Vulnerability Summary for the Week of May 16, 2022

05/24/2022 06:37 AM EDT

Original release date: May 24, 2022

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no high vulnerabilities recorded this week.

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no medium vulnerabilities recorded this week.

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no low vulnerabilities recorded this week.

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
htc — one/sense
 
A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used. 2022-05-17 not yet calculated CVE-2013-10001
MISC
MISC
ruby — ruby
 
The random_password_generator (aka RandomPasswordGenerator) gem through 1.0.0 for Ruby uses Kernel#rand to generate passwords, which, due to its cyclic nature, can facilitate password prediction. 2022-05-18 not yet calculated CVE-2019-25061
MISC
MISC
MISC
MISC
mitsubishi — electric_factory_automation_engineering_software_products
 
Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could cause a denial-of-service condition, and allow information to be disclosed, tampered with, and/or destroyed. 2022-05-19 not yet calculated CVE-2020-14496
MISC
fieldcomm_group — hart-ip
 
A malicious attacker could exploit the interface of the Fieldcomm Group HART-IP (release 1.0.0.0) by constructing messages with sufficiently large payloads to overflow the internal buffer and crash the device, or obtain control of the device. 2022-05-19 not yet calculated CVE-2020-16209
MISC
bachmann_eletronic — m-base_controllers
 
The affected Bachmann Electronic M-Base Controllers of version MSYS v1.06.14 and later use weak cryptography to protect device passwords. Affected controllers that are actively supported include MX207, MX213, MX220, MC206, MC212, MC220, and MH230 hardware controllers, and affected end-of-life controller include MC205, MC210, MH212, ME203, CS200, MP213, MP226, MPC240, MPC265, MPC270, MPC293, MPE270, and CPC210 hardware controllers. Security Level 0 is set at default from the manufacturer, which could allow an unauthenticated remote attacker to gain access to the password hashes. Security Level 4 is susceptible if an authenticated remote attacker or an unauthenticated person with physical access to the device reads and decrypts the password to conduct further attacks. 2022-05-19 not yet calculated CVE-2020-16231
MISC
emerson — openenterprise
 
Inadequate encryption may allow the credentials used by Emerson OpenEnterprise, up through version 3.3.5, to access field devices and external systems to be obtained. 2022-05-19 not yet calculated CVE-2020-16235
MISC
hcl_software — domino
 
HCL Domino is affected by an Insufficient Access Control vulnerability. An authenticated attacker with local access to the system could exploit this vulnerability to attain escalation of privileges, denial of service, or information disclosure. 2022-05-19 not yet calculated CVE-2020-4107
MISC
ibm — security_identity_governance_and_intelligence
 
IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information in URL parameters that could aid in future attacks against the system. IBM X-Force ID: 192208. 2022-05-17 not yet calculated CVE-2020-4957
XF
CONFIRM
ibm — security_identity_governance_and_intelligence
 
IBM Security Identity Governance and Intelligence 5.2.4, 5.2.5, and 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 192429. 2022-05-19 not yet calculated CVE-2020-4970
XF
CONFIRM
ibm — datapower_gateway
 
IBM DataPower Gateway 10.0.1.0 through 10.0.1.4 and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a temporary denial of service by sending invalid HTTP requests. IBM X-Force ID: 192906. 2022-05-17 not yet calculated CVE-2020-4994
CONFIRM
XF
craftercms– craftercms
 
A logged-in and authenticated user with a Reviewer Role may lock a content item. 2022-05-16 not yet calculated CVE-2021-23265
CONFIRM
craftercms– craftercms
 
An anonymous user can craft a URL with text that ends up in the log viewer as is. The text can then include textual messages to mislead the administrator. 2022-05-16 not yet calculated CVE-2021-23266
CONFIRM
craftercms — crafter_studio
 
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods. 2022-05-16 not yet calculated CVE-2021-23267
CONFIRM
wordpress — agil_wordpress_plugin
 
The AGIL WordPress plugin through 1.0 accepts all zip files and automatically extracts the zip file without validating the extracted file type. Allowing high privilege users such as admin to upload an arbitrary file like PHP, leading to RCE 2022-05-16 not yet calculated CVE-2021-25119
MISC
handysoft  — handy_groupware
 
Improper input validation vulnerability in HANDY Groupware’s ActiveX moudle allows attackers to download or execute arbitrary files. This vulnerability can be exploited by using the file download or execution path as the parameter value of the vulnerable function. 2022-05-19 not yet calculated CVE-2021-26630
MISC
hometory — mangboard_commerce_package Improper input validation vulnerability in Mangboard commerce package could lead to occur for abnormal request. A remote attacker can exploit this vulnerability to manipulate the total order amount into a negative number and then pay for the order. 2022-05-19 not yet calculated CVE-2021-26631
MISC
weintek — cmt The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code. 2022-05-16 not yet calculated CVE-2021-27442
MISC
CONFIRM
weintek — cmt
 
The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator. 2022-05-16 not yet calculated CVE-2021-27444
MISC
CONFIRM
weintek — cmt
 
The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system. 2022-05-16 not yet calculated CVE-2021-27446
MISC
CONFIRM
xpdfreader — xpdf
 
There is a Null Pointer Dereference vulnerability in the XFAScanner::scanNode() function in XFAScanner.cc in xpdf 4.03. 2022-05-18 not yet calculated CVE-2021-27548
MISC
ibm — multiple_products
 
IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication Server 6.0.3 does not properly ensure that a certificate is actually associated with the host due to improper validation of certificates. IBM X-Force ID: 201104. 2022-05-17 not yet calculated CVE-2021-29726
CONFIRM
XF
CONFIRM
amazon — sooteway_wi-fi_range_extender
 
SOOTEWAY Wi-Fi Range Extender v1.5 was discovered to use default credentials (the admin password for the admin account) to access the TELNET service, allowing attackers to erase/read/write the firmware remotely. 2022-05-20 not yet calculated CVE-2021-30028
MISC
MISC
throughtek — p2p_sdk
 
The affected ThroughTek P2P products (SDKs using versions before 3.1.5, any versions with nossl tag, device firmware not using AuthKey for IOTC conneciton, firmware using AVAPI module without enabling DTLS mechanism, and firmware using P2PTunnel or RDT module) do not sufficiently protect data transferred between the local device and ThroughTek servers. This can allow an attacker to access sensitive information, such as camera feeds. 2022-05-19 not yet calculated CVE-2021-32934
MISC
xarrow — xarrow_scada
 
xArrow SCADA versions 7.2 and prior is vulnerable to cross-site scripting due to parameter ‘bdate’ of the resource xhisvalue.htm, which may allow an unauthorized attacker to execute arbitrary code. 2022-05-16 not yet calculated CVE-2021-33001
CONFIRM
xarrow — xarrow_scada
 
xArrow SCADA versions 7.2 and prior is vulnerable to cross-site scripting due to parameter ‘edate’ of the resource xhisalarm.htm, which may allow an unauthorized attacker to execute arbitrary code. 2022-05-16 not yet calculated CVE-2021-33021
CONFIRM
xarrow — xarrow_scada
 
xArrow SCADA versions 7.2 and prior permits unvalidated registry keys to be run with application-level privileges. 2022-05-16 not yet calculated CVE-2021-33025
CONFIRM
ipmatcher — ipmatcher
 
An Input Validation Vulnerability exists in Joel Christner .NET C# packages WatsonWebserver, IpMatcher 1.0.4.1 and below (IpMatcher) and 4.1.3 and below (WatsonWebserver) due to insufficient validation of input IP addresses and netmasks against the internal Matcher list of IP addresses and subnets. 2022-05-16 not yet calculated CVE-2021-33318
MISC
MISC
MISC
MISC
thecus — 4800eco
 
Thecus 4800Eco was discovered to contain a command injection vulnerability via the username parameter in /adm/setmain.php. 2022-05-20 not yet calculated CVE-2021-34111
MISC
solarwinds — serv-u
 
This broken access control vulnerability pertains specifically to a domain admin who can access configuration & user data of other domains which they should not have access to. Please note the admin is unable to modify the data (read only operation). This UAC issue leads to a data leak to unauthorized users for a domain, with no log of them accessing the data unless they attempt to modify it. This read-only activity is logged to the original domain and does not specify which domain was accessed. 2022-05-17 not yet calculated CVE-2021-35249
MISC
MISC
wordpress — mc4wp_plugin Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ibericode’s MC4WP plugin <= 4.8.6 at WordPress. 2022-05-20 not yet calculated CVE-2021-36833
CONFIRM
CONFIRM
grandcom — dynweb
 
GRANDCOM DynWEB before 4.2 contains a SQL Injection vulnerability in the admin login interface. A remote unauthenticated attacker can exploit this vulnerability to obtain administrative access to the webpage, access the user database, modify web content and upload custom files. The backend login script does not verify and sanitize user-provided strings. 2022-05-19 not yet calculated CVE-2021-37413
MISC
MISC
ibm — datapower_gateway
 
IBM DataPower Gateway 10.0.2.0, 10.0.3.0, 10.0.1.0 through 10.0.1.4, and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a denial of service by consuming resources with multiple requests. IBM X-Force ID: 208348. 2022-05-17 not yet calculated CVE-2021-38872
CONFIRM
XF
ibm — datapower_gateway
 
IBM DataPower Gateway 10.0.2.0 through 1.0.3.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 211236. 2022-05-18 not yet calculated CVE-2021-38944
CONFIRM
XF
ibm — jazz_team_server
 
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214032. 2022-05-20 not yet calculated CVE-2021-39043
XF
CONFIRM
lenovo — lenovo_system_interface_foundation
 
A race condition vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3 that could allow a local attacker to connect and interact with the IMController child process’ named pipe. 2022-05-18 not yet calculated CVE-2021-3922
CONFIRM
lenovo — xclarity_controller_firmware
 
A read-only authentication bypass vulnerability was reported in the Third Quarter 2021 release of Lenovo XClarity Controller (XCC) firmware affecting XCC devices configured in LDAP Authentication Only Mode and using an LDAP server that supports “unauthenticated bind”, such as Microsoft Active Directory. An unauthenticated user can gain read-only access to XCC in such a configuration, thereby allowing the XCC device configuration to be viewed but not changed. XCC devices configured to use local authentication, LDAP Authentication + Authorization Mode, or LDAP servers that support only “authenticated bind” and/or “anonymous bind” are not affected. 2022-05-18 not yet calculated CVE-2021-3956
CONFIRM
lenovo — lenovo_system_interface_foundation A Time of Check Time of Use (TOCTOU) vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3that could allow a local attacker to elevate privileges. 2022-05-18 not yet calculated CVE-2021-3969
CONFIRM
shopxo — cms
 
An issue was discovered in ShopXO CMS 2.2.0. After entering the management page, there is an arbitrary file upload vulnerability in three locations. 2022-05-19 not yet calculated CVE-2021-41938
MISC
fiberhome — vdsl2_modem_hg150-ub In FiberHome VDSL2 Modem HG150-Ub_V3.0, a stored cross-site scripting (XSS) vulnerability in Parental Control –> Access Time Restriction –> Username field, a user cannot delete the rule due to the XSS. 2022-05-18 not yet calculated CVE-2021-41946
MISC
MISC
churchcrm — churchcrm
 
A SQL injection vulnerability exists in ChurchCRM version 2.0.0 to 4.4.5 that allows an authenticated attacker to issue an arbitrary SQL command to the database through the unsanitized EN_tyid, theID and EID fields used when an Edit action on an existing record is being performed. 2022-05-15 not yet calculated CVE-2021-41965
MISC
MISC
cmseasy — cmseasy cmseasy V7.7.5_20211012 is affected by an arbitrary file write vulnerability. Through this vulnerability, a PHP script file is written to the website server, and accessing this file can lead to a code execution vulnerability. 2022-05-17 not yet calculated CVE-2021-42643
MISC
cmseasy — cmseasy
 
cmseasy V7.7.5_20211012 is affected by an arbitrary file read vulnerability. After login, the configuration file information of the website such as the database configuration file (config / config_database) can be read through this vulnerability. 2022-05-17 not yet calculated CVE-2021-42644
MISC
inkscape — inkscape
 
Inkscape 0.19 is vulnerable to an out-of-bounds read, which may allow an attacker to have access to unauthorized information. 2022-05-18 not yet calculated CVE-2021-42700
CONFIRM
inkscape — inkscape
 
Inkscape version 0.19 can access an uninitialized pointer, which may allow an attacker to have access to unauthorized information. 2022-05-18 not yet calculated CVE-2021-42702
CONFIRM
inkscape — inkscape
 
Inkscape version 0.19 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code. 2022-05-18 not yet calculated CVE-2021-42704
CONFIRM
lenovo — personal_cloud_storage
 
An information disclosure vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an unauthenticated user to retrieve device and networking details. 2022-05-18 not yet calculated CVE-2021-42848
CONFIRM
lenovo — personal_cloud_storage
 
A weak default password for the serial port was reported in some Lenovo Personal Cloud Storage devices that could allow unauthorized device access to an attacker with physical access. 2022-05-18 not yet calculated CVE-2021-42849
CONFIRM
lenovo — personal_cloud_storage
 
A weak default administrator password for the web interface and serial port was reported in some Lenovo Personal Cloud Storage devices that could allow unauthorized device access to an attacker with physical or local network access. 2022-05-18 not yet calculated CVE-2021-42850
CONFIRM
lenovo — personal_cloud_storage
 
A vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an unauthenticated user to create a standard user account. 2022-05-18 not yet calculated CVE-2021-42851
CONFIRM
lenovo — personal_cloud_storage
 
A command injection vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an authenticated user to execute operating system commands by sending a crafted packet to the device. 2022-05-18 not yet calculated CVE-2021-42852
CONFIRM
linux — accel-ppp
 
ACCEL-PPP 1.12.0 has an out-of-bounds read in post_msg when processing a call_clear_request. 2022-05-16 not yet calculated CVE-2021-42870
MISC
feminer — wms
 
A remote command execution (RCE) vulnerability was found in FeMiner wms V1.0 in /wms/src/system/datarec.php. The $_POST[r_name] is directly passed into the $mysqlstr and is executed by exec. 2022-05-16 not yet calculated CVE-2021-42897
MISC
ipplan — ipplan
 
Stored cross-site scripting (XSS) in admin/usermanager.php over IPPlan v4.92b allows remote attackers to inject arbitrary web script or HTML via the userid parameter. 2022-05-17 not yet calculated CVE-2021-42943
MISC
pix-link — mini_router_28k.minirouter.20190211
 
Pix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored cross-site scripting (XSS) vulnerability due to an unsanitized SSID parameter. 2022-05-20 not yet calculated CVE-2021-43728
MISC
MISC
pix-link — mini_router_28k.minirouter.20190211
 
Pix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored cross-site scripting (XSS) vulnerability due to an unsanitized Security Key parameter. 2022-05-20 not yet calculated CVE-2021-43729
MISC
MISC
jfrog — artifactory
 
JFrog Artifactory prior to 7.31.10, is vulnerable to Broken Access Control where a Project Admin is able to create, edit and delete Repository Layouts while Repository Layouts configuration should only be available for Platform Administrators. 2022-05-19 not yet calculated CVE-2021-45730
CONFIRM
fidelis_cybersecurity — network_and-deception
 
Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected files and enable escalation of privileges equivalent to the root user. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. 2022-05-17 not yet calculated CVE-2022-0486
CONFIRM
jfrog — artifactory
 
JFrog Artifactory before 7.36.1 and 6.23.41, is vulnerable to Insecure Deserialization of untrusted data which can lead to DoS, Privilege Escalation and Remote Code Execution when a specially crafted request is sent by a low privileged authenticated user due to insufficient validation of a user-provided serialized object. 2022-05-16 not yet calculated CVE-2022-0573
MISC
MISC
publify — publify
 
Improper Access Control in GitHub repository publify/publify prior to 9.2.8. 2022-05-16 not yet calculated CVE-2022-0574
MISC
CONFIRM
publify — publify
 
Code Injection in GitHub repository publify/publify prior to 9.2.8. 2022-05-16 not yet calculated CVE-2022-0578
CONFIRM
MISC
wordpress — pricing_table_wordpress_plugin
 
The Pricing Table WordPress plugin before 3.6.1 fails to properly sanitize and escape user supplied POST data before it is being interpolated in an SQL statement and then executed via an AJAX action available to unauthenticated users 2022-05-16 not yet calculated CVE-2022-0867
MISC
wordpress — gmedia_photo_gallery_wordpress_plugin The Gmedia Photo Gallery WordPress plugin before 1.20.0 does not sanitise and escape the Album’s name before outputting it in pages/posts with a media embed, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered-html capability is disallowed 2022-05-16 not yet calculated CVE-2022-0873
MISC
snow_software — slm
 
SLM has an issue with Windows Unquoted/Trusted Service Paths Security Issue. All installations version 9.x.x prior to 9.20.1 should be patched. 2022-05-18 not yet calculated CVE-2022-0883
MISC
fidelis_cybersecurity — network_and-deception
 
Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected script files, which could result in arbitrary commands being run as root upon subsequent logon by a root user. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. 2022-05-17 not yet calculated CVE-2022-0997
CONFIRM
wordpress — wpqa_builder_plugin_wordpress_plugin
 
The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not sanitise and escape the city, phone or profile credentials fields when outputting it in the profile page, allowing any authenticated user to perform Cross-Site Scripting attacks. 2022-05-16 not yet calculated CVE-2022-1051
MISC
wordpress — th23_social_wordpress_plugin
 
The th23 Social WordPress plugin through 1.2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed 2022-05-16 not yet calculated CVE-2022-1062
MISC
wordpress — bulk_edit_and_create_use_profiles_wordpress_plugin
 
The Bulk Edit and Create User Profiles WordPress plugin before 1.5.14 does not sanitise and escape the Users Login, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed 2022-05-16 not yet calculated CVE-2022-1089
MISC
wordpress — advanced_uploader-wordpress_plugin
 
The Advanced Uploader WordPress plugin through 4.2 allows any authenticated users like subscriber to upload arbitrary files, such as PHP, which could lead to RCE 2022-05-16 not yet calculated CVE-2022-1103
MISC
lenovo — smart_standby_driver A buffer overflow vulnerability in Lenovo Smart Standby Driver prior to version 4.1.50.0 could allow a local attacker to cause denial of service. 2022-05-18 not yet calculated CVE-2022-1110
CONFIRM
linux — linux_kernel
 
Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions. 2022-05-17 not yet calculated CVE-2022-1116
MISC
MISC
rockwell_automation– multiple_products
 
Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in arbitrary code execution. This vulnerability requires user interaction to be successfully exploited 2022-05-17 not yet calculated CVE-2022-1118
MISC
wordpress — visual_slide_box_builder_wordpress_plugin
 
The Visual Slide Box Builder WordPress plugin through 3.2.9 does not sanitise and escape various parameters before using them in SQL statements via some of its AJAX actions available to any authenticated users (such as subscriber), leading to SQL Injections 2022-05-16 not yet calculated CVE-2022-1182
MISC
bind — bind
 
On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS (DoT) and DNS over HTTPS (DoH), but configurations using DoT alone are unaffected. Affects BIND 9.18.0 -> 9.18.2 and version 9.19.0 of the BIND 9.19 development branch. 2022-05-19 not yet calculated CVE-2022-1183
CONFIRM
wordpress — advanced_image_sitemap_wordpress_plugin
 
The Advanced Image Sitemap WordPress plugin through 1.2 does not sanitise and escape the PHP_SELF PHP variable before outputting it back in an attribute in an admin page, leading to Reflected Cross-Site Scripting. 2022-05-16 not yet calculated CVE-2022-1216
MISC
wordpress — custom_tinymce_shortcode_button_wordpress_plugin
 
The Custom TinyMCE Shortcode Button WordPress plugin through 1.1 does not sanitise and escape the PHP_SELF variable before outputting it back in an attribute in an admin page, leading to Reflected Cross-Site Scripting. 2022-05-16 not yet calculated CVE-2022-1217
MISC
wordpress — bulletproof_security_wordpress_plugin
 
The BulletProof Security WordPress plugin before 6.1 does not sanitize and escape some of its CAPTCHA settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed 2022-05-16 not yet calculated CVE-2022-1265
MISC
wordpress — bmi_bmr_calculator_wordpress_plugin
 
The BMI BMR Calculator WordPress plugin through 1.3 does not sanitise and escape arbitrary POST data before outputting it back in the response, leading to a Reflected Cross-Site Scripting 2022-05-16 not yet calculated CVE-2022-1267
MISC
wordpress — wp_youtube_live_wordpress_plugin
 
The WP YouTube Live WordPress plugin before 1.8.3 does not validate, sanitise and escape various of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed 2022-05-16 not yet calculated CVE-2022-1334
MISC
wordpress — wpqa_builder_plugin_wordpress_plugin The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not validate that the value passed to the image_id parameter of the ajax action wpqa_remove_image belongs to the requesting user, allowing any users (with privileges as low as Subscriber) to delete the profile pictures of any other user. 2022-05-16 not yet calculated CVE-2022-1349
MISC
cambium_networks — cnmaestro
 
cnMaestro is vulnerable to a local privilege escalation. By default, a user does not have root privileges. However, a user can run scripts as sudo, which could allow an attacker to gain root privileges when running user scripts outside allowed commands. 2022-05-17 not yet calculated CVE-2022-1356
CONFIRM
cambium_networks — on-premise_cnmaestro
 
The affected On-Premise cnMaestro allows an unauthenticated attacker to access the cnMaestro server and execute arbitrary code in the privileges of the web server. This lack of validation could allow an attacker to append arbitrary data to the logger command. 2022-05-17 not yet calculated CVE-2022-1357
CONFIRM
cambium_networks — on-premise_cnmaestro
 
The affected On-Premise is vulnerable to data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate and dump all data held in the cnMaestro database. 2022-05-17 not yet calculated CVE-2022-1358
CONFIRM
cambium_networks — on-premise_cnmaestro
 
The affected On-Premise cnMaestro is vulnerable to an arbitrary file-write through improper limitation of a pathname to a restricted directory inside a specific route. If an attacker supplied path traversal charters (../) as part of a filename, the server will save the file where the attacker chooses. This could allow an attacker to write any data to any file in the server. 2022-05-17 not yet calculated CVE-2022-1359
CONFIRM
cambium_networks — on-premise_cnmaestro
 
The affected On-Premise cnMaestro is vulnerable to execution of code on the cnMaestro hosting server. This could allow a remote attacker to change server configuration settings. 2022-05-17 not yet calculated CVE-2022-1360
CONFIRM
cambium_networks — on-premise_cnmaestro
 
The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate data about other user’s accounts and devices. 2022-05-17 not yet calculated CVE-2022-1361
CONFIRM
cambium_networks — on-premise_cnmaestro
 
The affected On-Premise cnMaestro is vulnerable inside a specific route where a user can upload a crafted package to the system. An attacker could abuse this user-controlled data to execute arbitrary commands on the server. 2022-05-17 not yet calculated CVE-2022-1362
CONFIRM
plantuml — plantuml
 
URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. An attacker can abuse this to bypass URL restrictions that are imposed by the different security profiles and achieve server side request forgery (SSRF). This allows accessing restricted internal resources/servers or sending requests to third party servers. 2022-05-14 not yet calculated CVE-2022-1379
MISC
CONFIRM
wordpress — fusion_builder_wordpress_plugin
 
The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application’s response. This could be used to interact with hosts on the server’s local network bypassing firewalls and access control measures. 2022-05-16 not yet calculated CVE-2022-1386
MISC
MISC
MISC
wordpress — wp_subtitle_wordpress_plugin
 
The WP Subtitle WordPress plugin before 3.4.1 adds a subtitle field and provides a shortcode to display it via [wp_subtitle]. The subtitle is stored as a custom post meta with the key: “wps_subtitle”, which is sanitized upon post save/update, however is not sanitized when updating it directly from the post meta update button (via AJAX) – and this makes the XSS exploitable by authenticated users with a role as low as contributor. 2022-05-16 not yet calculated CVE-2022-1393
MISC
wordpress — external_media_wordpress_plugin
 
The External Media without Import WordPress plugin through 1.1.2 does not have any authorisation and does to ensure that medias added via URLs are external medias, which could allow any authenticated users, such as subscriber to perform blind SSRF attacks 2022-05-16 not yet calculated CVE-2022-1398
MISC
wordpress — vikbooking_hotel_booking_engine_&_pms_wordpress_plugin
 
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not have CSRF check in place when adding a tracking campaign, and does not escape the campaign fields when outputting them In attributes. As a result, attackers could make a logged in admin add tracking campaign with XSS payloads in them via a CSRF attack 2022-05-16 not yet calculated CVE-2022-1407
MISC
wordpress — vikbooking_hotel_booking_engine_&_pms_wordpress_plugin
 
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not escape various settings before outputting them in attributes, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed 2022-05-16 not yet calculated CVE-2022-1408
MISC
wordpress — vikbooking_hotel_booking_engine_&_pms_wordpress_plugin
 
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not properly validate images, allowing high privilege users such as administrators to upload PHP files disguised as images and containing malicious PHP code 2022-05-16 not yet calculated CVE-2022-1409
MISC
gitlab — gitlab
 
Missing input masking in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 causes potentially sensitive integration properties to be disclosed in the web interface 2022-05-19 not yet calculated CVE-2022-1413
CONFIRM
MISC
gitlab — gitlab
 
Missing sanitization of data in Pipeline error messages in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows for rendering of attacker controlled HTML tags and CSS styling 2022-05-19 not yet calculated CVE-2022-1416
MISC
MISC
CONFIRM
wordpress — social_stickers_wordpress_plugin The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues. 2022-05-16 not yet calculated CVE-2022-1418
MISC
gitlab — gitlab
 
Improper access control in the CI/CD cache mechanism in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows a malicious actor with Developer privileges to perform cache poisoning leading to arbitrary code execution in protected branches 2022-05-19 not yet calculated CVE-2022-1423
CONFIRM
MISC
MISC
wordpress — wpqa_builder_plugin_wordpress_plugin
 
The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not validate that the message_id of the wpqa_message_view ajax action belongs to the requesting user, leading to any user being able to read messages for any other users via a Insecure Direct Object Reference (IDOR) vulnerability. 2022-05-16 not yet calculated CVE-2022-1425
MISC
octoprint — octoprint
 
Cross-site Scripting (XSS) – DOM in GitHub repository octoprint/octoprint prior to 1.8.0. 2022-05-18 not yet calculated CVE-2022-1430
MISC
CONFIRM
octoprint — octoprint
 
Cross-site Scripting (XSS) – Generic in GitHub repository octoprint/octoprint prior to 1.8.0. 2022-05-18 not yet calculated CVE-2022-1432
CONFIRM
MISC
wordpress — wpcargo_track_&_trace_wordpress_plugin
 
The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitize and escapes some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed. 2022-05-16 not yet calculated CVE-2022-1435
MISC
wordpress — wpcargo_track_&_trace_wordpress_plugin
 
The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitise and escape the wpcargo_tracking_number parameter before outputting it back in the page, which could allow attackers to perform reflected Cross-Site Scripting attacks. 2022-05-16 not yet calculated CVE-2022-1436
MISC
wordpress — call_now_button_wordpress_plugin
 
The Call Now Button WordPress plugin before 1.1.2 does not escape a parameter before outputting it back in an attribute of a hidden input, leading to a Reflected Cross-Site Scripting when the premium is enabled 2022-05-16 not yet calculated CVE-2022-1455
MISC
wordpress — wpc_smart_wishlist_for_woocommerce_wordpress_plugin
 
The WPC Smart Wishlist for WooCommerce WordPress plugin before 2.9.9 does not sanitise and escape a parameter before outputting it back in an attribute via an AJAX action, leading to a Reflected Cross-Site Scripting issue. 2022-05-16 not yet calculated CVE-2022-1465
MISC
wordpress — scrollreveal.js_effects_wordpress_plugin
 
The ScrollReveal.js Effects WordPress plugin through 1.2 does not sanitise and escape its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed 2022-05-16 not yet calculated CVE-2022-1512
MISC
MISC
publify — publify
 
Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify website, compromising confidentiality and integrity of users. 2022-05-16 not yet calculated CVE-2022-1553
CONFIRM
MISC
wordpress — uleak_security_&_monitoring_wordpress_plugin
 
The ULeak Security & Monitoring WordPress plugin through 1.2.3 does not have authorisation and CSRF checks when updating its settings, and is also lacking sanitisation as well as escaping in some of them, which could allow any authenticated users such as subscriber to perform Stored Cross-Site Scripting attacks against admins viewing the settings 2022-05-16 not yet calculated CVE-2022-1557
MISC
MISC
wordpress — clipr_wordpress_plugin
 
The Clipr WordPress plugin through 1.2.3 does not sanitise and escape its API Key settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed 2022-05-16 not yet calculated CVE-2022-1559
MISC
MISC
wordpress — amministrazione_aperta_wordpress_plugin
 
The Amministrazione Aperta WordPress plugin through 3.7.3 does not validate the open parameter before using it in an include statement, leading to a Local File Inclusion issue. The original advisory mentions that unauthenticated users can exploit this, however the affected file generates a fatal error when accessed directly and the affected code is not reached. The issue can be exploited via the dashboard when logged in as an admin, or by making a logged in admin open a malicious link 2022-05-16 not yet calculated CVE-2022-1560
MISC
fedora — fedora
 
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT. 2022-05-16 not yet calculated CVE-2022-1586
FEDORA
MISC
MISC
MISC
pcre2 — pcre2
 
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers. 2022-05-16 not yet calculated CVE-2022-1587
MISC
FEDORA
MISC
octopus — octopus_server
 
When generating a user invitation code in Octopus Server, the validity of this code can be set for a specific number of users. It was possible to bypass this restriction of validity to create extra user accounts above the initial number of invited users. 2022-05-19 not yet calculated CVE-2022-1670
MISC
linux — linux_kernel_atheros_wireless_adapter_driver
 
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. 2022-05-16 not yet calculated CVE-2022-1679
MISC
coreos — ignition
 
A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only relevant in user environments where the Ignition config contains secrets. The highest threat from this vulnerability is to data confidentiality. Possible workaround is to not put secrets in the Ignition config. 2022-05-17 not yet calculated CVE-2022-1706
MISC
MISC
MISC
MISC
MISC
jgraph — drawio
 
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.5. 2022-05-17 not yet calculated CVE-2022-1711
CONFIRM
MISC
jgraph — drawio
 
SSRF on /proxy in GitHub repository jgraph/drawio prior to 18.0.4. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information. 2022-05-16 not yet calculated CVE-2022-1713
MISC
CONFIRM
jgraph — drawio
 
Path Traversal in WellKnownServlet in GitHub repository jgraph/drawio prior to 18.0.5. Read local files of the web application. 2022-05-16 not yet calculated CVE-2022-1721
CONFIRM
MISC
jgraph — drawio
 
SSRF in editor’s proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses 2022-05-16 not yet calculated CVE-2022-1722
MISC
CONFIRM
jgraph — drawio
 
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.6. 2022-05-17 not yet calculated CVE-2022-1723
MISC
CONFIRM
bootstrap — bootstrap_tables Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties. 2022-05-16 not yet calculated CVE-2022-1726
CONFIRM
MISC
jgraph — drawio
 
Improper Input Validation in GitHub repository jgraph/drawio prior to 18.0.6. 2022-05-18 not yet calculated CVE-2022-1727
MISC
CONFIRM
polonel — trudesk Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. 2022-05-16 not yet calculated CVE-2022-1728
CONFIRM
MISC
jgraph — drawio
 
Cross-site Scripting (XSS) – Stored in GitHub repository jgraph/drawio prior to 18.0.4. 2022-05-19 not yet calculated CVE-2022-1730
CONFIRM
MISC
metasonic —  doc_webclient Metasonic Doc WebClient 7.0.14.0 / 7.0.12.0 / 7.0.3.0 is vulnerable to a SQL injection attack in the username field. SSO or System authentication are required to be enabled for vulnerable conditions to exist. 2022-05-16 not yet calculated CVE-2022-1731
MISC
fedora — vim
 
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. 2022-05-17 not yet calculated CVE-2022-1733
CONFIRM
MISC
FEDORA
FEDORA
FEDORA
linux — linux_kernel
 
A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine. 2022-05-18 not yet calculated CVE-2022-1734
MISC
fedora — vim
 
Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. 2022-05-17 not yet calculated CVE-2022-1735
MISC
CONFIRM
polonel — trudesk
 
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2. 2022-05-21 not yet calculated CVE-2022-1752
CONFIRM
MISC
wowonder — wowonder
 
A vulnerability, which was classified as critical, was found in WoWonder. Affected is the file /requests.php which is responsible to handle group messages. The manipulation of the argument group_id allows posting messages in other groups. It is possible to launch the attack remotely but it might require authentication. A video explaining the attack has been disclosed to the public. 2022-05-17 not yet calculated CVE-2022-1753
MISC
MISC
MISC
polonel — trudesk
 
Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2. 2022-05-20 not yet calculated CVE-2022-1754
MISC
CONFIRM
jgraph — drawio
 
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.7. 2022-05-18 not yet calculated CVE-2022-1767
MISC
CONFIRM
fedora — vim
 
Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. 2022-05-17 not yet calculated CVE-2022-1769
CONFIRM
MISC
FEDORA
FEDORA
FEDORA
polonel — trudesk
 
Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2. 2022-05-20 not yet calculated CVE-2022-1770
CONFIRM
MISC
fedora — vim
 
Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. 2022-05-18 not yet calculated CVE-2022-1771
CONFIRM
MISC
jgraph — drawio
 
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.0.7. 2022-05-18 not yet calculated CVE-2022-1774
MISC
CONFIRM
polonel — trudesk
 
Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2. 2022-05-20 not yet calculated CVE-2022-1775
CONFIRM
MISC
erudika — para
 
Cross-site Scripting (XSS) – Generic in GitHub repository erudika/para prior to v1.45.11. 2022-05-18 not yet calculated CVE-2022-1782
MISC
CONFIRM
jgraph — drawio
 
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.8. 2022-05-20 not yet calculated CVE-2022-1784
MISC
CONFIRM
fedora — vim
 
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. 2022-05-19 not yet calculated CVE-2022-1785
CONFIRM
MISC
gpac — gpac
 
Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV. 2022-05-18 not yet calculated CVE-2022-1795
CONFIRM
MISC
fedora — vim
 
Use After Free in GitHub repository vim/vim prior to 8.2.4979. 2022-05-19 not yet calculated CVE-2022-1796
MISC
CONFIRM
polonel — trudesk
 
Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to 1.2.2. 2022-05-20 not yet calculated CVE-2022-1803
CONFIRM
MISC
rtxteam — rtx
 
Cross-site Scripting (XSS) – Reflected in GitHub repository rtxteam/rtx prior to checkpoint_2022-05-18. 2022-05-20 not yet calculated CVE-2022-1806
CONFIRM
MISC
radareorg — radare2
 
Access of Uninitialized Pointer in GitHub repository radareorg/radare2 prior to 5.7.0. 2022-05-21 not yet calculated CVE-2022-1809
CONFIRM
MISC
url-regex — url-regex
 
All versions of package url-regex are vulnerable to Regular Expression Denial of Service (ReDoS) which can cause the CPU usage to crash. 2022-05-20 not yet calculated CVE-2022-21195
CONFIRM
CONFIRM
oracle — e-business_suite
 
Vulnerability in Oracle E-Business Suite (component: Manage Proxies). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle E-Business Suite. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle E-Business Suite accessible data. Note: Authentication is required for successful attack, however the user may be self-registered. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). 2022-05-20 not yet calculated CVE-2022-21500
MISC
ibm — websphere_application_server
 
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with the Ajax Proxy Web Application (AjaxProxy.war) deployed, is vulnerable to spoofing by allowing a man-in-the-middle attacker to spoof SSL server hostnames. IBM X-Force ID: 220904. 2022-05-20 not yet calculated CVE-2022-22365
XF
CONFIRM
ibm — websphere_application_server
 
IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 and Open Liberty are vulnerable to identity spoofing by an authenticated user. IBM X-Force ID: 225603. 2022-05-17 not yet calculated CVE-2022-22475
CONFIRM
XF
ibm — sterling_b2b_integrator
 
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow an authenticated user to upload files that could fill up the filesystem and cause a denial of service. IBM X-Force ID: 225977. 2022-05-17 not yet calculated CVE-2022-22482
XF
CONFIRM
ibm — spectrum_protect_operations_center
 
IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser’s application command history. By accessing browser history, an attacker could exploit this vulnerability to obtain other user accounts’ passwords. IBM X-Force ID: 226322. 2022-05-17 not yet calculated CVE-2022-22484
XF
CONFIRM
tibco — jasperreports_server
 
The REST API component of TIBCO Software Inc.’s TIBCO JasperReports Server, TIBCO JasperReports Server – Community Edition, TIBCO JasperReports Server – Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for ActiveMatrix BPM, and TIBCO JasperReports Server for Microsoft Azure contains difficult to exploit Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker with network access to execute scripts targeting the affected system or the victim’s local system. Affected releases are TIBCO Software Inc.’s TIBCO JasperReports Server: versions 8.0.1 and below, TIBCO JasperReports Server – Community Edition: versions 8.0.1 and below, TIBCO JasperReports Server – Developer Edition: versions 8.0.0 and below, TIBCO JasperReports Server for AWS Marketplace: versions 8.0.1 and below, TIBCO JasperReports Server for ActiveMatrix BPM: versions 7.9.2 and below, and TIBCO JasperReports Server for Microsoft Azure: versions 8.0.1 and below. 2022-05-17 not yet calculated CVE-2022-22773
CONFIRM
CONFIRM
tibco — tibco_bpm
 
The Workspace client component of TIBCO Software Inc.’s TIBCO BPM Enterprise and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric contains difficult to exploit Reflected Cross Site Scripting (XSS) vulnerabilities that allow low privileged attackers with network access to execute scripts targeting the affected system or the victim’s local system. Affected releases are TIBCO Software Inc.’s TIBCO BPM Enterprise: versions 4.3.1 and below and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric: versions 4.3.1 and below. 2022-05-17 not yet calculated CVE-2022-22775
CONFIRM
CONFIRM
tibco — tibco_businessconnect_trading_community_management
 
The Web Server component of TIBCO Software Inc.’s TIBCO BusinessConnect Trading Community Management contains easily exploitable vulnerabilities that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using these vulnerabilities requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.’s TIBCO BusinessConnect Trading Community Management: versions 6.1.0 and below. 2022-05-18 not yet calculated CVE-2022-22776
CONFIRM
CONFIRM
tibco — tibco_businessconnect_trading_community_management
 
The Web Server component of TIBCO Software Inc.’s TIBCO BusinessConnect Trading Community Management contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow an unauthenticated attacker with network access to execute scripts targeting the affected system or the victim’s local system. Affected releases are TIBCO Software Inc.’s TIBCO BusinessConnect Trading Community Management: versions 6.1.0 and below. 2022-05-18 not yet calculated CVE-2022-22777
CONFIRM
CONFIRM
tibco — tibco_businessconnect_trading_community_management
 
The Web Server component of TIBCO Software Inc.’s TIBCO BusinessConnect Trading Community Management contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to execute Cross-Site Request Forgery (CSRF) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.’s TIBCO BusinessConnect Trading Community Management: versions 6.1.0 and below. 2022-05-18 not yet calculated CVE-2022-22778
CONFIRM
CONFIRM
zoom — client_for_meetings
 
The Zoom Client for Meetings (for Android, iOS, Linux, MacOS, and Windows) before version 5.10.0 failed to properly parse XML stanzas in XMPP messages. This can allow a malicious user to break out of the current XMPP message context and create a new message context to have the receiving users client perform a variety of actions.This issue could be used in a more sophisticated attack to forge XMPP messages from the server. 2022-05-18 not yet calculated CVE-2022-22784
MISC
zoom — client_for_meetings
 
The Zoom Client for Meetings (for Android, iOS, Linux, MacOS, and Windows) before version 5.10.0 failed to properly constrain client session cookies to Zoom domains. This issue could be used in a more sophisticated attack to send an unsuspecting users Zoom-scoped session cookies to a non-Zoom domain. This could potentially allow for spoofing of a Zoom user. 2022-05-18 not yet calculated CVE-2022-22785
MISC
zoom — client_for_meetings
 
The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room for Windows before version 5.10.0, fails to properly check the installation version during the update process. This issue could be used in a more sophisticated attack to trick a user into downgrading their Zoom client to a less secure version. 2022-05-18 not yet calculated CVE-2022-22786
MISC
zoom — client_for_meetings
 
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.10.0 fails to properly validate the hostname during a server switch request. This issue could be used in a more sophisticated attack to trick an unsuspecting users client to connect to a malicious server when attempting to use Zoom services. 2022-05-18 not yet calculated CVE-2022-22787
CONFIRM
vmware — workspace_one
 
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. 2022-05-20 not yet calculated CVE-2022-22972
MISC
vmware — workspace_one
 
VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to ‘root’. 2022-05-20 not yet calculated CVE-2022-22973
MISC
vmware — spring_security Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. When using the BCrypt class with the maximum work factor (31), the encoder does not perform any salt rounds, due to an integer overflow error. The default settings are not affected by this CVE. 2022-05-19 not yet calculated CVE-2022-22976
MISC
vmware — spring_security
 
In Spring Security versions 5.5.6 and 5.5.7 and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass. 2022-05-19 not yet calculated CVE-2022-22978
MISC
tooljet — tooljet
 
ToolJet versions v0.5.0 to v1.2.2 are vulnerable to token leakage via Referer header that leads to account takeover . If the user opens the invite link/signup link and then clicks on any external links within the page, it leaks the password set token/signup token in the referer header. Using these tokens the attacker can access the user’s account. 2022-05-18 not yet calculated CVE-2022-23067
CONFIRM
MISC
tooljet — tooljet
 
ToolJet versions v0.6.0 to v1.10.2 are vulnerable to HTML injection where an attacker can inject malicious code inside the first name and last name field while inviting a new user which will be reflected in the invitational e-mail. 2022-05-18 not yet calculated CVE-2022-23068
MISC
CONFIRM
aruba_networks — clearpass_policy_manager
 
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-16 not yet calculated CVE-2022-23657
MISC
aruba_networks — clearpass_policy_manager
 
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-16 not yet calculated CVE-2022-23658
MISC
aruba_networks — clearpass_policy_manager
 
A remote reflected cross site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-16 not yet calculated CVE-2022-23659
MISC
aruba_networks — clearpass_policy_manager
 
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-16 not yet calculated CVE-2022-23660
MISC
aruba_networks — clearpass_policy_manager
 
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-16 not yet calculated CVE-2022-23661
MISC
aruba_networks — clearpass_policy_manager
 
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-16 not yet calculated CVE-2022-23662
MISC
aruba_networks — clearpass_policy_manager
 
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-16 not yet calculated CVE-2022-23663
MISC
aruba_networks — clearpass_policy_manager
 
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-16 not yet calculated CVE-2022-23664
MISC
aruba_networks — clearpass_policy_manager
 
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-16 not yet calculated CVE-2022-23665
MISC
aruba_networks — clearpass_policy_manager
 
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-16 not yet calculated CVE-2022-23666
MISC
aruba_networks — clearpass_policy_manager
 
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-16 not yet calculated CVE-2022-23667
MISC
aruba_networks — clearpass_policy_manager
 
A remote authenticated server-side request forgery (ssrf) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manage that address this security vulnerability. 2022-05-16 not yet calculated CVE-2022-23668
MISC
aruba_networks — clearpass_policy_manager
 
A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-17 not yet calculated CVE-2022-23669
MISC
aruba_networks — clearpass_policy_manager
 
A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-16 not yet calculated CVE-2022-23670
MISC
aruba_networks — clearpass_policy_manager
 
A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-17 not yet calculated CVE-2022-23671
MISC
aruba_networks — clearpass_policy_manager
 
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-17 not yet calculated CVE-2022-23672
MISC
aruba_networks — clearpass_policy_manager
 
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-17 not yet calculated CVE-2022-23673
MISC
aruba_networks — clearpass_policy_manager
 
A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-17 not yet calculated CVE-2022-23674
MISC
aruba_networks — clearpass_policy_manager
 
A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. 2022-05-17 not yet calculated CVE-2022-23675
MISC
hewlett_packard_enterprise — oneview
 
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. 2022-05-17 not yet calculated CVE-2022-23706
MISC
desigo — dxr2
 
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The login functionality of the application fails to normalize the response times of login attempts performed with wrong usernames with the ones executed with correct usernames. A remote unauthenticated attacker could exploit this side-channel information to perform a username enumeration attack and identify valid usernames. 2022-05-20 not yet calculated CVE-2022-24043
CONFIRM
desigo — dxr2
 
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The login functionality of the application does not employ any countermeasures against Password Spraying attacks or Credential Stuffing attacks. An attacker could obtain a list of valid usernames on the device by exploiting the issue and then perform a precise Password Spraying or Credential Stuffing attack in order to obtain access to at least one account. 2022-05-20 not yet calculated CVE-2022-24044
CONFIRM
desigo — dxr2
 
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The application, after a successful login, sets the session cookie on the browser via client-side JavaScript code, without applying any security attributes (such as “Secure”, “HttpOnly”, or “SameSite”). Any attempts to browse the application via unencrypted HTTP protocol would lead to the transmission of all his/her session cookies in plaintext through the network. An attacker could then be able to sniff the network and capture sensitive information. 2022-05-20 not yet calculated CVE-2022-24045
CONFIRM
skyoftech — so_listing_tabs
 
The Skyoftech So Listing Tabs module 2.2.0 for OpenCart allows a remote attacker to inject a serialized PHP object via the setting parameter, potentially resulting in the ability to write to files on the server, cause DoS, and achieve remote code execution because of deserialization of untrusted data. 2022-05-17 not yet calculated CVE-2022-24108
MISC
MISC
MISC
MISC
simatic — pcs_7
 
A vulnerability has been identified in SIMATIC PCS 7 V9.0 and earlier (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions), SIMATIC WinCC V7.4 and earlier (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 8). An authenticated attacker could escape the WinCC Kiosk Mode by opening the printer dialog in the affected application in case no printer is installed. 2022-05-20 not yet calculated CVE-2022-24287
CONFIRM
siemens — teamcenter
 
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions), Teamcenter V13.2 (All versions < V13.2.0.8), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions). The tcserver.exe binary in affected applications is vulnerable to a stack overflow condition during the parsing of user input that may lead the binary to crash. 2022-05-20 not yet calculated CVE-2022-24290
CONFIRM
fidelis_security — network_and_deception
 
Vulnerability in rconfig “date” enables an attacker with user level access to the CLI to inject root level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. 2022-05-17 not yet calculated CVE-2022-24388
CONFIRM
fidelis_security — network_and_deception
 
Vulnerability in rconfig “cert_utils” enables an attacker with user level access to the CLI to inject root level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. 2022-05-17 not yet calculated CVE-2022-24389
CONFIRM
fidelis_security — network_and_deception
 
Vulnerability in rconfig “remote_text_file” enables an attacker with user level access to the CLI to inject user level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. 2022-05-17 not yet calculated CVE-2022-24390
CONFIRM
fidelis_security — network_and_deception
 
Vulnerability in Fidelis Network and Deception CommandPost enables SQL injection through the web interface by an attacker with user level access. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. 2022-05-17 not yet calculated CVE-2022-24391
CONFIRM
fidelis_security — network_and_deception
 
Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command injection through the web interface using the “feed_comm_test” value for the “feed” parameter. The vulnerability could allow a specially crafted HTTP request to execute system commands on the CommandPost and return results in an HTTP response via an authenticated session. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. 2022-05-17 not yet calculated CVE-2022-24392
CONFIRM
fidelis_security — network_and_deception
 
Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command injection through the web interface using the “check_vertica_upgrade” value for the “cpIp” parameter. The vulnerability could allow a specially crafted HTTP request to execute system commands on the CommandPost and return results in an HTTP response via an authenticated session. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. 2022-05-17 not yet calculated CVE-2022-24393
CONFIRM
fidelis_security — network_and_deception
 
Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command injection through the web interface using the “update_checkfile” value for the “filename” parameter. The vulnerability could allow a specially crafted HTTP request to execute system commands on the CommandPost and return results in an HTTP response via an authenticated session. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. 2022-05-17 not yet calculated CVE-2022-24394
CONFIRM
openjs_foundation — nodejs This affects all versions of package dicer. A malicious attacker can send a modified form to server, and crash the nodejs service. An attacker could sent the payload again and again so that the service continuously crashes. 2022-05-20 not yet calculated CVE-2022-24434
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
silicon_labs — z-wavw_500
 
Denial of Service (DoS) in the Z-Wave S0 NonceGet protocol specification in Silicon Labs Z-Wave 500 series allows local attackers to block S0/S2 protected Z-Wave network via crafted S0 NonceGet Z-Wave packages, utilizing included but absent NodeIDs. 2022-05-17 not yet calculated CVE-2022-24611
MISC
MISC
openclinica — openclinica
 
OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known workarounds. This issue has been patched and users are recommended to upgrade. 2022-05-14 not yet calculated CVE-2022-24830
CONFIRM
MISC
openclinica — openclinica
 
OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). Versions prior to 3.16.1 are vulnerable to SQL injection due to the use of string concatenation to create SQL queries instead of prepared statements. No known workarounds exist. This issue has been patched in 3.16.1, 3.15.9, 3.14.1, and 3.13.1 and users are advised to upgrade. 2022-05-14 not yet calculated CVE-2022-24831
CONFIRM
MISC
flytorg — flyteconsole FlyteConsole is the web user interface for the Flyte platform. FlyteConsole prior to version 0.52.0 is vulnerable to server-side request forgery (SSRF) when FlyteConsole is open to the general internet. An attacker can exploit any user of a vulnerable instance to access the internal metadata server or other unauthenticated URLs. Passing of headers to an unauthorized actor may occur. The patch for this issue deletes the entire `cors_proxy`, as this is not required for console anymore. A patch is available in FlyteConsole version 0.52.0. Disable FlyteConsole availability on the internet as a workaround. 2022-05-17 not yet calculated CVE-2022-24856
CONFIRM
MISC
MISC
MISC
nextcloud — talk
 
Nextcloud Talk is a video and audio conferencing app for Nextcloud. In versions prior to 13.0.5 and 14.0.0, a call moderator can indirectly enable user webcams by granting permissions, if they were enabled before removing the permissions. A patch is available in versions 13.0.5 and 14.0.0. There are currently no known workarounds. 2022-05-17 not yet calculated CVE-2022-24890
MISC
CONFIRM
MISC
MISC
argo — argo_cd
 
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.7.0 and prior to versions 2.1.15m 2.2.9, and 2.3.4 is vulnerable to a symlink following bug allowing a malicious user with repository write access to leak sensitive files from Argo CD’s repo-server. A malicious Argo CD user with write access for a repository which is (or may be) used in a directory-type Application may commit a symlink which points to an out-of-bounds file. Sensitive files which could be leaked include manifest files from other Applications’ source repositories (potentially decrypted files, if you are using a decryption plugin) or any JSON-formatted secrets which have been mounted as files on the repo-server. A patch for this vulnerability has been released in Argo CD versions 2.3.4, 2.2.9, and 2.1.15. Users of versions 2.3.0 or above who do not have any Jsonnet/directory-type Applications may disable the Jsonnet/directory config management tool as a workaround. 2022-05-20 not yet calculated CVE-2022-24904
MISC
CONFIRM
MISC
MISC
argo — argo_cd
 
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was found in Argo CD prior to versions 2.3.4, 2.2.9, and 2.1.15 that allows an attacker to spoof error messages on the login screen when single sign on (SSO) is enabled. In order to exploit this vulnerability, an attacker would have to trick the victim to visit a specially crafted URL which contains the message to be displayed. As far as the research of the Argo CD team concluded, it is not possible to specify any active content (e.g. Javascript) or other HTML fragments (e.g. clickable links) in the spoofed message. A patch for this vulnerability has been released in Argo CD versions 2.3.4, 2.2.9, and 2.1.15. There are currently no known workarounds. 2022-05-20 not yet calculated CVE-2022-24905
CONFIRM
MISC
MISC
MISC
nextcloud — deck
 
Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. The full path of the application is exposed to unauthorized users. It is recommended that the Nextcloud Deck app is upgraded to 1.2.11, 1.4.6, or 1.5.4. There is no workaround available. 2022-05-20 not yet calculated CVE-2022-24906
MISC
CONFIRM
MISC
mitsubishi_electric — melsec_iq-f
 
Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS) versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS versions prior to 1.270 and Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS) versions prior to 1.030 allows a remote unauthenticated attacker to cause a DoS condition for the product’s program execution or communication by sending specially crafted packets. System reset of the product is required for recovery. 2022-05-18 not yet calculated CVE-2022-25161
MISC
MISC
mitsubishi_electric — melsec_iq-f
 
Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS) versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS versions prior to 1.270 and Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS) versions prior to 1.030 allows a remote unauthenticated attacker to cause a temporary DoS condition for the product’s communication by sending specially crafted packets. 2022-05-18 not yet calculated CVE-2022-25162
MISC
MISC
apache — tika
 
The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files. 2022-05-16 not yet calculated CVE-2022-25169
CONFIRM
MLIST
proton — proton
 
Proton v0.2.0 allows an attacker to create a malicious link inside a markdown file. When the victim clicks the link, the application opens the site in the current frame allowing an attacker to host JavaScript code in the malicious link in order to trigger an XSS attack. The ‘nodeIntegration’ configuration is set to on which allows the ‘webpage’ to use ‘NodeJs’ features, an attacker can leverage this to run OS commands. 2022-05-20 not yet calculated CVE-2022-25224
MISC
thinfinity — vnc
 
Thinfinity VNC v4.0.0.1 contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can trick a user into browse malicious site, to obtain an ‘ID’ that can be used to send websocket requests and achieve RCE. 2022-05-20 not yet calculated CVE-2022-25227
MISC
popcorn_software — popcorn_time
 
Popcorn Time 0.4.7 has a Stored XSS in the ‘Movies API Server(s)’ field via the ‘settings’ page. The ‘nodeIntegration’ configuration is set to on which allows the ‘webpage’ to use ‘NodeJs’ features, an attacker can leverage this to run OS commands. 2022-05-20 not yet calculated CVE-2022-25229
MISC
MISC
wordpress — code_snippets_plugin
 
Reflected Cross-Site Scripting (XSS) vulnerability in Code Snippets plugin <= 2.14.3 at WordPress via &orderby vulnerable parameter. 2022-05-18 not yet calculated CVE-2022-25617
CONFIRM
CONFIRM
open_source — multi-vendor_ online_groceries_management_system

 

Multi-Vendor Online Groceries Management System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /products/view_product.php. 2022-05-20 not yet calculated CVE-2022-26632
MISC
open_source — simple_student_quarterly_result/grade_system
 
Simple Student Quarterly Result/Grade System v1.0 was discovered to contain a SQL injection vulnerability via /sqgs/Actions.php. 2022-05-20 not yet calculated CVE-2022-26633
MISC
hma — vpn
 
HMA VPN v5.3.5913.0 contains an unquoted service path which allows attackers to escalate privileges to the system level. 2022-05-20 not yet calculated CVE-2022-26634
MISC
MISC
apache — shenyui
 
In Apache ShenYui, ShenYu-Bootstrap, RegexPredicateJudge.java uses Pattern.matches(conditionData.getParamValue(), realData) to make judgments, where both parameters are controllable by the user. This can cause an attacker pass in malicious regular expressions and characters causing a resource exhaustion. This issue affects Apache ShenYu (incubating) 2.4.0, 2.4.1 and 2.4.2 and is fixed in 2.4.3. 2022-05-17 not yet calculated CVE-2022-26650
CONFIRM
MLIST
private_internet_access — private_internet_access
 
Private Internet Access v3.3 contains an unquoted service path which allows attackers to escalate privileges to the system level. 2022-05-20 not yet calculated CVE-2022-27092
MISC
sony — playmemories
 
Sony PlayMemories Home v6.0 contains an unquoted service path which allows attackers to escalate privileges to the system level. 2022-05-20 not yet calculated CVE-2022-27094
MISC
battleye — battleye
 
BattlEye v0.9 contains an unquoted service path which allows attackers to escalate privileges to the system level. 2022-05-20 not yet calculated CVE-2022-27095
MISC
siemens — openv2g
 
A vulnerability has been identified in OpenV2G (V0.9.4). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption. 2022-05-20 not yet calculated CVE-2022-27242
CONFIRM
jvn — multiple_products
 
Cross-site request forgery (CSRF) vulnerability in Rebooter(WATCH BOOT nino RPC-M2C [End of Sale] all firmware versions, WATCH BOOT light RPC-M5C [End of Sale] all firmware versions, WATCH BOOT L-zero RPC-M4L [End of Sale] all firmware versions, WATCH BOOT mini RPC-M4H [End of Sale] all firmware versions, WATCH BOOT nino RPC-M2CS firmware version 1.00A to 1.00D, WATCH BOOT light RPC-M5CS firmware version 1.00A to 1.00D, WATCH BOOT L-zero RPC-M4LS firmware version 1.00A to 1.20A, and Signage Rebooter RPC-M4HSi firmware version 1.00A), PoE Rebooter(PoE BOOT nino PoE8M2 firmware version 1.00A to 1.20A), Scheduler(TIME BOOT mini RSC-MT4H [End of Sale] all firmware versions, TIME BOOT RSC-MT8F [End of Sale] all firmware versions, TIME BOOT RSC-MT8FP [End of Sale] all firmware versions, TIME BOOT mini RSC-MT4HS firmware version 1.00A to 1.10A, and TIME BOOT RSC-MT8FS firmware version 1.00A to 1.00E), and Contact Converter(POSE SE10-8A7B1 firmware version 1.00A to 1.20A) allows a remote attacker to hijack the authentication of an administrator and conduct arbitrary operations by having a user to view a specially crafted page. 2022-05-18 not yet calculated CVE-2022-27632
MISC
MISC
simatic — multiple_products
 
A vulnerability has been identified in SIMATIC CP 442-1 RNA (All versions < V1.5.18), SIMATIC CP 443-1 RNA (All versions < V1.5.18). The affected devices improperly handles excessive ARP broadcast requests. This could allow an attacker to create a denial of service condition by performing ARP storming attacks, which can cause the device to reboot. 2022-05-20 not yet calculated CVE-2022-27640
CONFIRM
siemens — simcenter_femap
 
A vulnerability has been identified in Simcenter Femap (All versions < V2022.2). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted .NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15594) 2022-05-20 not yet calculated CVE-2022-27653
CONFIRM
foxit_software — pdf_editor
 
Foxit PDF Editor v11.3.1 was discovered to contain an arbitrary file upload vulnerability. 2022-05-20 not yet calculated CVE-2022-28104
MISC
MISC
sourcecodester — online_sports_complex_booking_system
 
Online Sports Complex Booking System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /scbs/view_facility.php. 2022-05-20 not yet calculated CVE-2022-28105
MISC
sourcecodester — online_sports_complex_booking_system
 
Online Sports Complex Booking System v1.0 was discovered to allow attackers to take over user accounts via a crafted POST request. 2022-05-20 not yet calculated CVE-2022-28106
MISC
nvidia — gpu_display_driver
 
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components. 2022-05-17 not yet calculated CVE-2022-28181
MISC
nvidia — gpu_display_driver
 
NVIDIA GPU Display Driver for Windows contains a vulnerability in the DirectX11 user mode driver (nvwgf2um/x.dll), where an unauthorized attacker on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution to cause denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components. 2022-05-17 not yet calculated CVE-2022-28182
MISC
nvidia — gpu_display_driver
 
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause an out-of-bounds read, which may lead to denial of service and information disclosure. 2022-05-17 not yet calculated CVE-2022-28183
MISC
nvidia — gpu_display_driver
 
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an unprivileged regular user can access administrator- privileged registers, which may lead to denial of service, information disclosure, and data tampering. 2022-05-17 not yet calculated CVE-2022-28184
MISC
nvidia — gpu_display_driver
 
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the ECC layer, where an unprivileged regular user can cause an out-of-bounds write, which may lead to denial of service and data tampering. 2022-05-17 not yet calculated CVE-2022-28185
MISC
nvidia — gpu_display_driver
 
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the product receives input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly, which may lead to denial of service or data tampering. 2022-05-17 not yet calculated CVE-2022-28186
MISC
nvidia — gpu_display_driver
 
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where the memory management software does not release a resource after its effective lifetime has ended, which may lead to denial of service. 2022-05-17 not yet calculated CVE-2022-28187
MISC
nvidia — gpu_display_driver
 
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the product receives input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly, which may lead to denial of service. 2022-05-17 not yet calculated CVE-2022-28188
MISC
nvidia — gpu_display_driver
 
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a NULL pointer dereference may lead to a system crash. 2022-05-17 not yet calculated CVE-2022-28189
MISC
nvidia — gpu_display_driver
 
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where improper input validation can cause denial of service. 2022-05-17 not yet calculated CVE-2022-28190
MISC
nvidia — vgpu
 
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where uncontrolled resource consumption can be triggered by an unprivileged regular user, which may lead to denial of service. 2022-05-17 not yet calculated CVE-2022-28191
MISC
nvidia — vgpu
 
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where it may lead to a use-after-free, which in turn may cause denial of service. This attack is complex to carry out because the attacker needs to have control over freeing some host side resources out of sequence, which requires elevated privileges. 2022-05-17 not yet calculated CVE-2022-28192
MISC
arm — mali_gpu_kernel_driver
 
Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, Bifrost r0p0 through r36p0 before r37p0, and Valhall r19p0 through r36p0 before r37p0) allows improper GPU memory operations to reach a use-after-free situation. 2022-05-19 not yet calculated CVE-2022-28348
CONFIRM
MISC
arm — mali_gpu_kernel_driver
 
Arm Mali GPU Kernel Driver has a use-after-free: Midgard r28p0 through r29p0 before r30p0, Bifrost r17p0 through r23p0 before r24p0, and Valhall r19p0 through r23p0 before r24p0. 2022-05-19 not yet calculated CVE-2022-28349
CONFIRM
MISC
arm — mali_gpu_kernel_driver
 
Arm Mali GPU Kernel Driver allows improper GPU operations in Valhall r29p0 through r36p0 before r37p0 to reach a use-after-free situation. 2022-05-19 not yet calculated CVE-2022-28350
CONFIRM
MISC
sourcecodester — covid-19_directory_on_vaccination_system
 
Sourcecodester Covid-19 Directory on Vaccination System1.0 is vulnerable to SQL Injection via the admin/login.php txtusername (aka Username) field. 2022-05-20 not yet calculated CVE-2022-28531
MISC
MISC
hpe — oneview
 
A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. 2022-05-17 not yet calculated CVE-2022-28616
MISC
hpe — oneview
 
A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. 2022-05-17 not yet calculated CVE-2022-28617
MISC
hpe — nimble
 
A command injection security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays that could allow an attacker to execute arbitrary commands on a Nimble appliance. HPE has made the following software updates to resolve the vulnerability in HPE Nimble Storage: 5.0.10.100 or later, 5.2.1.0 or later, 6.0.0.100 or later. 2022-05-20 not yet calculated CVE-2022-28618
MISC
Grafana — enterprise_logs
 
The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not require authentication when X-Scope-OrgID is used. Versions 1.2.1, 1.3.1, and 1.4.0 contain the bugfix. This affects -auth.type=enterprise in microservices mode 2022-05-20 not yet calculated CVE-2022-28660
CONFIRM

meikyo_electric — multiple_products

Cross-site scripting vulnerability in Rebooter(WATCH BOOT nino RPC-M2C [End of Sale] all firmware versions, WATCH BOOT light RPC-M5C [End of Sale] all firmware versions, WATCH BOOT L-zero RPC-M4L [End of Sale] all firmware versions, WATCH BOOT mini RPC-M4H [End of Sale] all firmware versions, WATCH BOOT nino RPC-M2CS firmware version 1.00A to 1.00D, WATCH BOOT light RPC-M5CS firmware version 1.00A to 1.00D, WATCH BOOT L-zero RPC-M4LS firmware version 1.00A to 1.20A, and Signage Rebooter RPC-M4HSi firmware version 1.00A), PoE Rebooter(PoE BOOT nino PoE8M2 firmware version 1.00A to 1.20A), Scheduler(TIME BOOT mini RSC-MT4H [End of Sale] all firmware versions, TIME BOOT RSC-MT8F [End of Sale] all firmware versions, TIME BOOT RSC-MT8FP [End of Sale] all firmware versions, TIME BOOT mini RSC-MT4HS firmware version 1.00A to 1.10A, and TIME BOOT RSC-MT8FS firmware version 1.00A to 1.00E), and Contact Converter(POSE SE10-8A7B1 firmware version 1.00A to 1.20A) allows a remote attacker with the administrative privilege to inject an arbitrary script via unspecified vectors. 2022-05-18 not yet calculated CVE-2022-28717
MISC
MISC
tenda — ax12
 
Tenda AX12 v22.03.01.21_cn was discovered to contain a stack overflow via the lanIp parameter in /goform/AdvSetLanIp. 2022-05-18 not yet calculated CVE-2022-28917
MISC
blogengine — blogengine.net
 
A Cross-Site Request Forgery (CSRF) vulnerability discovered in BlogEngine.Net v3.3.8.0 allows unauthenticated attackers to read arbitrary files on the hosting web server. 2022-05-18 not yet calculated CVE-2022-28921
MISC
MISC
universis — universis-students
 
An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/. 2022-05-18 not yet calculated CVE-2022-28924
MISC
subconverter — subconverter A remote code execution (RCE) vulnerability in Subconverter v0.7.2 allows attackers to execute arbitrary code via crafted config and url parameters. 2022-05-19 not yet calculated CVE-2022-28927
MISC
MISC
hospital_management-system — hospital_management-system Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the delid parameter at viewtreatmentrecord.php. 2022-05-15 not yet calculated CVE-2022-28929
MISC
sage_software — erp-pro
 
ERP-Pro v3.7.5 was discovered to contain a SQL injection vulnerability via the component /base/SysEveMenuAuthPointMapper.xml.. 2022-05-15 not yet calculated CVE-2022-28930
MISC
fisco-bcos — fisco-bcos
 
FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node can trigger an integer overflow and cause a Denial of Service (DoS) via an unusually large viewchange message packet. 2022-05-15 not yet calculated CVE-2022-28936
MISC
fisco-bcos — fisco-bcos FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node, via an invalid proposal with an invalid header, will cause normal nodes to stop producing new blocks and processing new clients’ requests. 2022-05-15 not yet calculated CVE-2022-28937
MISC
open_policy_agent — opa
 
An issue in the component ast/parser.go of Open Policy Agent v0.39.0 causes the application to incorrectly interpret every expression, causing a Denial of Service (DoS) via triggering out-of-range memory access. 2022-05-19 not yet calculated CVE-2022-28946
MISC
go-yaml — yaml
 
An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input. 2022-05-19 not yet calculated CVE-2022-28948
MISC
d-link — dir816l_fw206b01
 
An access control issue in D-Link DIR816L_FW206b01 allows unauthenticated attackers to access folders folder_view.php and category_view.php. 2022-05-18 not yet calculated CVE-2022-28955
MISC
MISC
d-link — dir816l_fw206b01
 
An issue in the getcfg.php component of D-Link DIR816L_FW206b01 allows attackers to access the device via a crafted payload. 2022-05-18 not yet calculated CVE-2022-28956
MISC
MISC
d-link — dir816l_fw206b01
 
D-Link DIR816L_FW206b01 was discovered to contain a remote code execution (RCE) vulnerability via the value parameter at shareport.php. 2022-05-18 not yet calculated CVE-2022-28958
MISC
MISC
spip — spip_web_framework
 
Multiple cross-site scripting (XSS) vulnerabilities in the component /spip.php of Spip Web Framework v3.1.13 and below allows attackers to execute arbitrary web scripts or HTML. 2022-05-19 not yet calculated CVE-2022-28959
MISC
MISC
MISC
MISC
MISC
spip — spip
 
A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the _oups parameter at /ecrire. 2022-05-19 not yet calculated CVE-2022-28960
MISC
MISC
MISC
MISC
MISC
spip — spip_web_framework
 
Spip Web Framework v3.1.13 and below was discovered to contain multiple SQL injection vulnerabilities at /ecrire via the lier_trad and where parameters. 2022-05-19 not yet calculated CVE-2022-28961
MISC
MISC
MISC
MISC
MISC
packet_storm — online_sports_complex_booking_system
 
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=delete_client. 2022-05-19 not yet calculated CVE-2022-28962
MISC
MISC
avast — premium_security
 
An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file. 2022-05-20 not yet calculated CVE-2022-28964
MISC
MISC
avast — premium_security
 
Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file. 2022-05-20 not yet calculated CVE-2022-28965
MISC
MISC
orangehrm — orangehrm
 
A stored cross-site scripting (XSS) vulnerability in the addNewPost component of OrangeHRM v4.10.1 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. 2022-05-20 not yet calculated CVE-2022-28985
MISC
manageengine — adselfservice_plus
 
ManageEngine ADSelfService Plus v6.1 allows attackers to perform username enumeration via a crafted POST request to /ServletAPI/accounts/login. 2022-05-20 not yet calculated CVE-2022-28987
MISC
MISC
wasms — wasm3
 
WASM3 v0.5.0 was discovered to contain a heap overflow via the component /wabt/bin/poc.wasm. 2022-05-20 not yet calculated CVE-2022-28990
MISC
MISC
packet_storm — multi_store_inventory_management_system
 
Multi Store Inventory Management System v1.0 was discovered to contain an information disclosure vulnerability which allows attackers to access sensitive files. 2022-05-20 not yet calculated CVE-2022-28991
MISC
packet_storm — online_banquet_booking_system
 
A Cross-Site Request Forgery (CSRF) in Online Banquet Booking System v1.0 allows attackers to change admin credentials via a crafted POST request. 2022-05-20 not yet calculated CVE-2022-28992
MISC
packet_storm — multi_store_inventory_management_system
 
Multi Store Inventory Management System v1.0 allows attackers to perform an account takeover via a crafted POST request. 2022-05-20 not yet calculated CVE-2022-28993
MISC
yaml — regine
 
Rengine v1.0.2 was discovered to contain a remote code execution (RCE) vulnerability via the yaml configuration function. 2022-05-20 not yet calculated CVE-2022-28995
MISC
axiomatic-systems — bento4
 
Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x86_64/multiarch/strlen-avx2.S. 2022-05-16 not yet calculated CVE-2022-29017
MISC
openrazer — openrazer
 
A buffer overflow in the razerkbd driver of OpenRazer v3.3.0 and below allows attackers to cause a Denial of Service (DoS) via a crafted buffer sent to the matrix_custom_frame device. 2022-05-20 not yet calculated CVE-2022-29021
MISC
openrazer — openrazer

 

A buffer overflow in the razeraccessory driver of OpenRazer v3.3.0 and below allows attackers to cause a Denial of Service (DoS) via a crafted buffer sent to the matrix_custom_frame device. 2022-05-20 not yet calculated CVE-2022-29022
MISC
openrazer — openrazer

 

A buffer overflow in the razermouse driver of OpenRazer v3.3.0 and below allows attackers to cause a Denial of Service (DoS) via a crafted buffer sent to the matrix_custom_frame device. 2022-05-20 not yet calculated CVE-2022-29023
MISC
seimens — multiple_products A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Tiff_Loader.dll is vulnerable to infinite loop condition while parsing specially crafted TIFF files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. 2022-05-20 not yet calculated CVE-2022-29028
CONFIRM
seimens — multiple_products
 
A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. 2022-05-20 not yet calculated CVE-2022-29029
CONFIRM
seimens — multiple_products
 
A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Mono_Loader.dll library is vulnerable to integer overflow condition while parsing specially crafted TG4 files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. 2022-05-20 not yet calculated CVE-2022-29030
CONFIRM
seimens — multiple_products
 
A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. 2022-05-20 not yet calculated CVE-2022-29031
CONFIRM
seimens — multiple_products
 
A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library contains a double free vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process. 2022-05-20 not yet calculated CVE-2022-29032
CONFIRM
seimens — multiple_products A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library is vulnerable to uninitialized pointer free while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process. 2022-05-20 not yet calculated CVE-2022-29033
CONFIRM
nextcloud — nextcloud_deck
 
Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud. In versions prior to 1.4.8, 1.5.6, and 1.6.1, an authenticated user can move stacks with cards from their own board to a board of another user. The Nextcloud Deck app contains a patch for this issue in versions 1.4.8, 1.5.6, and 1.6.1. There are no known currently-known workarounds available. 2022-05-20 not yet calculated CVE-2022-29159
MISC
MISC
CONFIRM
nextcloud — nextcloud_android
 
Nextcloud Android is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.0, sensitive tokens, images, and user related details exist after deletion of a user account. This could result in misuse of the former account holder’s information. Nextcloud Android version 3.19.0 contains a patch for this issue. There are no known workarounds available. 2022-05-20 not yet calculated CVE-2022-29160
CONFIRM
MISC
MISC
open_containers — runc
 
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec –cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container’s bounding set. This bug has been fixed in runc 1.1.2. This fix changes `runc exec –cap` behavior such that the additional capabilities granted to the process being executed (as specified via `–cap` arguments) do not include inheritable capabilities. In addition, `runc spec` is changed to not set any inheritable capabilities in the created example OCI spec (`config.json`) file. 2022-05-17 not yet calculated CVE-2022-29162
MISC
MISC
CONFIRM
nextcloud — nextcloud_server
 
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 22.2.6 and 23.0.3, a user can create a link that is not password protected even if the administrator requires links to be password protected. Versions 22.2.6 and 23.0.3 contain a patch for this issue. There are currently no known workarounds. 2022-05-20 not yet calculated CVE-2022-29163
MISC
CONFIRM
MISC
MISC
argo — argo_cd
 
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A critical vulnerability has been discovered in Argo CD starting with version 1.4.0 and prior to versions 2.1.15, 2.2.9, and 2.3.4 which would allow unauthenticated users to impersonate as any Argo CD user or role, including the `admin` user, by sending a specifically crafted JSON Web Token (JWT) along with the request. In order for this vulnerability to be exploited, anonymous access to the Argo CD instance must have been enabled. In a default Argo CD installation, anonymous access is disabled. The vulnerability can be exploited to impersonate as any user or role, including the built-in `admin` account regardless of whether it is enabled or disabled. Also, the attacker does not need an account on the Argo CD instance in order to exploit this. If anonymous access to the instance is enabled, an attacker can escalate their privileges, effectively allowing them to gain the same privileges on the cluster as the Argo CD instance, which is cluster admin in a default installation. This will allow the attacker to create, manipulate and delete any resource on the cluster. They may also exfiltrate data by deploying malicious workloads with elevated privileges, thus bypassing any redaction of sensitive data otherwise enforced by the Argo CD API. A patch for this vulnerability has been released in Argo CD versions 2.3.4, 2.2.9, and 2.1.15. As a workaround, one may disable anonymous access, but upgrading to a patched version is preferable. 2022-05-20 not yet calculated CVE-2022-29165
MISC
CONFIRM
MISC
MISC
grafana — grafana_enterprise
 
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request security allow list is used and there is a possibility to add a custom datasource to Grafana which returns HTTP redirects. In this scenario, Grafana would blindly follow the redirects and potentially give secure information to the clients. Grafana Cloud is not impacted by this vulnerability. Versions 7.5.16 and 8.5.3 contain a patch for this issue. There are currently no known workarounds. 2022-05-20 not yet calculated CVE-2022-29170
CONFIRM
MISC
MISC
MISC
countly — countly_server
 
countly-server is the server-side part of Countly, a product analytics solution. Prior to versions 22.03.7 and 21.11.4, a malicious actor who knows an account email address/username and full name specified in the database is capable of guessing the password reset token. The actor may use this information to reset the password and take over the account. The problem has been patched in Countly Server version 22.03.7 for servers using the new user interface and in 21.11.4 for servers using the old user interface. 2022-05-17 not yet calculated CVE-2022-29174
MISC
CONFIRM
ethereum — go_ethereum
 
Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Version 1.10.17 contains a patch that addresses the problem. As a workaround, setting loglevel to default level (`INFO`) makes the node not vulnerable to this attack. 2022-05-20 not yet calculated CVE-2022-29177
CONFIRM
MISC
cilium — cilium
 
Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Cilium prior to versions 1.9.16, 1.10.11, and 1.11.15 contains an incorrect default permissions vulnerability. Operating Systems with users belonging to the group ID 1000 can access the API of Cilium via Unix domain socket available on the host where Cilium is running. This could allow malicious users to compromise integrity as well as system availability on that host. The problem has been fixed and the patch is available in versions 1.9.16, 1.10.11, and 1.11.5. A potential workaround is to modify Cilium’s DaemonSet to run with a certain command, which can be found in the GitHub Security Advisory for this vulnerability. 2022-05-20 not yet calculated CVE-2022-29178
MISC
MISC
MISC
CONFIRM
cilium — cilium
 
Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Prior to versions 1.9.16, 1.10.11, and 1.11.15, if an attacker is able to perform a container escape of a container running as root on a host where Cilium is installed, the attacker can escalate privileges to cluster admin by using Cilium’s Kubernetes service account. The problem has been fixed and the patch is available in versions 1.9.16, 1.10.11, and 1.11.5. There are no known workarounds available. 2022-05-20 not yet calculated CVE-2022-29179
MISC
MISC
MISC
CONFIRM
nokogirl — nokogirl
 
Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a `String` by calling `#to_s` or equivalent. 2022-05-20 not yet calculated CVE-2022-29181
MISC
CONFIRM
MISC
MISC
gocd — gocd
 
GoCD is a continuous delivery server. GoCD versions 19.11.0 through 21.4.0 (inclusive) are vulnerable to a Document Object Model (DOM)-based cross-site scripting attack via a pipeline run’s Stage Details > Graphs tab. It is possible for a malicious script on a attacker-hosted site to execute script that will run within the user’s browser context and GoCD session via abuse of a messaging channel used for communication between with the parent page and the stage details graph’s iframe. This could allow an attacker to steal a GoCD user’s session cookies and/or execute malicious code in the user’s context. This issue is fixed in GoCD 22.1.0. There are currently no known workarounds. 2022-05-20 not yet calculated CVE-2022-29182
MISC
MISC
CONFIRM
MISC
gocd — gocd
 
GoCD is a continuous delivery server. GoCD versions 20.2.0 until 21.4.0 are vulnerable to reflected cross-site scripting via abuse of the pipeline comparison function’s error handling to render arbitrary HTML into the returned page. This could allow an attacker to trick a victim into executing code which would allow the attacker to operate on, or gain control over the same resources as the victim had access to. This issue is fixed in GoCD 21.4.0. As a workaround, block access to `/go/compare/.*` prior to GoCD Server via a reverse proxy, web application firewall or equivalent, which would prevent use of the pipeline comparison function. 2022-05-20 not yet calculated CVE-2022-29183
CONFIRM
MISC
MISC
MISC
gocd — gocd
 
GoCD is a continuous delivery server. In GoCD versions prior to 22.1.0, it is possible for existing authenticated users who have permissions to edit or create pipeline materials or pipeline configuration repositories to get remote code execution capability on the GoCD server via configuring a malicious branch name which abuses Mercurial hooks/aliases to exploit a command injection weakness. An attacker would require access to an account with existing GoCD administration permissions to either create/edit (`hg`-based) configuration repositories; create/edit pipelines and their (`hg`-based) materials; or, where “pipelines-as-code” configuration repositories are used, to commit malicious configuration to such an external repository which will be automatically parsed into a pipeline configuration and (`hg`) material definition by the GoCD server. This issue is fixed in GoCD 22.1.0. As a workaround, users who do not use/rely upon Mercurial materials can uninstall/remove the `hg`/Mercurial binary from the underlying GoCD Server operating system or Docker image. 2022-05-20 not yet calculated CVE-2022-29184
MISC
MISC
MISC
CONFIRM
totp-rs — totp-rs
 
totp-rs is a Rust library that permits the creation of 2FA authentification tokens per time-based one-time password (TOTP). Prior to version 1.1.0, token comparison was not constant time, and could theorically be used to guess value of an TOTP token, and thus reuse it in the same time window. The attacker would have to know the password beforehand nonetheless. Starting with patched version 1.1.0, the library uses constant-time comparison. There are currently no known workarounds. 2022-05-20 not yet calculated CVE-2022-29185
CONFIRM
MISC
MISC
rundeck — rundeck
 
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Rundeck community and rundeck-enterprise docker images contained a pre-generated SSH keypair. If the id_rsa.pub public key of the keypair was copied to authorized_keys files on remote host, those hosts would allow access to anyone with the exposed private credentials. This misconfiguration only impacts Rundeck Docker instances of PagerDuty® Process Automation On Prem (formerly Rundeck) version 4.0 and earlier, not Debian, RPM or .WAR. Additionally, the id_rsa.pub file would have to be copied from the Docker image filesystem contents without overwriting it and used to configure SSH access on a host. A patch on Rundeck’s `main` branch has removed the pre-generated SSH key pair, but it does not remove exposed keys that have been configured. To patch, users must run a script on hosts in their environment to search for exposed keys and rotate them. Two workarounds are available: Do not use any pre-existing public key file from the rundeck docker images to allow SSH access by adding it to authorized_keys files and, if you have copied the public key file included in the docker image, remove it from any authorized_keys files. 2022-05-20 not yet calculated CVE-2022-29186
CONFIRM
MISC
smokescreen — smokescreen
 
Smokescreen is an HTTP proxy. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional (e.g., external) URLs by way of a deny list. There was an issue in Smokescreen that made it possible to bypass the deny list feature by surrounding the hostname with square brackets (e.g. `[example.com]`). This only impacted the HTTP proxy functionality of Smokescreen. HTTPS requests were not impacted. Smokescreen version 0.0.4 contains a patch for this issue. 2022-05-21 not yet calculated CVE-2022-29188
MISC
CONFIRM
pion — pion_dtls
 
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, a buffer that was used for inbound network traffic had no upper limit. Pion DTLS would buffer all network traffic from the remote user until the handshake completes or timed out. An attacker could exploit this to cause excessive memory usage. Version 2.1.4 contains a patch for this issue. There are currently no known workarounds available. 2022-05-21 not yet calculated CVE-2022-29189
MISC
CONFIRM
MISC
pion — pion_dtls
 
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, an attacker can send packets that sends Pion DTLS into an infinite loop when processing. Version 2.1.4 contains a patch for this issue. There are currently no known workarounds available. 2022-05-21 not yet calculated CVE-2022-29190
MISC
MISC
CONFIRM
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.GetSessionTensor` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29191
CONFIRM
MISC
MISC
MISC
MISC
MISC
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.QuantizeAndDequantizeV4Grad` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29192
MISC
MISC
MISC
MISC
MISC
MISC
CONFIRM
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.TensorSummaryV2` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29193
MISC
MISC
MISC
MISC
MISC
MISC
CONFIRM
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.DeleteSessionTensor` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29194
MISC
CONFIRM
MISC
MISC
MISC
MISC
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.StagePeek` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `index` is a scalar but there is no validation for this before accessing its value. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29195
CONFIRM
MISC
MISC
MISC
MISC
MISC
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.Conv3DBackpropFilterV2` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code does not validate that the `filter_sizes` argument is a vector. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29196
MISC
CONFIRM
MISC
MISC
MISC
MISC
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a scalar but there is no validation for this before accessing its value. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29197
CONFIRM
MISC
MISC
MISC
MISC
MISC
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SparseTensorToCSRSparseMatrix` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `dense_shape` is a vector and `indices` is a matrix (as part of requirements for sparse tensors) but there is no validation for this. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29198
MISC
CONFIRM
MISC
MISC
MISC
MISC
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.LoadAndRemapMatrix does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `initializing_values` is a vector but there is no validation for this before accessing its value. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29199
CONFIRM
MISC
MISC
MISC
MISC
MISC
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.LSTMBlockCell` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code does not validate the ranks of any of the arguments to this API call. This results in `CHECK`-failures when the elements of the tensor are accessed. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29200
MISC
MISC
MISC
MISC
MISC
CONFIRM
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.QuantizedConv2D` does not fully validate the input arguments. In this case, references get bound to `nullptr` for each argument that is empty. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29201
MISC
MISC
MISC
MISC
MISC
CONFIRM
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.ragged.constant` does not fully validate the input arguments. This results in a denial of service by consuming all available memory. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29202
MISC
CONFIRM
MISC
MISC
MISC
MISC
MISC
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SpaceToBatchND` (in all backends such as XLA and handwritten kernels) is vulnerable to an integer overflow: The result of this integer overflow is used to allocate the output tensor, hence we get a denial of service via a `CHECK`-failure (assertion failure), as in TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29203
CONFIRM
MISC
MISC
MISC
MISC
MISC
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29204
MISC
MISC
MISC
MISC
MISC
MISC
MISC
CONFIRM
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, there is a potential for segfault / denial of service in TensorFlow by calling `tf.compat.v1.*` ops which don’t yet have support for quantized types, which was added after migration to TensorFlow 2.x. In these scenarios, since the kernel is missing, a `nullptr` value is passed to `ParseDimensionValue` for the `py_value` argument. Then, this is dereferenced, resulting in segfault. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29205
CONFIRM
MISC
MISC
MISC
MISC
MISC
MISC
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SparseTensorDenseAdd` does not fully validate the input arguments. In this case, a reference gets bound to a `nullptr` during kernel execution. This is undefined behavior. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29206
CONFIRM
MISC
MISC
MISC
MISC
MISC
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid. In graph mode, it would have been impossible to perform these API calls, but migration to TF 2.x eager mode opened up this vulnerability. If the resource handle is empty, then a reference is bound to a null pointer inside TensorFlow codebase (various codepaths). This is undefined behavior. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29207
MISC
MISC
MISC
MISC
MISC
MISC
CONFIRM
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.EditDistance` has incomplete validation. Users can pass negative values to cause a segmentation fault based denial of service. In multiple places throughout the code, one may compute an index for a write operation. However, the existing validation only checks against the upper bound of the array. Hence, it is possible to write before the array by massaging the input to generate negative values for `loc`. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-20 not yet calculated CVE-2022-29208
MISC
MISC
MISC
MISC
MISC
CONFIRM
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the macros that TensorFlow uses for writing assertions (e.g., `CHECK_LT`, `CHECK_GT`, etc.) have an incorrect logic when comparing `size_t` and `int` values. Due to type conversion rules, several of the macros would trigger incorrectly. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-21 not yet calculated CVE-2022-29209
MISC
MISC
MISC
MISC
MISC
CONFIRM
MISC
MISC
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. In version 2.8.0, the `TensorKey` hash function used total estimated `AllocatedBytes()`, which (a) is an estimate per tensor, and (b) is a very poor hash function for constants (e.g. `int32_t`). It also tried to access individual tensor bytes through `tensor.data()` of size `AllocatedBytes()`. This led to ASAN failures because the `AllocatedBytes()` is an estimate of total bytes allocated by a tensor, including any pointed-to constructs (e.g. strings), and does not refer to contiguous bytes in the `.data()` buffer. The discoverers could not use this byte vector anyway because types such as `tstring` include pointers, whereas they needed to hash the string values themselves. This issue is patched in Tensorflow versions 2.9.0 and 2.8.1. 2022-05-21 not yet calculated CVE-2022-29210
MISC
CONFIRM
MISC
MISC
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.histogram_fixed_width` is vulnerable to a crash when the values array contain `Not a Number` (`NaN`) elements. The implementation assumes that all floating point operations are defined and then converts a floating point result to an integer index. If `values` contains `NaN` then the result of the division is still `NaN` and the cast to `int32` would result in a crash. This only occurs on the CPU implementation. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-21 not yet calculated CVE-2022-29211
MISC
CONFIRM
MISC
MISC
MISC
MISC
MISC
MISC
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, certain TFLite models that were created using TFLite model converter would crash when loaded in the TFLite interpreter. The culprit is that during quantization the scale of values could be greater than 1 but code was always assuming sub-unit scaling. Thus, since code was calling `QuantizeMultiplierSmallerThanOneExp`, the `TFLITE_CHECK_LT` assertion would trigger and abort the process. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-21 not yet calculated CVE-2022-29212
MISC
CONFIRM
MISC
MISC
MISC
MISC
MISC
MISC
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the `tf.compat.v1.signal.rfft2d` and `tf.compat.v1.signal.rfft3d` lack input validation and under certain condition can result in crashes (due to `CHECK`-failures). Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 2022-05-21 not yet calculated CVE-2022-29213
MISC
MISC
MISC
MISC
MISC
MISC
CONFIRM
MISC
nextauthjs — next-auth
 
NextAuth.js (next-auth) is am open source authentication solution for Next.js applications. Prior to versions 3.29.3 and 4.3.3, an open redirect vulnerability is present when the developer is implementing an OAuth 1 provider. Versions 3.29.3 and 4.3.3 contain a patch for this issue. The maintainers recommend adding a certain configuration to one’s `callbacks` option as a workaround for those unable to upgrade. 2022-05-21 not yet calculated CVE-2022-29214
MISC
CONFIRM
regionprotect — regionprotect RegionProtect is a plugin that allows users to manage certain events in certain regions of the world. Versions prior to 1.1.0 contain a YAML injection vulnerability that can cause an instant server crash if the passed arguments are not matched. Version 1.1.0 contains a patch for this issue. As a workaround, restrict operator permissions to untrusted people and avoid entering arguments likely to cause a crash. 2022-05-21 not yet calculated CVE-2022-29215
MISC
CONFIRM
tensorflow — tensorflow
 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow’s `saved_model_cli` tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reasons as the maintainers had several test cases where numpy expressions were used as arguments. However, given that the tool is always run manually, the impact of this is still not severe. The maintainers have now removed the `safe=False` argument, so all parsing is done without calling `eval`. The patch is available in versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4. 2022-05-21 not yet calculated CVE-2022-29216
MISC
MISC
MISC
MISC
MISC
MISC
MISC
CONFIRM
pion — pion_dtls
 
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn’t posses the private key for and Pion DTLS wouldn’t reject it. This issue affects users that are using Client certificates only. The connection itself is still secure. The Certificate provided by clients can’t be trusted when using a Pion DTLS server prior to version 2.1.5. Users should upgrade to version 2.1.5 to receive a patch. There are currently no known workarounds. 2022-05-21 not yet calculated CVE-2022-29222
MISC
MISC
CONFIRM
cass — cass
 
CaSS is a Competency and Skills System. CaSS Library, (npm:cassproject) has a missing cryptographic step when storing cryptographic keys that can allow a server administrator access to an account’s cryptographic keys. This affects CaSS servers using standalone username/password authentication, which uses a method that expects e2e cryptographic security of authorization credentials. The issue has been patched in 1.5.8, however, the vulnerable accounts are only resecured when the user next logs in using standalone authentication, as the data required to resecure the account is not available to the server. The issue may be mitigated by using SSO or client side certificates to log in. Please note that SSO and client side certificate authentication does not have this expectation of no-knowledge credential access, and cryptographic keys are available to the server administrator. 2022-05-18 not yet calculated CVE-2022-29229
MISC
CONFIRM
shopify — hydrogen
 
Hydrogen is a React-based framework for building dynamic, Shopify-powered custom storefronts. There is a potential Cross-Site Scripting (XSS) vulnerability where an arbitrary user is able to execute scripts on pages that are built with Hydrogen. This affects all versions of Hydrogen starting from version 0.10.0 to 0.18.0. This vulnerability is exploitable in applications whose hydrating data is user controlled. All Hydrogen users should upgrade their project to version 0.19.0. There is no current workaround, and users should update as soon as possible. Additionally, the Content Security Policy is not an effective mitigation for this vulnerability. 2022-05-18 not yet calculated CVE-2022-29230
MISC
CONFIRM
MISC
omline_sports_complex — online_sports_complex_booking_system
 
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /classes/master.php?f=delete_ Facility. 2022-05-19 not yet calculated CVE-2022-29304
MISC
minitool — partition_wizard
 
MiniTool Partition Wizard v12.0 contains an unquoted service path which allows attackers to escalate privileges to the system level. 2022-05-20 not yet calculated CVE-2022-29320
MISC
d-link — dir-825_ac1200_r2
 
D-LINK DIR-825 AC1200 R2 is vulnerable to Directory Traversal. An attacker could use the “../../../../” setting of the FTP server folder to set the router’s root folder for FTP access. This allows you to access the entire router file system via the FTP server. 2022-05-17 not yet calculated CVE-2022-29332
MISC
tiddlywiki5 — tiddlywiki5
 
An arbitrary file upload vulnerability in the file upload module of Tiddlywiki5 v5.2.2 allows attackers to execute arbitrary code via a crafted SVG file. 2022-05-16 not yet calculated CVE-2022-29351
MISC
MISC
MISC
MISC
graphql — graphql
 
An arbitrary file upload vulnerability in the file upload module of Graphql-upload v13.0.0 allows attackers to execute arbitrary code via a crafted filename. 2022-05-16 not yet calculated CVE-2022-29353
MISC
keystone — keystone
 
An arbitrary file upload vulnerability in the file upload module of Keystone v4.2.1 allows attackers to execute arbitrary code via a crafted file. 2022-05-16 not yet calculated CVE-2022-29354
MISC
wordpress — biplob_adhikari’s_image_hover_effecgts_ultimate_plugin
 
Authenticated (admin or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in Biplob Adhikari’s Image Hover Effects Ultimate plugin <= 9.7.1 at WordPress. 2022-05-20 not yet calculated CVE-2022-29424
CONFIRM
CONFIRM
wordpress — wp_wham’s_checkout_files_upload_for_woocommerce_plugin Cross-Site Scripting (XSS) vulnerability in WP Wham’s Checkout Files Upload for WooCommerce plugin <= 2.1.2 at WordPress. 2022-05-20 not yet calculated CVE-2022-29425
CONFIRM
CONFIRM
wordpress — 2j_slideshow_plugin Authenticated (contributor or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in 2J Slideshow Team’s Slideshow, Image Slider by 2J plugin <= 1.3.54 at WordPress. 2022-05-20 not yet calculated CVE-2022-29426
CONFIRM
CONFIRM
wordpress — aftab_muni’s_disable_right_click_for_wp_plugin Cross-Site Request Forgery (CSRF) vulnerability in Aftab Muni’s Disable Right Click For WP plugin <= 1.1.6 at WordPress. 2022-05-20 not yet calculated CVE-2022-29427
CONFIRM
CONFIRM
wordpress — muneeb’s_wp_slider_plugin Cross-Site Scripting (XSS) vulnerability in Muneeb’s WP Slider Plugin <= 1.4.5 at WordPress. 2022-05-20 not yet calculated CVE-2022-29428
CONFIRM
CONFIRM
wordpress — alexander_stokmann’s_code_snippets_extended_plugin
 
Remote Code Execution (RCE) in Alexander Stokmann’s Code Snippets Extended plugin <= 1.4.7 on WordPress via Cross-Site Request Forgery. 2022-05-17 not yet calculated CVE-2022-29429
CONFIRM
CONFIRM
wordpress — kubiq_png_to_jpg_plugin Cross-Site Scripting (XSS) vulnerability in KubiQ’s PNG to JPG plugin <= 4.0 at WordPress via Cross-Site Request Forgery (CSRF). Vulnerable parameter &jpg_quality. 2022-05-20 not yet calculated CVE-2022-29430
CONFIRM
CONFIRM
wordpress — kubiq_cpt_base_plugin
 
Cross-Site Request Forgery (CSRF) vulnerability in KubiQ CPT base plugin <= 5.8 at WordPress allows an attacker to delete the CPT base. 2022-05-20 not yet calculated CVE-2022-29431
CONFIRM
CONFIRM
wordpress — tms_plugins_wpdatatables_plugin
 
Multiple Authenticated (administrator or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in TMS-Plugins wpDataTables plugin <= 2.1.27 on WordPress via &data-link-text, &data-link-url, &data, &data-shortcode, &data-star-num vulnerable parameters. 2022-05-20 not yet calculated CVE-2022-29432
CONFIRM
CONFIRM
wordpress — spiffy_plugins_spiffy_calendar
 
Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar <= 4.9.0 at WordPress allows an attacker to edit or delete events. 2022-05-20 not yet calculated CVE-2022-29434
CONFIRM
CONFIRM
wordpress — alexander_stokmann’s_code_snippets_extended_plugin
 
Cross-Site Request Forgery (CSRF) vulnerability in Alexander Stokmann’s Code Snippets Extended plugin <= 1.4.7 on WordPress allows an attacker to delete or to turn on/off snippets. 2022-05-17 not yet calculated CVE-2022-29435
CONFIRM
CONFIRM
wordpress — alexander_stokmann’s_code_snippets_extended_plugin 
 
Persistent Cross-Site Scripting (XSS) vulnerability in Alexander Stokmann’s Code Snippets Extended plugin <= 1.4.7 on WordPress via Cross-Site Request Forgery (vulnerable parameters &title, &snippet_code). 2022-05-17 not yet calculated CVE-2022-29436
CONFIRM
CONFIRM
wordpress — wow-company’s_popup_box_plugin
 
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company’s Popup Box plugin <= 2.1.2 at WordPress. 2022-05-18 not yet calculated CVE-2022-29445
CONFIRM
CONFIRM
wordpress — wow-company’s_hover_effects_plugin
 
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company’s Counter Box plugin <= 1.1.1 at WordPress. 2022-05-19 not yet calculated CVE-2022-29446
CONFIRM
CONFIRM
wordpress — wow-company’s_hover_effects_plugin
 
Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company’s Hover Effects plugin <= 2.1 at WordPress. 2022-05-20 not yet calculated CVE-2022-29447
CONFIRM
CONFIRM
wordpress — wow-company’s_herd_effects_plugin Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company’s Herd Effects plugin <= 5.2 at WordPress. 2022-05-20 not yet calculated CVE-2022-29448
CONFIRM
CONFIRM
wordpress — opal_hotel_room_booking_plugin
 
Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Opal Hotel Room Booking plugin <= 1.2.7 at WordPress. 2022-05-19 not yet calculated CVE-2022-29449
CONFIRM
CONFIRM
fujitsu — multiple_products
 
The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, 1300, 2300, 2500, 2700), IPCOM EX SC(1100, 1300, 2300, 2500, 2700), and IPCOM EX NW(1100, 1300, 2300, 2500, 2700)) allows a remote attacker to execute an arbitrary OS command via unspecified vectors. 2022-05-18 not yet calculated CVE-2022-29516
MISC
MISC
koyo_electronics — multiple_products
 
Screen Creator Advance2, HMI GC-A2 series, and Real time remote monitoring and control tool Screen Creator Advance2 versions prior to Ver.0.1.1.3 Build01, HMI GC-A2 series(GC-A22W-CW, GC-A24W-C(W), GC-A26W-C(W), GC-A24, GC-A24-M, GC-A25, GC-A26, and GC-A26-J2), and Real time remote monitoring and control tool(Remote GC) allows a local attacker to bypass authentication due to the improper check for the Remote control setting’s account names. This may allow attacker who can access the HMI from Real time remote monitoring and control tool may perform arbitrary operations on the HMI. As a result, the information stored in the HMI may be disclosed, deleted or altered, and/or the equipment may be illegally operated via the HMI. 2022-05-18 not yet calculated CVE-2022-29518
MISC
MISC
net/sched — net/sched
 
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. 2022-05-17 not yet calculated CVE-2022-29581
MISC
MISC
MLIST
konica_minolta — bizhub_mfp
 
Konica Minolta bizhub MFP devices before 2022-04-14 allow a Sandbox Escape. An attacker must attach a keyboard to a USB port, press F12, and then escape from the kiosk mode. 2022-05-16 not yet calculated CVE-2022-29586
MISC
MISC
konica_minolta — bizhub_mfp
 
Konica Minolta bizhub MFP devices before 2022-04-14 have an internal Chromium browser that executes with root (aka superuser) access privileges. 2022-05-16 not yet calculated CVE-2022-29587
MISC
MISC
konica_minolta — bizhub_mfp
 
Konica Minolta bizhub MFP devices before 2022-04-14 use cleartext password storage for the /var/log/nginx/html/ADMINPASS and /etc/shadow files. 2022-05-16 not yet calculated CVE-2022-29588
MISC
MISC
formidable — formidable An arbitrary file upload vulnerability in formidable v3.1.4 allows attackers to execute arbitrary code via a crafted filename. 2022-05-16 not yet calculated CVE-2022-29622
MISC
connect-multiparty — connect-multiparty An arbitrary file upload vulnerability in the file upload module of Connect-Multiparty v2.2.0 allows attackers to execute arbitrary code via a crafted PDF file. 2022-05-16 not yet calculated CVE-2022-29623
MISC
totolink — a3100R
 
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the comment parameter in the function setIpQosRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. 2022-05-18 not yet calculated CVE-2022-29638
MISC
totolink — a3100R
 
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a command injection vulnerability via the magicid parameter in the function uci_cloudupdate_config. 2022-05-18 not yet calculated CVE-2022-29639
MISC
totolink — a3100R
 
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the comment parameter in the function setPortForwardRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. 2022-05-18 not yet calculated CVE-2022-29640
MISC
totolink — a3100R
 
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the startTime and endTime parameters in the function setParentalRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. 2022-05-18 not yet calculated CVE-2022-29641
MISC
MISC
totolink — a3100R
 
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the url parameter in the function setUrlFilterRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. 2022-05-18 not yet calculated CVE-2022-29642
MISC
totolink — a3100R
 
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the macAddress parameter in the function setMacQos. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. 2022-05-18 not yet calculated CVE-2022-29643
MISC
totolink — a3100R
 
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for the telnet service stored in the component /web_cste/cgi-bin/product.ini. 2022-05-18 not yet calculated CVE-2022-29644
MISC
totolink — a3100R
 
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for root stored in the component /etc/shadow.sample. 2022-05-18 not yet calculated CVE-2022-29645
MISC
totolink — a3100R
 
An access control issue in TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 allows attackers to obtain sensitive information via a crafted web request. 2022-05-18 not yet calculated CVE-2022-29646
MISC
packet_storm — online_sports_coplex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=save_client. 2022-05-19 not yet calculated CVE-2022-29652
MISC
MISC
siemen — teamcenter A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem. 2022-05-20 not yet calculated CVE-2022-29801
CONFIRM
siemens — multiple_products A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly validate parameters of POST requests. This could allow an authenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on the device. 2022-05-20 not yet calculated CVE-2022-29872
CONFIRM
siemens — multiple_products
 
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly validate parameters of certain GET and POST requests. This could allow an unauthenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on the device. 2022-05-20 not yet calculated CVE-2022-29873
CONFIRM
siemens — multiple_products
 
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not encrypt web traffic with clients but communicate in cleartext via HTTP. This could allow an unauthenticated attacker to capture the traffic and interfere with the functionality of the device. 2022-05-20 not yet calculated CVE-2022-29874
CONFIRM
siemens — multiple_products
 
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly handle the input of a GET request parameter. The provided argument is directly reflected in the web server response. This could allow an unauthenticated attacker to perform reflected XSS attacks. 2022-05-20 not yet calculated CVE-2022-29876
CONFIRM
siemens — multiple_products A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices allow unauthenticated access to the web interface configuration area. This could allow an attacker to extract internal configuration details or to reconfigure network settings. However, the reconfigured settings cannot be activated unless the role of an authenticated administrator user. 2022-05-20 not yet calculated CVE-2022-29877
CONFIRM
siemens — multiple_products
 
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device. 2022-05-20 not yet calculated CVE-2022-29878
CONFIRM
siemens — multiple_products A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). The web based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow authenticated users to access critical device information. 2022-05-20 not yet calculated CVE-2022-29879
CONFIRM
siemens — multiple_products A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly validate input in the configuration interface. This could allow an authenticated attacker to place persistent XSS attacks to perform arbitrary actions in the name of a logged user which accesses the affected views. 2022-05-20 not yet calculated CVE-2022-29880
CONFIRM
siemens — multiple_products A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). The web based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow unauthenticated users to extract internal configuration details. 2022-05-20 not yet calculated CVE-2022-29881
CONFIRM
siemens — multiple_products
 
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not handle uploaded files correctly. An unauthenticated attacker could take advantage of this situation to store an XSS attack, which could – when a legitimate user accesses the error logs – perform arbitrary actions in the name of the user. 2022-05-20 not yet calculated CVE-2022-29882
CONFIRM
siemens — multiple_products A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not restrict unauthenticated access to certain pages of the web interface. This could allow an attacker to delete log files without authentication. 2022-05-20 not yet calculated CVE-2022-29883
CONFIRM
gxcms — gxcms
 
GXCMS V1.5 has a file upload vulnerability in the background. The vulnerability is the template management page. You can edit any template content and then rename to PHP suffix file, after calling PHP file can control the server. 2022-05-17 not yet calculated CVE-2022-30007
MISC
hms — hms In HMS 1.0 when requesting appointment.php through POST, multiple parameters can lead to a SQL injection vulnerability. 2022-05-16 not yet calculated CVE-2022-30011
MISC
MISC
hms — hms
 
In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection. 2022-05-16 not yet calculated CVE-2022-30012
MISC
MISC
totaljs_cms — totaljs
 
A stored cross-site scripting (XSS) vulnerability in the upload function of totaljs CMS 3.4.5 allows attackers to execute arbitrary web scripts via a JavaScript embedded PDF file. 2022-05-16 not yet calculated CVE-2022-30013
MISC
MISC
mobotix — control_center_(mxcc)
 
Mobotix Control Center (MxCC) through 2.5.4.5 has Insufficiently Protected Credentials, Storing Passwords in a Recoverable Format via the MxCC.ini config file. The credential storage method in this software enables an attacker/user of the machine to gain admin access to the software and gain access to recordings/recording locations. 2022-05-19 not yet calculated CVE-2022-30018
MISC
tenda — tx9_pro
 
Tenda TX9 Pro V22.03.02.10 is vulnerable to Buffer Overflow via the functtion setIPv6Status() in httpd module. 2022-05-18 not yet calculated CVE-2022-30033
MISC
ezxml — ezxml
 
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap out-of-bounds read. 2022-05-17 not yet calculated CVE-2022-30045
MISC
rebuild — rebuild
 
A Server-Side Request Forgery (SSRF) in Rebuild v2.8.3 allows attackers to obtain the real IP address and scan Intranet information via the fileurl parameter. 2022-05-15 not yet calculated CVE-2022-30049
MISC
tenable — gnuboard
 
Gnuboard 5.55 and 5.56 is vulnerable to Cross Site Scripting (XSS) via bbs/member_confirm.php. 2022-05-16 not yet calculated CVE-2022-30050
MISC
home — clean_service_system
 
In Home Clean Service System 1.0, the password parameter is vulnerable to SQL injection attacks. 2022-05-17 not yet calculated CVE-2022-30052
MISC
tenable — toll_tax_management_system
 
In Toll Tax Management System 1.0, the id parameter appears to be vulnerable to SQL injection attacks. 2022-05-17 not yet calculated CVE-2022-30053
MISC
covid_19_travel_pass_management — covid_19_travel_pass_management
 
In Covid 19 Travel Pass Management 1.0, the code parameter is vulnerable to SQL injection attacks. 2022-05-17 not yet calculated CVE-2022-30054
MISC
packet_storm — prime95
 
Prime95 30.7 build 9 suffers from a Buffer Overflow vulnerability that could lead to Remote Code Execution. 2022-05-16 not yet calculated CVE-2022-30055
MISC
MISC
busybox – awk_applet
 
A use-after-free in Busybox 1.35-x’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. 2022-05-18 not yet calculated CVE-2022-30065
MISC
gnome — gimp
 
GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash. 2022-05-17 not yet calculated CVE-2022-30067
MISC
wbce_cms — wbce_cms
 
WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via adminpagessections_save.php namesection2 parameters. 2022-05-17 not yet calculated CVE-2022-30072
MISC
MISC
MISC
wbce_cms — wbce_cms

 

WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via /admin/users/save.php. 2022-05-17 not yet calculated CVE-2022-30073
MISC
MISC
belkin — n300_firmware
 
In Belkin N300 Firmware 1.00.08, the script located at /setting_hidden.asp, which is accessible before and after configuring the device, exhibits multiple remote command injection vulnerabilities. The following parameters in the [form name] form; [list vulnerable parameters], are not properly sanitized after being submitted to the web interface in a POST request. With specially crafted parameters, it is possible to inject a an OS command which will be executed with root privileges, as the web interface, and all processes on the device, run as root. 2022-05-18 not yet calculated CVE-2022-30105
MISC
jirafeau — jirafeau
 
The file preview functionality in Jirafeau < 4.4.0, which is enabled by default, could be exploited for cross site scripting. An attacker could upload image/svg+xml files containing JavaScript. When someone visits the File Preview URL for this file, the JavaScript inside of this image/svg+xml file will be executed in the users’ browser. 2022-05-17 not yet calculated CVE-2022-30110
MISC
caagearup — mck_smartlock Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers to unlock the mechanism via replay attacks. 2022-05-18 not yet calculated CVE-2022-30111
MISC
MISC
MISC
apache — tika
 
In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.2 and 2.4.0 2022-05-16 not yet calculated CVE-2022-30126
CONFIRM
MLIST
microsoft — windows-print_spooler_elevation_privilege_vulnerability
 
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29104, CVE-2022-29132. 2022-05-18 not yet calculated CVE-2022-30138
N/A
cx_security — chatbot
 
ChatBot Application with a Suggestion Feature 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /simple_chat_bot/admin/responses/view_response.php. 2022-05-20 not yet calculated CVE-2022-30518
MISC
MISC
trend_micro — password_manager_(consumer)
 
Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Privilege Escalation Vulnerability that could allow a low privileged local attacker to delete the contents of an arbitrary folder as SYSTEM which can then be used for privilege escalation on the affected machine. 2022-05-16 not yet calculated CVE-2022-30523
MISC
MISC
opc_foundation — ua_legacy_java_stack OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker to cause a server to stop processing messages by sending crafted messages that exhaust available resources. 2022-05-20 not yet calculated CVE-2022-30551
MISC
MISC
MISC
moodle — moodle
 
A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk. 2022-05-18 not yet calculated CVE-2022-30596
MISC
MISC
MISC
moodle — moodle
 
A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field. 2022-05-18 not yet calculated CVE-2022-30597
MISC
MISC
MISC
moodle — moodle
 
A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it. 2022-05-18 not yet calculated CVE-2022-30598
MISC
MISC
MISC
moodle — moodle
 
A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria. 2022-05-18 not yet calculated CVE-2022-30599
MISC
MISC
MISC
moodle — moodle
 
A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed. 2022-05-18 not yet calculated CVE-2022-30600
MISC
MISC
MISC
strapi — strapi
 
An authenticated user with access to the Strapi admin panel can view private and sensitive data, such as email and password reset tokens, for other admin panel users that have a relationship (e.g., created by, updated by) with content accessible to the authenticated user. For example, a low-privileged “author” role account can view these details in the JSON response for an “editor” or “super admin” that has updated one of the author’s blog posts. There are also many other scenarios where such details from other users can leak in the JSON response, either through a direct or indirect relationship. Access to this information enables a user to compromise other users’ accounts by successfully invoking the password reset workflow. In a worst-case scenario, a low-privileged user could get access to a “super admin” account with full control over the Strapi instance, and could read and modify any data as well as block access to both the admin panel and API by revoking privileges for all other users. 2022-05-19 not yet calculated CVE-2022-30617
MISC
strapi — strapi
 
An authenticated user with access to the Strapi admin panel can view private and sensitive data, such as email and password reset tokens, for API users if content types accessible to the authenticated user contain relationships to API users (from:users-permissions). There are many scenarios in which such details from API users can leak in the JSON response within the admin panel, either through a direct or indirect relationship. Access to this information enables a user to compromise these users’ accounts if the password reset API endpoints have been enabled. In a worst-case scenario, a low-privileged user could get access to a high-privileged API account, and could read and modify any data as well as block access to both the admin panel and API by revoking privileges for all other users. 2022-05-19 not yet calculated CVE-2022-30618
MISC
needrestart — needrestart
 
needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files. 2022-05-17 not yet calculated CVE-2022-30688
MISC
MISC
MISC
MISC
MLIST
DEBIAN
MLIST
hashicorp — multiple_products
 
HashiCorp Vault and Vault Enterprise from 1.10.0 to 1.10.2 did not correctly configure and enforce MFA on login after server restarts. This affects the Login MFA feature introduced in Vault and Vault Enterprise 1.10.0 and does not affect the separate Enterprise MFA feature set. Fixed in 1.10.3. 2022-05-17 not yet calculated CVE-2022-30689
MISC
acronis — snap_deploy_(windows)
 
Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Snap Deploy (Windows) before build 3640 2022-05-16 not yet calculated CVE-2022-30695
MISC
acronis — snap_deploy_(windows) Local privilege escalation due to a DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 3640 2022-05-16 not yet calculated CVE-2022-30696
MISC
acronis — snap_deploy_(windows) Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 3640 2022-05-16 not yet calculated CVE-2022-30697
MISC
webmin — webmin
 
Webmin through 1.991, when the Authentic theme is used, allows remote code execution when a user has been manually created (i.e., not created in Virtualmin or Cloudmin). This occurs because settings-editor_write.cgi does not properly restrict the file parameter. 2022-05-15 not yet calculated CVE-2022-30708
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
janet-lang — janet
 
Janet before 1.22.0 mishandles arrays. 2022-05-16 not yet calculated CVE-2022-30763
MISC
MISC
calibre-web — calibre-web
 
Calibre-Web before 0.6.18 allows user table SQL Injection. 2022-05-16 not yet calculated CVE-2022-30765
MISC
MISC
uboot — uboot
 
nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196. 2022-05-16 not yet calculated CVE-2022-30767
MISC
MISC
MISC
terminalfour — terminalfour
 
Terminalfour before 8.3.8 allows XSS, aka RDSM-31817. 8.2.18.2.1 and 8.2.18.5 are also fixed versions. 2022-05-16 not yet calculated CVE-2022-30770
MISC
MISC
MISC
pdfreader — xpdf xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by (for example) sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKE_CXX_COMPILER=afl-clang-fast++ option. 2022-05-16 not yet calculated CVE-2022-30775
MISC
atmail — atmail
 
atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter. 2022-05-16 not yet calculated CVE-2022-30776
MISC
MISC
Parallels — h-sphere
 
Parallels H-Sphere 3.6.1713 allows XSS via the index_en.php from parameter. 2022-05-16 not yet calculated CVE-2022-30777
MISC
MISC
laveral — laravel
 
Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution via an unserialize pop chain in __destruct in IlluminateBroadcastingPendingBroadcast.php and dispatch($command) in IlluminateBusQueueingDispatcher.php. 2022-05-16 not yet calculated CVE-2022-30778
MISC
laveral — laravel
 
Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution via an unserialize pop chain in __destruct in GuzzleHttpCookieFileCookieJar.php. 2022-05-16 not yet calculated CVE-2022-30779
MISC
gitea — gitea
 
Gitea before 1.16.7 does not escape git fetch remote. 2022-05-16 not yet calculated CVE-2022-30781
MISC
MISC
MISC
openmoney — openmoney
 
Openmoney API through 2020-06-29 uses the JavaScript Math.random function, which does not provide cryptographically secure random numbers. 2022-05-16 not yet calculated CVE-2022-30782
MISC
MISC
packet_storm — school_dormitory_management_system School Dormitory Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /dms/admin/reports/daily_collection_report.php. 2022-05-20 not yet calculated CVE-2022-30886
MISC
packet_storm — pharmacy_management_system
 
Pharmacy Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file. 2022-05-20 not yet calculated CVE-2022-30887
MISC
jenkins — groovy_plugin
 
Jenkins Pipeline: Groovy Plugin 2689.v434009a_31b_f1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in sandboxed pipelines. 2022-05-17 not yet calculated CVE-2022-30945
CONFIRM
MLIST
jenkins — script_security_plugin
 
A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver. 2022-05-17 not yet calculated CVE-2022-30946
MLIST
CONFIRM
jjenkins — git_plugin
 
Jenkins Git Plugin 4.11.1 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller’s file system using local paths as SCM URLs, obtaining limited information about other projects’ SCM contents. 2022-05-17 not yet calculated CVE-2022-30947
MLIST
CONFIRM
jenkins — mercurial_plugin
 
Jenkins Mercurial Plugin 2.16 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller’s file system using local paths as SCM URLs, obtaining limited information about other projects’ SCM contents. 2022-05-17 not yet calculated CVE-2022-30948
MLIST
CONFIRM
jenkins — repo_plugin
 
Jenkins REPO Plugin 1.14.0 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller’s file system using local paths as SCM URLs, obtaining limited information about other projects’ SCM contents. 2022-05-17 not yet calculated CVE-2022-30949
MLIST
CONFIRM
jenkins — wmi_windows_agents_plugin
 
Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library which has a buffer overflow vulnerability that may allow users able to connect to a named pipe to execute commands on the Windows agent machine. 2022-05-17 not yet calculated CVE-2022-30950
MLIST
CONFIRM
jenkins — wmi_windows_agents_plugin
 
Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library does not implement access control, potentially allowing users to start processes even if they’re not allowed to log in. 2022-05-17 not yet calculated CVE-2022-30951
MLIST
CONFIRM
jenkins — pipeline_scm_api_for_blue_ocean_plugin
 
Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allows attackers with Job/Configure permission to access credentials with attacker-specified IDs stored in the private per-user credentials stores of any attacker-specified user in Jenkins. 2022-05-17 not yet calculated CVE-2022-30952
MLIST
CONFIRM
jenkins — blue_ocean_plugin
 
A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server. 2022-05-17 not yet calculated CVE-2022-30953
MLIST
CONFIRM
jenkins — blue_ocean_plugin
 
Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server. 2022-05-17 not yet calculated CVE-2022-30954
MLIST
CONFIRM
jenkins — gitlab_plugin
 
Jenkins GitLab Plugin 1.5.31 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. 2022-05-17 not yet calculated CVE-2022-30955
CONFIRM
jenkins — rundeck_plugin
 
Jenkins Rundeck Plugin 3.6.10 and earlier does not restrict URL schemes in Rundeck webhook submissions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to submit crafted Rundeck webhook payloads. 2022-05-17 not yet calculated CVE-2022-30956
CONFIRM
jenkins — ssh_plugin
 
A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. 2022-05-17 not yet calculated CVE-2022-30957
MLIST
CONFIRM
jenkins — ssh_plugin
 
A cross-site request forgery (CSRF) vulnerability in Jenkins SSH Plugin 2.6.1 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 2022-05-17 not yet calculated CVE-2022-30958
CONFIRM
jenkins — ssh_plugin
 
A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 2022-05-17 not yet calculated CVE-2022-30959
CONFIRM
jenkins — application_detector_plugin
 
Jenkins Application Detector Plugin 1.0.8 and earlier does not escape the name of Chois Application Version parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-05-17 not yet calculated CVE-2022-30960
CONFIRM
jenkins — autocomplete_parameter_plugin
 
Jenkins Autocomplete Parameter Plugin 1.1 and earlier does not escape the name of Dropdown Autocomplete and Auto Complete String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-05-17 not yet calculated CVE-2022-30961
CONFIRM
jenkins — global_variable_string_parameter_plugin Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-05-17 not yet calculated CVE-2022-30962
CONFIRM
jenkins — jdk_parameter_plugin
 
Jenkins JDK Parameter Plugin 1.0 and earlier does not escape the name and description of JDK parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-05-17 not yet calculated CVE-2022-30963
CONFIRM
jenkins — multiselect_parameter_plugin
 
Jenkins Multiselect parameter Plugin 1.3 and earlier does not escape the name and description of Multiselect parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-05-17 not yet calculated CVE-2022-30964
CONFIRM
jenkins — promoted_builds_(simple)_plugin
 
Jenkins Promoted Builds (Simple) Plugin 1.9 and earlier does not escape the name and description of Promotion Level parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-05-17 not yet calculated CVE-2022-30965
CONFIRM
jenkins — random_string_parameter
 
Jenkins Random String Parameter Plugin 1.0 and earlier does not escape the name and description of Random String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-05-17 not yet calculated CVE-2022-30966
CONFIRM
jenkins — selection_tasks_plugin
 
Jenkins Selection tasks Plugin 1.0 and earlier does not escape the name and description of Script Selection task variable parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-05-17 not yet calculated CVE-2022-30967
CONFIRM
jenkins — vboxwrapper_plugin
 
Jenkins vboxwrapper Plugin 1.3 and earlier does not escape the name and description of VBox node parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-05-17 not yet calculated CVE-2022-30968
CONFIRM
jenkins — autocomplete_paraeter_plugin
 
A cross-site request forgery (CSRF) vulnerability in Jenkins Autocomplete Parameter Plugin 1.1 and earlier allows attackers to execute arbitrary code without sandbox protection if the victim is an administrator. 2022-05-17 not yet calculated CVE-2022-30969
CONFIRM
jenkins — autocomplete_paraeter_plugin
 
Jenkins Autocomplete Parameter Plugin 1.1 and earlier references Dropdown Autocomplete parameter and Auto Complete String parameter names in an unsafe manner from Javascript embedded in view definitions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-05-17 not yet calculated CVE-2022-30970
CONFIRM
jenkins — storale_configs_plugin
 
Jenkins Storable Configs Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. 2022-05-17 not yet calculated CVE-2022-30971
CONFIRM
jenkins — storale_configs_plugin
 
A cross-site request forgery (CSRF) vulnerability in Jenkins Storable Configs Plugin 1.0 and earlier allows attackers to have Jenkins parse a local XML file (e.g., archived artifacts) that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery. 2022-05-17 not yet calculated CVE-2022-30972
CONFIRM
artifex — mujs compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413. 2022-05-18 not yet calculated CVE-2022-30974
MISC
artifex — mujs In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp. 2022-05-18 not yet calculated CVE-2022-30975
MISC
gpac — gpac
 
GPAC 2.0.0 misuses a certain Unicode utf8_wcslen (renamed gf_utf8_wcslen) function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box. 2022-05-18 not yet calculated CVE-2022-30976
MISC
MISC
MISC
acronis — multiple_products Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Linux) before build 29240, Acronis Agent (Linux) before build 28037 2022-05-18 not yet calculated CVE-2022-30990
MISC
acronis — multiple_products
 
HTML injection via report name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240 2022-05-18 not yet calculated CVE-2022-30991
MISC
acronis — multiple_products Open redirect via user-controlled query parameter. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240 2022-05-18 not yet calculated CVE-2022-30992
MISC
acronis — multiple_products Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240 2022-05-18 not yet calculated CVE-2022-30993
MISC
acronis — acronis_cyber_protect_15_(windows) Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 29240 2022-05-18 not yet calculated CVE-2022-30994
MISC
goverlan — multiple_products
 
In certain Goverlan products, the Windows Firewall is temporarily turned off upon a Goverlan agent update operation. This allows remote attackers to bypass firewall blocking rules for a time period of up to 30 seconds. This affects Goverlan Reach Console before 10.5.1, Reach Server before 3.70.1, and Reach Client Agents before 10.1.11. 2022-05-20 not yet calculated CVE-2022-31215
MISC
MISC
mailcow — mailcow
 
mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the –debug option in conjunction with the —PIPEMESS option in Sync Jobs. 2022-05-20 not yet calculated CVE-2022-31245
MISC
MISC
checkmk — checkmk In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can escalate to root by editing an OMD hook symlink. 2022-05-20 not yet calculated CVE-2022-31258
MISC
MISC
beego — beego
 
The route lookup process in beego through 1.12.4 and 2.x through 2.0.2 allows attackers to bypass access control. When a /p1/p2/:name route is configured, attackers can access it by appending .xml in various places (e.g., p1.xml instead of p1). 2022-05-21 not yet calculated CVE-2022-31259
MISC
MISC
MISC
solana — solana_rbpf
 
Solana solana_rbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program. 2022-05-21 not yet calculated CVE-2022-31264
MISC
MISC
gitblit — gitblit
 
Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext ‘attacker@example.comntrole = “#admin”‘ value. 2022-05-21 not yet calculated CVE-2022-31267
MISC
MISC
gitblit — gitblit
 
A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ (e.g., followed by a WEB-INF or META-INF pathname). 2022-05-21 not yet calculated CVE-2022-31268
MISC

Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Vulnerability Summary for the Week of February 14, 2022

02/21/2022 09:20 AM EST

Original release date: February 21, 2022

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
accel-ppp — accel-ppp The rad_packet_recv function in opt/src/accel-pppd/radius/packet.c suffers from a buffer overflow vulnerability, whereby user input len is copied into a fixed buffer &attr->val.integer without any bound checks. If the client connects to the server and sends a large radius packet, a buffer overflow vulnerability will be triggered. 2022-02-14 7.5 CVE-2022-24704
MISC
accel-ppp — accel-ppp The rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability. 2022-02-14 7.5 CVE-2022-24705
MISC
apache — apisix An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX’s data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed. 2022-02-11 7.5 CVE-2022-24112
MISC
MLIST
apache — cassandra When running Apache Cassandra with the following configuration: enable_user_defined_functions: true enable_scripted_user_defined_functions: true enable_user_defined_functions_threads: false it is possible for an attacker to execute arbitrary code on the host. The attacker would need to have enough permissions to create user defined functions in the cluster to be able to exploit this. Note that this configuration is documented as unsafe, and will continue to be considered unsafe after this CVE. 2022-02-11 8.5 CVE-2021-44521
MISC
MLIST
MISC
broadcom — xcom_data_transport XCOM Data Transport for Windows, Linux, and UNIX 11.6 releases contain a vulnerability due to insufficient input validation that could potentially allow remote attackers to execute arbitrary commands with elevated privileges. 2022-02-14 10 CVE-2022-23992
MISC
dairy_farm_shop_management_system_project — dairy_farm_shop_management_system Dairy Farm Shop Management System v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised. 2022-02-11 7.5 CVE-2020-36062
MISC
MISC
MISC
drupal — drupal Drupal’s JSON:API and REST/File modules allow file uploads through their HTTP APIs. The modules do not correctly run all file validation, which causes an access bypass vulnerability. An attacker might be able to upload files that bypass the file validation process implemented by modules on the site. 2022-02-11 7.5 CVE-2020-13675
CONFIRM
foxit — pdf_reader Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have a Stack-Based Buffer Overflow related to XFA, for the ‘subform colSpan=”-2″‘ and ‘draw colSpan=”1″‘ substrings. 2022-02-11 7.5 CVE-2022-24954
MISC
MISC
foxit — pdf_reader Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have an Uncontrolled Search Path Element for DLL files. 2022-02-11 7.5 CVE-2022-24955
MISC
golang — go Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. 2022-02-11 7.8 CVE-2022-23772
MISC
google — android In onActivityViewReady of DetailDialog.kt, there is a possible Intent Redirect due to a confused deputy. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-193445603 2022-02-11 7.2 CVE-2021-39668
MISC
google — android In fastboot, there is a possible secure boot bypass due to a configuration error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android SoC Android ID: A-202018701 2022-02-11 7.2 CVE-2021-39672
MISC
google — android In openFileAndEnforcePathPermissionsHelper of MediaProvider.java, there is a possible bypass of a permissions check due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-200682135 2022-02-11 7.2 CVE-2021-39663
MISC
google — android In btm_sec_connected and btm_sec_disconnected of btm_sec.cc file , there is a possible use after free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-201083442 2022-02-11 7.2 CVE-2021-39674
MISC
google — android In checkUriPermission of MediaProvider.java , there is a possible way to gain access to the content of media provider collections due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-197302116 2022-02-11 7.2 CVE-2021-39662
MISC
google — android In updatePackageMappingsData of UsageStatsService.java, there is a possible way to bypass security and privacy settings of app usage due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-197399948 2022-02-11 7.2 CVE-2021-39619
MISC
google — android In writeThrowable of AndroidFuture.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-197228210 2022-02-11 7.2 CVE-2021-39676
MISC
google — android Summary:Product: AndroidVersions: Android SoCAndroid ID: A-204686438 2022-02-11 10 CVE-2021-39616
MISC
google — android An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. 2022-02-11 7.2 CVE-2022-23428
MISC
google — android In GKI_getbuf of gki_buffer.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-205729183 2022-02-11 10 CVE-2021-39675
MISC
google — android ismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms system service?but it does not check the permissions of the caller?resulting in permission leaks?Third-party apps can use this service to arbitrarily modify and set system properties?Product: AndroidVersions: Android SoCAndroid ID: A-207479207 2022-02-11 10 CVE-2021-39658
MISC
google — android Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station. 2022-02-11 7.5 CVE-2022-23425
MISC
google — android ims_ex is a vendor system service used to manage VoLTE in unisoc devices?But it does not verify the caller’s permissions?so that normal apps (No phone permissions) can obtain some VoLTE sensitive information and manage VoLTE calls.Product: AndroidVersions: Android SoCAndroid ID: A-206492634 2022-02-11 9.4 CVE-2021-39635
MISC
microweber — microweber OS Command Injection in Packagist microweber/microweber prior to 1.2.11. 2022-02-11 9.3 CVE-2022-0557
CONFIRM
MISC
mitsubishielectric — cw_configurator Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an attacker to execute arbitrary code. 2022-02-11 7.5 CVE-2020-14523
MISC
MISC
MISC
nokia — bts_trs_web_console Nokia BTS TRS web console FTM_W20_FP2_2019.08.16_0010 allows Authentication Bypass. A malicious unauthenticated user can get access to all the functionalities exposed via the web panel, circumventing the authentication process, by using URL encoding for the . (dot) character. 2022-02-11 7.5 CVE-2021-31932
MISC
portainer — portainer In Portainer Agent before 2.11.1, an API server can continue running even if not associated with a Portainer instance in the past few days. 2022-02-11 7.5 CVE-2022-24961
MISC
MISC
MISC
MISC
qualcomm — apq8009w_firmware Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-02-11 7.2 CVE-2021-30323
CONFIRM
qualcomm — apq8096au_firmware Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2022-02-11 7.2 CVE-2021-35069
CONFIRM
qualcomm — aqt1000_firmware Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2022-02-11 7.2 CVE-2021-30317
CONFIRM
qualcomm — aqt1000_firmware Possible out of bounds write due to improper validation of number of GPIOs configured in an internal parameters array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile 2022-02-11 7.2 CVE-2021-30322
CONFIRM
qualcomm — ar8035_firmware Possible integer overflow due to improper fragment datatype while calculating number of fragments in a request message in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-02-11 7.2 CVE-2021-35074
CONFIRM
qualcomm — ar8035_firmware Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-02-11 7.2 CVE-2021-35077
CONFIRM
qualcomm — ar8035_firmware Possible null pointer dereference due to lack of WDOG structure validation during registration in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-02-11 7.2 CVE-2021-35075
CONFIRM
radare — radare2 Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. 2022-02-16 7.5 CVE-2022-0559
MISC
CONFIRM
schneider-electric — interactive_graphical_scada_system_data_collector A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead to remote code execution through a number of paths, when an attacker, writes arbitrary files to folders in context of the DC module, by sending constructed messages on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior) 2022-02-11 7.5 CVE-2021-22803
MISC
schneider-electric — interactive_graphical_scada_system_data_collector A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a constructed message is received on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior) 2022-02-11 7.5 CVE-2021-22802
MISC
snowsoftware — snow_inventory_java_scanner A vulnerability in Snow Inventory Java Scanner allows an attacker to run malicious code at a higher level of privileges. This issue affects: SNOW Snow Inventory Java Scanner 1.0 2022-02-16 7.2 CVE-2021-4106
MISC
tongda2000 — tongda_oa Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal/get_seal.php via the DEVICE_LIST parameter. 2022-02-14 7.5 CVE-2022-24206
MISC
tongda2000 — tongda_oa Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via the d_name parameter. 2022-02-14 7.5 CVE-2022-23902
MISC
tsg-solutions — tokheim_profleet_dialog Tokheim Profleet DiaLOG 11.005.02 is affected by SQL Injection. The component is the Field__UserLogin parameter on the logon page. 2022-02-11 10 CVE-2021-34235
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
10web — spidercalendar The SpiderCalendar WordPress plugin through 1.5.65 does not sanitise and escape the callback parameter before outputting it back in the page via the window AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue. 2022-02-14 4.3 CVE-2022-0212
MISC
apache — cayenne Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne’s optional Remote Object Persistence (ROP) feature is a web services-based technology that provides object persistence and query functionality to ‘remote’ applications. In Apache Cayenne 4.1 and earlier, running on non-current patch versions of Java, an attacker with client access to Cayenne ROP can transmit a malicious payload to any vulnerable third-party dependency on the server. This can result in arbitrary code execution. 2022-02-11 6.5 CVE-2022-24289
MISC
MLIST
appneta — tcpreplay tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c. 2022-02-11 4.3 CVE-2021-45387
MISC
appneta — tcpreplay tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c 2022-02-11 4.3 CVE-2021-45386
MISC
drupal — drupal The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module (which comes with the Standard profile) is installed. 2022-02-11 4 CVE-2020-13676
CONFIRM
drupal — drupal Under some circumstances, the Drupal core JSON:API module does not properly restrict access to certain content, which may result in unintended access bypass. Sites that do not have the JSON:API module enabled are not affected. 2022-02-11 4.3 CVE-2020-13677
CONFIRM
drupal — drupal The QuickEdit module does not properly validate access to routes, which could allow cross-site request forgery under some circumstances and lead to possible data integrity issues. Sites are only affected if the QuickEdit module (which comes with the Standard profile) is installed. Removing the “access in-place editing” permission from untrusted users will not fully mitigate the vulnerability. 2022-02-11 4.3 CVE-2020-13674
CONFIRM
drupal — drupal Cross-site Scripting (XSS) vulnerability in ckeditor of Drupal Core allows attacker to inject XSS. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10.; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6. 2022-02-11 4.3 CVE-2020-13669
CONFIRM
fastify — fastify-multipart This affects the package fastify-multipart before 5.3.1. By providing a name=constructor property it is still possible to crash the application. **Note:** This is a bypass of CVE-2020-8136 (security.snyk.io/vuln/SNYK-JS-FASTIFYMULTIPART-1290382). 2022-02-11 5 CVE-2021-23597
CONFIRM
CONFIRM
CONFIRM
ffjpeg_project — ffjpeg A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 (2021-12-06) in bmp_load(). When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to `pb->pdata` and did not exit the program. So the program crashes when it tries to access the pb->data, in jfif_encode() at jfif.c:763. This is due to the incomplete patch for CVE-2020-13438. 2022-02-11 4.3 CVE-2021-45385
MISC
MISC
golang — go Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element. 2022-02-11 6.4 CVE-2022-23806
MISC
golang — go cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags. 2022-02-11 5 CVE-2022-23773
MISC
google — android Unprotected dynamic receiver in Telecom prior to SMR Feb-2022 Release 1 allows untrusted applications to launch arbitrary activity. 2022-02-11 4.6 CVE-2022-22292
MISC
google — android In startVideoStream() there is a possibility of an OOB Read in the heap, when the camera buffer is ‘zero’ in size.Product: AndroidVersions: Android-11Android ID: A-205097028 2022-02-11 5 CVE-2021-39677
MISC
google — android In onCreate of InstallCaCertificateWarning.java, there is a possible way to mislead an user about CA installation circumstances due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-196969991 2022-02-11 4.4 CVE-2021-39669
MISC
google — android An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. 2022-02-11 4.6 CVE-2022-23431
MISC
google — android An improper input validation in SMC_SRPMB_WSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. 2022-02-11 4.6 CVE-2022-23432
MISC
google — android In checkSpsUpdated of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-204077881 2022-02-11 4.3 CVE-2021-39665
MISC
google — android In code generated by aidl_const_expressions.cpp, there is a possible out of bounds read due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-206718630 2022-02-11 4.3 CVE-2021-39671
MISC
google — chrome Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0308
MISC
MISC
google — chrome Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-02-11 6.8 CVE-2021-4100
MISC
MISC
google — chrome Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. 2022-02-11 4.3 CVE-2021-4098
MISC
MISC
google — chrome Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to incorrectly set origin via a crafted HTML page. 2022-02-12 4.3 CVE-2022-0111
MISC
MISC
google — chrome Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. 2022-02-12 4.3 CVE-2022-0108
MISC
MISC
google — chrome Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page. 2022-02-12 4.3 CVE-2022-0109
MISC
MISC
google — chrome Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-02-11 6.8 CVE-2021-4099
MISC
MISC
google — chrome Incorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. 2022-02-12 4.3 CVE-2022-0110
MISC
MISC
google — chrome Use after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0307
MISC
MISC
google — chrome Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0097
MISC
MISC
google — chrome Use after free in PDF Accessibility in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0105
MISC
MISC
google — chrome Use after free in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0106
MISC
MISC
google — chrome Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0107
MISC
MISC
google — chrome Use after free in Safe browsing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0289
MISC
MISC
google — chrome Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0102
MISC
MISC
google — chrome Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture. 2022-02-12 6.8 CVE-2022-0101
MISC
MISC
google — chrome Use after free in Bookmarks in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0304
MISC
MISC
google — chrome Heap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0100
MISC
MISC
google — chrome Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture. 2022-02-12 6.8 CVE-2022-0099
MISC
MISC
google — chrome Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures. 2022-02-12 6.8 CVE-2022-0098
MISC
MISC
google — chrome Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0290
MISC
MISC
google — chrome Use after free in Web packaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0293
MISC
MISC
google — chrome Use after free in SwiftShader in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0103
MISC
MISC
google — chrome Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0096
MISC
MISC
google — chrome Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0295
MISC
MISC
google — chrome Use after free in Printing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0296
MISC
MISC
google — chrome Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-02-11 6.8 CVE-2021-4102
MISC
MISC
google — chrome Use after free in Vulkan in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0297
MISC
MISC
google — chrome Use after free in Scheduling in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0298
MISC
MISC
google — chrome Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-02-11 6.8 CVE-2021-4101
MISC
MISC
google — chrome Use after free in Text Input Method Editor in Google Chrome on Android prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0300
MISC
MISC
google — chrome Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0302
MISC
MISC
google — chrome Heap buffer overflow in ANGLE in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 6.8 CVE-2022-0104
MISC
MISC
kde — kate The LSP (Language Server Protocol) plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. If this binary is absent from the PATH, it will try running the LSP server binary in the directory of the file that was just opened (due to a misunderstanding of the QProcess API, that was never intended). This can be an untrusted directory. 2022-02-11 6.8 CVE-2022-23853
MISC
CONFIRM
libtiff — libtiff Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712. 2022-02-11 4.3 CVE-2022-0561
MISC
MISC
CONFIRM
libtiff — libtiff Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c. 2022-02-11 4.3 CVE-2022-0562
MISC
MISC
CONFIRM
linux — linux_kernel drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release. 2022-02-11 4.6 CVE-2022-24958
MISC
MISC
MISC
microweber — microweber Open Redirect in Packagist microweber/microweber prior to 1.2.11. 2022-02-11 5.8 CVE-2022-0560
CONFIRM
MISC
permalink_manager_lite_project — permalink_manager_lite The Permalink Manager Lite WordPress plugin before 2.2.15 and Permalink Manager Pro WordPress plugin before 2.2.15 do not sanitise and escape query parameters before outputting them back in the debug page, leading to a Reflected Cross-Site Scripting issue 2022-02-14 4.3 CVE-2022-0201
CONFIRM
MISC
qualcomm — apq8009w_firmware Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables 2022-02-11 4.6 CVE-2021-30318
CONFIRM
qualcomm — apq8096au_firmware Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-02-11 4.6 CVE-2021-30325
CONFIRM
qualcomm — apq8096au_firmware Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-02-11 4.6 CVE-2021-30324
CONFIRM
qualcomm — ar8035_firmware Possible assertion due to improper size validation while processing the DownlinkPreemption IE in an RRC Reconfiguration/RRC Setup message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-02-11 5 CVE-2021-30326
CONFIRM
qualcomm — mdm9650_firmware Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile 2022-02-11 4.6 CVE-2021-30309
CONFIRM
samsung — bixby_vision Exposure of Sensitive Information vulnerability in Bixby Vision prior to version 3.7.50.6 allows attackers to access internal data of Bixby Vision via unprotected intent. 2022-02-11 5 CVE-2022-24003
MISC
samsung — link_sharing Improper Authorization vulnerability in Link Sharing prior to version 12.4.00.3 allows attackers to open protected activity via PreconditionActivity. 2022-02-11 5 CVE-2022-24002
MISC
samsung — reminder Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08.6000 in Andoid Q(10) allows attackers to register reminders or execute exporeted activities remotely. 2022-02-11 5 CVE-2022-23433
MISC
samsung — wear_os Unprotected component vulnerability in StTheaterModeDurationAlarmReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to disable theater mode without a proper permission. 2022-02-11 4.3 CVE-2022-23997
MISC
schneider-electric — interactive_graphical_scada_system_data_collector A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in denial of service, due to missing length check on user-supplied data from a constructed message received on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21320 and prior) 2022-02-11 5 CVE-2021-22824
MISC
schneider-electric — interactive_graphical_scada_system_data_collector A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21320 and prior) 2022-02-11 5 CVE-2021-22823
MISC
schneider-electric — interactive_graphical_scada_system_data_collector A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior) 2022-02-11 5 CVE-2021-22805
MISC
schneider-electric — interactive_graphical_scada_system_data_collector A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause disclosure of arbitrary files being read in the context of the user running IGSS, due to missing validation of user supplied data in network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior) 2022-02-11 5 CVE-2021-22804
MISC
schneider-electric — modicon_m218_firmware A CWE-20: Improper Input Validation vulnerability exists that could cause a Denial of Service when a crafted packet is sent to the controller over network port 1105/TCP. Affected Product: Modicon M218 Logic Controller (V5.1.0.6 and prior) 2022-02-11 5 CVE-2021-22800
MISC
updraftplus — updraftplus The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly validate a user has the required privileges to access a backup’s nonce identifier, which may allow any users with an account on the site (such as subscriber) to download the most recent site & database backup. 2022-02-17 4 CVE-2022-0633
CONFIRM
MISC
MISC
MISC
wpbeaveraddons — powerpack_lite_for_beaver_builder The PowerPack Lite for Beaver Builder WordPress plugin before 1.2.9.3 does not sanitise and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting 2022-02-14 4.3 CVE-2022-0176
MISC
CONFIRM
wpchill — remove_footer_credit The Remove Footer Credit WordPress plugin before 1.0.6 does not have CSRF check in place when saving its settings, which could allow attacker to make logged in admins change them and lead to Stored XSS issue as well due to the lack of sanitisation 2022-02-14 6 CVE-2021-24446
MISC
yzmcms — yzmcms YzmCMS v6.3 is affected by Cross Site Request Forgery (CSRF) in /admin.add 2022-02-15 6.8 CVE-2022-23384
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
drupal — drupal Cross-site Scripting (XSS) vulnerability in Drupal core’s sanitization API fails to properly filter cross-site scripting under certain circumstances. This issue affects: Drupal Core 9.1.x versions prior to 9.1.7; 9.0.x versions prior to 9.0.12; 8.9.x versions prior to 8.9.14; 7.x versions prior to 7.80. 2022-02-11 2.6 CVE-2020-13672
CONFIRM
factorfx — ocs_inventory OCS Inventory 2.9.1 is affected by Cross Site Scripting (XSS). To exploit the vulnerability, the attacker needs to manipulate the name of some device on your computer, such as a printer, replacing the device name with some malicious code that allows the execution of Stored Cross-site Scripting (XSS). 2022-02-11 3.5 CVE-2021-46355
MISC
MISC
google — android PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent. 2022-02-11 3.6 CVE-2022-23427
MISC
google — android Logging of excessive data vulnerability in telephony prior to SMR Feb-2022 Release 1 allows privileged attackers to get Cell Location Information through log of user device. 2022-02-11 2.1 CVE-2022-22291
MISC
google — android In TBD of TBD, there is a possible out of bounds read due to TBD. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-206039140References: N/A 2022-02-11 2.1 CVE-2021-39688
MISC
google — android In HandleTransactionIoEvent of actuator_driver.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204421047References: N/A 2022-02-11 2.1 CVE-2021-39687
MISC
google — android In extract of MediaMetricsItem.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-204445255 2022-02-11 2.1 CVE-2021-39666
MISC
google — android In clear_data_dlg_text of strings.xml, there is a possible situation when “Clear storage” functionality sets up the wrong security/privacy expectations due to a misleading message. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-193890833 2022-02-11 2.1 CVE-2021-39631
MISC
google — android In isServiceDistractionOptimized of CarPackageManagerService.java, there is a possible disclosure of installed packages due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-180418334 2022-02-11 2.1 CVE-2021-0524
MISC
google — android A vulnerability using PendingIntent in DeX Home and DeX for PC prior to SMR Feb-2022 Release 1 allows attackers to access files with system privilege. 2022-02-11 3.6 CVE-2022-23426
MISC
google — android An improper boundary check in audio hal service prior to SMR Feb-2022 Release 1 allows attackers to read invalid memory and it leads to application crash. 2022-02-11 3.6 CVE-2022-23429
MISC
google — android In LoadedPackage::Load of LoadedArsc.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure when parsing an APK file with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-203938029 2022-02-11 1.9 CVE-2021-39664
MISC
linux — linux_kernel An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c. 2022-02-11 2.1 CVE-2022-24959
MISC
MISC
najeebmedia — ppom_for_woocommerce The PPOM for WooCommerce WordPress plugin before 24.0 does not have authorisation and CSRF checks in the ppom_settings_panel_action AJAX action, allowing any authenticated to call it and set arbitrary settings. Furthermore, due to the lack of sanitisation and escaping, it could lead to Stored XSS issues 2022-02-14 3.5 CVE-2021-25018
MISC
projeqtor — projeqtor A Cross Site Scripting (XSS) vulnerability exists in Projeqtor 9.3.1 via /projeqtor/tool/saveAttachment.php, which allows an attacker to upload a SVG file containing malicious JavaScript code. 2022-02-11 3.5 CVE-2021-42940
MISC
MISC
s-cart — s-cart A Directory Traversal vulnerability exists in S-Cart 6.7 via download in sc-admin/backup. 2022-02-11 2.1 CVE-2021-44111
MISC
samsung — bixby A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S(12), 3.7.50.6 in Andorid R(11) and below allows attackers to execute privileged action by hijacking and modifying the intent. 2022-02-11 2.1 CVE-2022-23434
MISC
tcman — gim The m_txtNom y m_txtCognoms parameters in TCMAN GIM v8.01 allow an attacker to perform persistent XSS attacks. This vulnerability could be used to carry out a number of browser-based attacks including browser hijacking or theft of sensitive data. 2022-02-11 3.5 CVE-2021-4046
CONFIRM
themify — portfolio_post Themify Portfolio Post WordPress plugin before 1.1.7 does not sanitise and escape the num_of_pages parameter before outputting it back the response of the themify_create_popup_page_pagination AJAX action (available to any authenticated user), leading to a Reflected Cross-Site Scripting 2022-02-14 3.5 CVE-2022-0200
MISC
vicidial — vicidial Vicidial 2.14-783a was discovered to contain a cross-site scripting (XSS) vulnerability via the input tabs. 2022-02-15 3.5 CVE-2021-46557
MISC
wp_photo_album_plus_project — wp_photo_album_plus The WP Photo Album Plus WordPress plugin before 8.0.10 was vulnerable to Stored Cross-Site Scripting (XSS). Error log content was handled improperly, therefore any user, even unauthenticated, could cause arbitrary javascript to be executed in the admin panel. 2022-02-14 3.5 CVE-2021-25115
CONFIRM
MISC
wpchill — remove_footer_credit The Remove Footer Credit WordPress plugin before 1.0.11 does properly sanitise its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed. 2022-02-14 3.5 CVE-2021-25050
CONFIRM
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
389-ds-base — 389-ds-base
 
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash. 2022-02-18 not yet calculated CVE-2021-4091
MISC
ad_invalid_click_protector — ad_invalid_click_protector
 
The Ad Invalid Click Protector (AICP) WordPress plugin before 1.2.6 is affected by a SQL Injection in the id parameter of the delete action. 2022-02-14 not yet calculated CVE-2022-0190
MISC
adobe — after_effects
 
Adobe After Effects versions 22.1.1 (and earlier) and 18.4.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-02-16 not yet calculated CVE-2022-23200
MISC
MISC
adobe — commerce
 
Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution. 2022-02-16 not yet calculated CVE-2022-24086
MISC
adobe — creative_cloud_desktop
 
Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must download a malicious DLL file. The attacker has to deliver the DLL on the same folder as the installer which makes it as a high complexity attack vector. 2022-02-16 not yet calculated CVE-2022-23202
MISC
adobe — illustrator Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-02-16 not yet calculated CVE-2022-23199
MISC
adobe — illustrator Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-02-16 not yet calculated CVE-2022-23198
MISC
adobe — illustrator Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-02-16 not yet calculated CVE-2022-23197
MISC
adobe — illustrator Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-02-16 not yet calculated CVE-2022-23196
MISC
adobe — illustrator Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-02-16 not yet calculated CVE-2022-23195
MISC
adobe — illustrator Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-02-16 not yet calculated CVE-2022-23194
MISC
adobe — illustrator Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-02-16 not yet calculated CVE-2022-23193
MISC
adobe — illustrator Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-02-16 not yet calculated CVE-2022-23192
MISC
adobe — illustrator Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-02-16 not yet calculated CVE-2022-23191
MISC
adobe — illustrator Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-02-16 not yet calculated CVE-2022-23190
MISC
adobe — illustrator Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-02-16 not yet calculated CVE-2022-23189
MISC
adobe — illustrator Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a buffer overflow vulnerability due to insecure handling of a crafted malicious file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted malicious file in Illustrator. 2022-02-16 not yet calculated CVE-2022-23188
MISC
adobe — illustrator
 
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-02-16 not yet calculated CVE-2022-23186
MISC
adobe — photoshop
 
Adobe Photoshop versions 22.5.4 (and earlier) and 23.1 (and earlier) are affected by a buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in Photoshop. 2022-02-16 not yet calculated CVE-2022-23203
MISC
adobe — premiere_rush
 
Adobe Premiere Rush versions 2.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-02-16 not yet calculated CVE-2022-23204
MISC
airspan_networks — mimosa_devices This vulnerability could allow an attacker to force the server to create and execute a web request granting access to backend APIs that are only accessible to the Mimosa MMP server, or request pages that could perform some actions themselves. The attacker could force the server into accessing routes on those cloud-hosting platforms, accessing secret keys, changing configurations, etc. Affecting MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1. 2022-02-18 not yet calculated CVE-2022-21215
MISC
airspan_networks — mimosa_devices MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not perform proper authorization and authentication checks on multiple API routes. An attacker may gain access to these API routes and achieve remote code execution, create a denial-of-service condition, and obtain sensitive information. 2022-02-18 not yet calculated CVE-2022-21196
MISC
airspan_networks — mimosa_devices MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not properly sanitize user input, which may allow an attacker to perform a SQL injection and obtain sensitive information. 2022-02-18 not yet calculated CVE-2022-21176
MISC
airspan_networks — mimosa_devices MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not properly sanitize user input on several locations, which may allow an attacker to inject arbitrary commands. 2022-02-18 not yet calculated CVE-2022-21143
MISC
airspan_networks — mimosa_devices MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not perform proper authorization checks on multiple API functions. An attacker may gain access to these functions and achieve remote code execution, create a denial-of-service condition, and obtain sensitive information. 2022-02-18 not yet calculated CVE-2022-21141
MISC
airspan_networks — mimosa_devices
 
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 uses the MD5 algorithm to hash the passwords before storing them but does not salt the hash. As a result, attackers may be able to crack the hashed passwords. 2022-02-18 not yet calculated CVE-2022-21800
MISC
airspan_networks — mimosa_products
 
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 has a deserialization function that does not validate or check the data, allowing arbitrary classes to be created. 2022-02-18 not yet calculated CVE-2022-0138
MISC
antd-admin — antd-admin
 
antd-admin 5.5.0 is affected by an incorrect access control vulnerability. Unauthorized access to some interfaces in the foreground leads to leakage of sensitive information. 2022-02-14 not yet calculated CVE-2021-46371
MISC
argocd — argocd
 
A flaw was found in argocd. Any unprivileged user is able to deploy argocd in their namespace and with the created ServiceAccount argocd-argocd-server, the unprivileged user is able to read all resources of the cluster including all secrets which might enable privilege escalations. The highest threat from this vulnerability is to data confidentiality. 2022-02-16 not yet calculated CVE-2021-3557
MISC
artifex — mujs
 
Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements. 2022-02-14 not yet calculated CVE-2021-45005
MISC
MISC
asus — cmax6000
 
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from ASUS CMAX6000 v1.02.00. 2022-02-17 not yet calculated CVE-2021-46247
MISC
atheme — irc_services
 
Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence. 2022-02-14 not yet calculated CVE-2022-24976
MISC
MISC
MISC
atlassian — confluence_server_and_data_center
 
Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Confluence installer. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3. 2022-02-15 not yet calculated CVE-2021-43940
MISC
atlassian — jira_server_and_data_center Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify several resources (including CsvFieldMappingsPage.jspa and ImporterValueMappingsPage.jspa) via a Cross-Site Request Forgery (CSRF) vulnerability in the jira-importers-plugin. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3. 2022-02-15 not yet calculated CVE-2021-43941
MISC
atlassian — jira_server_and_data_center Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view the names of private objects via an Improper Authorization vulnerability in the “Move objects” feature. The affected versions are before version 4.21.0. 2022-02-15 not yet calculated CVE-2021-43948
MISC
atlassian — jira_server_and_data_center Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to toggle the Thread Contention and CPU monitoring settings via a Cross-Site Request Forgery (CSRF) vulnerability in the /secure/admin/ViewInstrumentation.jspa endpoint. The affected versions are before version 8.21.0. 2022-02-15 not yet calculated CVE-2021-43953
MISC
atlassian — jira_server_and_data_center
 
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to restore the default configuration of fields via a Cross-Site Request Forgery (CSRF) vulnerability in the /secure/admin/RestoreDefaults.jspa endpoint. The affected versions are before version 8.21.0. 2022-02-15 not yet calculated CVE-2021-43952
MISC
atlassian — jira_server_and_data_center
 
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view import source configuration information via a Broken Access Control vulnerability in the Insight Import Source feature. The affected versions are before version 4.21.0. 2022-02-15 not yet calculated CVE-2021-43950
N/A
awful-salmonella-tar — awful-salmonella-tar
 
A ..%2F path traversal vulnerability exists in the path handler of awful-salmonella-tar before 0.0.4. Attackers can only list directories (not read files). This occurs because the safe-path? Scheme predicate is not used for directories. 2022-02-18 not yet calculated CVE-2022-25358
MISC
MISC
axis_ip_utility — axis_ip_utility
 
AXIS IP Utility prior to 4.17.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be placed in the same folder. 2022-02-14 not yet calculated CVE-2022-23410
MISC
backdropcms — backdropcms
 
A stored cross-site scripting (XSS) vulnerability in the Add Link function of BackdropCMS v1.21.1 allows attackers to execute arbitrary web scripts or HTML. 2022-02-15 not yet calculated CVE-2022-24590
MISC
MISC
baicloud-cms — baicloud-cms
 
BaiCloud-cms v2.5.7 was discovered to contain multiple SQL injection vulnerabilities via the tongji and baidu_map parameters in /user/ztconfig.php. 2022-02-19 not yet calculated CVE-2021-44302
MISC
bbs_forum — bbs_forum
 
An issue in the getType function of BBS Forum v5.3 and below allows attackers to upload arbitrary files. 2022-02-14 not yet calculated CVE-2022-23390
MISC
bd — viper_lt_system
 
BD Viper LT system, versions 2.0 and later, contains hardcoded credentials. If exploited, threat actors may be able to access, modify or delete sensitive information, including electronic protected health information (ePHI), protected health information (PHI) and personally identifiable information (PII). BD Viper LT system versions 4.0 and later utilize Microsoft Windows 10 and have additional Operating System hardening configurations which increase the attack complexity required to exploit this vulnerability. 2022-02-12 not yet calculated CVE-2022-22765
CONFIRM
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15508. 2022-02-18 not yet calculated CVE-2021-46636
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15507. 2022-02-18 not yet calculated CVE-2021-46635
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15408. 2022-02-18 not yet calculated CVE-2021-46614
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15509. 2022-02-18 not yet calculated CVE-2021-46637
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15510. 2022-02-18 not yet calculated CVE-2021-46638
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15416. 2022-02-18 not yet calculated CVE-2021-46622
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JT files. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15415. 2022-02-18 not yet calculated CVE-2021-46621
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15414. 2022-02-18 not yet calculated CVE-2021-46620
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15413. 2022-02-18 not yet calculated CVE-2021-46619
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15368. 2022-02-18 not yet calculated CVE-2021-46574
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15380. 2022-02-18 not yet calculated CVE-2021-46586
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15464. 2022-02-18 not yet calculated CVE-2021-46634
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15463. 2022-02-18 not yet calculated CVE-2021-46633
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15382. 2022-02-18 not yet calculated CVE-2021-46588
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15369. 2022-02-18 not yet calculated CVE-2021-46575
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15381. 2022-02-18 not yet calculated CVE-2021-46587
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15532. 2022-02-18 not yet calculated CVE-2021-46646
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15370. 2022-02-18 not yet calculated CVE-2021-46576
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15371. 2022-02-18 not yet calculated CVE-2021-46577
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15372. 2022-02-18 not yet calculated CVE-2021-46578
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15373. 2022-02-18 not yet calculated CVE-2021-46579
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15379. 2022-02-18 not yet calculated CVE-2021-46585
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15378. 2022-02-18 not yet calculated CVE-2021-46584
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15374. 2022-02-18 not yet calculated CVE-2021-46580
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15376. 2022-02-18 not yet calculated CVE-2021-46582
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PNG images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15412. 2022-02-18 not yet calculated CVE-2021-46618
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF images. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15411. 2022-02-18 not yet calculated CVE-2021-46617
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15410. 2022-02-18 not yet calculated CVE-2021-46616
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15400. 2022-02-18 not yet calculated CVE-2021-46606
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15394. 2022-02-18 not yet calculated CVE-2021-46600
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15395. 2022-02-18 not yet calculated CVE-2021-46601
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15396. 2022-02-18 not yet calculated CVE-2021-46602
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15397. 2022-02-18 not yet calculated CVE-2021-46603
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PNG images. Crafted data in a PNG image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15398. 2022-02-18 not yet calculated CVE-2021-46604
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15399. 2022-02-18 not yet calculated CVE-2021-46605
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15401. 2022-02-18 not yet calculated CVE-2021-46607
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15393. 2022-02-18 not yet calculated CVE-2021-46599
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15402. 2022-02-18 not yet calculated CVE-2021-46608
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15403. 2022-02-18 not yet calculated CVE-2021-46609
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15404. 2022-02-18 not yet calculated CVE-2021-46610
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15405. 2022-02-18 not yet calculated CVE-2021-46611
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15406. 2022-02-18 not yet calculated CVE-2021-46612
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15407. 2022-02-18 not yet calculated CVE-2021-46613
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15533. 2022-02-18 not yet calculated CVE-2021-46647
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15534. 2022-02-18 not yet calculated CVE-2021-46648
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15375. 2022-02-18 not yet calculated CVE-2021-46581
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15536. 2022-02-18 not yet calculated CVE-2021-46650
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15385. 2022-02-18 not yet calculated CVE-2021-46591
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15530. 2022-02-18 not yet calculated CVE-2021-46644
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. Crafted data in a BMP image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15531. 2022-02-18 not yet calculated CVE-2021-46645
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15409. 2022-02-18 not yet calculated CVE-2021-46615
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15391. 2022-02-18 not yet calculated CVE-2021-46597
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15383. 2022-02-18 not yet calculated CVE-2021-46589
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15390. 2022-02-18 not yet calculated CVE-2021-46596
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15389. 2022-02-18 not yet calculated CVE-2021-46595
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15388. 2022-02-18 not yet calculated CVE-2021-46594
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15535. 2022-02-18 not yet calculated CVE-2021-46649
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15392. 2022-02-18 not yet calculated CVE-2021-46598
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15387. 2022-02-18 not yet calculated CVE-2021-46593
MISC
MISC
bentley — microstation_connect This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15384. 2022-02-18 not yet calculated CVE-2021-46590
MISC
MISC
bentley — microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15511. 2022-02-18 not yet calculated CVE-2021-46639
MISC
MISC
bentley — microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14987. 2022-02-18 not yet calculated CVE-2021-46562
MISC
MISC
bentley — microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15367. 2022-02-18 not yet calculated CVE-2021-46573
MISC
MISC
bentley — microstation_connect
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15537. 2022-02-18 not yet calculated CVE-2021-46651
MISC
MISC
bentley — microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15028. 2022-02-18 not yet calculated CVE-2021-46567
MISC
MISC
bentley — microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15027. 2022-02-18 not yet calculated CVE-2021-46566
MISC
MISC
bentley — microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15024. 2022-02-18 not yet calculated CVE-2021-46565
MISC
MISC
bentley — microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15023. 2022-02-18 not yet calculated CVE-2021-46564
MISC
MISC
bentley — microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15366. 2022-02-18 not yet calculated CVE-2021-46572
MISC
MISC
bentley — microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14990. 2022-02-18 not yet calculated CVE-2021-46563
MISC
MISC
bentley — microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15030. 2022-02-18 not yet calculated CVE-2021-46568
MISC
MISC
bentley — microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15031. 2022-02-18 not yet calculated CVE-2021-46569
MISC
MISC
bentley — microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15377. 2022-02-18 not yet calculated CVE-2021-46583
MISC
MISC
bentley — microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15386. 2022-02-18 not yet calculated CVE-2021-46592
MISC
MISC
bentley — view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15630. 2022-02-18 not yet calculated CVE-2021-46655
MISC
MISC
bentley — view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15458. 2022-02-18 not yet calculated CVE-2021-46628
MISC
MISC
bentley — view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15457. 2022-02-18 not yet calculated CVE-2021-46627
MISC
MISC
bentley — view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15456. 2022-02-18 not yet calculated CVE-2021-46626
MISC
MISC
bentley — view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JT files. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15455. 2022-02-18 not yet calculated CVE-2021-46625
MISC
MISC
bentley — view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15453. 2022-02-18 not yet calculated CVE-2021-46623
MISC
MISC
bentley — view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15538. 2022-02-18 not yet calculated CVE-2021-46652
MISC
MISC
bentley — view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15539. 2022-02-18 not yet calculated CVE-2021-46653
MISC
MISC
bentley — view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15540. 2022-02-18 not yet calculated CVE-2021-46654
MISC
MISC
bentley — view
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15364. 2022-02-18 not yet calculated CVE-2021-46570
MISC
MISC
bentley — view
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15514. 2022-02-18 not yet calculated CVE-2021-46642
MISC
MISC
bentley — view
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15460. 2022-02-18 not yet calculated CVE-2021-46630
MISC
MISC
bentley — view
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN file. Crafted data in a DNG file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15513. 2022-02-18 not yet calculated CVE-2021-46641
MISC
MISC
bentley — view
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15512. 2022-02-18 not yet calculated CVE-2021-46640
MISC
MISC
bentley — view
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15515. 2022-02-18 not yet calculated CVE-2021-46643
MISC
MISC
bentley — view
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15454. 2022-02-18 not yet calculated CVE-2021-46624
MISC
MISC
bentley — view
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15462. 2022-02-18 not yet calculated CVE-2021-46632
MISC
MISC
bentley — view
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF images. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15461. 2022-02-18 not yet calculated CVE-2021-46631
MISC
MISC
bentley — view
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15365. 2022-02-18 not yet calculated CVE-2021-46571
MISC
MISC
bentley — view
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15459. 2022-02-18 not yet calculated CVE-2021-46629
MISC
MISC
bentley — view
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15631. 2022-02-18 not yet calculated CVE-2021-46656
MISC
MISC
bigfileagent — bigfileagent
 
An path traversal vulnerability leading to delete arbitrary files was discovered in BigFileAgent. Remote attackers can use this vulnerability to delete arbitrary files of unspecified number of users. 2022-02-18 not yet calculated CVE-2021-26619
MISC
binisoft — windows_firewall_control
 
In Malwarebytes Binisoft Windows Firewall Control before 6.8.1.0, programs executed from the Tools tab can be used to escalate privileges. 2022-02-14 not yet calculated CVE-2022-25150
MISC
MISC
bitdefender — antivirus_plus
 
A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 24.0.26.136. Bitdefender Internet Security versions prior to 24.0.26.136. Bitdefender Total Security versions prior to 24.0.26.136. 2022-02-18 not yet calculated CVE-2020-8107
MISC
bmc — track-it!
 
This vulnerability allows remote attackers to bypass authentication on affected installations of BMC Track-It! 20.21.01.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-14618. 2022-02-18 not yet calculated CVE-2022-24047
MISC
MISC
boltwire — boltwire
 
A cross-site scripting (XSS) vulnerability in BoltWire v7.10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the name and lastname parameters. 2022-02-15 not yet calculated CVE-2022-24227
MISC
MISC
bookwyrm-social — bookwyrm
 
BookWyrm is a decentralized social network for tracking reading habits and reviewing books. The functionality to load a cover via url is vulnerable to a server-side request forgery attack. Any BookWyrm instance running a version prior to v0.3.0 is susceptible to attack from a logged-in user. The problem has been patched and administrators should upgrade to version 0.3.0 As a workaround, BookWyrm instances can close registration and limit members to trusted individuals. 2022-02-16 not yet calculated CVE-2022-23644
CONFIRM
burden — burden
 
Burden v3.0 was discovered to contain a stored cross-site scripting (XSS) in the Add Category function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the task parameter. 2022-02-15 not yet calculated CVE-2022-24589
MISC
MISC
centos — stream
 
A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the “Application menu” or “Window list” GNOME extensions are enabled. This flaw allows a physical attacker who has access to a locked system to kill existing applications and start new ones as the locked user, even if the session is still locked. 2022-02-18 not yet calculated CVE-2021-20315
MISC
cerebrate — cerebrate
 
An issue was discovered in Cerebrate through 1.4. An incorrect sharing group ACL allowed an unprivileged user to edit and modify sharing groups. 2022-02-18 not yet calculated CVE-2022-25318
MISC
cerebrate — cerebrate
 
An issue was discovered in Cerebrate through 1.4. genericForm allows reflected XSS in form descriptions via a user-controlled description. 2022-02-18 not yet calculated CVE-2022-25317
MISC
cerebrate — cerebrate
 
An issue was discovered in Cerebrate through 1.4. XSS could occur in the bookmarks component. 2022-02-18 not yet calculated CVE-2022-25321
MISC
MISC
cerebrate — cerebrate
 
An issue was discovered in Cerebrate through 1.4. Endpoints could be open even when not enabled. 2022-02-18 not yet calculated CVE-2022-25319
MISC
cerebrate — cerebrate
 
An issue was discovered in Cerebrate through 1.4. Username enumeration could occur. 2022-02-18 not yet calculated CVE-2022-25320
MISC
cesanta — mongoose
 
This affects the package cesanta/mongoose before 7.6. The unsafe handling of file names during upload using mg_http_upload() method may enable attackers to write files to arbitrary locations outside the designated target folder. 2022-02-18 not yet calculated CVE-2022-25299
CONFIRM
CONFIRM
cisco — email_security_appliance
 
A vulnerability in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling in DNS name resolution by the affected software. An attacker could exploit this vulnerability by sending specially formatted email messages that are processed by an affected device. A successful exploit could allow the attacker to cause the device to become unreachable from management interfaces or to process additional email messages for a period of time until the device recovers, resulting in a DoS condition. Continued attacks could cause the device to become completely unavailable, resulting in a persistent DoS condition. 2022-02-17 not yet calculated CVE-2022-20653
CISCO
cisco — multiple_products
 
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. 2022-02-17 not yet calculated CVE-2022-20659
CISCO
cisco — redundancy_configuration_manager
 
A vulnerability in the checkpoint manager implementation of Cisco Redundancy Configuration Manager (RCM) for Cisco StarOS Software could allow an unauthenticated, remote attacker to cause the checkpoint manager process to restart upon receipt of malformed TCP data. This vulnerability is due to improper input validation of an ingress TCP packet. An attacker could exploit this vulnerability by sending crafted TCP data to the affected application. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to the checkpoint manager process restarting. 2022-02-17 not yet calculated CVE-2022-20750
CISCO
cmp — cmp
 
The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout. 2022-02-14 not yet calculated CVE-2022-0188
CONFIRM
MISC
cobaltstrike — cobaltstrike
 
CobaltStrike <=4.5 HTTP(S) listener does not determine whether the request URL begins with “/”, and attackers can obtain relevant information by specifying the URL. 2022-02-15 not yet calculated CVE-2022-23317
MISC
cobbler — cobbler
 
An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the “#from MODULE import” substring. (Only lines beginning with #import are blocked.) 2022-02-19 not yet calculated CVE-2021-45082
MISC
MISC
codereview — qt-project
 
In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH. 2022-02-16 not yet calculated CVE-2022-25255
MISC
MISC
MISC
MISC
MISC
commscope — surfbooard
 
CommScope SURFboard SBG6950AC2 9.1.103AA23 devices allow Command Injection. 2022-02-15 not yet calculated CVE-2021-41552
MISC
MISC
compass_plus — tranzware_online_fimi_web_interface_transware_online
 
A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online (TWO) 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the request to be sent to a completely different Domain/IP address. This is due to that the server implicitly trusts the Host header, and fails to validate or escape it properly. An attacker can use this input to redirect target users to a malicious domain/web page. This would result in expanding the potential to further attacks and malicious actions. 2022-02-14 not yet calculated CVE-2021-43106
MISC
complianz — complianz
 
The Complianz WordPress plugin before 6.0.0 does not escape the s parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting 2022-02-14 not yet calculated CVE-2022-0193
MISC
CONFIRM
corda — corda
 
In Corda before 4.1, the meaning of serialized data can be modified via an attacker-controlled CustomSerializer. 2022-02-14 not yet calculated CVE-2019-25057
MISC
core_ftp — core_ftp
 
Core FTP / SFTP Server v2 Build 725 was discovered to allow unauthenticated attackers to cause a Denial of Service (DoS) via a crafted packet through the SSH service. 2022-02-17 not yet calculated CVE-2022-22899
MISC
MISC
MISC
crossbeam-rs — crossbeam
 
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of `{i,u}64` was always the same as `Atomic{I,U}64`. However, the alignment of `{i,u}64` on a 32-bit target can be smaller than `Atomic{I,U}64`. This can cause unaligned memory accesses and data race. Crates using `fetch_*` methods with `AtomicCell<{i,u}64>` are affected by this issue. 32-bit targets without `Atomic{I,U}64` and 64-bit targets are not affected by this issue. This has been fixed in crossbeam-utils 0.8.7. There are currently no known workarounds. 2022-02-15 not yet calculated CVE-2022-23639
MISC
CONFIRM
MISC
crypt_gpg — crypt_gpg
 
The Crypt_GPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions. 2022-02-17 not yet calculated CVE-2022-24953
CONFIRM
MISC
cryptomator — cryptomator
 
Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and com.apple.security.cs.allow-dyld-environment-variables entitlements. An attacker can exploit this by creating a malicious .dylib file that can be executed via the DYLD_INSERT_LIBRARIES environment variable. 2022-02-19 not yet calculated CVE-2022-25366
MISC
MISC
custom_popup_builder — custom_popup_builder
 
The Popup | Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog 2022-02-14 not yet calculated CVE-2022-0214
MISC
d-link — routers Remote Code Execution (RCE) vulnerability exists in D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin. Malicious users can use this vulnerability to use ” ” or backticks to bypass the shell metacharacters in the ssid0 or ssid1 parameters to execute arbitrary commands.This vulnerability is due to the fact that CVE-2019-17509 is not fully patched and can be bypassed by using line breaks or backticks on its basis. 2022-02-17 not yet calculated CVE-2021-46319
MISC
MISC
d-link — routers Remote Command Execution (RCE) vulnerability exists in HNAP1/control/SetWizardConfig.php in D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin. Malicoius users can use this vulnerability to use ” ” or backticks in the shell metacharacters in the ssid0 or ssid1 parameters to cause arbitrary command execution. Since CVE-2019-17510 vulnerability has not been patched and improved www/hnap1/control/setwizardconfig.php, can also use line breaks and backquotes to bypass. 2022-02-17 not yet calculated CVE-2021-46315
MISC
MISC
d-link — routers
 
A Remote Command Execution (RCE) vulnerability exists in HNAP1/control/SetNetworkTomographySettings.php of D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin because backticks can be used for command injection when judging whether it is a reasonable domain name. 2022-02-17 not yet calculated CVE-2021-46314
MISC
MISC
d-link — routers
 
D-Link DSL-2730E CT-20131125 devices allow XSS via the username parameter to the password page in the maintenance configuration. 2022-02-18 not yet calculated CVE-2021-46108
MISC
MISC
d-link — routers
 
A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life (“EOL”) /End of Service Life (“EOS”) Life-Cycle and as such this issue will not be patched. 2022-02-17 not yet calculated CVE-2021-45382
MISC
MISC
dart_sdk — dart_sdk
 
Dart SDK contains the HTTPClient in dart:io library whcih includes authorization headers when handling cross origin redirects. These headers may be explicitly set and contain sensitive information. By default, HttpClient handles redirection logic. If a request is sent to example.com with authorization header and it redirects to an attackers site, they might not expect attacker site to receive authorization header. We recommend updating the Dart SDK to version 2.16.0 or beyond. 2022-02-18 not yet calculated CVE-2022-0451
MISC
MISC
debian — debian-edu-config
 
It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares (~/public_html), which could result in privilege escalation. 2022-02-11 not yet calculated CVE-2021-20001
MISC
MLIST
MLIST
DEBIAN
dedecms — dedecms
 
DedeCMS v5.7.87 was discovered to contain a SQL injection vulnerability in article_coonepage_rule.php via the ids parameter. 2022-02-14 not yet calculated CVE-2022-23337
MISC
discourse — discourse
 
Discourse is an open source discussion platform. In versions prior to 2.8.1 in the `stable` branch, 2.9.0.beta2 in the `beta` branch, and 2.9.0.beta2 in the `tests-passed` branch, users can trigger a Denial of Service attack by posting a streaming URL. Parsing Oneboxes in the background job trigger an infinite loop, which cause memory leaks. This issue is patched in version 2.8.1 of the `stable` branch, 2.9.0.beta2 of the `beta` branch, and 2.9.0.beta2 of the `tests-passed` branch. As a workaround, disable onebox in admin panel completely or specify allow list of domains that will be oneboxed. 2022-02-15 not yet calculated CVE-2022-23641
MISC
CONFIRM
MISC
docker — dekstop
 
Docker Desktop before 4.5.1 on Windows allows attackers to move arbitrary files. NOTE: this issue exists because of an incomplete fix for CVE-2022-23774. 2022-02-19 not yet calculated CVE-2022-25365
MISC
drupal — core
 
Drupal core’s form API has a vulnerability where certain contributed or custom modules’ forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data. 2022-02-16 not yet calculated CVE-2022-25271
CONFIRM
drupal — quick_edit
 
The Quick Edit module does not properly check entity access in some circumstances. This could result in users with the “access in-place editing” permission viewing some content they are are not authorized to access. Sites are only affected if the QuickEdit module (which comes with the Standard profile) is installed. 2022-02-17 not yet calculated CVE-2022-25270
CONFIRM
duck — duck
 
duck before 0.10 did not properly handle loading of untrusted code from the current directory. 2022-02-19 not yet calculated CVE-2016-1239
MISC
duxcms — duxcms
 
DuxCMS v3.1.3 was discovered to contain a SQL injection vulnerability via the component s/tools/SendTpl/index?keyword=. 2022-02-16 not yet calculated CVE-2021-3242
MISC
MISC
easycms — easycms
 
EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In the background, search terms provided by the user were not sanitized and were used directly to construct a SQL statement. 2022-02-16 not yet calculated CVE-2022-23358
MISC
emerson — dixell_xweb-500_products ** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the files in the remote directories. Note: the product has not been supported since 2018 and should be removed or replaced. 2022-02-14 not yet calculated CVE-2021-45421
MISC
MISC
MISC
emerson — dixell_xweb-500_products
 
** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note: the product has not been supported since 2018 and should be removed or replaced. 2022-02-14 not yet calculated CVE-2021-45420
MISC
MISC
MISC
enterprisedt — completeftp
 
CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code Execution by leveraging a Windows user account that has SSH access. The exec command is always run as SYSTEM. 2022-02-14 not yet calculated CVE-2019-16864
MISC
MISC
expat — expat xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. 2022-02-16 not yet calculated CVE-2022-25235
MISC
MLIST
expat — expat
 
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. 2022-02-18 not yet calculated CVE-2022-25313
MISC
MLIST
expat — expat
 
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. 2022-02-18 not yet calculated CVE-2022-25314
MISC
MLIST
expat — expat
 
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. 2022-02-18 not yet calculated CVE-2022-25315
MISC
MLIST
expat — expat
 
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. 2022-02-16 not yet calculated CVE-2022-25236
MISC
MLIST
expressionengine — expressionengine
 
Unsanitized user input in ExpressionEngine <= 5.4.0 control panel member creation leads to an SQL injection. The user needs member creation/admin control panel access to execute the attack. 2022-02-18 not yet calculated CVE-2020-8242
MISC
fancy_product_designer — fancy_product_designer
 
The Fancy Product Designer WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the ID parameter found in the ~/inc/api/class-view.php file which allows attackers with administrative level permissions to inject arbitrary SQL queries to obtain sensitive information, in versions up to and including 4.7.4. 2022-02-16 not yet calculated CVE-2021-4134
MISC
MISC
filecloud — filecloud
 
In FileCloud before 21.3, file upload is not protected against Cross-Site Request Forgery (CSRF). 2022-02-16 not yet calculated CVE-2022-25242
MISC
MISC
filecloud — filecloud
 
In FileCloud before 21.3, the CSV user import functionality is vulnerable to Cross-Site Request Forgery (CSRF). 2022-02-16 not yet calculated CVE-2022-25241
MISC
MISC
flatpress — flatpress
 
Flatpress v1.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability in the Upload SVG File function. 2022-02-15 not yet calculated CVE-2022-24588
MISC
MISC
forgerock — forgerock_access_management
 
Missing access control in ForgeRock Access Management 7.1.0 and earlier versions on all platforms allows remote unauthenticated attackers to hijack sessions, including potentially admin-level sessions. This issue affects: ForgeRock Access Management 7.1 versions prior to 7.1.1; 6.5 versions prior to 6.5.4; all previous versions. 2022-02-14 not yet calculated CVE-2021-4201
CONFIRM
form_store_to_db — form_store_to_db The Form Store to DB WordPress plugin before 1.1.1 does not sanitise and escape parameter keys before outputting it back in the created entry, allowing unauthenticated attacker to perform Cross-Site Scripting attacks against admin 2022-02-14 not yet calculated CVE-2021-25107
CONFIRM
MISC
foxit — pdf_reader This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15853. 2022-02-18 not yet calculated CVE-2022-24366
MISC
MISC
foxit — pdf_reader This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15877. 2022-02-18 not yet calculated CVE-2022-24367
MISC
MISC
foxit — pdf_reader This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15851. 2022-02-18 not yet calculated CVE-2022-24364
MISC
MISC
foxit — pdf_reader This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15852. 2022-02-18 not yet calculated CVE-2022-24365
MISC
MISC
foxit — pdf_reader This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15744. 2022-02-18 not yet calculated CVE-2022-24360
MISC
MISC
foxit — pdf_reader This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15861. 2022-02-18 not yet calculated CVE-2022-24363
MISC
MISC
foxit — pdf_reader This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15987. 2022-02-18 not yet calculated CVE-2022-24362
MISC
MISC
foxit — pdf_reader This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15702. 2022-02-18 not yet calculated CVE-2022-24359
MISC
MISC
foxit — pdf_reader This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15703. 2022-02-18 not yet calculated CVE-2022-24358
MISC
MISC
foxit — pdf_reader This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15743. 2022-02-18 not yet calculated CVE-2022-24357
MISC
MISC
foxit — pdf_reader This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the OnMouseExit method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14848. 2022-02-18 not yet calculated CVE-2022-24356
MISC
MISC
foxit — pdf_reader
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15812. 2022-02-18 not yet calculated CVE-2022-24971
MISC
MISC
foxit — pdf_reader
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15811. 2022-02-18 not yet calculated CVE-2022-24361
MISC
MISC
foxit — pdf_reader
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA forms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14819. 2022-02-18 not yet calculated CVE-2022-24370
MISC
MISC
foxit — pdf_reader
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. Crafted data in a JP2 image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16087. 2022-02-18 not yet calculated CVE-2022-24369
MISC
MISC
foxit — pdf_reader
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16115. 2022-02-18 not yet calculated CVE-2022-24368
MISC
MISC
fulusso — fulusso
 
Fulusso v1.1 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability in /BindAccount/SuccessTips.js. This vulnerability allows attackers to inject malicious code into a victim user’s device via open redirection. 2022-02-14 not yet calculated CVE-2022-23367
MISC
futurio_extra — futurio_extra The Futurio Extra WordPress plugin before 1.6.3 allows any logged in user, such as subscriber, to extract any other user’s email address. 2022-02-14 not yet calculated CVE-2021-25110
MISC
futurio_extra — futurio_extra
 
The Futurio Extra WordPress plugin before 1.6.3 is affected by a SQL Injection vulnerability that could be used by high privilege users to extract data from the database as well as used to perform Cross-Site Scripting (XSS) against logged in admins by making send open a malicious link. 2022-02-14 not yet calculated CVE-2021-25109
MISC
galois_2p8 — galois_2p8
 
In galois_2p8 before 0.1.2, PrimitivePolynomialField::new has an off-by-one buffer overflow for a vector. 2022-02-14 not yet calculated CVE-2022-24988
MISC
ghostscript — interpreter A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. 2022-02-16 not yet calculated CVE-2021-3781
MISC
MISC
github — enterprise_server
 
A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.3 and was fixed in versions 3.0.21, 3.1.13, 3.2.5. This vulnerability was reported via the GitHub Bug Bounty program. 2022-02-18 not yet calculated CVE-2021-41599
MISC
MISC
MISC
google — chrome Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions. 2022-02-12 not yet calculated CVE-2022-0310
MISC
MISC
google — chrome Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 not yet calculated CVE-2022-0306
MISC
MISC
google — chrome Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. 2022-02-12 not yet calculated CVE-2022-0305
MISC
MISC
google — chrome Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. 2022-02-12 not yet calculated CVE-2022-0294
MISC
MISC
google — chrome Inappropriate implementation in Fenced Frames in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. 2022-02-12 not yet calculated CVE-2022-0292
MISC
MISC
google — chrome Inappropriate implementation in Storage in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. 2022-02-12 not yet calculated CVE-2022-0291
MISC
MISC
google — chrome Heap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 not yet calculated CVE-2022-0301
MISC
MISC
google — chrome Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. 2022-02-12 not yet calculated CVE-2022-0309
MISC
MISC
google — chrome
 
Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. 2022-02-12 not yet calculated CVE-2022-0311
MISC
MISC
gravitl — netmaker
 
Use of Hard-coded Cryptographic Key in Go github.com/gravitl/netmaker prior to 0.8.5,0.9.4,0.10.0,0.10.1. 2022-02-18 not yet calculated CVE-2022-0664
CONFIRM
MISC
hancom — office
 
A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. 2022-02-16 not yet calculated CVE-2021-21958
MISC
hashicorp — nomad_and_nomad_enterprise HashiCorp Nomad and Nomad Enterprise before 1.0.17, 1.1.x before 1.1.12, and 1.2.x before 1.2.6 has Uncontrolled Resource Consumption. 2022-02-15 not yet calculated CVE-2022-24684
MISC
MISC
hashicorp — nomad_and_nomad_enterprise HashiCorp Nomad and Nomad Enterprise 0.9.2 through 1.0.17, 1.1.11, and 1.2.5 allow operators with read-fs and alloc-exec (or job-submit) capabilities to read arbitrary files on the host filesystem as root. 2022-02-17 not yet calculated CVE-2022-24683
MISC
MISC
hashicorp — nomad_and_nomad_enterprise
 
HashiCorp Nomad and Nomad Enterprise 0.3.0 through 1.0.17, 1.1.11, and 1.2.5 artifact download functionality has a race condition such that the Nomad client agent could download the wrong artifact into the wrong destination. Fixed in 1.0.18, 1.1.12, and 1.2.6 2022-02-14 not yet calculated CVE-2022-24686
MISC
MISC
hospital_management_system — hospital_management_system
 
Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php. 2022-02-15 not yet calculated CVE-2022-24226
MISC
MISC
hospital_patient_record_management_system — hospital_patient_record_management_system An access control issue in hprms/admin/?page=user/list of Hospital Patient Record Management System v1.0 allows attackers to escalate privileges via accessing and editing the user list. 2022-02-14 not yet calculated CVE-2022-22854
MISC
hospital_patient_record_management_system — hospital_patient_record_management_system A stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Name field. 2022-02-16 not yet calculated CVE-2022-22853
MISC
MISC
MISC
hp — support_assistant_software
 
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. 2022-02-16 not yet calculated CVE-2020-6917
MISC
hp — support_assistant_software
 
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. 2022-02-16 not yet calculated CVE-2020-6922
MISC
hp — support_assistant_software
 
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. 2022-02-16 not yet calculated CVE-2020-6921
MISC
hp — support_assistant_software
 
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. 2022-02-16 not yet calculated CVE-2020-6920
MISC
hp — support_assistant_software
 
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. 2022-02-16 not yet calculated CVE-2020-6919
MISC
hp — support_assistant_software
 
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. 2022-02-16 not yet calculated CVE-2020-6918
MISC
hp — uefi_firmware
 
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution. 2022-02-16 not yet calculated CVE-2021-39301
MISC
hp — uefi_firmware
 
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution. 2022-02-16 not yet calculated CVE-2021-39300
MISC
hp — uefi_firmware
 
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution. 2022-02-16 not yet calculated CVE-2021-39297
MISC
hp — uefi_firmware
 
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution. 2022-02-16 not yet calculated CVE-2021-39298
MISC
hp — uefi_firmware
 
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution. 2022-02-16 not yet calculated CVE-2021-39299
MISC
hutool — hutool
 
Hutool v5.7.18’s HttpRequest was discovered to ignore all TLS/SSL certificate validation. 2022-02-16 not yet calculated CVE-2022-22885
MISC
MISC
ibm — cognos_analytics_mobile_for_android
 
IBM Cognos Analytics Mobile for Android applications prior to version 1.1.14 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 215592. 2022-02-14 not yet calculated CVE-2021-39079
CONFIRM
XF
ibm — cognos_analytics_mobile_for_android
 
Due to weak obfuscation, IBM Cognos Analytics Mobile for Android application prior to version 1.1.14 , an attacker could be able to reverse engineer the codebase to gain knowledge about the programming technique, interface, class definitions, algorithms and functions used. IBM X-Force ID: 215593. 2022-02-14 not yet calculated CVE-2021-39080
CONFIRM
XF
ibm — guardium_data_encryption
 
IBM Guardium Data Encryption (GDE) 5.0.0.2 and 5.0.0.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 213964. 2022-02-18 not yet calculated CVE-2021-39026
XF
CONFIRM
ibm — maximo_anywhere
 
IBM Maximo Anywhere 7.6.4.0 applications could disclose sensitive information to a user with physical access to the device. IBM X-Force ID: 161493. 2022-02-16 not yet calculated CVE-2019-4351
XF
CONFIRM
ibm — maximo_anywhere
 
IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code. IBM X-Force ID: 161494. 2022-02-16 not yet calculated CVE-2019-4352
CONFIRM
XF
ibm — maximo_anywhere
 
IBM Maximo Anywhere 7.6.4.0 could allow an attacker to reverse engineer the application due to the lack of binary protection precautions. IBM X-Force ID: 160697. 2022-02-16 not yet calculated CVE-2019-4291
CONFIRM
XF
ibm — maximo_asset_management
 
IBM Maximo Asset Management 7.6.1.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 210892. 2022-02-18 not yet calculated CVE-2021-38935
XF
CONFIRM
ibm — mq
 
IBM MQ 9.1 LTS is vulnerable to a denial of service attack caused by an issue within the channel process. IBM X-Force ID: 213964. 2022-02-17 not yet calculated CVE-2021-39034
XF
CONFIRM
ibtana — ibtana
 
The Ibtana WordPress plugin before 1.1.4.9 does not have authorisation and CSRF checks in the ive_save_general_settings AJAX action, allowing any authenticated users, such as subscriber to call it and change the plugin’s settings which could lead to Stored Cross-Site Scripting issue. 2022-02-14 not yet calculated CVE-2021-25014
MISC
impresscms — impresscms
 
ImpressCMS before 1.4.2 allows unauthenticated remote code execution via …../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. The payload may be placed in PHP_SESSION_UPLOAD_PROGRESS when the PHP installation supports upload_progress. 2022-02-14 not yet calculated CVE-2022-24977
MISC
MISC
MISC
internationalscratchwiki — scratch-confirmaccount-v3 A Cross-Site Request Forgery (CSRF) in RequirementsBypassPage.php of Scratch Wiki scratch-confirmaccount-v3 allows attackers to modify account request requirement bypasses. 2022-02-15 not yet calculated CVE-2021-46252
MISC
MISC
iobit_advanced_systemcare — iobit_advanced_systemcare
 
A Use after Free vulnerability exists in IOBit Advanced SystemCare 15 pro via requests sent in sequential order using the IOCTL driver codes, which could let a malicious user execute arbitrary code or a Denial of Service (system crash). IOCTL list: iobit_ioctl = [0x8001e01c, 0x8001e020, 0x8001e024, 0x8001e040,0x8001e044, 0x8001e048, 0x8001e04c, 0x8001e000, 0x8001e004, 0x8001e008, 0x8001e00c, 0x8001e010, 0x8001e014, 0x8001e018] 2022-02-18 not yet calculated CVE-2021-44968
MISC
isabel_stored_xxs — isabel_stored_xss
 
Multiple cross-site scripting (XSS) vulnerabilities in the Add User module of Issabel PBX 20200102 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the username and password fields. 2022-02-15 not yet calculated CVE-2021-46558
MISC
jeecg-boot — jeecg-boot
 
Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /sys/user/queryUserComponentData. 2022-02-16 not yet calculated CVE-2022-22881
MISC
jeecg-boot — jeecg-boot
 
Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /jeecg-boot/sys/user/queryUserByDepId. 2022-02-16 not yet calculated CVE-2022-22880
MISC
jenkin — pipeline_multibranch
 
Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system. 2022-02-15 not yet calculated CVE-2022-25179
CONFIRM
jenkins — agent_server_parameter
 
Jenkins Agent Server Parameter Plugin 1.0 and earlier does not escape parameter names of agent server parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-02-15 not yet calculated CVE-2022-25191
CONFIRM
jenkins — autonomiq A cross-site request forgery (CSRF) vulnerability in Jenkins autonomiq Plugin 1.15 and earlier allows attackers to connect to an attacker-specified URL server using attacker-specified credentials. 2022-02-15 not yet calculated CVE-2022-25194
CONFIRM
jenkins — autonomiq
 
A missing permission check in Jenkins autonomiq Plugin 1.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. 2022-02-15 not yet calculated CVE-2022-25195
CONFIRM
jenkins — checkmarx
 
A cross-site request forgery (CSRF) vulnerability in Jenkins Checkmarx Plugin 2022.1.2 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 2022-02-15 not yet calculated CVE-2022-25200
CONFIRM
MLIST
jenkins — checkmarx
 
Missing permission checks in Jenkins Checkmarx Plugin 2022.1.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 2022-02-15 not yet calculated CVE-2022-25201
CONFIRM
jenkins — chef_sinatra A cross-site request forgery (CSRF) vulnerability in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response. 2022-02-15 not yet calculated CVE-2022-25207
CONFIRM
MLIST
jenkins — chef_sinatra
 
Jenkins Chef Sinatra Plugin 1.20 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. 2022-02-15 not yet calculated CVE-2022-25209
CONFIRM
jenkins — chef_sinatra
 
A missing permission check in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers with Overall/Read permission to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response. 2022-02-15 not yet calculated CVE-2022-25208
CONFIRM
MLIST
jenkins — conjur_secrets
 
A missing permission check in Jenkins Conjur Secrets Plugin 1.0.11 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. 2022-02-15 not yet calculated CVE-2022-25190
CONFIRM
jenkins — convertigo_mobile_platform
 
Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier uses static fields to store job configuration information, allowing attackers with Item/Configure permission to capture passwords of the jobs that will be configured. 2022-02-15 not yet calculated CVE-2022-25210
CONFIRM
jenkins — custom_checkbox_parameter
 
Jenkins Custom Checkbox Parameter Plugin 1.1 and earlier does not escape parameter names of custom checkbox parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-02-15 not yet calculated CVE-2022-25189
CONFIRM
jenkins — dbcharts A cross-site request forgery (CSRF) vulnerability in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers to connect to an attacker-specified database via JDBC using attacker-specified credentials and to determine if a class is available in the Jenkins instance. 2022-02-15 not yet calculated CVE-2022-25205
CONFIRM
jenkins — dbcharts
 
A missing check in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified database via JDBC using attacker-specified credentials. 2022-02-15 not yet calculated CVE-2022-25206
CONFIRM
jenkins — doktor
 
Jenkins Doktor Plugin 0.4.1 and earlier implements functionality that allows agent processes to render files on the controller as Markdown or Asciidoc, and error messages allow attackers able to control agent processes to determine whether a file with a given name exists. 2022-02-15 not yet calculated CVE-2022-25204
CONFIRM
jenkins — fortify
 
Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with content not controllable by the attacker. 2022-02-15 not yet calculated CVE-2022-25188
CONFIRM
MLIST
jenkins — generic_webhook_trigger
 
Jenkins Generic Webhook Trigger Plugin 1.81 and earlier does not escape the build cause when using the webhook, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-02-15 not yet calculated CVE-2022-25185
CONFIRM
MLIST
jenkins — gitlab_authentication
 
Jenkins GitLab Authentication Plugin 1.13 and earlier records the HTTP Referer header as part of the URL query parameters when the authentication process starts, allowing attackers with access to Jenkins to craft a URL that will redirect users to an attacker-specified URL after logging in. 2022-02-15 not yet calculated CVE-2022-25196
CONFIRM
MLIST
jenkins — hashicorp_vault
 
Jenkins HashiCorp Vault Plugin 3.8.0 and earlier implements functionality that allows agent processes to retrieve any Vault secrets for use on the agent, allowing attackers able to control agent processes to obtain Vault secrets for an attacker-specified path and key. 2022-02-15 not yet calculated CVE-2022-25186
CONFIRM
jenkins — hashicorp_vault
 
Jenkins HashiCorp Vault Plugin 336.v182c0fbaaeb7 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins controller file system. 2022-02-15 not yet calculated CVE-2022-25197
CONFIRM
jenkins — pipeline_build_step
 
Jenkins Pipeline: Build Step Plugin 2.15 and earlier reveals password parameter default values when generating a pipeline script using the Pipeline Snippet Generator, allowing attackers with Item/Read permission to retrieve the default password parameter value from jobs. 2022-02-15 not yet calculated CVE-2022-25184
CONFIRM
jenkins — pipeline_groovy Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier includes password parameters from the original build in replayed builds, allowing attackers with Run/Replay permission to obtain the values of password parameters passed to previous builds of a Pipeline. 2022-02-15 not yet calculated CVE-2022-25180
CONFIRM
jenkins — pipeline_groovy
 
Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers able to configure Pipelines to read arbitrary files on the Jenkins controller file system. 2022-02-15 not yet calculated CVE-2022-25176
CONFIRM
jenkins — pipeline_groovy
 
Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier uses the same checkout directories for distinct SCMs when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents. 2022-02-15 not yet calculated CVE-2022-25173
CONFIRM
MLIST
jenkins — pipeline_multibranch
 
Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier uses distinct checkout directories per SCM for the readTrusted step, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents. 2022-02-15 not yet calculated CVE-2022-25175
CONFIRM
jenkins — pipeline_shared_groovy
 
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the same checkout directories for distinct SCMs for Pipeline libraries, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents. 2022-02-15 not yet calculated CVE-2022-25174
CONFIRM
jenkins — pipeline_shared_groovy_libraries A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM through crafted SCM contents, if a global Pipeline library already exists. 2022-02-15 not yet calculated CVE-2022-25181
CONFIRM
jenkins — pipeline_shared_groovy_libraries
 
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the names of Pipeline libraries to create cache directories without any sanitization, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM using specially crafted library names if a global Pipeline library configured to use caching already exists. 2022-02-15 not yet calculated CVE-2022-25183
CONFIRM
jenkins — pipeline_shared_groovy_libraries
 
A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code on the Jenkins controller JVM using specially crafted library names if a global Pipeline library is already configured. 2022-02-15 not yet calculated CVE-2022-25182
CONFIRM
jenkins — pipeline_shared_groovy_libraries
 
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier does not restrict the names of resources passed to the libraryResource step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system. 2022-02-15 not yet calculated CVE-2022-25178
CONFIRM
jenkins — pipeline_shared_groovy_libraries
 
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier follows symbolic links to locations outside of the expected Pipeline library when reading files using the libraryResource step, allowing attackers able to configure Pipelines to read arbitrary files on the Jenkins controller file system. 2022-02-15 not yet calculated CVE-2022-25177
CONFIRM
jenkins — promoted_builds
 
Jenkins Promoted Builds (Simple) Plugin 1.9 and earlier does not escape the name of custom promotion levels, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission. 2022-02-15 not yet calculated CVE-2022-25202
CONFIRM
jenkins — scp_publisher A cross-site request forgery (CSRF) vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials. 2022-02-15 not yet calculated CVE-2022-25198
CONFIRM
jenkins — scp_publisher
 
A missing permission check in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials. 2022-02-15 not yet calculated CVE-2022-25199
CONFIRM
jenkins — snow_commander A cross-site request forgery (CSRF) vulnerability in Jenkins Snow Commander Plugin 2.0 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 2022-02-15 not yet calculated CVE-2022-25192
CONFIRM
jenkins — snow_commander
 
Missing permission checks in Jenkins Snow Commander Plugin 2.0 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 2022-02-15 not yet calculated CVE-2022-25193
CONFIRM
jenkins — support_core
 
Jenkins Support Core Plugin 2.79 and earlier does not redact some sensitive information in the support bundle. 2022-02-15 not yet calculated CVE-2022-25187
CONFIRM
jenkins — swamp A missing permission check in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server using attacker-specified credentials. 2022-02-15 not yet calculated CVE-2022-25211
CONFIRM
jenkins — swamp
 
A cross-site request forgery (CSRF) vulnerability in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials. 2022-02-15 not yet calculated CVE-2022-25212
CONFIRM
jenkins — teams_views Jenkins Team Views Plugin 0.9.0 and earlier does not escape team names, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Read permission. 2022-02-15 not yet calculated CVE-2022-25203
CONFIRM
jerryscript_project — jerryscript
 
There is an Assertion in ‘context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION’ failed at parser_parse_function_arguments in /js/js-parser.c of JerryScript commit a6ab5e9. 2022-02-17 not yet calculated CVE-2022-22901
MISC
MISC
MISC
jqueryform.com — jqueryform.com
 
Forms generated by JQueryForm.com before 2022-02-05 (if file-upload capability is enabled) allow remote unauthenticated attackers to upload executable files and achieve remote code execution. This occurs because file-extension checks occur on the client side, and because not all executable content (e.g., .phtml or .php.bak) is blocked. 2022-02-16 not yet calculated CVE-2022-24984
MISC
MISC
MISC
jqueryform.com — jqueryform.com
 
A reflected cross-site scripting (XSS) vulnerability in forms generated by JQueryForm.com before 2022-02-05 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter to admin.php. 2022-02-16 not yet calculated CVE-2022-24981
MISC
MISC
MISC
jqueryform.com — jqueryform.com
 
Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to access the cleartext credentials of all other form users. admin.php contains a hidden base64-encoded string with these credentials. 2022-02-16 not yet calculated CVE-2022-24982
MISC
MISC
MISC
jqueryform.com — jqueryform.com
 
Forms generated by JQueryForm.com before 2022-02-05 allow remote attackers to obtain the URI to any uploaded file by capturing the POST response. When chained with CVE-2022-24984, this could lead to unauthenticated remote code execution on the underlying web server. This occurs because the Unique ID field is contained in the POST response upon submitting a form. 2022-02-16 not yet calculated CVE-2022-24983
MISC
MISC
MISC
jqueryform.com — jqueryform.com
 
Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to bypass authentication and access the administrative section of other forms hosted on the same web server. This is relevant only when an organization hosts more than one of these forms on their server. 2022-02-16 not yet calculated CVE-2022-24985
MISC
MISC
MISC
k-box — k-box
 
K-Box is a web-based application to manage documents, images, videos and geodata. Prior to version 0.33.1, a stored Cross-Site-Scripting (XSS) vulnerability is present in the markdown editor used by the document abstract and markdown file preview. A specifically crafted anchor link can, if clicked, execute untrusted javascript actions, like retrieving user cookies. Version 0.33.1 includes a patch that allows discarding unsafe links. 2022-02-14 not yet calculated CVE-2022-23637
MISC
CONFIRM
kicad — eda A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadXYCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. 2022-02-16 not yet calculated CVE-2022-23803
MISC
kicad — eda
 
A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadIJCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. 2022-02-16 not yet calculated CVE-2022-23804
MISC
kiteworks_mft– kiteworks_mft
 
Kiteworks MFT 7.5 may allow an unauthorized user to reset other users’ passwords. This is fixed in version 7.6 and later. 2022-02-14 not yet calculated CVE-2022-24110
MISC
CONFIRM
kkfileview — kkfileview
 
kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host. 2022-02-15 not yet calculated CVE-2021-43734
MISC
kvm_amd — kvm_amd
 
A flaw was found in the KVM’s AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario. 2022-02-18 not yet calculated CVE-2021-4093
MISC
MISC
lemminx — lemminx
 
A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redirect could allow unauthorized access to sensitive information locally if LemMinX is run under a privileged user. 2022-02-18 not yet calculated CVE-2022-0672
MISC
lemminx — lemminx
 
A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files due to directory traversal. 2022-02-18 not yet calculated CVE-2022-0673
MISC

libexa — dxp_exsystems/expublish-kernel

Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows injection attacks via image filenames. 2022-02-18 not yet calculated CVE-2022-25337
MISC
libexa — dxp_exsystems/expublish-kernel
 
Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows Insecure Direct Object Reference (IDOR) attacks against image files because the image path and filename can be correctly deduced. 2022-02-18 not yet calculated CVE-2022-25336
MISC
librenms — librenms Exposure of Sensitive Information to an Unauthorized Actor in Packagist librenms/librenms prior to 22.2.0. 2022-02-15 not yet calculated CVE-2022-0588
CONFIRM
MISC
MISC
librenms — librenms Cross-site Scripting (XSS) – Stored in Packagist librenms/librenms prior to 22.2.0. 2022-02-14 not yet calculated CVE-2022-0575
MISC
CONFIRM
MISC
librenms — librenms Improper Authorization in Packagist librenms/librenms prior to 22.2.0. 2022-02-15 not yet calculated CVE-2022-0587
CONFIRM
MISC
MISC
librenms — librenms
 
Improper Access Control in Packagist librenms/librenms prior to 22.2.0. 2022-02-14 not yet calculated CVE-2022-0580
CONFIRM
MISC
MISC
librenms — librenms
 
Cross-site Scripting (XSS) – Generic in Packagist librenms/librenms prior to 22.1.0. 2022-02-14 not yet calculated CVE-2022-0576
MISC
CONFIRM
MISC
librenms — librenms
 
Cross-site Scripting (XSS) – Stored in Packagist librenms/librenms prior to 22.1.0. 2022-02-15 not yet calculated CVE-2022-0589
MISC
CONFIRM
MISC
libsixel — libsixel
 
In libsixel 1.8.6, sixel_encoder_output_without_macro (called from sixel_encoder_encode_frame in encoder.c) has a double free. 2022-02-19 not yet calculated CVE-2021-46700
MISC
linux — linux_kernel A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability. 2022-02-16 not yet calculated CVE-2021-3760
MISC
linux — linux_kernel
 
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. 2022-02-16 not yet calculated CVE-2021-3752
MISC
MISC
MISC
linux — linux_kernel
 
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. 2022-02-18 not yet calculated CVE-2021-20321
MISC
MISC
linux — linux_kernel
 
In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference. 2022-02-14 not yet calculated CVE-2021-44879
MISC
CONFIRM
MISC
MISC
linux — linux_kernel
 
An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmval[bmlen-1] in nfsd4_decode_bitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system integrity and confidentiality threat. 2022-02-18 not yet calculated CVE-2021-4090
MISC
MISC
linux — linux_kernel
 
A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel. In this flaw, a local attacker with special user privilege can circumvent the verifier and may lead to a confidentiality problem. 2022-02-18 not yet calculated CVE-2021-20320
MISC
MISC
linux — linux_kernel
 
A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. 2022-02-16 not yet calculated CVE-2022-0617
MISC
MISC
MISC
linux — linux_kernel
 
An information leak flaw was found due to uninitialized memory in the Linux kernel’s TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows a local user to read some kernel memory. This issue is limited to no more than 7 bytes, and the user cannot control what is read. This flaw affects the Linux kernel versions prior to 5.17-rc1. 2022-02-11 not yet calculated CVE-2022-0382
MISC
linux — linux_kernel
 
A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP) subsystem was found in the way user triggers cancel_work_sync after the unregister_netdev during removing device. A local user could use this flaw to crash the system or escalate their privileges on the system. It is actual from Linux Kernel 5.17-rc1 (when mctp-serial.c introduced) till 5.17-rc5. 2022-02-18 not yet calculated CVE-2022-0646
MISC
linux — linux_kernel
 
An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur. 2022-02-16 not yet calculated CVE-2022-25258
MISC
MISC
MISC
linux — linux_kernel
 
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file. 2022-02-16 not yet calculated CVE-2022-25265
MISC
MISC
linux — linux_kernel
 
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. 2022-02-18 not yet calculated CVE-2021-20322
MISC
MISC
MISC
MISC
MISC
linux — linux_kernel
 
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality. 2022-02-16 not yet calculated CVE-2021-3753
MISC
MISC
MISC
litespeed.js — litespeed.js
 
This affects the package litespeed.js before 0.3.12; the package appwrite/server-ce from 0.12.0 and before 0.12.2, before 0.11.1. When parsing the query string in the getJsonFromUrl function, the key that is set in the result object is not properly sanitized leading to a Prototype Pollution vulnerability. 2022-02-16 not yet calculated CVE-2021-23682
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
liveconfig — liveconfig A Stored XSS issue exists in the admin/users user administration form in LiveConfig 2.12.2. 2022-02-18 not yet calculated CVE-2021-40840
MISC
MISC
liveconfig — liveconfig A Path Traversal vulnerability for a log file in LiveConfig 2.12.2 allows authenticated attackers to read files on the underlying server. 2022-02-18 not yet calculated CVE-2021-40841
MISC
MISC
livehelperchat — livehelperchat
 
Cross-site Scripting (XSS) – Stored in Packagist remdex/livehelperchat prior to 3.93v. 2022-02-16 not yet calculated CVE-2022-0612
CONFIRM
MISC
magnolia — magnolia
 
A Server-Side Template Injection (SSTI) vulnerability in the Registration and Forgotten Password forms of Magnolia v6.2.3 and below allows attackers to execute arbitrary code via a crafted payload entered into the fullname parameter. 2022-02-11 not yet calculated CVE-2021-46362
MISC
MISC
magnolia — magnolia
 
An issue in the Export function of Magnolia v6.2.3 and below allows attackers to execute arbitrary code via a crafted XLF file. 2022-02-11 not yet calculated CVE-2021-46365
MISC
MISC
magnolia — magnolia
 
An issue in the Export function of Magnolia v6.2.3 and below allows attackers to execute arbitrary code via a crafted CSV/XLS file. 2022-02-11 not yet calculated CVE-2021-46363
MISC
MISC
magnolia_cms — magnolia_cms
 
An issue in the Freemark Filter of Magnolia CMS v6.2.11 and below allows attackers to bypass security restrictions and execute arbitrary code via a crafted FreeMarker payload. 2022-02-11 not yet calculated CVE-2021-46361
MISC
MISC
mappress_maps — mappress_maps
 
The MapPress Maps for WordPress plugin before 2.73.4 does not sanitise and escape the mapid parameter before outputting it back in the “Bad mapid” error message, leading to a Reflected Cross-Site Scripting 2022-02-14 not yet calculated CVE-2022-0208
MISC
mariadb — mariadb This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193. 2022-02-18 not yet calculated CVE-2022-24051
MISC
MISC
mariadb — mariadb This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16207. 2022-02-18 not yet calculated CVE-2022-24050
MISC
MISC
mariadb — mariadb
 
This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16191. 2022-02-18 not yet calculated CVE-2022-24048
MISC
MISC
mariadb — mariadb
 
This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16190. 2022-02-18 not yet calculated CVE-2022-24052
MISC
MISC
mbsync — mbsync
 
A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote code execution on the client. 2022-02-16 not yet calculated CVE-2021-3578
MISC
MISC
MLIST
FEDORA
MISC
FEDORA
MISC
mbsync — mbsync
 
A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for remote code execution. 2022-02-18 not yet calculated CVE-2021-3657
MISC
MISC
mediawiki — mediawiki
 
MediaWiki before 1.23.16, 1.24.x through 1.27.x before 1.27.2, and 1.28.x before 1.28.1 allows remote attackers to discover the IP addresses of Wiki visitors via a style=”background-image: attr(title url);” attack within a DIV element that has an attacker-controlled URL in the title attribute. 2022-02-18 not yet calculated CVE-2017-0371
MISC
MISC
metinfo — metinfo
 
Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in language_general.class.php via doModifyParameter. 2022-02-14 not yet calculated CVE-2022-23335
MISC
metinfo — metinfo
 
Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in parameter_admin.class.php via the table_para parameter. 2022-02-14 not yet calculated CVE-2022-22295
MISC
microweber — microweber Cross-site Scripting (XSS) – Reflected in Packagist microweber/microweber prior to 1.2.11. 2022-02-19 not yet calculated CVE-2022-0678
CONFIRM
MISC
microweber — microweber Business Logic Errors in Packagist microweber/microweber prior to 1.2.11. 2022-02-15 not yet calculated CVE-2022-0596
CONFIRM
MISC
microweber — microweber Use multiple time the one-time coupon in Packagist microweber/microweber prior to 1.2.11. 2022-02-19 not yet calculated CVE-2022-0689
MISC
CONFIRM
microweber — microweber
 
Cross-site Scripting (XSS) – Reflected in Packagist microweber/microweber prior to 1.2.11. 2022-02-19 not yet calculated CVE-2022-0690
MISC
CONFIRM
microweber — microweber
 
Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11. 2022-02-18 not yet calculated CVE-2022-0660
CONFIRM
MISC
microweber — microweber
 
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11. 2022-02-18 not yet calculated CVE-2022-0666
MISC
CONFIRM
microweber — microweber
 
Open Redirect in Packagist microweber/microweber prior to 1.2.11. 2022-02-15 not yet calculated CVE-2022-0597
CONFIRM
MISC
microweber — microweber
 
Cross-Site Request Forgery (CSRF) in Packagist microweber/microweber prior to 1.2.11. 2022-02-17 not yet calculated CVE-2022-0638
MISC
CONFIRM
mig-controller — mig-controller
 
An incorrect default permissions vulnerability was found in the mig-controller. Due to an incorrect cluster namespaces handling an attacker may be able to migrate a malicious workload to the target cluster, impacting confidentiality, integrity, and availability of the services located on that cluster. 2022-02-18 not yet calculated CVE-2021-3948
MISC
ming-soft — mcms
 
A problem was found in ming-soft MCMS v5.1. There is a sql injection vulnerability in /ms/cms/content/list.do 2022-02-17 not yet calculated CVE-2021-44868
MISC
ming-soft — mcms
 
MCMS v5.2.5 was discovered to contain a Server Side Template Injection (SSTI) vulnerability via the Template Management module. 2022-02-18 not yet calculated CVE-2021-46063
MISC
ming-soft — mcms
 
An arbitrary file upload vulnerability in the component /ms/file/uploadTemplate.do of MCMS v5.2.4 allows attackers to execute arbitrary code. 2022-02-18 not yet calculated CVE-2021-46036
MISC
ming-soft — mcms
 
MCMS v5.2.4 was discovered to contain an arbitrary file deletion vulnerability via the component /template/unzip.do. 2022-02-18 not yet calculated CVE-2021-46037
MISC
ming-soft — mcms
 
MCMS v5.2.5 was discovered to contain an arbitrary file deletion vulnerability via the component oldFileName. 2022-02-18 not yet calculated CVE-2021-46062
MISC
mitsubishi_electric — multiple_factory_automation_engineering_software_products
 
Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition. 2022-02-11 not yet calculated CVE-2020-14521
MISC
MISC
mobisoft — mobiplus
 
MobiSoft – MobiPlus User Take Over and Improper Handling of url Parameters Attacker can navigate to specific url which will expose all the users and password in clear text. IP/MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData&amp;GridName=Users 2022-02-16 not yet calculated CVE-2022-22792
MISC
mortgage_calculators_wp — mortgage_calculators_wp
 
The Mortgage Calculators WP WordPress plugin before 1.56 does not implement any sanitisation on the color setting of the background of a calculator, which could allow high privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. 2022-02-14 not yet calculated CVE-2021-24904
MISC
moxa — routers
 
Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via crafted packets. 2022-02-18 not yet calculated CVE-2021-46082
MISC
MISC
mruby — mruby Out-of-bounds Read in Homebrew mruby prior to 3.2. 2022-02-19 not yet calculated CVE-2022-0630
MISC
CONFIRM
mruby — mruby Out-of-bounds Read in Homebrew mruby prior to 3.2. 2022-02-17 not yet calculated CVE-2022-0623
CONFIRM
MISC
mruby — mruby Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2. 2022-02-16 not yet calculated CVE-2022-0614
CONFIRM
MISC
mruby — mruby Heap-based Buffer Overflow in Homebrew mruby prior to 3.2. 2022-02-18 not yet calculated CVE-2022-0631
MISC
CONFIRM
mruby — mruby
 
Heap-based Buffer Overflow in Homebrew mruby prior to 3.2. 2022-02-14 not yet calculated CVE-2022-0570
CONFIRM
MISC
mruby — mruby
 
NULL Pointer Dereference in Homebrew mruby prior to 3.2. 2022-02-19 not yet calculated CVE-2022-0632
CONFIRM
MISC
netfliter — netfilter
 
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. 2022-02-16 not yet calculated CVE-2021-3773
MISC
newstatpress — newstatpress
 
The NewStatPress WordPress plugin before 1.3.6 does not properly escape the whatX parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues 2022-02-14 not yet calculated CVE-2022-0206
MISC
nginx — njs njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c. 2022-02-14 not yet calculated CVE-2021-46462
MISC
MISC
nginx — njs njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a Type Confusion vulnerability in njs_promise_perform_then(). 2022-02-14 not yet calculated CVE-2021-46463
MISC
MISC
nginx — njs
 
njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in njs_await_fulfilled. 2022-02-14 not yet calculated CVE-2022-25139
MISC
MISC
nginx — njs
 
njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_vmcode.c. 2022-02-14 not yet calculated CVE-2021-46461
MISC
MISC
npm_urijs — npm_urijs
 
Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8. 2022-02-16 not yet calculated CVE-2022-0613
CONFIRM
MISC
npm_url-parse — npm_url-parse
 
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6. 2022-02-14 not yet calculated CVE-2022-0512
CONFIRM
MISC
npm_url-parse — npm_url-parse
 
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7. 2022-02-17 not yet calculated CVE-2022-0639
MISC
CONFIRM
nvidia — license_system
 
NVIDIA License System contains a vulnerability in the installation scripts for the DLS virtual appliance, where a user on a network after signing in to the portal can access other users’ credentials, allowing them to gain escalated privileges, resulting in limited impact to both confidentiality and integrity. 2022-02-15 not yet calculated CVE-2022-21818
MISC
o2oa — o2oa
 
O2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerability via /x_program_center/jaxrs/invoke. 2022-02-17 not yet calculated CVE-2022-22916
MISC
MISC
object-extend — object-extend
 
The package object-extend from 0.0.0 are vulnerable to Prototype Pollution via object-extend. 2022-02-18 not yet calculated CVE-2021-23702
CONFIRM
online_shopping_portal — online_shopping_portal
 
Online Shopping Portal v3.1 was discovered to contain multiple time-based SQL injection vulnerabilities via the email and contactno parameters. 2022-02-18 not yet calculated CVE-2021-46110
MISC
ovidentia_cms — ovidentia_cms
 
An incorrect access control issue in the component FileManager of Ovidentia CMS 6.0 allows authenticated attackers to to view and download content in the upload directory via path traversal. 2022-02-17 not yet calculated CVE-2022-22914
MISC
MISC
pcf2bdf — pcf2bdf A segmentation fault during PCF file parsing in pcf2bdf versions >=1.05 allows an attacker to trigger a program crash via a specially crafted PCF font file. This crash affects the availability of the software and dependent downstream components. 2022-02-17 not yet calculated CVE-2022-23319
MISC
MISC
pcf2bdf — pcf2bdf
 
A heap-buffer-overflow in pcf2bdf, versions >= 1.05 allows an attacker to trigger unsafe memory access via a specially crafted PCF font file. This out-of-bound read may lead to an application crash, information disclosure via program memory or other context-dependent impact. 2022-02-17 not yet calculated CVE-2022-23318
MISC
MISC
perfect_brands — perfect_brands
 
The vulnerability discovered in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4) allows server information exposure. 2022-02-18 not yet calculated CVE-2022-23982
CONFIRM
CONFIRM
perfect_brands — perfect_brands
 
The vulnerability allows Subscriber+ level users to create brands in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4). 2022-02-18 not yet calculated CVE-2022-23981
CONFIRM
CONFIRM
pexip — infinity
 
Pexip Infinity before 27.0 has improper WebRTC input validation. An unauthenticated remote attacker can use excessive resources, temporarily causing denial of service. 2022-02-18 not yet calculated