulnerability was found in SourceCodester Simple Online Book Store System. It has been classified as problematic. Affected is an unknown function of the file /admin/edit.php. The manipulation of the argument eid leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-206016. 2022-08-11 not yet calculated CVE-2022-2748
MISC
simple_online_book_store_system — simple_online_book_store_system
 
A vulnerability has been found in SourceCodester Simple Online Book Store System and classified as critical. This vulnerability affects unknown code of the file Admin_ add.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-206014 is the identifier assigned to this vulnerability. 2022-08-11 not yet calculated CVE-2022-2746
MISC
simple_online_book_store_system — simple_online_book_store_system
 
A vulnerability was found in SourceCodester Simple Online Book Store and classified as critical. This issue affects some unknown processing of the file book.php. The manipulation of the argument book_isbn leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-206015. 2022-08-11 not yet calculated CVE-2022-2747
MISC
simple_online_book_store_system — simple_online_book_store_system
 
A vulnerability has been found in SourceCodester Simple Online Book Store System and classified as critical. Affected by this vulnerability is an unknown functionality of the file /obs/bookPerPub.php. The manipulation of the argument bookisbn leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-206167. 2022-08-11 not yet calculated CVE-2022-2771
MISC
simple_student_information_system — simple_student_information_system A vulnerability was found in SourceCodester Simple Student Information System and classified as critical. This issue affects some unknown processing of the file manage_course.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205835. 2022-08-09 not yet calculated CVE-2022-2722
N/A
N/A
simple_student_information_system — simple_student_information_system A vulnerability was found in SourceCodester Simple Student Information System. It has been rated as critical. This issue affects some unknown processing of the file admin/departments/manage_department.php. The manipulation of the argument id with the input -5756%27%20UNION%20ALL%20SELECT%20NULL,database(),user(),NULL,NULL,NULL,NULL–%20- leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205829 was assigned to this vulnerability. 2022-08-08 not yet calculated CVE-2022-2705
MISC
MISC
student_information_system — student_information_system
 
A vulnerability classified as critical was found in SourceCodester Student Information System. Affected by this vulnerability is an unknown functionality of the file /admin/students/view_student.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The identifier VDB-206245 was assigned to this vulnerability. 2022-08-12 not yet calculated CVE-2022-2797
N/A
supersmart.me — supersmart.me Supersmart.me – Walk Through Performing unauthorized actions on other customers. Supersmart.me has a product designed to conduct smart shopping in stores. The customer receives a coder (or using an Android application) to scan at the beginning of the purchase the QR CODE on the cart, and then all the products he wants to purchase. At the end of the purchase the customer can pay independently. During the research it was discovered that it is possible to reset another customer’s cart without verification. Because the number of purchases is serial. 2022-08-05 not yet calculated CVE-2022-34768
MISC
tcl — linkhub_mesh_wifi_ac1200 An information disclosure vulnerability exists in the confctl_get_guest_wlan functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to information disclosure. An attacker can send packets to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-27633
MISC
tcl — linkhub_mesh_wifi_ac1200 A hard-coded password vulnerability exists in the libcommonprod.so prod_change_root_passwd functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. During system startup this functionality is always called, leading to a known root password. An attacker does not have to do anything to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-22144
MISC
tcl — linkhub_mesh_wifi_ac1200 A denial of service vulnerability exists in the confctl_set_master_wlan functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to denial of service. An attacker can send packets to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-27185
MISC
tcl — linkhub_mesh_wifi_ac1200 A stack-based buffer overflow vulnerability exists in the confers ucloud_add_node_new functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-21201
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the netctrl binary. 2022-08-05 not yet calculated CVE-2022-24019
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the mesh_status_check binary. 2022-08-05 not yet calculated CVE-2022-24016
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the network_check binary. 2022-08-05 not yet calculated CVE-2022-24020
MISC
tcl — linkhub_mesh_wifi_ac1200 A stack-based buffer overflow vulnerability exists in the confsrv set_port_fwd_rule functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-23399
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the multiWAN binary. 2022-08-05 not yet calculated CVE-2022-24018
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the cfm binary. 2022-08-05 not yet calculated CVE-2022-24007
MISC
tcl — linkhub_mesh_wifi_ac1200 A stack-based buffer overflow vulnerability exists in the confsrv confctl_set_app_language functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-23103
MISC
tcl — linkhub_mesh_wifi_ac1200 A denial of service vulnerability exists in the confctl_set_guest_wlan functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to denial of service. An attacker can send packets to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-27660
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the online_process binary. 2022-08-05 not yet calculated CVE-2022-24021
MISC
tcl — linkhub_mesh_wifi_ac1200 An information disclosure vulnerability exists in the confctl_get_master_wlan functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to information disclosure. An attacker can send packets to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-27630
MISC
tcl — linkhub_mesh_wifi_ac1200 A stack-based buffer overflow vulnerability exists in the confsrv set_mf_rule functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability leverages the name field within the protobuf message to cause a buffer overflow. 2022-08-05 not yet calculated CVE-2022-23919
MISC
tcl — linkhub_mesh_wifi_ac1200 A stack-based buffer overflow vulnerability exists in the confsrv set_mf_rule functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability leverages the ethAddr field within the protobuf message to cause a buffer overflow. 2022-08-05 not yet calculated CVE-2022-23918
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the logserver binary. 2022-08-05 not yet calculated CVE-2022-24014
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the pannn binary. 2022-08-05 not yet calculated CVE-2022-24022
MISC
tcl — linkhub_mesh_wifi_ac1200 A denial of service vulnerability exists in the confctl_set_wan_cfg functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to denial of service. An attacker can send packets to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-27178
MISC
tcl — linkhub_mesh_wifi_ac1200 A stack-based buffer overflow vulnerability exists in the confsrv ucloud_set_node_location functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-26009
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the miniupnpd binary. 2022-08-05 not yet calculated CVE-2022-24017
MISC
tcl — linkhub_mesh_wifi_ac1200 A stack-based buffer overflow vulnerability exists in the confsrv addTimeGroup functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-25996
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the pppd binary. 2022-08-05 not yet calculated CVE-2022-24023
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the arpbrocast binary. 2022-08-05 not yet calculated CVE-2022-24006
MISC
tcl — linkhub_mesh_wifi_ac1200 An os command injection vulnerability exists in the confsrv ucloud_add_new_node functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a malicious packet to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-21178
MISC
tcl — linkhub_mesh_wifi_ac1200 A denial of service vulnerability exists in the ucloud_del_node functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to denial of service. An attacker can send packets to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-26346
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the confsrv ucloud_set_node_location functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-26342
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the confsrv binary. 2022-08-05 not yet calculated CVE-2022-24009
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the ap_steer binary. 2022-08-05 not yet calculated CVE-2022-24005
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the rtk_ate binary. 2022-08-05 not yet calculated CVE-2022-24024
MISC
tcl — linkhub_mesh_wifi_ac1200 An os command injection vulnerability exists in the confsrv ucloud_add_node functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a malicious packet to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-22140
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the gpio_ctrl binary. 2022-08-05 not yet calculated CVE-2022-24013
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the cwmpd binary. 2022-08-05 not yet calculated CVE-2022-24010
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the libcommon.so binary. 2022-08-05 not yet calculated CVE-2022-24027
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the sntp binary. 2022-08-05 not yet calculated CVE-2022-24025
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the rp-pppoe.so binary. 2022-08-05 not yet calculated CVE-2022-24029
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the fota binary. 2022-08-05 not yet calculated CVE-2022-24012
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the device_list binary. 2022-08-05 not yet calculated CVE-2022-24011
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the confcli binary. 2022-08-05 not yet calculated CVE-2022-24008
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the log_upload binary. 2022-08-05 not yet calculated CVE-2022-24015
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the libcommonprod.so binary. 2022-08-05 not yet calculated CVE-2022-24028
MISC
tcl — linkhub_mesh_wifi_ac1200 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the telnet_ate_monitor binary. 2022-08-05 not yet calculated CVE-2022-24026
MISC
tenda — tenda_w6
 
A stack overflow vulnerability exists in /goform/wifiSSIDget in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter. 2022-08-12 not yet calculated CVE-2022-35557
MISC
tenda — tenda_w6
 
A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.9(4122), which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack. An attacker can use this vulnerability to execute arbitrary code execution. 2022-08-12 not yet calculated CVE-2022-35559
MISC
tenda — tenda_w6
 
A stack overflow vulnerability exists in /goform/WifiMacFilterSet in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter. 2022-08-12 not yet calculated CVE-2022-35561
MISC
tenda — tenda_w6
 
A stack overflow vulnerability exists in /goform/wifiSSIDset in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter. 2022-08-12 not yet calculated CVE-2022-35560
MISC
tenda — tenda_w6
 
A stack overflow vulnerability exists in /goform/WifiMacFilterGet in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter. 2022-08-12 not yet calculated CVE-2022-35558
MISC
tenda — tenda_w6
 
A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122), which allows attackers to construct cmdinput parameters for arbitrary command execution. 2022-08-12 not yet calculated CVE-2022-35555
MISC
thingsboard — thingsboard
 
A cross-site scripting (XSS) vulnerability in Rule Engine in ThingsBoard 3.3.1 allows remote attackers (with administrative access) to inject arbitrary JavaScript within the title of a rule node. 2022-08-12 not yet calculated CVE-2021-42750
MISC
MISC
thingsboard — thingsboard
 
A cross-site scripting (XSS) vulnerability in Rule Engine in ThingsBoard 3.3.1 allows remote attackers (with administrative access) to inject arbitrary JavaScript within the description of a rule node. 2022-08-12 not yet calculated CVE-2021-42751
MISC
MISC
tibco — ftl The ftlserver component of TIBCO Software Inc.’s TIBCO FTL – Community Edition, TIBCO FTL – Developer Edition, TIBCO FTL – Enterprise Edition, and TIBCO FTL – Enterprise Edition contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a privilege escalation on the affected ftlserver. Affected releases are TIBCO Software Inc.’s TIBCO FTL – Community Edition: versions 6.0.0 through 6.8.0, TIBCO FTL – Developer Edition: versions 6.0.1 through 6.8.0, TIBCO FTL – Enterprise Edition: versions 6.0.0 through 6.7.3, and TIBCO FTL – Enterprise Edition: version 6.8.0. 2022-08-09 not yet calculated CVE-2022-30573
CONFIRM
CONFIRM
tibco — ftl The ftlserver component of TIBCO Software Inc.’s TIBCO FTL – Community Edition, TIBCO FTL – Developer Edition, TIBCO FTL – Enterprise Edition, TIBCO FTL – Enterprise Edition, TIBCO eFTL – Community Edition, TIBCO eFTL – Developer Edition, TIBCO eFTL – Enterprise Edition, and TIBCO eFTL – Enterprise Edition contains a difficult to exploit vulnerability that allows a low privileged attacker with local access to obtain user credentials to the affected system. Affected releases are TIBCO Software Inc.’s TIBCO FTL – Community Edition: versions 6.0.0 through 6.8.0, TIBCO FTL – Developer Edition: versions 6.0.1 through 6.8.0, TIBCO FTL – Enterprise Edition: versions 6.0.0 through 6.7.3, TIBCO FTL – Enterprise Edition: version 6.8.0, TIBCO eFTL – Community Edition: versions 6.0.0 through 6.8.0, TIBCO eFTL – Developer Edition: versions 6.0.1 through 6.8.0, TIBCO eFTL – Enterprise Edition: versions 6.0.0 through 6.7.3, and TIBCO eFTL – Enterprise Edition: version 6.8.0. 2022-08-09 not yet calculated CVE-2022-30574
CONFIRM
CONFIRM
totolink — a3002ru_firmware TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample. 2022-08-10 not yet calculated CVE-2022-35491
MISC
typescript_deep_merge — typescript_deep_merge The package ts-deepmerge before 2.0.2 are vulnerable to Prototype Pollution due to missing sanitization of the merge function. 2022-08-09 not yet calculated CVE-2022-25907
CONFIRM
CONFIRM
CONFIRM
ucms — ucms UCMS 1.6 is vulnerable to arbitrary file upload via ucms/sadmin/file PHP file. 2022-08-10 not yet calculated CVE-2022-35426
MISC
undertow — undertow When a POST request comes through AJP and the request exceeds the max-post-size limit (maxEntitySize), Undertow’s AjpServerRequestConduit implementation closes a connection without sending any response to the client/proxy. This behavior results in that a front-end proxy marking the backend worker (application server) as an error state and not forward requests to the worker for a while. In mod_cluster, this continues until the next STATUS request (10 seconds intervals) from the application server updates the server state. So, in the worst case, it can result in “All workers are in error state” and mod_cluster responds “503 Service Unavailable” for a while (up to 10 seconds). In mod_proxy_balancer, it does not forward requests to the worker until the “retry” timeout passes. However, luckily, mod_proxy_balancer has “forcerecovery” setting (On by default; this parameter can force the immediate recovery of all workers without considering the retry parameter of the workers if all workers of a balancer are in error state.). So, unlike mod_cluster, mod_proxy_balancer does not result in responding “503 Service Unavailable”. An attacker could use this behavior to send a malicious request and trigger server errors, resulting in DoS (denial of service). This flaw was fixed in Undertow 2.2.19.Final, Undertow 2.3.0.Alpha2. 2022-08-05 not yet calculated CVE-2022-2053
MISC
MISC
undici — undici
 
undici is an HTTP/1.1 client, written from scratch for Node.js.`undici` is vulnerable to SSRF (Server-side Request Forgery) when an application takes in **user input** into the `path/pathname` option of `undici.request`. If a user specifies a URL such as `http://127.0.0.1` or `//127.0.0.1` “`js const undici = require(“undici”) undici.request({origin: “http://example.com”, pathname: “//127.0.0.1”}) “` Instead of processing the request as `http://example.org//127.0.0.1` (or `http://example.org/http://127.0.0.1` when `http://127.0.0.1 is used`), it actually processes the request as `http://127.0.0.1/` and sends it to `http://127.0.0.1`. If a developer passes in user input into `path` parameter of `undici.request`, it can result in an _SSRF_ as they will assume that the hostname cannot change, when in actual fact it can change because the specified path parameter is combined with the base URL. This issue was fixed in `undici@5.8.1`. The best workaround is to validate user input before passing it to the `undici.request` call. 2022-08-12 not yet calculated CVE-2022-35949
CONFIRM
MISC
MISC
unitree — go_1_firmware Using off-the-shelf commodity hardware, the Unitree Go 1 robotics platform version H0.1.7 and H0.1.9 (using firmware version 0.1.35) can be powered down by an attacker within normal RF range without authentication. Other versions may be affected, such as the A1. 2022-08-05 not yet calculated CVE-2022-2675
MISC
MISC
MISC
uniwill — sparkio.sys The Uniwill SparkIO.sys driver 1.0 is vulnerable to a stack-based buffer overflow via IOCTL 0x40002008. 2022-08-05 not yet calculated CVE-2022-37415
MISC
update_by_case — update_by_case
 
This Rails gem adds two methods to the ActiveRecord::Base class that allow you to update many records on a single database hit, using a case sql statement for it. Before version 0.1.3 `update_by_case` gem used custom sql strings, and it was not sanitized, making it vulnerable to sql injection. Upgrade to version >= 0.1.3 that uses `Arel` instead to construct the resulting sql statement, with sanitized sql. 2022-08-12 not yet calculated CVE-2022-35956
MISC
CONFIRM
varnish_cache — varnish_cache
 
In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert and automatically restart through forged HTTP/1 backend responses. An attack uses a crafted reason phrase of the backend response status line. This is fixed in 7.0.3 and 7.1.1. 2022-08-11 not yet calculated CVE-2022-38150
MISC
vmware — multiple_products VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution. 2022-08-05 not yet calculated CVE-2022-31659
MISC
vmware — multiple_products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. 2022-08-05 not yet calculated CVE-2022-31656
MISC
vmware — multiple_products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution. 2022-08-05 not yet calculated CVE-2022-31658
MISC
vmware — multiple_products VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious actor with network access may be able to redirect an authenticated user to an arbitrary domain. 2022-08-05 not yet calculated CVE-2022-31657
MISC
vmware — multiple_products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two privilege escalation vulnerabilities. A malicious actor with local access can escalate privileges to ‘root’. 2022-08-05 not yet calculated CVE-2022-31661
MISC
vmware — multiple_products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution. 2022-08-05 not yet calculated CVE-2022-31665
MISC
vmware — multiple_products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to ‘root’. 2022-08-05 not yet calculated CVE-2022-31664
MISC
vmware — multiple_products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript code in the target user’s window. 2022-08-05 not yet calculated CVE-2022-31663
MISC
vmware — multiple_products VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. A malicious actor with network access may be able to access arbitrary files. 2022-08-05 not yet calculated CVE-2022-31662
MISC
vmware — multiple_products VMware Workspace ONE Access, Identity Manager and vRealize Automation contains a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to ‘root’. 2022-08-05 not yet calculated CVE-2022-31660
MISC
vmware — vmware workstation
 
VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials vulnerability. A malicious actor with local user privileges to the victim machine may exploit this vulnerability leading to the disclosure of user passwords of the remote server connected through VMware Workstation. 2022-08-10 not yet calculated CVE-2022-22983
MISC
vmware — vrealize_operations
 
VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. Successful exploitation can lead to a remote code execution. 2022-08-10 not yet calculated CVE-2022-31673
MISC
vmware — vrealize_operations
 
VMware vRealize Operations contains a privilege escalation vulnerability. A malicious actor with administrative network access can escalate privileges to root. 2022-08-10 not yet calculated CVE-2022-31672
MISC
vmware — vrealize_operations
 
VMware vRealize Operations contains an authentication bypass vulnerability. An unauthenticated malicious actor with network access may be able to create a user with administrative privileges. 2022-08-10 not yet calculated CVE-2022-31675
MISC
vmware — vrealize_operations
 
VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can access log files that lead to information disclosure. 2022-08-10 not yet calculated CVE-2022-31674
MISC
wavlink — multiple_products WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: qos_bandwith and qos_dat, which leads to command injection in page /qos.shtml. 2022-08-10 not yet calculated CVE-2022-35536
MISC
wavlink — multiple_products WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: cli_list and cli_num, which leads to command injection in page /qos.shtml. 2022-08-10 not yet calculated CVE-2022-35533
MISC
wavlink — multiple_products WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter hiddenSSID32g and SSID2G2, which leads to command injection in page /wifi_multi_ssid.shtml. 2022-08-10 not yet calculated CVE-2022-35534
MISC
wavlink — multiple_products WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 login.cgi has no filtering on parameter key, which leads to command injection in page /login.shtml. 2022-08-10 not yet calculated CVE-2022-35526
MISC
wavlink — multiple_products WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: wlan_signal, web_pskValue, sel_EncrypTyp, sel_Automode, wlan_bssid, wlan_ssid and wlan_channel, which leads to command injection in page /wizard_rep.shtml. 2022-08-10 not yet calculated CVE-2022-35524
MISC
wavlink — multiple_products WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 api.cgi has no filtering on parameter ufconf, and this is a hidden parameter which doesn’t appear in POST body, but exist in cgi binary. This leads to command injection in page /ledonoff.shtml. 2022-08-10 not yet calculated CVE-2022-35520
MISC
wavlink — multiple_products WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameter led_switch, which leads to command injection in page /ledonoff.shtml. 2022-08-10 not yet calculated CVE-2022-35525
MISC
wavlink — multiple_products WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameters: remoteManagementEnabled, blockPortScanEnabled, pingFrmWANFilterEnabled and blockSynFloodEnabled, which leads to command injection in page /man_security.shtml. 2022-08-10 not yet calculated CVE-2022-35521
MISC
wavlink — multiple_products WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter del_mac and parameter flag, which leads to command injection in page /cli_black_list.shtml. 2022-08-10 not yet calculated CVE-2022-35523
MISC
wavlink — multiple_products WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: web_pskValue, wl_Method, wlan_ssid, EncrypType, rwan_ip, rwan_mask, rwan_gateway, ppp_username, ppp_passwd and ppp_setver, which leads to command injection in page /wizard_router_mesh.shtml. 2022-08-10 not yet calculated CVE-2022-35517
MISC
wavlink — multiple_products WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: ppp_username, ppp_passwd, rwan_gateway, rwan_mask and rwan_ip, which leads to command injection in page /wan.shtml. 2022-08-10 not yet calculated CVE-2022-35522
MISC
wavlink — multiple_products WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter macAddr, which leads to command injection in page /wifi_mesh.shtml. 2022-08-10 not yet calculated CVE-2022-35535
MISC
wavlink — multiple_products WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 nas.cgi has no filtering on parameters: User1Passwd and User1, which leads to command injection in page /nas_disk.shtml. 2022-08-10 not yet calculated CVE-2022-35518
MISC
wavlink — multiple_products WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: mac_5g and Newname, which leads to command injection in page /wifi_mesh.shtml. 2022-08-10 not yet calculated CVE-2022-35537
MISC
wavlink — multiple_products WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: delete_list, delete_al_mac, b_delete_list and b_delete_al_mac, which leads to command injection in page /wifi_mesh.shtml. 2022-08-10 not yet calculated CVE-2022-35538
MISC
wavlink — multiple_products WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter add_mac, which leads to command injection in page /cli_black_list.shtml. 2022-08-10 not yet calculated CVE-2022-35519
MISC
wedding_hall_booking_system — wedding_hall_booking_system A vulnerability, which was classified as problematic, was found in SourceCodester Wedding Hall Booking System. This affects an unknown part of the file /whbs/admin/?page=user of the component Staff User Profile. The manipulation of the argument First Name/Last Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205815. 2022-08-06 not yet calculated CVE-2022-2692
MISC
MISC
wedding_hall_booking_system — wedding_hall_booking_system A vulnerability, which was classified as problematic, has been found in SourceCodester Wedding Hall Booking System. Affected by this issue is some unknown functionality of the file /whbs/?page=manage_account of the component Profile Page. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-205814 is the identifier assigned to this vulnerability. 2022-08-06 not yet calculated CVE-2022-2691
MISC
MISC
wedding_hall_booking_system — wedding_hall_booking_system A vulnerability classified as problematic was found in SourceCodester Wedding Hall Booking System. Affected by this vulnerability is an unknown functionality of the file /whbs/?page=my_bookings of the component Booking Form. The manipulation of the argument Remarks leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205813 was assigned to this vulnerability. 2022-08-06 not yet calculated CVE-2022-2690
MISC
MISC
wedding_hall_booking_system — wedding_hall_booking_system A vulnerability classified as problematic has been found in SourceCodester Wedding Hall Booking System. Affected is an unknown function of the file /whbs/?page=contact_us of the component Contact Page. The manipulation of the argument Message leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205812. 2022-08-06 not yet calculated CVE-2022-2689
MISC
MISC
wolfssl — wolfssl wolfSSL before 5.4.0 allows remote attackers to cause a denial of service via DTLS because a check for return-routability can be skipped. 2022-08-08 not yet calculated CVE-2022-34293
CONFIRM
MLIST
wordpress — wordpress The Frontend File Manager & Sharing WordPress plugin before 1.1.3 does not filter file extensions when letting users upload files on the server, which may lead to malicious code being uploaded. 2022-08-08 not yet calculated CVE-2022-2356
MISC
wordpress — wordpress The Better Tag Cloud WordPress plugin through 0.99.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup) 2022-08-08 not yet calculated CVE-2022-2412
MISC
wordpress — wordpress The Easy Username Updater WordPress plugin before 1.0.5 does not implement CSRF checks, which could allow attackers to make a logged in admin change any user’s username includes the admin 2022-08-08 not yet calculated CVE-2022-2355
MISC
wordpress — wordpress The DW Promobar WordPress plugin through 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup) 2022-08-08 not yet calculated CVE-2022-2423
MISC
wordpress — wordpress The Google Maps Anywhere WordPress plugin through 1.2.6.3 does not sanitise and escape any of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup) 2022-08-08 not yet calculated CVE-2022-2424
MISC
wordpress — wordpress The WP DS Blog Map WordPress plugin through 3.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup) 2022-08-08 not yet calculated CVE-2022-2425
MISC
wordpress — wordpress The weForms WordPress plugin before 1.6.14 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. 2022-08-08 not yet calculated CVE-2022-2395
MISC
wordpress — wordpress Authenticated IDOR vulnerability in StoreApps Affiliate For WooCommerce premium plugin <= 4.7.0 at WordPress allows an attacker to change the PayPal email. WooCommerce PayPal Payments plugin (free) should be at least installed to get the extra input field on the user profile page. 2022-08-05 not yet calculated CVE-2022-36284
CONFIRM
CONFIRM
wordpress — wordpress The Thinkific Uploader WordPress plugin through 1.0.0 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks against other administrators. 2022-08-08 not yet calculated CVE-2022-2426
MISC
wordpress — wordpress The WPDating WordPress plugin through 7.1.9 does not properly escape user input before concatenating it to certain SQL queries, leading to multiple SQL injection vulnerabilities. 2022-08-08 not yet calculated CVE-2022-2460
MISC
wordpress — wordpress Multiple Improper Access Control vulnerabilities in StoreApps Affiliate For WooCommerce premium plugin <= 4.7.0 at WordPress. 2022-08-05 not yet calculated CVE-2022-25649
CONFIRM
CONFIRM
wordpress — wordpress The Discy WordPress theme before 5.0 lacks authorization checks then processing ajax requests to the discy_update_options action, allowing any logged in users (with privileges as low as Subscriber,) to change Theme options by sending a crafted POST request. 2022-08-08 not yet calculated CVE-2022-1323
MISC
wordpress — wordpress The WordPress Comments Fields WordPress plugin before 4.1 does not escape Field Error Message, which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed 2022-08-08 not yet calculated CVE-2022-2398
MISC
wordpress — wordpress Broken Authentication vulnerability in JumpDEMAND Inc. ActiveDEMAND plugin <= 0.2.27 at WordPress allows unauthenticated post update/create/delete. 2022-08-05 not yet calculated CVE-2022-36296
CONFIRM
CONFIRM
wordpress — wordpress The Auto More Tag WordPress plugin through 4.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup) 2022-08-08 not yet calculated CVE-2022-2411
MISC
wordpress — wordpress Cross-Site Request Forgery (CSRF) vulnerability in MailerLite – Signup forms (official) plugin <= 1.5.7 at WordPress allows an attacker to change the API key. 2022-08-05 not yet calculated CVE-2022-33201
CONFIRM
CONFIRM
wordpress — wordpress The mTouch Quiz WordPress plugin through 3.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup) 2022-08-08 not yet calculated CVE-2022-2410
MISC
wordpress — wordpress The Directorist WordPress plugin before 7.2.3 allows administrators to download other plugins from the same vendor directly to the site, but does not check the URL domain it gets the zip files from. This could allow administrators to run code on the server, which is a problem in multisite configurations. 2022-08-08 not yet calculated CVE-2022-2046
MISC
CONFIRM
wordpress — wordpress The Inspiro PRO WordPress plugin does not sanitize the portfolio slider description, allowing users with privileges as low as Contributor to inject JavaScript into the description. 2022-08-08 not yet calculated CVE-2022-2391
MISC
wordpress — wordpress The Crowdsignal Dashboard WordPress plugin before 3.0.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting 2022-08-08 not yet calculated CVE-2022-2386
MISC
wordpress — wordpress The YaySMTP WordPress plugin before 2.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup) 2022-08-08 not yet calculated CVE-2022-2372
MISC
wordpress — wordpress The YaySMTP WordPress plugin before 2.2.1 does not have proper authorisation when saving its settings, allowing users with a role as low as subscriber to change them, and use that to conduct Stored Cross-Site Scripting attack due to the lack of escaping in them as well. 2022-08-08 not yet calculated CVE-2022-2371
MISC
wordpress — wordpress The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good “link” parameter validation 2022-08-08 not yet calculated CVE-2022-2367
MISC
wordpress — wordpress The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php. 2022-08-08 not yet calculated CVE-2022-2357
MISC
wordpress — wordpress The Website File Changes Monitor WordPress plugin before 1.8.3 does not sanitise and escape user input before using it in a SQL statement via an action available to users with the manage_options capability (by default admins), leading to an SQL injection 2022-08-08 not yet calculated CVE-2022-2269
MISC
wordpress — wordpress The Rough Chart WordPress plugin through 1.0.0 does not properly escape chart data label, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. 2022-08-08 not yet calculated CVE-2022-2409
MISC
wrteam — eshop A Cross-site scripting (XSS) vulnerability in json search parse and the json response in wrteam.in, eShop – Multipurpose Ecommerce Store Website version 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the get_products?search parameter. 2022-08-08 not yet calculated CVE-2022-35493
MISC
yugabyte — yugabytedb An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft’s Active Directory. When anonymous or unauthenticated LDAP binding is enabled, it allows bypass of authentication with an empty password. 2022-08-12 not yet calculated CVE-2022-37397
CONFIRM
zammad — zammad In Zammad 5.2.0, an attacker could manipulate the rate limiting in the ‘forgot password’ feature of Zammad, and thereby send many requests for a known account to cause Denial Of Service by many generated emails which would also spam the victim. 2022-08-08 not yet calculated CVE-2022-35488
MISC
zammad — zammad In Zammad 5.2.0, customers who have secondary organizations assigned were able to see all organizations of the system rather than only those to which they are assigned. 2022-08-08 not yet calculated CVE-2022-35489
MISC
zammad — zammad Zammad 5.2.0 is vulnerable to privilege escalation. Zammad has a prevention against brute-force attacks trying to guess login credentials. After a configurable amount of attempts, users are invalidated and logins prevented. An attacker might work around this prevention, enabling them to send more than the configured amount of requests before the user invalidation takes place. 2022-08-08 not yet calculated CVE-2022-35490
MISC
zammad — zammad Zammad 5.2.0 suffers from Incorrect Access Control. Zammad did not correctly perform authorization on certain attachment endpoints. This could be abused by an unauthenticated attacker to gain access to attachments, such as emails or attached files. 2022-08-08 not yet calculated CVE-2022-35487
MISC
zimbra — collaboration_suite
 
In Zimbra Collaboration Suite (ZCS) 8.8.15, the URL at /h/search?action accepts parameters called extra, title, and onload that are partially sanitised and lead to reflected XSS that allows executing arbitrary JavaScript on the victim’s machine. 2022-08-12 not yet calculated CVE-2022-37044
MISC
MISC
zimbra — collaboration_suite
 
An issue was discovered in the webmail component in Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0. When using preauth, CSRF tokens are not checked on some POST endpoints. Thus, when an authenticated user views an attacker-controlled page, a request will be sent to the application that appears to be intended. The CSRF token is omitted from the request, but the request still succeeds. 2022-08-12 not yet calculated CVE-2022-37043
MISC
MISC
zimbra — collaboration_suite
 
Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code execution. NOTE: this issue exists because of an incomplete fix for CVE-2022-27925. 2022-08-12 not yet calculated CVE-2022-37042
MISC
MISC
zimbra — collaboration_suite
 
An issue was discovered in ProxyServlet.java in the /proxy servlet in Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0. The value of the X-Forwarded-Host header overwrites the value of the Host header in proxied requests. The value of X-Forwarded-Host header is not checked against the whitelist of hosts that ZCS is allowed to proxy to (the zimbraProxyAllowedDomains setting). 2022-08-12 not yet calculated CVE-2022-37041
MISC
MISC
zlib — zlib zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). 2022-08-05 not yet calculated CVE-2022-37434
MISC
MISC
MISC
MISC
MLIST
MISC
MLIST
zoho — multiple_products
 
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user’s API key, and then access external APIs. 2022-08-10 not yet calculated CVE-2022-36923
MISC
zoho — multiple_products
 
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution. 2022-08-10 not yet calculated CVE-2022-37024
MISC
zoo_management_system — zoo_management_system
 
A vulnerability was found in SourceCodester Zoo Management System and classified as critical. This issue affects some unknown processing of the file /pages/animals.php. The manipulation of the argument class_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206249 was assigned to this vulnerability. 2022-08-12 not yet calculated CVE-2022-2803
MISC
MISC
zoo_management_system — zoo_management_system
 
A vulnerability was found in SourceCodester Zoo Management System. It has been classified as critical. Affected is an unknown function of the file /pages/apply_vacancy.php. The manipulation of the argument filename leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-206250 is the identifier assigned to this vulnerability. 2022-08-12 not yet calculated CVE-2022-2804
MISC
MISC
zoom — client_for_meetings
 
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading to additional attacks including the potential for remote code execution through launching executables from arbitrary paths. 2022-08-11 not yet calculated CVE-2022-28755
MISC
zoom — on-premise_meeting_connector
 
Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fails to properly parse STUN error codes, which can result in memory corruption and could allow a malicious actor to crash the application. In versions older than 4.8.12.20211115, this vulnerability could also be leveraged to execute arbitrary code. 2022-08-11 not yet calculated CVE-2022-28750
MISC
zoom — on-premise_meeting_connector
 
Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714 contains an improper access control vulnerability. As a result, a malicious actor can join a meeting which they are authorized to join without appearing to the other participants, can admit themselves into the meeting from the waiting room, and can become host and cause other meeting disruptions. 2022-08-11 not yet calculated CVE-2022-28753
MISC
zoom — on-premise_meeting_connector
 
Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714 contains an improper access control vulnerability. As a result, a malicious actor can join a meeting which they are authorized to join without appearing to the other participants, can admit themselves into the meeting from the waiting room, and can become host and cause other meeting disruptions. 2022-08-11 not yet calculated CVE-2022-28754
MISC

Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Threat Actors Exploiting Multiple Vulnerabilities Against Zimbra Collaboration Suite

08/16/2022 11:10 AM EDT

Original release date: August 16, 2022

CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have released a joint Cybersecurity Advisory (CSA) in response to active exploitation of multiple vulnerabilities against Zimbra Collaboration Suite (ZCS), an enterprise cloud-hosted collaboration software and email platform. 

CISA and MS-ISAC encourage users and administrators review Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite for more information and apply the recommended mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA Adds Two Known Exploited Vulnerabilities to Catalog 

08/11/2022 12:33 PM EDT

Original release date: August 11, 2022

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates. 

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known CVEs that carry significant risk to the federal enterprise. BOD 22-01 requires FCEB agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. 

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the specified criteria. 

This product is provided subject to this Notification and this Privacy & Use policy.

#StopRansomware: Zeppelin Ransomware

08/11/2022 10:03 AM EDT

Original release date: August 11, 2022

CISA and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA), #StopRansomware: Zeppelin Ransomware, to provide information on Zeppelin Ransomware. Actors use Zeppelin Ransomware, a ransomware-as-a-service (RaaS), against a wide range of businesses and critical infrastructure organizations to encrypt victims’ files for financial gain.

CISA encourages organizations to review #StopRansomware: Zeppelin Ransomware for more information. Additionally, see StopRansomware.gov for guidance on ransomware protection, detection, and response. 

 

This product is provided subject to this Notification and this Privacy & Use policy.

Cisco Releases Security Update for Multiple Products

08/11/2022 12:03 PM EDT

Original release date: August 11, 2022

Cisco has released a security update to address a vulnerability affecting Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software. This vulnerability could allow a remote attacker to obtain sensitive information. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

CISA encourages users and administrators to review the following Cisco advisory and apply the necessary updates:
•    Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz

This product is provided subject to this Notification and this Privacy & Use policy.

Palo Alto Networks Releases Security Update for PAN-OS

08/05/2022 02:05 PM EDT

Original release date: August 5, 2022 | Last revised: August 10, 2022

Palo Alto Networks has released a security update to address a vulnerability in PAN-OS firewall configurations. A remote attacker could exploit this vulnerability to conduct a reflected denial-of service.

CISA encourages users and administrators to review the Palo Alto Networks Security Advisory CVE-2022-0028 and apply the necessary updates or workarounds. 

 

 

 

This product is provided subject to this Notification and this Privacy & Use policy.

Vulnerability Summary for the Week of August 1, 2022

08/08/2022 08:33 AM EDT

Original release date: August 8, 2022 | Last revised: August 9, 2022

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no high vulnerabilities recorded this week.

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no medium vulnerabilities recorded this week.

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no low vulnerabilities recorded this week.

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
@acrontum — filesystem-template
 
The package @acrontum/filesystem-template before 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input. 2022-08-05 not yet calculated CVE-2022-21186
CONFIRM
CONFIRM
Ittiam — libmpeg2
 
Ittiam libmpeg2 before 2022-07-27 uses memcpy with overlapping memory blocks in impeg2_mc_fullx_fully_8x8. 2022-08-05 not yet calculated CVE-2022-37416
MISC
MISC
accusoft — imagegear
 
An out-of-bounds write vulnerability exists in the PSD Header processing memory allocation functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-29465
MISC
aes_crypt — aes_crypt
 
AES Crypt is a file encryption software for multiple platforms. AES Crypt for Linux built using the source on GitHub and having the version number 3.11 has a vulnerability with respect to reading user-provided passwords and confirmations via command-line prompts. Passwords lengths were not checked before being read. This vulnerability may lead to buffer overruns. This does _not_ affect source code found on aescrypt.com, nor is the vulnerability present when providing a password or a key via the `-p` or `-k` command-line options. The problem was fixed via in commit 68761851b and will be included in release 3.16. Users are advised to upgrade. Users unable to upgrade should us the `-p` or `-k` options to provide a password or key. 2022-08-03 not yet calculated CVE-2022-35928
MISC
CONFIRM
alphaware_simple_e-commerce_system — alphaware_simple_e-commerce_system
 
A vulnerability, which was classified as problematic, has been found in SourceCodester Alphaware Simple E-Commerce System. Affected by this issue is some unknown functionality of the file stockin.php. The manipulation of the argument id with the input ‘”><script>alert(/xss/)</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-205670 is the identifier assigned to this vulnerability. 2022-08-05 not yet calculated CVE-2022-2682
MISC
MISC
apache — hadoop
 
Apache Hadoop’s FileUtil.unTar(File, File) API does not escape the input file name before being passed to the shell. An attacker can inject arbitrary commands. This is only used in Hadoop 3.3 InMemoryAliasMap.completeBootstrapTransfer, which is only ever run by a local user. It has been used in Hadoop 2.x for yarn localization, which does enable remote code execution. It is used in Apache Spark, from the SQL command ADD ARCHIVE. As the ADD ARCHIVE command adds new binaries to the classpath, being able to execute shell scripts does not confer new permissions to the caller. SPARK-38305. “Check existence of file before untarring/zipping”, which is included in 3.3.0, 3.1.4, 3.2.2, prevents shell commands being executed, regardless of which version of the hadoop libraries are in use. Users should upgrade to Apache Hadoop 2.10.2, 3.2.4, 3.3.3 or upper (including HADOOP-18136). 2022-08-04 not yet calculated CVE-2022-25168
MISC
apache — jspwiki
 
A carefully crafted request on AJAXPreview.jsp could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim’s browser and get some sensitive information about the victim. This vulnerability leverages CVE-2021-40369, where the Denounce plugin dangerously renders user-supplied URLs. Upon re-testing CVE-2021-40369, it appears that the patch was incomplete as it was still possible to insert malicious input via the Denounce plugin. Apache JSPWiki users should upgrade to 2.11.3 or later. 2022-08-04 not yet calculated CVE-2022-28730
MISC
apache — jspwiki
 
A carefully crafted request on XHRHtml2Markup.jsp could trigger an XSS vulnerability on Apache JSPWiki up to and including 2.11.2, which could allow the attacker to execute javascript in the victim’s browser and get some sensitive information about the victim. 2022-08-04 not yet calculated CVE-2022-27166
MISC
apache — jspwiki
 
A carefully crafted request on WeblogPlugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim’s browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.11.3 or later. 2022-08-04 not yet calculated CVE-2022-28732
MISC
apache — jspwiki
 
A carefully crafted invocation on the Image plugin could trigger an CSRF vulnerability on Apache JSPWiki before 2.11.3, which could allow a group privilege escalation of the attacker’s account. Further examination of this issue established that it could also be used to modify the email associated with the attacked account, and then a reset password request from the login page. 2022-08-04 not yet calculated CVE-2022-34158
MISC
apache — jspwiki
 
A carefully crafted request on UserPreferences.jsp could trigger an CSRF vulnerability on Apache JSPWiki before 2.11.3, which could allow the attacker to modify the email associated with the attacked account, and then a reset password request from the login page. 2022-08-04 not yet calculated CVE-2022-28731
MISC
apartment_visitor_management_system — apartment_visitor_management_system
 
A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been classified as critical. This affects an unknown part of the file index.php. The manipulation of the argument username with the input ‘ AND (SELECT 4955 FROM (SELECT(SLEEP(5)))RSzF) AND ‘htiy’=’htiy leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205665 was assigned to this vulnerability. 2022-08-05 not yet calculated CVE-2022-2677
MISC
MISC
apartment_visitor_management_system — apartment_visitor_management_system
 
A vulnerability has been found in SourceCodester Apartment Visitor Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /manage-apartment.php. The manipulation of the argument Apartment Number with the input <script>alert(1)</script> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205672. 2022-08-05 not yet calculated CVE-2022-2684
MISC
MISC
aplhaware_simple_e-commerce_system — aplhaware_simple_e-commerce_system
 
A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System. It has been declared as critical. This vulnerability affects unknown code of the file admin_feature.php of the component Background Management Page. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-205666 is the identifier assigned to this vulnerability. 2022-08-05 not yet calculated CVE-2022-2678
MISC
MISC
arista — cloudvision_portal
 
This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal (CVP) where under a certain set of conditions, user passwords can be leaked in the Audit and System logs. The impact of this vulnerability is that the CVP user login passwords might be leaked to other authenticated users. 2022-08-05 not yet calculated CVE-2022-29071
MISC
arista_networks — eos
 
This advisory documents the impact of an internally found vulnerability in Arista EOS for security ACL bypass. The impact of this vulnerability is that the security ACL drop rule might be bypassed if a NAT ACL rule filter with permit action matches the packet flow. This could allow a host with an IP address in a range that matches the range allowed by a NAT ACL and a range denied by a Security ACL to be forwarded incorrectly as it should have been denied by the Security ACL. This can enable an ACL bypass. 2022-08-05 not yet calculated CVE-2021-28511
MISC
arm — mali_gpu_kernel_driver
 
An issue was discovered in the Arm Mali GPU Kernel Driver (Valhall r29p0 through r38p0). A non-privileged user can make improper GPU processing operations to gain access to already freed memory. 2022-08-02 not yet calculated CVE-2022-33917
MISC
arris — multiple_products
 
do_request in request.c in muhttpd before 1.1.7 allows remote attackers to read arbitrary files by constructing a URL with a single character before a desired path on the filesystem. This occurs because the code skips over the first character when serving files. Arris NVG443, NVG599, NVG589, and NVG510 devices and Arris-derived BGW210 and BGW320 devices are affected. 2022-08-04 not yet calculated CVE-2022-31793
MISC
MISC
MISC
MISC
artica — pandora_fms Pandora FMS v7.0NG.760 and below allows an improper access control in Configuration (Credential store) where a user with the role of Operator (Write) could create, delete, view existing keys which are outside the intended role. 2022-08-01 not yet calculated CVE-2022-26308
CONFIRM
CONFIRM
artica — pandora_fms A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the service name field. 2022-08-05 not yet calculated CVE-2021-46678
CONFIRM
CONFIRM
artica — pandora_fms A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via service elements. 2022-08-05 not yet calculated CVE-2021-46679
CONFIRM
CONFIRM
artica — pandora_fms A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the module form name field. 2022-08-05 not yet calculated CVE-2021-46680
CONFIRM
artica — pandora_fms Pandora FMS v7.0NG.760 and below allows an improper authorization in User Management where any authenticated user with access to the User Management module could create, modify or delete any user with full admin privilege. The impact could lead to a vertical privilege escalation to access the privileges of a higher-level user or typically an admin user. 2022-08-01 not yet calculated CVE-2022-26310
CONFIRM
CONFIRM
artica — pandora_fms A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the event filter name field. 2022-08-05 not yet calculated CVE-2021-46677
CONFIRM
CONFIRM
artica — pandora_fms
 
A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via module massive operation name field. 2022-08-05 not yet calculated CVE-2021-46681
CONFIRM
CONFIRM
artica– pandora_fms Pandora FMS v7.0NG.759 allows Cross-Site Request Forgery in Bulk operation (User operation) resulting in elevation of privilege to Administrator group. 2022-08-01 not yet calculated CVE-2022-26309
CONFIRM
CONFIRM
artica — pandora_fms A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the transactional maps name field. 2022-08-05 not yet calculated CVE-2021-46676
CONFIRM
CONFIRM
asustor — adm
 
A stack-based buffer overflow vulnerability was found inside ADM when using WebDAV due to the lack of data size validation. An attacker can exploit this vulnerability to run arbitrary code. Affected ADM versions include: 3.5.9.RUE3 and below, 4.0.5.RVI1 and below as well as 4.1.0.RJD1 and below. 2022-08-05 not yet calculated CVE-2022-37398
MISC
asuswrt-merlin — asuswrt
 
A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-26376
MISC
atlassian — jira_data_center This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Server and Data Center allowed remote attackers with system administrator permissions to execute arbitrary code via Template Injection leading to Remote Code Execution (RCE) in the Email Templates feature. In this case the security improvement was to protect against using the XStream library to be able to execute arbitrary code in velocity templates. The affected versions are before version 8.13.19, from version 8.14.0 before 8.20.7, and from version 8.21.0 before 8.22.1. 2022-08-01 not yet calculated CVE-2022-36799
MISC
atlassian — jira_service_management_server_and_data_center
 
Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers without the “Browse Users” permission to view groups via an Information Disclosure vulnerability in the browsegroups.action endpoint. The affected versions are before version 4.22.2. 2022-08-03 not yet calculated CVE-2022-36800
MISC
autodesk — autocad Parsing a maliciously crafted PRT file can force Autodesk AutoCAD 2023 to read beyond allocated boundaries. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. 2022-07-29 not yet calculated CVE-2022-33881
MISC
autodesk — autodesk_design_review
 
A maliciously crafted TIFF file when consumed through DesignReview.exe application can be forced to read beyond allocated boundaries when parsing the TIFF file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. 2022-07-29 not yet calculated CVE-2022-27866
MISC
autodesk — autodesk_design_review
 
A maliciously crafted TGA or PCX file may be used to write beyond the allocated buffer through DesignReview.exe application while parsing TGA and PCX files. This vulnerability may be exploited to execute arbitrary code. 2022-07-29 not yet calculated CVE-2022-27865
MISC
autodesk — autodesk_design_review
 
A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. 2022-07-29 not yet calculated CVE-2022-27864
MISC
autodesk — fusion_360 An attacker can force the victim’s device to perform arbitrary HTTP requests in WAN through a malicious SVG file being parsed by Autodesk Fusion 360’s document parser. The vulnerability exists in the application’s ‘Insert SVG’ procedure. An attacker can also leverage this vulnerability to obtain victim’s public IP and possibly other sensitive information. 2022-07-29 not yet calculated CVE-2022-27873
MISC
backdrop — backdrop
 
An issue in the login and reset password functionality of Backdrop CMS v1.22.0 allows attackers to enumerate usernames via password reset requests and distinct responses returned based on usernames. 2022-08-01 not yet calculated CVE-2022-34530
MISC
MISC
beancount — fava Cross-site Scripting (XSS) – Reflected in GitHub repository beancount/fava prior to 1.22.3. 2022-08-01 not yet calculated CVE-2022-2589
CONFIRM
MISC
best_fee_management_system — best_fee_management_system
 
A vulnerability was found in SourceCodester Best Fee Management System. It has been rated as critical. Affected by this issue is the function login of the file admin_class.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-205658 is the identifier assigned to this vulnerability. 2022-08-05 not yet calculated CVE-2022-2674
MISC
bigtree_cms — bigtree_cms
 
BigTree CMS 4.4.16 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted PDF file. 2022-08-03 not yet calculated CVE-2022-36197
MISC
bmc — track-it
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of BMC Track-It! 20.21.02.109. Authentication is required to exploit this vulnerability. The specific flaw exists within the GetPopupSubQueryDetails endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-16690. 2022-08-03 not yet calculated CVE-2022-35864
MISC
MISC
bmc — track-it
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It! 20.21.2.109. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-16709. 2022-08-03 not yet calculated CVE-2022-35865
MISC
MISC
boltcms — boltcms
 
The foldername parameter in Bolt 5.1.7 was discovered to have incorrect input validation, allowing attackers to perform directory enumeration or cause a Denial of Service (DoS) via a crafted input. 2022-08-01 not yet calculated CVE-2022-31321
MISC
MISC
bookwyrm — bookwyrm
 
BookWyrm is a social network for tracking reading. Versions prior to 0.4.5 were found to lack rate limiting on authentication views which allows brute-force attacks. This issue has been patched in version 0.4.5. Admins with existing instances will need to update their `nginx.conf` file that was created when the instance was set up. Users are advised advised to upgrade. Users unable to upgrade may update their nginx.conf files with the changes manually. 2022-08-02 not yet calculated CVE-2022-35925
MISC
CONFIRM
MISC
bookwyrm — bookwyrm
 
Authentication Bypass by Primary Weakness in GitHub repository bookwyrm-social/bookwyrm prior to 0.4.5. 2022-08-04 not yet calculated CVE-2022-2651
CONFIRM
MISC
bosch — bf-os
 
BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a remote attacker to brute-force the device password. 2022-08-01 not yet calculated CVE-2022-36301
CONFIRM
bosch — bf-os
 
File path manipulation vulnerability in BF-OS version 3.00 up to and including 3.83 allows an attacker to modify the file path to access different resources, which may contain sensitive information. 2022-08-01 not yet calculated CVE-2022-36302
CONFIRM
centreon — centreon
 
This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the configuration of poller resources. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. Was ZDI-CAN-16335. 2022-08-03 not yet calculated CVE-2022-34871
MISC
MISC
centreon — centreon
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of Virtual Metrics. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-16336. 2022-08-03 not yet calculated CVE-2022-34872
MISC
MISC
chia_network — cat1
 
An inflation issue was discovered in Chia Network CAT1 Standard 1.0.0. Previously minted tokens minted on the Chia blockchain using the CAT1 standard can be inflated to an arbitrary extent by any holder of any amount of the token. The total amount of the token can be increased as high as the malicious actor pleases. This is true for every CAT1 on the Chia blockchain regardless of issuance rules. This attack is auditable on chain, so maliciously altered coins can potentially be marked by off-chain observers as malicious. 2022-07-29 not yet calculated CVE-2022-36447
MISC
MISC
church_management_system — church_management_system
 
A vulnerability classified as critical has been found in SourceCodester Church Management System 1.0. Affected is an unknown function of the file /login.php. The manipulation of the argument username with the input ‘ OR (SELECT 7064 FROM(SELECT COUNT(*),CONCAT(0x71627a7671,(SELECT (ELT(7064=7064,1))),0x716b707871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)– jURL leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205668. 2022-08-05 not yet calculated CVE-2022-2680
MISC
MISC
ckeditor — ckeditor5
 
CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5’s packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affected packages are `@ckeditor/ckeditor5-markdown-gfm`, `@ckeditor/ckeditor5-html-support`, and `@ckeditor/ckeditor5-html-embed`. The specific conditions are 1) Using one of the affected packages. In case of `ckeditor5-html-support` and `ckeditor5-html-embed`, additionally, it was required to use a configuration that allows unsafe markup inside the editor. 2) Destroying the editor instance and 3) Initializing the editor on an element and using an element other than `<textarea>` as a base. The root cause of the issue was a mechanism responsible for updating the source element with the markup coming from the CKEditor 5 data pipeline after destroying the editor. This vulnerability might affect a small percent of integrators that depend on dynamic editor initialization/destroy and use Markdown, General HTML Support or HTML embed features. The problem has been recognized and patched. The fix is available in version 35.0.1. There are no known workarounds for this issue. 2022-08-03 not yet calculated CVE-2022-31175
CONFIRM
MISC
MISC
MISC
company_website_cms — company_website_cms
 
A vulnerability was found in SourceCodester Company Website CMS and classified as critical. This issue affects some unknown processing. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205817 was assigned to this vulnerability. 2022-08-06 not yet calculated CVE-2022-2694
MISC
MISC
complete_online_job_search system — complete_online_job_search system
 
Complete Online Job Search System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the U_NAME parameter at /category/controller.php?action=edit. 2022-08-05 not yet calculated CVE-2022-35163
MISC
complete_online_job_search system — complete_online_job_search system
 
Complete Online Job Search System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the CATEGORY parameter at /category/controller.php?action=edit. 2022-08-05 not yet calculated CVE-2022-35162
MISC
connman — connman
 
In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution. 2022-08-03 not yet calculated CVE-2022-32293
CONFIRM
MISC
CONFIRM
connman — connman
 
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code. 2022-08-03 not yet calculated CVE-2022-32292
MISC
CONFIRM
contiki-ng — contiki-ng
 
Contiki-NG is an open-source, cross-platform operating system for IoT devices. Because of insufficient validation of IPv6 neighbor discovery options in Contiki-NG, attackers can send neighbor solicitation packets that trigger an out-of-bounds read. The problem exists in the module os/net/ipv6/uip-nd6.c, where memory read operations from the main packet buffer, <code>uip_buf</code>, are not checked if they go out of bounds. In particular, this problem can occur when attempting to read the 2-byte option header and the Source Link-Layer Address Option (SLLAO). This attack requires ipv6 be enabled for the network. The problem has been patched in the develop branch of Contiki-NG. The upcoming 4.8 release of Contiki-NG will include the patch.Users unable to upgrade may apply the patch in Contiki-NG PR #1654. 2022-08-04 not yet calculated CVE-2022-35926
CONFIRM
MISC
MISC
MISC
contiki-ng — contiki-ng
 
Contiki-NG is an open-source, cross-platform operating system for IoT devices. In affected versions it is possible to cause a buffer overflow when copying an IPv6 address prefix in the RPL-Classic implementation in Contiki-NG. In order to trigger the vulnerability, the Contiki-NG system must have joined an RPL DODAG. After that, an attacker can send a DAO packet with a Target option that contains a prefix length larger than 128 bits. The problem was fixed after the release of Contiki-NG 4.7. Users unable to upgrade may apply the patch in Contiki-NG PR #1615. 2022-08-04 not yet calculated CVE-2021-32771
MISC
MISC
CONFIRM
MISC
contiki-ng — contiki-ng
 
Contiki-NG is an open-source, cross-platform operating system for IoT devices. In the RPL-Classic routing protocol implementation in the Contiki-NG operating system, an incoming DODAG Information Option (DIO) control message can contain a prefix information option with a length parameter. The value of the length parameter is not validated, however, and it is possible to cause a buffer overflow when copying the prefix in the set_ip_from_prefix function. This vulnerability affects anyone running a Contiki-NG version prior to 4.7 that can receive RPL DIO messages from external parties. To obtain a patched version, users should upgrade to Contiki-NG 4.7 or later. There are no workarounds for this issue. 2022-08-04 not yet calculated CVE-2022-35927
MISC
CONFIRM
MISC
cpcletop — io.socket:socket.io-client
 
The package io.socket:socket.io-client before 2.0.1 are vulnerable to NULL Pointer Dereference when parsing a packet with with invalid payload format. 2022-08-02 not yet calculated CVE-2022-25867
MISC
MISC
MISC
MISC
MISC
crowcpp — crowcpp
 
Crow before v1.0+4 was discovered to contain a buffer overflow via the function qs_parse at query_string.h. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. 2022-08-04 not yet calculated CVE-2022-34970
MISC
MISC
curljs — curljs
 
This affects all versions of package curljs. 2022-08-02 not yet calculated CVE-2020-28425
MISC
cvat — cvat
 
CVAT is an opensource interactive video and image annotation tool for computer vision. Versions prior to 2.0.0 were found to be subject to a Server-side request forgery (SSRF) vulnerability. Validation has been added to urls used in the affected code path in version 2.0.0. Users are advised to upgrade. There are no known workarounds for this issue. 2022-08-01 not yet calculated CVE-2022-31188
MISC
CONFIRM
d-link — dir-818lw a1:dir818l_fw105b01
 
D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remote code execution (RCE) vulnerability via the function binary.soapcgi_main. 2022-08-03 not yet calculated CVE-2022-35620
MISC
MISC
d-link — dir820la1_fw106b02
 
D-Link DIR810LA1_FW102B22 was discovered to contain a command injection vulnerability via the Ping_addr function. 2022-08-03 not yet calculated CVE-2022-34974
MISC
MISC
d-link — dsl-3782 D-Link DSL-3782 v1.03 and below was discovered to contain a command injection vulnerability via the function byte_4C0160. 2022-07-29 not yet calculated CVE-2022-34527
MISC
MISC
d-link — dsl-3782 D-Link DSL-3782 v1.03 and below was discovered to contain a stack overflow via the function getAttrValue. 2022-07-29 not yet calculated CVE-2022-34528
MISC
MISC
d-link — dir-818lw a1:dir818l_fw105b01
 
D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remote code execution (RCE) vulnerability via the function ssdpcgi_main. 2022-08-03 not yet calculated CVE-2022-35619
MISC
MISC
d-link — dir820la1_fw106b02
 
D-Link DIR820LA1_FW106B02 was discovered to contain a buffer overflow via the nextPage parameter at ping.ccp. 2022-08-03 not yet calculated CVE-2022-34973
MISC
MISC
dd-wrt — dd-wrt
 
A memory corruption vulnerability exists in the httpd unescape functionality of DD-WRT Revision 32270 – Revision 48599. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-27631
MISC
dedecms — dedecms DedeCMS v5.7.95 was discovered to contain a remote code execution (RCE) vulnerability via the component mytag_ main.php. 2022-07-29 not yet calculated CVE-2022-34531
MISC
devexpress — devexpress
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of DevExpress. Authentication is required to exploit this vulnerability. The specific flaw exists within the SafeBinaryFormatter library. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-16710. 2022-08-03 not yet calculated CVE-2022-28684
MISC
discourse — discourse
 
Discourse is the an open source discussion platform. In affected versions a maliciously crafted request for static assets could cause error responses to be cached by Discourse’s default NGINX proxy configuration. A corrected NGINX configuration is included in the latest stable, beta and tests-passed versions of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability. 2022-08-01 not yet calculated CVE-2022-31182
MISC
CONFIRM
discourse — discourse
 
Discourse is the an open source discussion platform. In affected versions an email activation route can be abused to send mass spam emails. A fix has been included in the latest stable, beta and tests-passed versions of Discourse which rate limits emails. Users are advised to upgrade. Users unable to upgrade should manually rate limit email. 2022-08-01 not yet calculated CVE-2022-31184
CONFIRM
MISC
django — django
 
An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input. 2022-08-03 not yet calculated CVE-2022-36359
MISC
CONFIRM
MISC
MLIST
dogtagpki — dogtagpki Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests. 2022-07-29 not yet calculated CVE-2022-2414
MISC
dotcms — dotcms
 
A Reflected Cross-site scripting (XSS) issue was discovered in dotCMS Core through 22.06. This occurs in the admin portal when the configuration has XSS_PROTECTION_ENABLED=false. 2022-08-05 not yet calculated CVE-2022-37431
MISC
dpgaspar — flash-appbuilder
 
Flask-AppBuilder is an application development framework built on top of Flask python framework. In versions prior to 4.1.3 an authenticated Admin user could query other users by their salted and hashed passwords strings. These filters could be made by using partial hashed password strings. The response would not include the hashed passwords, but an attacker could infer partial password hashes and their respective users. This issue has been fixed in version 4.1.3. Users are advised to upgrade. There are no known workarounds for this issue. 2022-08-01 not yet calculated CVE-2022-31177
CONFIRM
MISC
dspace — jspui DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI resumable upload implementations in SubmissionController and FileUploadRequest are vulnerable to multiple path traversal attacks, allowing an attacker to create files/directories anywhere on the server writable by the Tomcat/DSpace user, by modifying some request parameters during submission. This path traversal can only be executed by a user with special privileges (submitter rights). This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds. However, this vulnerability cannot be exploited by an anonymous user or a basic user. The user must first have submitter privileges to at least one Collection and be able to determine how to modify the request parameters to exploit the vulnerability. 2022-08-01 not yet calculated CVE-2022-31194
CONFIRM
MISC
MISC
dspace — jspui
 
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI spellcheck “Did you mean” HTML escapes the data-spell attribute in the link, but not the actual displayed text. Similarly, the JSPUI autocomplete HTML does not properly escape text passed to it. Both are vulnerable to XSS. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this issue. 2022-08-01 not yet calculated CVE-2022-31191
MISC
MISC
MISC
MISC
CONFIRM
dspace — jspui
 
DSpace open source software is a repository application which provides durable access to digital resources. In affected versions the ItemImportServiceImpl is vulnerable to a path traversal vulnerability. This means a malicious SAF (simple archive format) package could cause a file/directory to be created anywhere the Tomcat/DSpace user can write to on the server. However, this path traversal vulnerability is only possible by a user with special privileges (either Administrators or someone with command-line access to the server). This vulnerability impacts the XMLUI, JSPUI and command-line. Users are advised to upgrade. As a basic workaround, users may block all access to the following URL paths: If you are using the XMLUI, block all access to /admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path “/xmlui”, then you’d need to block access to /xmlui/admin/batchimport. If you are using the JSPUI, block all access to /dspace-admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path “/jspui”, then you’d need to block access to /jspui/dspace-admin/batchimport. Keep in mind, only an Administrative user or a user with command-line access to the server is able to import/upload SAF packages. Therefore, assuming those users do not blindly upload untrusted SAF packages, then it is unlikely your site could be impacted by this vulnerability. 2022-08-01 not yet calculated CVE-2022-31195
MISC
CONFIRM
MISC
dspace — jspui
 
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI controlled vocabulary servlet is vulnerable to an open redirect attack, where an attacker can craft a malicious URL that looks like a legitimate DSpace/repository URL. When that URL is clicked by the target, it redirects them to a site of the attacker’s choice. This issue has been patched in versions 5.11 and 6.4. Users are advised to upgrade. There are no known workaround for this vulnerability. 2022-08-01 not yet calculated CVE-2022-31193
MISC
MISC
CONFIRM
dspace — jspui
 
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI “Request a Copy” feature does not properly escape values submitted and stored from the “Request a Copy” form. This means that item requests could be vulnerable to XSS attacks. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this vulnerability. 2022-08-01 not yet calculated CVE-2022-31192
MISC
CONFIRM
MISC
dspace — jspui
 
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. When an “Internal System Error” occurs in the JSPUI, then entire exception (including stack trace) is available. Information in this stacktrace may be useful to an attacker in launching a more sophisticated attack. This vulnerability only impacts the JSPUI. This issue has been fixed in version 6.4. users are advised to upgrade. Users unable to upgrade should disable the display of error messages in their internal.jsp file. 2022-08-01 not yet calculated CVE-2022-31189
CONFIRM
MISC
dspace — xmlui
 
DSpace open source software is a repository application which provides durable access to digital resources. dspace-xmlui is a UI component for DSpace. In affected versions metadata on a withdrawn Item is exposed via the XMLUI “mets.xml” object, as long as you know the handle/URL of the withdrawn Item. This vulnerability only impacts the XMLUI. Users are advised to upgrade to version 6.4 or newer. 2022-08-01 not yet calculated CVE-2022-31190
CONFIRM
MISC
MISC
easyuse — mailhunter_ultimate
 
EasyUse MailHunter Ultimate’s cookie deserialization function has an inadequate validation vulnerability. Deserializing a cookie containing malicious payload will trigger this insecure deserialization vulnerability, allowing an unauthenticated remote attacker to execute arbitrary code, manipulate system command or interrupt service. 2022-08-02 not yet calculated CVE-2022-35223
MISC
eclipse — californium In Eclipse Californium version 2.0.0 to 2.7.2 and 3.0.0-3.5.0 a DTLS resumption handshake falls back to a DTLS full handshake on a parameter mismatch without using a HelloVerifyRequest. Especially, if used with certificate based cipher suites, that results in message amplification (DDoS other peers) and high CPU load (DoS own peer). The misbehavior occurs only with DTLS_VERIFY_PEERS_ON_RESUMPTION_THRESHOLD values larger than 0. 2022-07-29 not yet calculated CVE-2022-2576
CONFIRM
elabftw — elabftw eLabFTW is an electronic lab notebook manager for research teams. A vulnerability was discovered which allows a logged in user to read a template without being authorized to do so. This vulnerability has been patched in 4.3.4. Users are advised to upgrade. There are no known workarounds for this issue. 2022-08-01 not yet calculated CVE-2022-31178
CONFIRM
electronic_medical_records_system — electronic_medical_records_system
 
A vulnerability was found in SourceCodester Electronic Medical Records System and classified as critical. Affected by this issue is some unknown functionality of the component POST Request Handler. The manipulation of the argument user_email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205664. 2022-08-05 not yet calculated CVE-2022-2676
MISC
MISC
electronic_medical_records_system — electronic_medical_records_system
 
A vulnerability has been found in SourceCodester Electronic Medical Records System and classified as critical. This vulnerability affects unknown code of the file register.php of the component UPDATE Statement Handler. The manipulation of the argument pconsultation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205816. 2022-08-06 not yet calculated CVE-2022-2693
MISC
MISC
enalean — tuleap Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not properly verify permissions when creating branches with the REST API in Git repositories using the fine grained permissions. Users can create branches via the REST endpoint `POST git/:id/branches` regardless of the permissions set on the repository. This issue has been fixed in version 13.10.99.82 Tuleap Community Edition as well as in version 13.10-3 of Tuleap Enterprise Edition. Users are advised to upgrade. There are no known workarounds for this issue. 2022-08-01 not yet calculated CVE-2022-31128
CONFIRM
MISC
MISC
MISC
ercom — citadel
 
The embedded neutralization of Script-Related HTML Tag, was by-passed in the case of some extra conditions. 2022-08-02 not yet calculated CVE-2022-1293
MISC
estsoft — alyac
 
An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-29886
MISC
estsoft — alyac
 
An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. 2022-08-05 not yet calculated CVE-2022-32543
MISC
evmos — ethermint
 
Ethermint is an Ethereum library. In Ethermint running versions before `v0.17.2`, the contract `selfdestruct` invocation permanently removes the corresponding bytecode from the internal database storage. However, due to a bug in the `DeleteAccount`function, all contracts that used the identical bytecode (i.e shared the same `CodeHash`) will also stop working once one contract invokes `selfdestruct`, even though the other contracts did not invoke the `selfdestruct` OPCODE. This vulnerability has been patched in Ethermint version v0.18.0. The patch has state machine-breaking changes for applications using Ethermint, so a coordinated upgrade procedure is required. A workaround is available. If a contract is subject to DoS due to this issue, the user can redeploy the same contract, i.e. with identical bytecode, so that the original contract’s code is recovered. The new contract deployment restores the `bytecode hash -> bytecode` entry in the internal state. 2022-08-05 not yet calculated CVE-2022-35936
MISC
MISC
CONFIRM
exim — exim
 
Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc. 2022-08-06 not yet calculated CVE-2022-37451
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
expense_management_system — expense_management_system
 
A vulnerability was found in SourceCodester Expense Management System. It has been rated as critical. This issue affects the function fetch_report_credit of the file report.php of the component POST Parameter Handler. The manipulation of the argument from/to leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-205811. 2022-08-06 not yet calculated CVE-2022-2688
MISC
f-secure — atlant_and_withsecure
 
A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files it is possible that can crash the scanning engine. The exploit can be triggered remotely by an attacker. 2022-08-05 not yet calculated CVE-2022-28880
MISC
MISC
f5 — big-ip
 
In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, when an LTM Client or Server SSL profile with TLS 1.3 enabled is configured on a virtual server, along with an iRule that calls HTTP::respond, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-34651
MISC
f5 — big-ip
 
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ Centralized Management all versions of 8.x, an authenticated attacker may cause iControl SOAP to become unavailable through undisclosed requests. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-34851
MISC
f5 — big-ip
 
In BIG-IP Versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when an iRule containing the HTTP::payload command is configured on a virtual server, undisclosed traffic can cause Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-34655
MISC
f5 — big-ip
 
In BIG-IP Versions 17.0.x before 17.0.0.1 and 16.1.x before 16.1.3.1, when source-port preserve-strict is configured on an HTTP Message Routing Framework (MRF) virtual server, undisclosed traffic may cause the Traffic Management Microkernel (TMM) to produce a core file and the connection to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-35272
MISC
f5 — big-ip
 
In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5.1, when a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-35245
MISC
f5 — big-ip
 
In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when the Message Routing (MR) Message Queuing Telemetry Transport (MQTT) profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-35240
MISC
f5 — big-ip
 
In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.5.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, using an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-35243
MISC
f5 — big-ip
 
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ version 8.x before 8.2.0 and all versions of 7.x, an authenticated user’s iControl REST token may remain valid for a limited time after logging out from the Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-35728
MISC
f5 — big-ip
 
In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, an authenticated attacker with Resource Administrator or Manager privileges can create or modify existing monitor objects in the Configuration utility in an undisclosed manner leading to a privilege escalation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-35735
MISC
f5 — big-ip
 
In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, and all versions of BIG-IQ 8.x, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP or BIG-IQ on Amazon Web Services (AWS) systems, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Successful exploitation relies on conditions outside of the attacker’s control. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-34844
MISC
f5 — big-ip
 
In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when an LTM virtual server is configured to perform normalization, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-34862
MISC
f5 — big-ip
 
In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when an HTTP2 profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-35236
MISC
f5 — big-ip
 
In BIG-IP Versions 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, Traffic Intelligence feeds, which use HTTPS, do not verify the remote endpoint identity, allowing for potential data poisoning. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-34865
MISC
f5 — big-ip
 
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, certain iRules commands may allow an attacker to bypass the access control restrictions for a self IP address, regardless of the port lockdown settings. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-33962
MISC
f5 — big-ip
 
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, when an LTM monitor or APM SSO is configured on a virtual server, and NTLM challenge-response is in use, undisclosed traffic can cause a buffer over-read. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-33968
MISC
f5 — big_ip
 
In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when a BIG-IP LTM Client SSL profile is configured on a virtual server to perform client certificate authentication with session tickets enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-32455
MISC
f5 — big_ip
 
In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when a BIG-IP APM access policy with Service Connect agent is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-33203
MISC
f5 — big_ip
 
In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, a vulnerability exists in undisclosed pages of the BIG-IP DNS Traffic Management User Interface (TMUI) that allows an authenticated attacker with at least operator role privileges to cause the Tomcat process to restart and perform unauthorized DNS requests and operations through undisclosed requests. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-33947
MISC
f5 — nginx_ingress_controller
 
In versions 2.x before 2.3.0 and all versions of 1.x, An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-30535
MISC
f5 — nginx_instance_manager
 
In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-35241
MISC
f5 — big-ip
 
In BIG-IP Versions 16.1.x before 16.1.1 and 15.1.x before 15.1.4, when running in Appliance mode, an authenticated attacker may be able to bypass Appliance mode restrictions due to a directory traversal vulnerability in an undisclosed page within iApps. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. 2022-08-04 not yet calculated CVE-2022-31473
MISC
flask_security — flask_security
 
This affects all versions of package Flask-Security. When using the get_post_logout_redirect and get_post_login_redirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \evil.com/path. This vulnerability is only exploitable if an alternative WSGI server other than Werkzeug is used, or the default behaviour of Werkzeug is modified using ‘autocorrect_location_header=False. **Note:** Flask-Security is not maintained anymore. 2022-08-02 not yet calculated CVE-2021-23385
MISC
MISC
MISC
fortinet — fortiadc
 
A unverified password change in Fortinet FortiADC version 6.2.0 through 6.2.3, 6.1.x, 6.0.x, 5.x.x allows an authenticated attacker to bypass the Old Password check in the password change form via a crafted HTTP request. 2022-08-03 not yet calculated CVE-2022-27484
CONFIRM
fortinet — fortios
 
An improper access control vulnerability [CWE-284] in FortiOS versions 6.2.0 through 6.2.11, 6.4.0 through 6.4.8 and 7.0.0 through 7.0.5 may allow an authenticated attacker with a restricted user profile to gather the checksum information about the other VDOMs via CLI commands. 2022-08-03 not yet calculated CVE-2022-23442
CONFIRM
fortinet — multiple_products
 
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments. 2022-08-05 not yet calculated CVE-2022-22299
CONFIRM
foxit — pdf_reader_and_pdf_editor
 
Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow an exportXFAData NULL pointer dereference. 2022-08-06 not yet calculated CVE-2022-27944
MISC
MISC
foxit — pdf_reader_and_pdf_editor
 
Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow a NULL pointer dereference when this.Span is used for oState of Collab.addStateModel, because this.Span.text can be NULL. 2022-08-06 not yet calculated CVE-2022-26979
MISC
MISC
freshtomato — freshtomato
 
A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.The `freshtomato-arm` has a vulnerable URL-decoding feature that can lead to memory corruption. 2022-08-05 not yet calculated CVE-2022-28665
MISC
freshtomato — freshtomato
 
A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.The `freshtomato-mips` has a vulnerable URL-decoding feature that can lead to memory corruption. 2022-08-05 not yet calculated CVE-2022-28664
MISC
friendsofflarum — byobu
 
fof/byobu is a private discussions extension for Flarum forum. Affected versions were found to not respect private discussion disablement by users. Users of Byobu should update the extension to version 1.1.7, where this has been patched. Users of Byobu with Flarum 1.0 or 1.1 should upgrade to Flarum 1.2 or later, or evaluate the impact this issue has on your forum’s users and choose to disable the extension if needed. There are no workarounds for this issue. 2022-08-01 not yet calculated CVE-2022-35921
CONFIRM
MISC
frrouting — frrouting
 
An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets. User interaction is not needed for exploitation. 2022-08-02 not yet calculated CVE-2022-37035
MISC
MISC
garage_management_system — garage_management_system A vulnerability classified as critical was found in SourceCodester Garage Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument id with the input -2’%20UNION%20select%2011,user(),333,444–+ leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. 2022-07-29 not yet calculated CVE-2022-2577
MISC
MISC
garage_management_system — garage_management_system A vulnerability, which was classified as critical, has been found in SourceCodester Garage Management System 1.0. This issue affects some unknown processing of the file /php_action/createUser.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. 2022-07-29 not yet calculated CVE-2022-2578
MISC
MISC
garage_management_system — garage_management_system
 
A vulnerability was found in SourceCodester Garage Management System and classified as critical. This issue affects some unknown processing of the file removeUser.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205655. 2022-08-05 not yet calculated CVE-2022-2671
MISC
garage_management_system — garage_management_system
 
A vulnerability has been found in SourceCodester Garage Management System and classified as problematic. Affected by this vulnerability is an unknown functionality of the file edituser.php. The manipulation of the argument id with the input 1″><ScRiPt>alert(1)</sCrIpT> leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205573 was assigned to this vulnerability. 2022-08-04 not yet calculated CVE-2022-2645
MISC
garage_management_system — garage_management_system
 
A vulnerability was found in SourceCodester Garage Management System. It has been classified as critical. Affected is an unknown function of the file createUser.php. The manipulation of the argument userName/uemail leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205656. 2022-08-05 not yet calculated CVE-2022-2672
MISC
garage_management_system — garage_management_system A vulnerability, which was classified as problematic, was found in SourceCodester Garage Management System 1.0. Affected is an unknown function of the file /php_action/createUser.php. The manipulation of the argument userName with the input lala<img src=”https://us-cert.cisa.gov” onerror=alert(1)> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. 2022-07-29 not yet calculated CVE-2022-2579
MISC
MISC
get-npm-package-version — get-npm-package-version The package get-npm-package-version before 1.0.7 are vulnerable to Command Injection via main function in index.js. 2022-08-02 not yet calculated CVE-2020-7795
MISC
MISC
MISC
MISC
getlaminas — laminas-diactoros laminas-diactoros is a PHP package containing implementations of the PSR-7 HTTP message interfaces and PSR-17 HTTP message factory interfaces. Applications that use Diactoros, and are either not behind a proxy, or can be accessed via untrusted proxies, can potentially have the host, protocol, and/or port of a `LaminasDiactorosUri` instance associated with the incoming server request modified to reflect values from `X-Forwarded-*` headers. Such changes can potentially lead to XSS attacks (if a fully-qualified URL is used in links) and/or URL poisoning. Since the `X-Forwarded-*` headers do have valid use cases, particularly in clustered environments using a load balancer, the library offers mitigation measures only in the v2 releases, as doing otherwise would break these use cases immediately. Users of v2 releases from 2.11.1 can provide an additional argument to `LaminasDiactorosServerRequestFactory::fromGlobals()` in the form of a `LaminasDiactorosRequestFilterRequestFilterInterface` instance, including the shipped `LaminasDiactorosRequestFilterNoOpRequestFilter` implementation which ignores the `X-Forwarded-*` headers. Starting in version 3.0, the library will reverse behavior to use the `NoOpRequestFilter` by default, and require users to opt-in to `X-Forwarded-*` header usage via a configured `LaminasDiactorosRequestFilterLegacyXForwardedHeaderFilter` instance. Users are advised to upgrade to version 2.11.1 or later to resolve this issue. Users unable to upgrade may configure web servers to reject `X-Forwarded-*` headers at the web server level. 2022-08-01 not yet calculated CVE-2022-31109
MISC
CONFIRM
MISC
gitblame — gitblame
 
This affects all versions of package gitblame. The injection point is located in line 15 in lib/gitblame.js. 2022-08-02 not yet calculated CVE-2020-28434
MISC
github — enterprise_server A stored XSS vulnerability was identified in GitHub Enterprise Server that allowed the injection of arbitrary attributes. This injection was blocked by Github’s Content Security Policy (CSP). This vulnerability affected all versions of GitHub Enterprise Server prior to 3.6 and was fixed in versions 3.3.11, 3.4.6 and 3.5.3. This vulnerability was reported via the GitHub Bug Bounty program. 2022-08-02 not yet calculated CVE-2022-23733
CONFIRM
CONFIRM
CONFIRM
gitlab — ce/ee
 
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.6 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1, allowed a project member to filter issues by contact and organization. 2022-08-05 not yet calculated CVE-2022-2539
MISC
CONFIRM
gitlab — ce/ee
 
An improper access control check in GitLab CE/EE affecting all versions starting from 13.7 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1 allows a malicious authenticated user to view a public project’s Deploy Key’s public fingerprint and name when that key has write permission. Note that GitLab never asks for nor stores the private key. 2022-08-05 not yet calculated CVE-2022-2095
CONFIRM
MISC
MISC
gitlab — ce/ee
 
A lack of cascading deletes in GitLab CE/EE affecting all versions starting from 13.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1 allows a malicious Group Owner to retain a usable Group Access Token even after the Group is deleted, though the APIs usable by that token are limited. 2022-08-05 not yet calculated CVE-2022-2307
CONFIRM
MISC
gitlab — ce/ee
 
A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1. A stored XSS flaw in job error messages allows attackers to perform arbitrary actions on behalf of victims at client side. 2022-08-05 not yet calculated CVE-2022-2500
CONFIRM
MISC
MISC
gitlab — ce/ee
 
An issue has been discovered in GitLab CE/EE affecting all versions starting from 9.3 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. GitLab was returning contributor emails due to improper data handling in the Datadog integration. 2022-08-05 not yet calculated CVE-2022-2534
MISC
CONFIRM
gitlab — ce/ee
 
An issue has been discovered in GitLab EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible for email invited members to join a project even after the Group Owner has enabled the setting to prevent members from being added to projects in a group, if the invite was sent before the setting was enabled. 2022-08-05 not yet calculated CVE-2022-2459
MISC
MISC
CONFIRM
gitlab — ce/ee
 
An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible to gain access to a private project through an email invite by using other user’s email address as an unverified secondary email. 2022-08-05 not yet calculated CVE-2022-2326
MISC
MISC
CONFIRM
gitlab — ce/ee
 
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. A malicious maintainer could exfiltrate an integration’s access token by modifying the integration URL such that authenticated requests are sent to an attacker controlled server. 2022-08-05 not yet calculated CVE-2022-2497
MISC
CONFIRM
MISC
gitlab — ce/ee
 
Insufficient validation in GitLab CE/EE affecting all versions from 12.10 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 allows an authenticated and authorised user to import a project that includes branch names which are 40 hexadecimal characters, which could be abused in supply chain attacks where a victim pinned to a specific Git commit of the project. 2022-08-05 not yet calculated CVE-2022-2417
MISC
CONFIRM
gitlab — ce/ee
 
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. Membership changes are not reflected in TODO for confidential notes, allowing a former project members to read updates via TODOs. 2022-08-05 not yet calculated CVE-2022-2512
MISC
CONFIRM
gitlab — ce/ee
 
An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible for group members to bypass 2FA enforcement enabled at the group level by using Resource Owner Password Credentials grant to obtain an access token without using 2FA. 2022-08-05 not yet calculated CVE-2022-2303
MISC
MISC
CONFIRM
gitlab — ce/ee
 
An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible for malicious group or project maintainers to change their corresponding group or project visibility by crafting a malicious POST request. 2022-08-05 not yet calculated CVE-2022-2456
MISC
MISC
CONFIRM
gitlab — ee
 
An issue has been discovered in GitLab EE affecting all versions starting from 12.5 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. GitLab was not performing correct authentication on Grafana API under specific conditions allowing unauthenticated users to perform queries through a path traversal vulnerability. 2022-08-05 not yet calculated CVE-2022-2531
MISC
CONFIRM
MISC
gitlab — ee
 
An improper access control issue in GitLab EE affecting all versions from 12.0 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 allows an attacker to bypass IP allow-listing and download artifacts. This attack only bypasses IP allow-listing, proper permissions are still required. 2022-08-05 not yet calculated CVE-2022-2501
CONFIRM
MISC
MISC
gitlab — ee
 
An issue in pipeline subscriptions in GitLab EE affecting all versions from 12.8 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 triggered new pipelines with the person who created the tag as the pipeline creator instead of the subscription’s author. 2022-08-05 not yet calculated CVE-2022-2498
MISC
CONFIRM
MISC
gitlab — ee
 
An issue has been discovered in GitLab EE affecting all versions starting from 13.10 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. GitLab’s Jira integration has an insecure direct object reference vulnerability that may be exploited by an attacker to leak Jira issues. 2022-08-05 not yet calculated CVE-2022-2499
CONFIRM
MISC
MISC
gnu_affero — minio
 
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. In affected versions all ‘admin’ users authorized for `admin:ServerUpdate` can selectively trigger an error that in response, returns the content of the path requested. Any normal OS system would allow access to contents at any arbitrary paths that are readable by MinIO process. Users are advised to upgrade. Users unable to upgrade may disable ServerUpdate API by denying the `admin:ServerUpdate` action for your admin users via IAM policies. 2022-08-01 not yet calculated CVE-2022-35919
MISC
MISC
CONFIRM
gnutls — gnutls A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function. 2022-08-01 not yet calculated CVE-2022-2509
MISC
MISC
go_ethereum — go_ethereum
 
Go Ethereum (aka geth) through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain blocks, aka Riskless Uncle Making (RUM), as exploited in the wild in 2020 through 2022. 2022-08-05 not yet calculated CVE-2022-37450
MISC
MISC
MISC
MISC
google — android In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032553; Issue ID: ALPS07032553. 2022-08-01 not yet calculated CVE-2022-26431
MISC
google — android In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085486; Issue ID: ALPS07085486. 2022-08-01 not yet calculated CVE-2022-26426
MISC
google — android In camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478059; Issue ID: ALPS06478059. 2022-08-01 not yet calculated CVE-2022-21791
MISC
google — android In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138450; Issue ID: ALPS07138450. 2022-08-01 not yet calculated CVE-2022-26434
MISC
google — android In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138400; Issue ID: ALPS07138400. 2022-08-01 not yet calculated CVE-2022-26433
MISC
google — android In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032542; Issue ID: ALPS07032542. 2022-08-01 not yet calculated CVE-2022-26432
MISC
google — android In video codec, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521260; Issue ID: ALPS06521260. 2022-08-01 not yet calculated CVE-2022-26428
MISC
google — android In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085410; Issue ID: ALPS07085410. 2022-08-01 not yet calculated CVE-2022-21792
MISC
google — android In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032521; Issue ID: ALPS07032521. 2022-08-01 not yet calculated CVE-2022-26430
MISC
google — android In scp, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06988728; Issue ID: ALPS06988728. 2022-08-01 not yet calculated CVE-2022-21788
MISC
google — android In cta, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07025415; Issue ID: ALPS07025415. 2022-08-01 not yet calculated CVE-2022-26429
MISC
google — android In audio ipi, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478101; Issue ID: ALPS06478101. 2022-08-01 not yet calculated CVE-2022-21789
MISC
google — android In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138435; Issue ID: ALPS07138435. 2022-08-01 not yet calculated CVE-2022-26435
MISC
google — android In camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479306; Issue ID: ALPS06479306. 2022-08-01 not yet calculated CVE-2022-21790
MISC
google — android In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085540; Issue ID: ALPS07085540. 2022-08-01 not yet calculated CVE-2022-26427
MISC
google — android In emi mpu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07023666; Issue ID: ALPS07023666. 2022-08-01 not yet calculated CVE-2022-26436
MISC
google — android
 
EllieGrid Android Application version 3.4.1 is vulnerable to Code Injection. The application appears to evaluate user input as code (remote). 2022-07-30 not yet calculated CVE-2022-30083
MISC
google — google_play_services_software_development_kit Incorrect signature trust exists within Google Play services SDK play-services-basement. A debug version of Google Play services is trusted by the SDK for devices that are non-GMS. We recommend upgrading the SDK past the 2022-05-03 release. 2022-07-29 not yet calculated CVE-2022-1799
MISC
graphql-go — graphql-go graphql-go (aka GraphQL for Go) through 0.8.0 has infinite recursion in the type definition parser. 2022-08-01 not yet calculated CVE-2022-37315
MISC
graphql-rust — juniper
 
Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This issue has been addressed in version 0.15.10. Users are advised to upgrade. Users unable to upgrade should limit the recursion depth manually. 2022-08-01 not yet calculated CVE-2022-31173
MISC
MISC
MISC
CONFIRM
grummunio — gromox
 
Weak permissions on the configuration file in the PAM module in Grommunio Gromox 0.5 through 1.x before 1.28 allow a local unprivileged user in the gromox group to have the PAM stack execute arbitrary code upon loading the Gromox PAM module. 2022-08-04 not yet calculated CVE-2022-37030
MISC
MISC
gvret — gvret
 
GVRET Stable Release as of Aug 15, 2015 was discovered to contain a buffer overflow via the handleConfigCmd function at SerialConsole.cpp. 2022-08-03 not yet calculated CVE-2022-35161
MISC
gym_management_system — gym_management_system
 
A vulnerability, which was classified as critical, was found in SourceCodester Gym Management System. Affected is an unknown function. The manipulation of the argument user_pass leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-205734 is the identifier assigned to this vulnerability. 2022-08-06 not yet calculated CVE-2022-2687
MISC
MISC
hcl_commerce — remote_store_server
 
HCL Commerce’s Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website. 2022-07-30 not yet calculated CVE-2021-27785
MISC
hcl_software — launch
 
HCL Launch could allow an authenticated user to obtain sensitive information in some instances due to improper security checking. 2022-08-03 not yet calculated CVE-2022-27551
CONFIRM
heroku-env — heroku-env
 
This affects all versions of package heroku-env. The injection point is located in lib/get.js which is required by index.js. 2022-08-02 not yet calculated CVE-2020-28437
MISC
hestiacp — hestiacp Improper Input Validation in GitHub repository hestiacp/hestiacp prior to 1.6.6. 2022-08-05 not yet calculated CVE-2022-2636
CONFIRM
MISC
hestiacp — hestiacp
 
Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6. 2022-08-05 not yet calculated CVE-2022-2626
MISC
CONFIRM
hiby — r3_pro_firmware Hiby R3 PRO firmware v1.5 to v1.7 was discovered to contain a file upload vulnerability via the file upload feature. 2022-07-29 not yet calculated CVE-2022-34496
MISC
MISC
hinet — hicos_citizen_verification
 
HiCOS Citizen verification component has a stack-based buffer overflow vulnerability due to insufficient parameter length validation. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system command or disrupt service. 2022-08-02 not yet calculated CVE-2022-35222
MISC
ibm — cics_tx IBM CICS TX 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 229333. 2022-08-01 not yet calculated CVE-2022-34163
CONFIRM
CONFIRM
XF
ibm — cics_tx IBM CICS TX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 229331. 2022-08-01 not yet calculated CVE-2022-34161
CONFIRM
XF
CONFIRM
ibm — cics_tx IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 229436. 2022-08-01 not yet calculated CVE-2022-34307
XF
CONFIRM
CONFIRM
ibm — cics_tx IBM CICS TX 11.1 could allow a local user to impersonate another legitimate user due to improper input validation. IBM X-Force ID: 229338. 2022-08-01 not yet calculated CVE-2022-34164
CONFIRM
CONFIRM
XF
ibm — cics_tx IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim’s click actions and possibly launch further attacks against the victim. IBM X-Force ID: 229332. 2022-08-01 not yet calculated CVE-2022-34162
CONFIRM
CONFIRM
XF
ibm — cics_tx IBM CICS TX 11.1 could allow allow an attacker with physical access to the system to execute code due using a back and refresh attack. IBM X-Force ID: 229312. 2022-08-01 not yet calculated CVE-2022-33955
CONFIRM
XF
CONFIRM
ibm — datapower_gateway IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4.1.0 through 2018.4.1.21 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 228359. 2022-08-01 not yet calculated CVE-2022-31775
XF
CONFIRM
ibm — datapower_gateway IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4.1.0 through 2018.4.1.21 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 228435. 2022-08-01 not yet calculated CVE-2022-32750
CONFIRM
XF
ibm — datapower_gateway IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4.1.0 through 2018.4.1.21 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 228433. 2022-08-01 not yet calculated CVE-2022-31776
XF
CONFIRM
ibm — datapower_gateway IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4.1.0 through 2018.4.1.21 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 228358. 2022-08-01 not yet calculated CVE-2022-31774
CONFIRM
XF
ibm — datapower_gateway IBM Datapower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 could allow unauthorized viewing of logs and files due to insufficient authorization checks. IBM X-Force ID: 218856. 2022-08-01 not yet calculated CVE-2022-22326
CONFIRM
CONFIRM
XF
ibm — powervm_vios IBM PowerVM VIOS 3.1 could allow a remote attacker to tamper with system configuration or cause a denial of service. IBM X-Force ID: 230956. 2022-07-29 not yet calculated CVE-2022-35643
CONFIRM
XF
ibm — robotic_process_automation IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could disclose sensitive information due to improper privilege management for storage provider types. IBM X-Force ID: 229962. 2022-08-01 not yet calculated CVE-2022-34338
XF
CONFIRM
ibm — robotic_process_automation IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow IBM tenant credentials to be exposed. IBM X-Force ID: 227288. 2022-08-01 not yet calculated CVE-2022-22505
CONFIRM
XF
ibm — robotic_process_automation IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to elevate their privilege to platform administrator through manipulation of APIs. IBM X-Force ID: 227978. 2022-08-01 not yet calculated CVE-2022-30616
XF
CONFIRM
ibm — robotic_process_automation IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user to access information from a tenant of which they should not have access. IBM X-Force ID: 219391. 2022-08-01 not yet calculated CVE-2022-22334
CONFIRM
XF
ibm — robotic_process_automation IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to insufficiently protected credentials for users created via a bulk upload. IBM X-Force ID: 228888. 2022-08-01 not yet calculated CVE-2022-33169
XF
CONFIRM
ibm — urbancode_deploy IBM UrbanCode Deploy (UCD) 6.2.0.0 through 6.2.7.16, 7.0.0.0 through 7.0.5.11, 7.1.0.0 through 7.1.2.7, and 7.2.0.0 through 7.2.3.0 could allow an authenticated user to obtain sensitive information in some instances due to improper security checking. IBM X-Force ID: 231360. 2022-08-01 not yet calculated CVE-2022-35716
XF
CONFIRM
image-tiler — image-tiler This affects the package image-tiler before 2.0.2. 2022-08-02 not yet calculated CVE-2020-28451
MISC
MISC
imbrn — v8n
 
NextAuth.js is a complete open source authentication solution for Next.js applications. `next-auth` users who are using the `EmailProvider` either in versions before `4.10.3` or `3.29.10` are affected. If an attacker could forge a request that sent a comma-separated list of emails (eg.: `attacker@attacker.com,victim@victim.com`) to the sign-in endpoint, NextAuth.js would send emails to both the attacker and the victim’s e-mail addresses. The attacker could then login as a newly created user with the email being `attacker@attacker.com,victim@victim.com`. This means that basic authorization like `email.endsWith(“@victim.com”)` in the `signIn` callback would fail to communicate a threat to the developer and would let the attacker bypass authorization, even with an `@attacker.com` address. This vulnerability has been patched in `v4.10.3` and `v3.29.10` by normalizing the email value that is sent to the sign-in endpoint before accessing it anywhere else. We also added a `normalizeIdentifier` callback on the `EmailProvider` configuration, where you can further tweak your requirements for what your system considers a valid e-mail address. (E.g.: strict RFC2821 compliance). Users are advised to upgrade. There are no known workarounds for this vulnerability. If for some reason you cannot upgrade, you can normalize the incoming request using Advanced Initialization. 2022-08-02 not yet calculated CVE-2022-35924
MISC
CONFIRM
MISC
MISC
MISC
MISC
MISC
MISC
imbrn — v8n
 
v8n is a javascript validation library. Versions of v8n prior to 1.5.1 were found to have an inefficient regular expression complexity in the `lowercase()` and `uppercase()` regex which could lead to a denial of service attack. In testing of the `lowercase()` function a payload of ‘a’ + ‘a’.repeat(i) + ‘A’ with 32 leading characters took 29443 ms to execute. The same issue happens with uppercase(). Users are advised to upgrade. There are no known workarounds for this issue. 2022-08-02 not yet calculated CVE-2022-35923
CONFIRM
MISC
MISC
inavitas — solar_log Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability. 2022-07-29 not yet calculated CVE-2022-1277
CONFIRM
inductive_automation — ignition
 
Due to an XML external entity reference, the software parses XML in the backup/restore functionality without XML security flags, which may lead to a XXE attack while restoring the backup. 2022-08-05 not yet calculated CVE-2022-1704
MISC
interview_management_system — interview_management_system
 
A vulnerability was found in SourceCodester Interview Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /addQuestion.php. The manipulation of the argument question with the input <script>alert(1)</script> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205673 was assigned to this vulnerability. 2022-08-05 not yet calculated CVE-2022-2685
MISC
MISC
MISC
interview_management_system — interview_management_system
 
A vulnerability was found in SourceCodester Interview Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /viewReport.php. The manipulation of the argument id with the input (UPDATEXML(9729,CONCAT(0x2e,0x716b707071,(SELECT (ELT(9729=9729,1))),0x7162766a71),7319)) leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205667. 2022-08-05 not yet calculated CVE-2022-2679
MISC
MISC
itpison — omicard_edm
 
OMICARD EDM’s mail image relay function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to by-pass authentication and access arbitrary system files. 2022-08-04 not yet calculated CVE-2022-35216
MISC
itpison — omnicard_edm
 
OMICARD EDM has a hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized payload to the server to execute arbitrary code, manipulate system data and disrupt service. 2022-08-04 not yet calculated CVE-2022-32965
MISC
itpison — omnicard_edm
 
OMICARD EDM’s mail file relay function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to by-pass authentication and access arbitrary system files. 2022-08-04 not yet calculated CVE-2022-32963
MISC
itpison — omnicard_edm
 
OMICARD EDM’s API function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL commands to access, modify, delete database or disrupt service. 2022-08-04 not yet calculated CVE-2022-32964
MISC
jeecg-boot — jeecg-boot
 
A vulnerability was found in jeecg-boot. It has been declared as critical. This vulnerability affects unknown code of the file /api/. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-205594 is the identifier assigned to this vulnerability. 2022-08-04 not yet calculated CVE-2022-2647
MISC
MISC
jetbrains — rider
 
In JetBrains Rider before 2022.2 Trust and Open Project dialog could be bypassed, leading to local code execution 2022-08-03 not yet calculated CVE-2022-37396
MISC
jflyfox — jfinal_cms JFinal CMS v5.1.0 was discovered to contain a SQL injection vulnerability via /system/user. 2022-08-03 not yet calculated CVE-2022-34928
MISC
kaspersky — vpn_secure_connection
 
Kaspersky VPN Secure Connection for Windows version up to 21.5 was vulnerable to arbitrary file deletion via abuse of its ‘Delete All Service Data And Reports’ feature by the local authenticated attacker. 2022-08-05 not yet calculated CVE-2022-27535
MISC
keycloak — keycloak
 
An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled 2022-08-05 not yet calculated CVE-2022-2668
MISC
krakend — multiple_products
 
Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, but the consumed backend might be vulnerable. 2022-08-01 not yet calculated CVE-2022-1561
CONFIRM
CONFIRM
kromit — titra Improper Authorization in GitHub repository kromitgmbh/titra prior to 0.79.1. 2022-08-01 not yet calculated CVE-2022-2595
MISC
CONFIRM
kvm — kvm
 
A flaw was found in KVM. When updating a guest’s page table entry, vm_pgoff was improperly used as the offset to get the page’s pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition. 2022-08-05 not yet calculated CVE-2022-1158
MISC
MISC
landray — landling_oa
 
Lanling OA Landray Office Automation (OA) internal patch number #133383/#137780 contains an arbitrary file read vulnerability via the component /sys/ui/extend/varkind/custom.jsp. 2022-08-02 not yet calculated CVE-2022-34924
MISC
MISC
laravel — laravel
 
Laravel v5.1 was discovered to contain a remote code execution (RCE) vulnerability via the component ChanceGenerator in __call. 2022-08-03 not yet calculated CVE-2022-34943
MISC
libtiff — libtiff A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file. 2022-07-29 not yet calculated CVE-2022-34526
MISC
FEDORA
linux — linux_kernel
 
A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem. 2022-08-05 not yet calculated CVE-2022-1012
MISC
linux — linux_kernel
 
A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem. 2022-08-05 not yet calculated CVE-2022-1973
MISC
loan_management_system — loan_management_system
 
A vulnerability was found in SourceCodester Loan Management System and classified as critical. This issue affects some unknown processing of the file delete_lplan.php. The manipulation of the argument lplan_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205619. 2022-08-05 not yet calculated CVE-2022-2667
MISC
MISC
luadec — luadec
 
Luadec v0.9.9 was discovered to contain a heap-buffer overflow via the function UnsetPending. 2022-08-03 not yet calculated CVE-2022-34992
MISC
makedeb — mprweb
 
mprweb is a hosting platform for the makedeb Package Repository. Email addresses were found to not have been hidden, even if a user had clicked the `Hide Email Address` checkbox on their account page, or during signup. This could lead to an account’s email being leaked, which may be problematic if your email needs to remain private for any reason. Users hosting their own mprweb instance will need to upgrade to the latest commit to get this fixed. Users on the official instance will already have this issue fixed. 2022-08-01 not yet calculated CVE-2022-31185
MISC
CONFIRM
mango — mango
 
An issue in RoamingMangoPlugins of University of Texas Multi-image Analysis GUI (Mango) 4.1 allows attackers to escalate privileges via crafted plugins. 2022-08-01 not yet calculated CVE-2022-34567
MISC
MISC
MISC
MISC
mealie — mealie A stored cross-site scripting (XSS) vulnerability in Mealie v0.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Shopping Lists item names text field. 2022-08-02 not yet calculated CVE-2022-34619
MISC
MISC
MISC
MISC
MISC
mealie — mealie A stored cross-site scripting (XSS) vulnerability in Mealie 1.0.0beta3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the recipe description text field. 2022-08-02 not yet calculated CVE-2022-34618
MISC
MISC
MISC
MISC
MISC
mealie — mealie
 
Mealie 1.0.0beta3 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file. 2022-08-02 not yet calculated CVE-2022-34613
MISC
MISC
MISC
MISC
mealie — mealie
 
Mealie1.0.0beta3 was discovered to contain a Server-Side Template Injection vulnerability, which allows attackers to execute arbitrary code via a crafted Jinja2 template. 2022-08-02 not yet calculated CVE-2022-34625
MISC
MISC
MISC
MISC
MISC
mediatek — chipsets_in_multiple_products In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420088; Issue ID: GN20220420088. 2022-08-01 not yet calculated CVE-2022-26445
MISC
mediatek — chipsets_in_multiple_products In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420075; Issue ID: GN20220420075. 2022-08-01 not yet calculated CVE-2022-26444
MISC
mediatek — chipsets_in_multiple_products In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420068; Issue ID: GN20220420068. 2022-08-01 not yet calculated CVE-2022-26443
MISC
mediatek — chipsets_in_multiple_products In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420051; Issue ID: GN20220420051. 2022-08-01 not yet calculated CVE-2022-26442
MISC
mediatek — chipsets_in_multiple_products In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420044; Issue ID: GN20220420044. 2022-08-01 not yet calculated CVE-2022-26441
MISC
mediatek — chipsets_in_multiple_products In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420037; Issue ID: GN20220420037. 2022-08-01 not yet calculated CVE-2022-26440
MISC
mediatek — chipsets_in_multiple_products In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013. 2022-08-01 not yet calculated CVE-2022-26438
MISC
mediatek — chipsets_in_multiple_products In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420020; Issue ID: GN20220420020. 2022-08-01 not yet calculated CVE-2022-26439
MISC
mediatek — chipsets_in_multiple_products In httpclient, there is a possible out of bounds write due to uninitialized data. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WSAP00103831; Issue ID: WSAP00103831. 2022-08-01 not yet calculated CVE-2022-26437
MISC
michlol-rashim — michlol-rashim
 
Michlol – rashim web interface Insecure direct object references (IDOR). First of all, the attacker needs to login. After he performs log into the system there are some functionalities that the specific user is not allowed to perform. However all the attacker needs to do in order to achieve his goals is to change the value of the ptMsl parameter and then the attacker can access sensitive data that he not supposed to access because its belong to another user. 2022-08-05 not yet calculated CVE-2022-34769
MISC
milkytracker — milkytracker
 
MilkyTracker v1.03.00 was discovered to contain a stack overflow via the component LoaderXM::load. This vulnerability is triggered when the program is supplied a crafted XM module file. 2022-08-03 not yet calculated CVE-2022-34927
MISC
MISC
monetdb — monetdb
 
The assertion `stmt->Dbc->FirstStmt’ failed in MonetDB Database Server v11.43.13. 2022-08-03 not yet calculated CVE-2022-34967
MISC
monorepo-build — monorepo-build This affects all versions of package monorepo-build. 2022-08-02 not yet calculated CVE-2020-28423
MISC
moodle — moodle In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the ‘access all groups’ capability were not restricted to viewing grades of users within their own groups. 2022-08-05 not yet calculated CVE-2020-1754
MISC
moodle — moodle In Moodle 3.8, messages required extra sanitizing before updating the conversation overview, to prevent the risk of stored cross-site scripting. 2022-08-05 not yet calculated CVE-2020-1691
MISC
multi_language_hotel_management_software — multi_language_hotel_management_software
 
A vulnerability classified as critical has been found in SourceCodester Multi Language Hotel Management Software. Affected is an unknown function. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205596. 2022-08-04 not yet calculated CVE-2022-2656
MISC
MISC
multi_language_hotel_management_software — multi_language_hotel_management_software
 
A vulnerability was found in SourceCodester Multi Language Hotel Management Software. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument room_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205595. 2022-08-04 not yet calculated CVE-2022-2648
MISC
MISC
next.js — nextauth.js
 
NextAuth.js is a complete open source authentication solution for Next.js applications. An information disclosure vulnerability in `next-auth` before `v4.10.2` and `v3.29.9` allows an attacker with log access privilege to obtain excessive information such as an identity provider’s secret in the log (which is thrown during OAuth error handling) and use it to leverage further attacks on the system, like impersonating the client to ask for extensive permissions. This issue has been patched in `v4.10.2` and `v3.29.9` by moving the log for `provider` information to the debug level. In addition, we added a warning for having the `debug: true` option turned on in production. If for some reason you cannot upgrade, you can user the `logger` configuration option by sanitizing the logs. 2022-08-01 not yet calculated CVE-2022-31186
MISC
MISC
CONFIRM
MISC
nextcloud — mail
 
Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions of Nextcloud mail would log user passwords to disk in the event of a misconfiguration. Should an attacker gain access to the logs complete access to affected accounts would be obtainable. It is recommended that the Nextcloud Mail is upgraded to 1.12.1. Operators should inspect their logs and remove passwords which have been logged. There are no workarounds to prevent logging in the event of a misconfiguration. 2022-08-04 not yet calculated CVE-2022-31119
CONFIRM
MISC
MISC
nextcloud — mail
 
Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path `./vendor/cerdic/css-tidy/css_optimiser.php`. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery (SSRF). It is recommendet to upgrade to Mail 1.12.7 or Mail 1.13.6. Users unable to upgrade may manually delete the file located at `./vendor/cerdic/css-tidy/css_optimiser.php` 2022-08-04 not yet calculated CVE-2022-31132
CONFIRM
nextcloud — server
 
Nextcloud server is an open source personal cloud solution. In affected versions an attacker could brute force to find if federated sharing is being used and potentially try to brute force access tokens for federated shares (`a-zA-Z0-9` ^ 15). It is recommended that the Nextcloud Server is upgraded to 22.2.9, 23.0.6 or 24.0.2. Users unable to upgrade may disable federated sharing via the Admin Sharing settings in `index.php/settings/admin/sharing`. 2022-08-04 not yet calculated CVE-2022-31118
CONFIRM
MISC
nextcloud — server
 
Nextcloud server is an open source personal cloud solution. The audit log is used to get a full trail of the actions which has been incompletely populated. In affected versions federated share events were not properly logged which would allow brute force attacks to go unnoticed. This behavior exacerbates the impact of CVE-2022-31118. It is recommended that the Nextcloud Server is upgraded to 22.2.7, 23.0.4 or 24.0.0. There are no workarounds available. 2022-08-04 not yet calculated CVE-2022-31120
CONFIRM
MISC
MISC
nhi_card — nhi_card
 
The NHI card’s web service component has a heap-based buffer overflow vulnerability due to insufficient validation for packet origin parameter length. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service. 2022-08-02 not yet calculated CVE-2022-35218
MISC
nhi_card — nhi_card
 
The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet key parameter. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service. 2022-08-02 not yet calculated CVE-2022-35219
MISC
nhi_card — nhi_card
 
The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A local area network attacker with general user privilege can exploit this vulnerability to execute arbitrary code, manipulate system command or disrupt service. 2022-08-02 not yet calculated CVE-2022-35217
MISC
nlnet_labs — unbound
 
NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the “ghost domain names” attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation information is about to expire. The rogue nameserver delays the response so that the cached delegation information is expired. Upon receiving the delayed answer containing the delegation information, Unbound overwrites the now expired entries. This action can be repeated when the delegation information is about to expire making the rogue delegation information ever-updating. From version 1.16.2 on, Unbound stores the start time for a query and uses that to decide if the cached delegation information can be overwritten. 2022-08-01 not yet calculated CVE-2022-30699
CONFIRM
nlnet_labs — unbound
 
NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the “ghost domain names” attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the subdomain that updates Unbound’s delegation cache. This action can be repeated before expiry of the delegation information by querying Unbound for a second level subdomain which the rogue nameserver provides new delegation information. Since Unbound is a child-centric resolver, the ever-updating child delegation information can keep a rogue domain name resolvable long after revocation. From version 1.16.2 on, Unbound checks the validity of parent delegation records before using cached delegation information. 2022-08-01 not yet calculated CVE-2022-30698
CONFIRM
node-fetch — node-fetch Denial of Service in GitHub repository node-fetch/node-fetch prior to 3.2.10. 2022-08-01 not yet calculated CVE-2022-2596
MISC
CONFIRM
node-latex-pdf — node-latex-pdf
 
This affects all versions of package node-latex-pdf. 2022-08-02 not yet calculated CVE-2020-28433
MISC
npos-tesseract — npos-tesseract This affects all versions of package npos-tesseract. The injection point is located in line 55 in lib/ocr.js. 2022-08-02 not yet calculated CVE-2020-28453
MISC
nvidia — vgpu_software
 
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it may double-free some resources. An attacker may exploit this vulnerability with other vulnerabilities to cause denial of service, code execution, and information disclosure. 2022-08-05 not yet calculated CVE-2022-31614
MISC
nvidia — vgpu_software
 
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a null pointer, which may lead to denial of service. 2022-08-05 not yet calculated CVE-2022-31618
MISC
nvidia — vgpu_software
 
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows the guest VM to allocate resources for which the guest is not authorized. This vulnerability may lead to loss of data integrity and confidentiality, denial of service, or information disclosure. 2022-08-05 not yet calculated CVE-2022-31609
MISC
online_admission_system — online_admission_system
 
A vulnerability was found in SourceCodester Online Admission System and classified as critical. This issue affects some unknown processing of the component GET Parameter Handler. The manipulation of the argument eid leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-205565 was assigned to this vulnerability. 2022-08-04 not yet calculated CVE-2022-2644
MISC
MISC
online_admission_system — online_admission_system
 
A vulnerability, which was classified as problematic, was found in SourceCodester Online Admission System. Affected is an unknown function of the file index.php. The manipulation of the argument eid with the input 8</h3><script>alert(1)</script> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205572. 2022-08-04 not yet calculated CVE-2022-2646
MISC
MISC
online_admission_system — online_admission_system
 
A vulnerability has been found in SourceCodester Online Admission System and classified as critical. This vulnerability affects unknown code of the component POST Parameter Handler. The manipulation of the argument shift leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this entry is VDB-205564. 2022-08-04 not yet calculated CVE-2022-2643
MISC
MISC
online_student_admission_system — online_student_admission_system
 
A vulnerability classified as problematic was found in SourceCodester Online Student Admission System. Affected by this vulnerability is an unknown functionality of the file edit-profile.php of the component Student User Page. The manipulation with the input <script>alert(/xss/)</script> leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205669 was assigned to this vulnerability. 2022-08-05 not yet calculated CVE-2022-2681
MISC
MISC
online_tours_and_travels_management_system — online_tours_and_travels_management_system Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the pname parameter at /admin/operations/packages.php. 2022-08-02 not yet calculated CVE-2022-35421
MISC
openstack — nova
 
An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and then changing the vnic_type of the bound port to macvtap, an authenticated user may cause the compute service to fail to restart, resulting in a possible denial of service. Only Nova deployments configured with SR-IOV are affected. 2022-08-03 not yet calculated CVE-2022-37394
MISC
MISC
MISC
openzeppelin — contracts
 
OpenZeppelin Contracts is a library for secure smart contract development. Contracts using the cross chain utilities for Arbitrum L2, `CrossChainEnabledArbitrumL2` or `LibArbitrumL2`, will classify direct interactions of externally owned accounts (EOAs) as cross chain calls, even though they are not started on L1. This issue has been patched in v4.7.2. Users are advised to upgrade. There are no known workarounds for this issue. 2022-08-01 not yet calculated CVE-2022-35916
MISC
CONFIRM
openzeppelin — contracts
 
OpenZeppelin Contracts is a library for secure smart contract development. The target contract of an EIP-165 `supportsInterface` query can cause unbounded gas consumption by returning a lot of data, while it is generally assumed that this operation has a bounded cost. The issue has been fixed in v4.7.2. Users are advised to upgrade. There are no known workarounds for this issue. 2022-08-01 not yet calculated CVE-2022-35915
MISC
CONFIRM
openzeppelin — contracts
 
OpenZeppelin Contracts is a library for secure smart contract development. This issue concerns instances of Governor that use the module `GovernorVotesQuorumFraction`, a mechanism that determines quorum requirements as a percentage of the voting token’s total supply. In affected instances, when a proposal is passed to lower the quorum requirements, past proposals may become executable if they had been defeated only due to lack of quorum, and the number of votes it received meets the new quorum requirement. Analysis of instances on chain found only one proposal that met this condition, and we are actively monitoring for new occurrences of this particular issue. This issue has been patched in v4.7.2. Users are advised to upgrade. Users unable to upgrade should consider avoiding lowering quorum requirements if a past proposal was defeated for lack of quorum. 2022-08-01 not yet calculated CVE-2022-31198
MISC
CONFIRM
oretnom23 — fast_food_ordering_system
 
A vulnerability, which was classified as problematic, was found in oretnom23 Fast Food Ordering System. This affects an unknown part of the component Menu List Page. The manipulation of the argument Description leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205725 was assigned to this vulnerability. 2022-08-06 not yet calculated CVE-2022-2686
MISC
MISC
percona — percona_server_for_mysql
 
An issue in the fetch_step function in Percona Server for MySQL v8.0.28-19 allows attackers to cause a Denial of Service (DoS) via a SQL query. 2022-08-03 not yet calculated CVE-2022-34968
MISC
pgjdbc — pgjdbc
 
PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the `java.sql.ResultRow.refreshRow()` method is not performing escaping of column names so a malicious column name that contains a statement terminator, e.g. `;`, could lead to SQL injection. This could lead to executing additional SQL commands as the application’s JDBC user. User applications that do not invoke the `ResultSet.refreshRow()` method are not impacted. User application that do invoke that method are impacted if the underlying database that they are querying via their JDBC application may be under the control of an attacker. The attack requires the attacker to trick the user into executing SQL against a table name who’s column names would contain the malicious SQL and subsequently invoke the `refreshRow()` method on the ResultSet. Note that the application’s JDBC user and the schema owner need not be the same. A JDBC application that executes as a privileged user querying database schemas owned by potentially malicious less-privileged users would be vulnerable. In that situation it may be possible for the malicious user to craft a schema that causes the application to execute commands as the privileged user. Patched versions will be released as `42.2.26` and `42.4.1`. Users are advised to upgrade. There are no known workarounds for this issue. 2022-08-03 not yet calculated CVE-2022-31197
MISC
CONFIRM
pharmacy_management_system — pharmacy_management_system Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getOrderReport.php. 2022-08-02 not yet calculated CVE-2022-34953
MISC
pharmacy_management_system — pharmacy_management_system Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edituser.php. 2022-08-02 not yet calculated CVE-2022-34952
MISC
pharmacy_management_system — pharmacy_management_system Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getsalereport.php. 2022-08-02 not yet calculated CVE-2022-34951
MISC
pharmacy_management_system — pharmacy_management_system Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editproduct.php. 2022-08-02 not yet calculated CVE-2022-34950
MISC
pharmacy_management_system — pharmacy_management_system Pharmacy Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the email or password parameter at login.php. 2022-08-02 not yet calculated CVE-2022-34949
MISC
pharmacy_management_system — pharmacy_management_system Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at invoiceprint.php. 2022-08-02 not yet calculated CVE-2022-34954
MISC
pharmacy_management_system — pharmacy_management_system Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editbrand.php. 2022-08-02 not yet calculated CVE-2022-34948
MISC
pharmacy_management_system — pharmacy_management_system Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editcategory.php. 2022-08-02 not yet calculated CVE-2022-34947
MISC
pharmacy_management_system — pharmacy_management_system Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getexpproduct.php. 2022-08-02 not yet calculated CVE-2022-34946
MISC
pharmacy_management_system — pharmacy_management_system Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getproductreport.php. 2022-08-02 not yet calculated CVE-2022-34945
MISC
pingcap — pingcap_tidb
 
PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference. 2022-08-03 not yet calculated CVE-2022-34969
MISC
plankanban — planka
 
With this vulnerability an attacker can read many sensitive files like configuration files, or the /proc/self/environ file, that contains the environment variable used by the web server that includes database credentials. If the web server user is root, an attacker will be able to read any file in the system. 2022-08-04 not yet calculated CVE-2022-2653
MISC
CONFIRM
pligg — pligg_cms Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection vulnerability via the page_size parameter at load_data_for_topusers.php. 2022-08-02 not yet calculated CVE-2022-34955
MISC
pligg — pligg_cms Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection vulnerability via the page_size parameter at load_data_for_groups.php. 2022-08-02 not yet calculated CVE-2022-34956
MISC
prestashop — prestashop
 
PrestaShop is an Open Source e-commerce platform. In versions from 1.6.0.10 and before 1.7.8.7 PrestaShop is subject to an SQL injection vulnerability which can be chained to call PHP’s Eval function on attacker input. The problem is fixed in version 1.7.8.7. Users are advised to upgrade. Users unable to upgrade may delete the MySQL Smarty cache feature. 2022-08-01 not yet calculated CVE-2022-31181
MISC
MISC
CONFIRM
private_cloud_management_platform — private_cloud_management_platform
 
A vulnerability classified as critical has been found in Private Cloud Management Platform. Affected is an unknown function of the file /management/api/rcx_management/global_config_query of the component POST Request Handler. The manipulation leads to improper authentication. It is possible to launch the attack remotely. VDB-205614 is the identifier assigned to this vulnerability. 2022-08-05 not yet calculated CVE-2022-2664
MISC
progress — ws-ftp_server
 
In Progress WS_FTP Server prior to version 8.7.3, multiple reflected cross-site scripting (XSS) vulnerabilities exist in the administrative web interface. It is possible for a remote attacker to inject arbitrary JavaScript into a WS_FTP administrator’s web session. This would allow the attacker to execute code within the context of the victim’s browser. 2022-08-02 not yet calculated CVE-2022-36967
MISC
MISC
progress — ws-ftp_server
 
In Progress WS_FTP Server prior to version 8.7.3, forms within the administrative interface did not include a nonce to mitigate the risk of cross-site request forgery (CSRF) attacks. 2022-08-02 not yet calculated CVE-2022-36968
MISC
MISC
pyrocms — pyrocms PyroCMS v3.9 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities. 2022-08-01 not yet calculated CVE-2022-35118
MISC
MISC
quest — kace_systems_management_appliance
 
In Quest KACE Systems Management Appliance (SMA) through 12.0, predictable token generation occurs when appliance linking is enabled. 2022-08-02 not yet calculated CVE-2022-29808
MISC
MISC
quest — kace_systems_management_appliance
 
A SQL injection vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.0 that can allow for remote code execution via download_agent_installer.php. 2022-08-02 not yet calculated CVE-2022-29807
MISC
MISC
quest — kace_systems_management_appliance
 
In Quest KACE Systems Management Appliance (SMA) through 12.0, a hash collision is possible during authentication. This may allow authentication with invalid credentials. 2022-08-02 not yet calculated CVE-2022-30285
MISC
MISC
rapid7 — velociraptor A cross-site scripting (XSS) issue in generating a collection report made it possible for malicious clients to inject JavaScript code into the static HTML file. This issue was resolved in Velociraptor 0.6.5-2. 2022-07-29 not yet calculated CVE-2022-35630
CONFIRM
rapid7 — velociraptor On MacOS and Linux, it may be possible to perform a symlink attack by replacing this predictable file name with a symlink to another file and have the Velociraptor client overwrite the other file. This issue was resolved in Velociraptor 0.6.5-2. 2022-07-29 not yet calculated CVE-2022-35631
CONFIRM
rapid7 — velociraptor The Velociraptor GUI contains an editor suggestion feature that can display the description field of a VQL function, plugin or artifact. This field was not properly sanitized and can lead to cross-site scripting (XSS). This issue was resolved in Velociraptor 0.6.5-2. 2022-07-29 not yet calculated CVE-2022-35632
CONFIRM
rapid7 — velociraptor Due to a bug in the handling of the communication between the client and server, it was possible for one client, already registered with their own client ID, to send messages to the server claiming to come from another client ID. This issue was resolved in Velociraptor 0.6.5-2. 2022-07-29 not yet calculated CVE-2022-35629
CONFIRM
realtek  — e-cos_rsdk
 
In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data. 2022-08-01 not yet calculated CVE-2022-27255
MISC
MISC
renato — renato
 
Renato v0.17.0 was discovered to contain a cross-site scripting (XSS) vulnerability. 2022-08-04 not yet calculated CVE-2022-35144
MISC
MISC
MISC
MISC
renato — renato
 
Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks. 2022-08-04 not yet calculated CVE-2022-35143
MISC
MISC
MISC
MISC
renato — renato
 
An issue in Renato v0.17.0 allows attackers to cause a Denial of Service (DoS) via a crafted payload injected into the Search parameter. 2022-08-04 not yet calculated CVE-2022-35142
MISC
MISC
MISC
MISC
rigatur — online_booking_and_hotel_management_system
 
A vulnerability was found in Rigatur Online Booking and Hotel Management System aff6409. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php of the component POST Request Handler. The manipulation of the argument email/pass leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205657 was assigned to this vulnerability. 2022-08-05 not yet calculated CVE-2022-2673
MISC
rsync — rsync
 
An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file). 2022-08-02 not yet calculated CVE-2022-29154
MLIST
MISC
s3-kilatstorage — s3-kilatstorage This affects all versions of package s3-kilatstorage. 2022-08-02 not yet calculated CVE-2020-28424
MISC
samsung — cameralyzer
 
Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22, 3.4.22 and 3.5.51 allows attackers to access external storage as Cameralyzer privilege. 2022-08-05 not yet calculated CVE-2022-36832
MISC
samsung — charm
 
PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. 2022-08-05 not yet calculated CVE-2022-36830
MISC
samsung — charm
 
Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. 2022-08-05 not yet calculated CVE-2022-33734
MISC
samsung — charm
 
Unprotected provider vulnerability in Charm by Samsung prior to version 1.2.3 allows attackers to read connection state without permission. 2022-08-05 not yet calculated CVE-2022-36836
MISC
samsung — charm
 
PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. 2022-08-05 not yet calculated CVE-2022-36829
MISC
samsung — charm
 
Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. 2022-08-05 not yet calculated CVE-2022-33733
MISC
samsung — checkout
 
SQL injection vulnerability via IAPService in Samsung Checkout prior to version 5.0.53.1 allows attackers to access IAP information. 2022-08-05 not yet calculated CVE-2022-36839
MISC
samsung — galaxy_wearable
 
Implicit Intent hijacking vulnerability in Galaxy Wearable prior to version 2.2.50 allows attacker to get sensitive information. 2022-08-05 not yet calculated CVE-2022-36838
MISC
samsung — game_launcher
 
Exposure of Sensitive Information vulnerability in Game Launcher prior to version 6.0.07 allows local attacker to access app data with user interaction. 2022-08-05 not yet calculated CVE-2022-36834
MISC
samsung — game_optimizing_service
 
Improper Privilege Management vulnerability in Game Optimizing Service prior to versions 3.3.04.0 in Android 10, and 3.5.04.8 in Android 11 and above allows local attacker to execute hidden function for developer by changing package name. 2022-08-05 not yet calculated CVE-2022-36833
MISC
samsung — internet_browser
 
Implicit Intent hijacking vulnerability in Samsung Internet Browser prior to version 17.0.7.34 allows attackers to access arbitrary files. 2022-08-05 not yet calculated CVE-2022-36835
MISC
samsung — internet_browser
 
Intent redirection vulnerability using implicit intent in Samsung email prior to version 6.1.70.20 allows attacker to get sensitive information. 2022-08-05 not yet calculated CVE-2022-36837
MISC
samsung — mtower
 
The TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE_PopulateTransientObject with a large number in the parameter attrCount. 2022-08-04 not yet calculated CVE-2022-35858
MISC
MISC
samsung — multiple_products Exposure of Sensitive Information in Samsung Dialer application?prior to SMR Aug-2022 Release 1 allows local attackers to access ICCID via log. 2022-08-05 not yet calculated CVE-2022-33724
MISC
samsung — multiple_products
 
Improper restriction of broadcasting Intent in ConfirmConnectActivity of?NFC prior to SMR Aug-2022 Release 1 leaks MAC address of the connected Bluetooth device. 2022-08-05 not yet calculated CVE-2022-33729
MISC
samsung — multiple_products
 
A vulnerable code in onCreate of SecDevicePickerDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack. 2022-08-05 not yet calculated CVE-2022-33727
MISC
samsung — multiple_products
 
Heap-based buffer overflow vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows arbitrary code execution by physical attackers. 2022-08-05 not yet calculated CVE-2022-33730
MISC
samsung — multiple_products
 
Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components. 2022-08-05 not yet calculated CVE-2022-33731
MISC
samsung — multiple_products
 
Improper access control vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows local attackers to scan and connect to PC by unprotected binder call. 2022-08-05 not yet calculated CVE-2022-33732
MISC
samsung — multiple_products
 
Unprotected dynamic receiver in Samsung Galaxy Friends prior to SMR Aug-2022 Release 1 allows attacker to launch activity. 2022-08-05 not yet calculated CVE-2022-33726
MISC
samsung — multiple_products
 
Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut. 2022-08-05 not yet calculated CVE-2022-33720
MISC
samsung — multiple_products
 
A vulnerability using PendingIntent in Knox VPN prior to SMR Aug-2022 Release 1 allows attackers to access content providers with system privilege. 2022-08-05 not yet calculated CVE-2022-33725
MISC
samsung — multiple_products
 
A vulnerable code in onCreate of BluetoothScanDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack. 2022-08-05 not yet calculated CVE-2022-33723
MISC
samsung — multiple_products
 
Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause integer overflow to heap overflow. 2022-08-05 not yet calculated CVE-2022-33719
MISC
samsung — multiple_products
 
Exposure of sensitive information in Bluetooth prior to SMR Aug-2022 Release 1 allows local attackers to access connected BT macAddress via Settings.Gloabal. 2022-08-05 not yet calculated CVE-2022-33728
MISC
samsung — multiple_products
 
An improper access control vulnerability in Wi-Fi Service prior to SMR AUG-2022 Release 1 allows untrusted applications to manipulate the list of apps that can use mobile data. 2022-08-05 not yet calculated CVE-2022-33718
MISC
samsung — multiple_products
 
A missing input validation before memory read in SEM TA prior to SMR Aug-2022 Release 1 allows local attackers to read out of bound memory. 2022-08-05 not yet calculated CVE-2022-33717
MISC
samsung — multiple_products
 
An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local attacker to read uninitialized memory. 2022-08-05 not yet calculated CVE-2022-33716
MISC
samsung — multiple_products
 
Implicit Intent hijacking vulnerability in Smart View prior to SMR Aug-2022 Release 1 allows attacker to access connected device MAC address. 2022-08-05 not yet calculated CVE-2022-33722
MISC
samsung — multiple_products
 
A vulnerability using PendingIntent in DeX for PC prior to SMR Aug-2022 Release 1 allows attackers to access files with system privilege. 2022-08-05 not yet calculated CVE-2022-33721
MISC
samsung — multiple_products