Vulnerability Summary for the Week of August 22, 2022

08/29/2022 10:01 AM EDT

Original release date: August 29, 2022 | Last revised: August 30, 2022

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no high vulnerabilities recorded this week.

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no medium vulnerabilities recorded this week.

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no low vulnerabilities recorded this week.

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
72crm — wukong_crm 72crm 9.0 has an Arbitrary file upload vulnerability. 2022-08-24 not yet calculated CVE-2022-37181
MISC
72crm — wukong_crm An issue was discovered in 72crm 9.0. There is a SQL Injection vulnerability in View the task calendar. 2022-08-24 not yet calculated CVE-2022-37178
MISC
abb — abb_zenon
 
Relative Path Traversal vulnerability in ABB Zenon 8.20 allows the user to access files on the Zenon system and user also can add own log messages and e.g., flood the log entries. An attacker who successfully exploit the vulnerability could access the Zenon runtime activities such as the start and stop of various activity and the last error code etc. 2022-08-24 not yet calculated CVE-2022-34836
MISC
abb — abb_zenon
 
Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add more network clients that may monitor various activities of the Zenon. 2022-08-24 not yet calculated CVE-2022-34837
MISC
abb — abb_zenon
 
Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user. 2022-08-24 not yet calculated CVE-2022-34838
MISC
adobe — commerce Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to leak minor information of another user’s account detials. Exploitation of this issue does not require user interaction. 2022-08-19 not yet calculated CVE-2022-35692
MISC
anjuta-bookmarks.c — anjuta-bookmarks.c
 
There is a Information Disclosure vulnerability in anjuta/plugins/document-manager/anjuta-bookmarks.c. This issue was caused by the incorrect use of libxml2 API. The vendor forgot to call ‘g_free()’ to release the return value of ‘xmlGetProp()’. 2022-08-25 not yet calculated CVE-2021-42522
MISC
apache — activemq_artemis In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an address or queue. 2022-08-23 not yet calculated CVE-2022-35278
MISC
apache — flume Apache Flume versions 1.4.0 through 1.10.0 are vulnerable to a remote code execution (RCE) attack when a configuration uses a JMS Source with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI to allow only the use of the java protocol or no protocol. 2022-08-21 not yet calculated CVE-2022-34916
MISC
MISC
apache — hadoop
 
ZKConfigurationStore which is optionally used by CapacityScheduler of Apache Hadoop YARN deserializes data obtained from ZooKeeper without validation. An attacker having access to ZooKeeper can run arbitrary commands as YARN user by exploiting this. Users should upgrade to Apache Hadoop 2.10.2, 3.2.4, 3.3.4 or later (containing YARN-11126) if ZKConfigurationStore is used. 2022-08-25 not yet calculated CVE-2021-25642
MISC
apache — libapreq2 A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack. 2022-08-25 not yet calculated CVE-2022-22728
MISC
MLIST
MLIST
MLIST
apple — macos An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to access sensitive user information. 2022-08-24 not yet calculated CVE-2022-32834
MISC
MISC
MISC
apple — macos A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges. 2022-08-24 not yet calculated CVE-2022-32811
MISC
MISC
MISC
apple — macos The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to execute arbitrary code with kernel privileges. 2022-08-24 not yet calculated CVE-2022-32810
MISC
MISC
MISC
apple — macos Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory. 2022-08-24 not yet calculated CVE-2022-32793
MISC
MISC
MISC
MISC
FEDORA
apple — macos The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges. 2022-08-24 not yet calculated CVE-2022-32812
MISC
MISC
MISC
apple — multiple_products This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A user in a privileged network position can track a user’s activity. 2022-08-24 not yet calculated CVE-2022-32857
MISC
MISC
MISC
MISC
MISC
MISC
apple — multiple_products The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. An app with root privileges may be able to execute arbitrary code with kernel privileges. 2022-08-24 not yet calculated CVE-2022-32813
MISC
MISC
MISC
MISC
MISC
MISC
apple — multiple_products This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to cause unexpected system termination or write kernel memory. 2022-08-24 not yet calculated CVE-2022-32837
MISC
MISC
MISC
apple — multiple_products A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6. An app may be able to read arbitrary files. 2022-08-24 not yet calculated CVE-2022-32838
MISC
MISC
MISC
MISC
apple — multiple_products The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A remote user may cause an unexpected app termination or arbitrary code execution. 2022-08-24 not yet calculated CVE-2022-32839
MISC
MISC
MISC
MISC
MISC
MISC
apple — multiple_products This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to execute arbitrary code with kernel privileges. 2022-08-24 not yet calculated CVE-2022-32840
MISC
MISC
MISC
apple — multiple_products An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. 2022-08-24 not yet calculated CVE-2022-32894
MISC
MISC
apple — multiple_products An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. 2022-08-24 not yet calculated CVE-2022-32893
MISC
MISC
MISC
MLIST
MLIST
FEDORA
DEBIAN
DEBIAN
arc_informatique — pcvue
 
The affected device stores sensitive information in cleartext, which may allow an authenticated user to access session data stored in the OAuth database belonging to legitimate users 2022-08-24 not yet calculated CVE-2022-2569
MISC
archer — archer_platform
 
Archer Platform 6.9 SP2 P2 before 6.11 P3 (6.11.0.3) contain a reflected XSS vulnerability. A remote unauthenticated malicious Archer user could potentially exploit this vulnerability by tricking a victim application user into supplying malicious JavaScript code to the vulnerable web application. This code is then reflected to the victim and gets executed by the web browser in the context of the vulnerable web application. 6.10 P4 (6.10.0.4) and 6.11 P2 HF4 (6.11.0.2.4) are also fixed releases. 2022-08-25 not yet calculated CVE-2022-37318
MISC
MISC
archer — archer_platform
 
Archer Platform 6.x before 6.11 P3 contain an HTML injection vulnerability. An authenticated remote attacker could potentially exploit this vulnerability by tricking a victim application user to execute malicious code in the context of the web application. 6.10 P4 (6.10.0.4) and 6.11 P2 HF4 (6.11.0.2.4) are also fixed releases. 2022-08-25 not yet calculated CVE-2022-37317
MISC
MISC
archer — archer_platform
 
Archer Platform 6.8 before 6.11 P3 (6.11.0.3) contains an improper API access control vulnerability in a multi-instance system that could potentially present unauthorized metadata to an authenticated user of the affected system. 6.10 P3 HF1 (6.10.0.3.1) is also a fixed release. 2022-08-25 not yet calculated CVE-2022-37316
MISC
MISC
articatech — artica_proxy An issue was discovered in Artica Proxy 4.30.000000. There is a XSS vulnerability via the password parameter in /fw.login.php. 2022-08-24 not yet calculated CVE-2022-37153
MISC
artifex — ghostscript A heap-based buffer over write vulnerability was found in GhostScript’s lp8000_print_page() function in gdevlp8k.c file. An attacker could trick a user to open a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service. 2022-08-19 not yet calculated CVE-2020-27792
MISC
MISC
asneg — opc_ua_stack All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks – per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk. 2022-08-23 not yet calculated CVE-2022-24381
CONFIRM
atlassian — bitbucket_server_and_data_center
 
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request. This vulnerability was reported via our Bug Bounty Program by TheGrandPew. 2022-08-25 not yet calculated CVE-2022-36804
MISC
atlassian — jira
 
ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader. 2022-08-26 not yet calculated CVE-2022-36537
MISC
baijiacms — baijiacms Baijicms v4 was discovered to contain an arbitrary file upload vulnerability. 2022-08-22 not yet calculated CVE-2022-35150
MISC
MISC
bdg — mobiledoc_kit Cross-site Scripting (XSS) – Reflected in GitHub repository bustle/mobiledoc-kit prior to 0.14.2. 2022-08-22 not yet calculated CVE-2022-2932
MISC
CONFIRM

blue_prism — enterprise

An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for a domain authenticated user to send a crafted message to the Blue Prism Server and accomplish a remote code execution attack that is possible because of insecure deserialization. Exploitation of this vulnerability allows for code to be executed in the context of the Blue Prism Server service. 2022-08-25 not yet calculated CVE-2022-36119
MISC
MISC
MISC
blue_prism — enterprise An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for the getChartData administrative function. Using a low/no privilege Blue Prism user account, the attacker can alter the server’s settings by abusing the getChartData method, allowing the Blue Prism server to execute any MSSQL stored procedure by name. 2022-08-26 not yet calculated CVE-2022-36120
MISC
MISC
MISC
blue_prism — enterprise An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for the UpdateOfflineHelpData administrative function. Abusing this function will allow any Blue Prism user to change the offline help URL to one of their choice, opening the possibility of spoofing the help page or executing a local file. 2022-08-26 not yet calculated CVE-2022-36121
MISC
MISC
MISC
blue_prism — enterprise
 
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for the SetProcessAttributes administrative function. Abusing this function will allow any Blue Prism user to publish, unpublish, or retire processes. Using this function, any logged-in user can change the status of a process, an action allowed only intended for users with the Edit Process permission. 2022-08-25 not yet calculated CVE-2022-36118
MISC
MISC
MISC
blue_prism — enterprise
 
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for an administrative function. If credential access is configured to be accessible by a machine or the runtime resource security group, using further reverse engineering, an attacker can spoof a known machine and request known encrypted credentials to decrypt later. 2022-08-25 not yet calculated CVE-2022-36117
MISC
MISC
MISC
blue_prism — enterprise
 
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for unintended functionality. An attacker can abuse the CreateProcessAutosave() method to inject their own functionality into a development process. If (upon a warning) a user decides to recover unsaved work by using the last saved version, the malicious code could enter the workflow. Should the process action stages not be fully reviewed before publishing, this could result in the malicious code being run in a production environment. 2022-08-25 not yet calculated CVE-2022-36115
MISC
MISC
MISC
blue_prism — enterprise
 
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for the setValidationInfo administrative function. Removing the validation applied to newly designed processes increases the chance of successfully hiding malicious code that could be executed in a production environment. 2022-08-25 not yet calculated CVE-2022-36116
MISC
MISC
MISC
bluecms — bluecms BlueCMS 1.6 has SQL injection in line 55 of admin/model.php 2022-08-23 not yet calculated CVE-2022-37112
MISC
bluecms — bluecms BlueCMS 1.6 has SQL injection in line 132 of admin/article.php 2022-08-23 not yet calculated CVE-2022-37111
MISC
bluecm — bluecms Bluecms 1.6 has SQL injection in line 132 of admin/area.php 2022-08-23 not yet calculated CVE-2022-37113
MISC
bpcbt — smartvista Multiple reflected XSS vulnerabilities occur when handling error message of BPC SmartVista version 3.28.0 allowing an attacker to execute javascript code at client side. 2022-08-19 not yet calculated CVE-2022-35554
MISC
MISC
MISC
bus_pass_management — bus_pass_management Multiple SQL injections detected in Bus Pass Management System 1.0 via buspassms/admin/view-enquiry.php, buspassms/admin/pass-bwdates-reports-details.php, buspassms/admin/changeimage.php, buspassms/admin/search-pass.php, buspassms/admin/edit-category-detail.php, and buspassms/admin/edit-pass-detail.php 2022-08-22 not yet calculated CVE-2022-36198
MISC
MISC
chatwoot — chatwoot Cross-site Scripting (XSS) – DOM in GitHub repository chatwoot/chatwoot prior to 2.7.0. 2022-08-19 not yet calculated CVE-2022-0542
CONFIRM
MISC
cisco — fxos
 
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation of specific values that are within a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, which would cause the affected device to reload, resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). 2022-08-25 not yet calculated CVE-2022-20824
CISCO
cisco — fxos
 
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The attacker would need to have Administrator privileges on the device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges. 2022-08-25 not yet calculated CVE-2022-20865
CISCO
cisco — nx-os
 
A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory. 2022-08-25 not yet calculated CVE-2022-20823
CISCO
cisco– aci_multi-site_orchestrator
 
A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator (MSO) could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit this vulnerability by sending crafted HTTP requests. A successful exploit could allow an attacker who is authenticated with non-Administrator privileges to elevate to Administrator privileges on an affected device. 2022-08-25 not yet calculated CVE-2022-20921
CISCO
claroline — claroline Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS). An attacker can obtain javascript code execution by adding arbitrary javascript code in the ‘Location’ field of a calendar event. 2022-08-25 not yet calculated CVE-2022-37162
MISC
claroline — claroline Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS) via SVG file upload. 2022-08-25 not yet calculated CVE-2022-37161
MISC
claroline — claroline Claroline 13.5.7 and prior allows an authenticated attacker to elevate privileges via the arbitrary creation of a privileged user. By combining the XSS vulnerability present in several upload forms and a javascript request to the present API, it is possible to trigger the creation of a user with administrative rights by opening an SVG file as an administrator user. 2022-08-25 not yet calculated CVE-2022-37160
MISC
claroline — claroline Claroline 13.5.7 and prior is vulnerable to Remote code execution via arbitrary file upload. 2022-08-25 not yet calculated CVE-2022-37159
MISC
clinic’s_patient_management — clinic’s_patient_management Clinic’s Patient Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via patients.php. 2022-08-22 not yet calculated CVE-2022-36251
MISC
clusterlabs — clusterlabs_hawk
 
An issue was discovered in ClusterLabs Hawk (aka HA Web Konsole) through 2.3.0-15. It ships the binary hawk_invoke (built from tools/hawk_invoke.c), intended to be used as a setuid program. This allows the hacluster user to invoke certain commands as root (with an attempt to limit this to safe combinations). This user is able to execute an interactive “shell” that isn’t limited to the commands specified in hawk_invoke, allowing escalation to root. 2022-08-26 not yet calculated CVE-2021-3020
MISC
MISC
MISC
codesys — visualization All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users. 2022-08-23 not yet calculated CVE-2022-1989
CONFIRM
colord — colord
 
There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the ‘err_msg’ of ‘sqlite3_exec’ is not releasing after use, while libxml2 emphasizes that the caller needs to release it. 2022-08-25 not yet calculated CVE-2021-42523
MISC
crowcpp — crow HTTP applications (servers) based on Crow through 1.0+4 may reveal potentially sensitive data from stack memory when fulfilling a request for a static file smaller than 16 KB. 2022-08-22 not yet calculated CVE-2022-38668
MISC
crowcpp — crow HTTP applications (servers) based on Crow through 1.0+4 may allow a Use-After-Free and code execution when HTTP pipelining is used. 2022-08-22 not yet calculated CVE-2022-38667
MISC
crowdstrike — falcon A vulnerability was found in CrowdStrike Falcon 6.31.14505.0/6.42.15610. It has been classified as problematic. Affected is the Uninstallation Handler which makes it possible to circumvent and disable the security feature. The manipulation leads to missing authorization. The identifier of this vulnerability is VDB-206880. 2022-08-22 not yet calculated CVE-2022-2841
N/A
N/A
N/A
N/A
cryptopro — cryptopro_secure_disk
 
A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. 2022-08-26 not yet calculated CVE-2022-34301
MISC
MISC
cskefu — cskefu
 
Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add administrator accounts. 2022-08-26 not yet calculated CVE-2022-36521
MISC
d-link — dir-615 The WAN configuration page “wan.htm” on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page. 2022-08-23 not yet calculated CVE-2021-42627
MISC
MISC
MISC
MISC
d-link — dsl-3782 D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service (DoS) via a crafted HTTP connection request. 2022-08-23 not yet calculated CVE-2022-35191
MISC
MISC
MISC
MISC
d-link — modem_router
 
D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service (DoS) via the User parameter or Pwd parameter to Login.asp. 2022-08-26 not yet calculated CVE-2022-35192
MISC
MISC
MISC
MISC
de.fac2 — de.fac2 de.fac2 1.34 allows bypassing the User Presence protection mechanism when there is malware on the victim’s PC. 2022-08-24 not yet calculated CVE-2022-33172
MISC
MISC
dell — emc_powerscale_onefs Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated attacker may potentially exploit this vulnerability, leading to information disclosure. 2022-08-22 not yet calculated CVE-2022-32480
MISC
dell — emc_powerscale_onefs Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services. 2022-08-22 not yet calculated CVE-2022-33932
MISC
dell — emc_powerscale_onefs Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain a process invoked with sensitive information vulnerability. A CLI user may potentially exploit this vulnerability, leading to information disclosure. 2022-08-22 not yet calculated CVE-2022-31238
MISC
dell — emc_powerscale_onefs Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an improper preservation of permissions vulnerability in SyncIQ. A low privileged local attacker may potentially exploit this vulnerability, leading to limited information disclosure. 2022-08-22 not yet calculated CVE-2022-31237
MISC
deluge — deluge_web-ui
 
The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it’s interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user’s browser session. 2022-08-26 not yet calculated CVE-2021-3427
MISC
MISC
dlink — dir-816 D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/form2Wan.cgi. When wantype is 3, l2tp_usrname will be decrypted by base64, and the result will be stored in v94, which does not check the size of l2tp_usrname, resulting in stack overflow. 2022-08-22 not yet calculated CVE-2022-37134
MISC
MISC
dlink — dir-816 D-link DIR-816 A2_v1.10CNB04.img reboots the router without authentication via /goform/doReboot. No authentication is required, and reboot is executed when the function returns at the end. 2022-08-22 not yet calculated CVE-2022-37133
MISC
MISC
dolphinphp — dolphinphp DolphinPHP 1.5.1 is vulnerable to Cross Site Scripting (XSS) via Background – > System – > system function – > configuration management. 2022-08-19 not yet calculated CVE-2022-37254
MISC
edoc-doctor-appointment-system — edoc-doctor-appointment-system
 
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability at /patient/settings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field. 2022-08-26 not yet calculated CVE-2022-36548
MISC
MISC
edoc-doctor-appointment-system — edoc-doctor-appointment-system
 
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a Cross-Site Request Forgery (CSRF) via /patient/settings.php. 2022-08-26 not yet calculated CVE-2022-36546
MISC
MISC
edoc-doctor-appointment-system — edoc-doctor-appointment-system
 
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/settings.php. 2022-08-26 not yet calculated CVE-2022-36545
MISC
MISC
edoc-doctor-appointment-system — edoc-doctor-appointment-system
 
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/booking.php. 2022-08-26 not yet calculated CVE-2022-36544
MISC
MISC
edoc-doctor-appointment-system — edoc-doctor-appointment-system
 
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/doctors.php. 2022-08-26 not yet calculated CVE-2022-36543
MISC
MISC
edoc-doctor-appointment-system — edoc-doctor-appointment-system
 
An access control issue in the component /ip/admin/ of Edoc-doctor-appointment-system v1.0.1 allows attackers to arbitrarily edit, read, and delete Administrator data. 2022-08-26 not yet calculated CVE-2022-36542
MISC
MISC
edoc-doctor-appointment-system — edoc-doctor-appointment-system
 
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability at /patient/index.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search field. 2022-08-26 not yet calculated CVE-2022-36547
MISC
MISC
elastic — elasticsearch
 
A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are PATCH /api/v1/user and PATCH /deployments/{deployment_id}/elasticsearch/{ref_id}/keystore 2022-08-25 not yet calculated CVE-2022-23715
MISC
MISC
emerson — proficy_machine_edition Emerson Electric’s Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of data packets after establishing a connection for the SRTP protocol. 2022-08-19 not yet calculated CVE-2022-2793
MISC
emerson — proficy_machine_edition Emerson Electric’s Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: ‘..Filename’, also known as a ZipSlip attack, through an upload procedure which enables attackers to implant a malicious .BLZ file on the PLC. The file can transfer through the engineering station onto Windows in a way that executes the malicious code. 2022-08-19 not yet calculated CVE-2022-2788
MISC
emerson — proficy_machine_edition Emerson Electric’s Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-284 Improper Access Control, and stores project data in a directory with improper access control lists. 2022-08-19 not yet calculated CVE-2022-2792
MISC
emerson — proficy_machine_edition Emerson Electric’s Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-347 Improper Verification of Cryptographic Signature, and does not properly verify compiled logic (PDT files) and data blocks data (BLD/BLK files). 2022-08-19 not yet calculated CVE-2022-2790
MISC
emerson — proficy_machine_edition Emerson Electric’s Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data Authenticity, and can display logic that is different than the compiled logic. 2022-08-19 not yet calculated CVE-2022-2789
MISC
ericsson — network_manager
 
In Ericsson Network Manager (ENM) releases before 21.2, users belonging to the same AMOS authorization group can retrieve the data from certain log files. All AMOS users are considered to be highly privileged users in ENM system and all must be previously defined and authorized by the Security Administrator. Those users can access some log’s files, under a common path, and read information stored in the log’s files in order to conduct privilege escalation. 2022-08-26 not yet calculated CVE-2021-32570
MISC
MISC
ethereum — eth-account An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the eth-account PyPI package, when an attacker is able to supply arbitrary input to the encode_structured_data method 2022-08-22 not yet calculated CVE-2022-1930
MISC
ethz — safe_exam_browser Kiosk breakout (without quit password) in Safe Exam Browser (Windows) <3.4.0, which allows an attacker to achieve code execution via the browsers’ print dialog. 2022-08-19 not yet calculated CVE-2022-36220
MISC
MISC
eurosoft — eurosoft_bootloader A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. 2022-08-26 not yet calculated CVE-2022-34303
MISC
MISC
exceedone — exment Reflected cross-site scripting vulnerability in Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier) allows a remote authenticated attacker to inject an arbitrary script. 2022-08-24 not yet calculated CVE-2022-38080
MISC
MISC
MISC
exceedone — exment Stored cross-site scripting vulnerability in Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier) allows a remote authenticated attacker to inject an arbitrary script. 2022-08-24 not yet calculated CVE-2022-38089
MISC
MISC
MISC
exceedone — exment SQL injection vulnerability in the Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier) allows remote authenticated attackers to execute arbitrary SQL commands. 2022-08-24 not yet calculated CVE-2022-37333
MISC
MISC
MISC
eyoucms — eyoucms EyouCMS V1.5.8-UTF8-SP1 is vulnerable to Cross Site Request Forgery (CSRF) via the background, column management function and add. 2022-08-19 not yet calculated CVE-2022-36225
MISC
f-secure — elements_endpoint_protection A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker. 2022-08-23 not yet calculated CVE-2022-28882
MISC
f-secure — elements_endpoint_protection A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl unpack function crashes. This can lead to a possible scanning engine crash. The exploit can be triggered remotely by an attacker. 2022-08-23 not yet calculated CVE-2022-28883
MISC
fiserv — prologue Fiserv Prologue through 2020-12-16 does not properly protect the database password. If an attacker were to gain access to the configuration file (specifically, the LogPassword attribute within appconfig.ini), they would be able to decrypt the password stored within the configuration file. This would yield cleartext credentials for the database (to gain access to financial records of customers stored within the database), and in some cases would allow remote login to the database. 2022-08-23 not yet calculated CVE-2020-35992
MISC
MISC
fishbowlinventory — fishbowl_server A Java Deserialization vulnerability in the Fishbowl Server in Fishbowl Inventory before 2022.4.1 allows remote attackers to execute arbitrary code via a crafted XML payload. 2022-08-19 not yet calculated CVE-2022-29805
MISC
MISC
frappe — erpnext Frappe ERPNext 12.29.0 is vulnerable to XSS where the software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output that is used as a web page that is served to other users. 2022-08-22 not yet calculated CVE-2022-28598
MISC
MISC
MISC
freeopcua_project — freeopcua All versions of package freeopcua/freeopcua are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False. 2022-08-23 not yet calculated CVE-2022-24298
CONFIRM
CONFIRM
ge_gas_power — workstationst
 
An HTTP response splitting vulnerability exists in the AM Gateway Challenge-Response dialog of WorkstationST (<v07.09.15) and could allow an attacker to compromise a victim’s browser/session. WorkstationST is only deployed in specific, controlled environments rendering attack complexity significantly higher than if the attack were conducted on the software in isolation. WorkstationST v07.09.15 can be found in ControlST v07.09.07 SP8 and greater. 2022-08-25 not yet calculated CVE-2022-37953
CONFIRM
ge_gas_power — workstationst
 
A reflected cross-site scripting (XSS) vulnerability exists in the iHistorian Data Display of WorkstationST (<v07.09.15) could allow an attacker to compromise a victim’s browser. WorkstationST is only deployed in specific, controlled environments rendering attack complexity significantly higher than if the attack were conducted on the software in isolation. WorkstationST v07.09.15 can be found in ControlST v07.09.07 SP8 and greater. 2022-08-25 not yet calculated CVE-2022-37952
CONFIRM
getkirby — kirby An issue was discovered in Kirby 2.5.12. The application allows malicious HTTP requests to be sent in order to trick a user into adding web pages. 2022-08-24 not yet calculated CVE-2018-14520
MISC
MISC
getkirby — kirby An issue was discovered in Kirby 2.5.12. The delete page functionality suffers from a CSRF flaw. A remote attacker can craft a malicious CSRF page and force the user to delete a page. 2022-08-24 not yet calculated CVE-2018-14519
MISC
MISC
glibc — glibc
 
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system. 2022-08-24 not yet calculated CVE-2021-3999
MISC
MISC
MISC
MISC
MISC
MISC
glibc — glibc
 
A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data. 2022-08-24 not yet calculated CVE-2021-3998
MISC
MISC
MISC
MISC
MISC
MISC
MISC
gnu — binutils
 
In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file. 2022-08-26 not yet calculated CVE-2022-38533
MISC
MISC
google — android In PVRSRVBridgeHeapCfgHeapDetails, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-236848165 2022-08-24 not yet calculated CVE-2021-0698
MISC
google — android In PVRSRVBridgeHeapCfgHeapConfigName, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-236848817 2022-08-24 not yet calculated CVE-2021-0887
MISC
google — android An unprivileged app can trigger PowerVR driver to return an uninitialized heap memory causing information disclosure.Product: AndroidVersions: Android SoCAndroid ID: A-236849490 2022-08-24 not yet calculated CVE-2021-0891
MISC
google — android The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes it available to be freed), and continue using the page in GPU calls. No privileges required and this results in kernel memory corruption.Product: AndroidVersions: Android SoCAndroid ID: A-232440670 2022-08-24 not yet calculated CVE-2021-39815
MISC
google — android The method PVRSRVBridgePMRPDumpSymbolicAddr allocates puiMemspaceNameInt on the heap, fills the contents of the buffer via PMR_PDumpSymbolicAddr, and then copies the buffer to userspace. The method PMR_PDumpSymbolicAddr may fail, and if it does the buffer will be left uninitialized and despite the error will still be copied to userspace. Kernel leak of uninitialized heap data with no privs required.Product: AndroidVersions: Android SoCAndroid ID: A-236846966 2022-08-24 not yet calculated CVE-2021-0946
MISC
google — android The method PVRSRVBridgeTLDiscoverStreams allocates puiStreamsInt on the heap, fills the contents of the buffer via TLServerDiscoverStreamsKM, and then copies the buffer to userspace. The method TLServerDiscoverStreamsKM may fail for several reasons including invalid sizes. If this method fails the buffer will be left uninitialized and despite the error will still be copied to userspace. Kernel leak of uninitialized heap data with no privs required.Product: AndroidVersions: Android SoCAndroid ID: A-236838960 2022-08-24 not yet calculated CVE-2021-0947
MISC
google — android The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes it available to be freed), and continue using the page in GPU calls. No privileges required and this results in kernel memory corruption.Product: AndroidVersions: Android SoCAndroid ID: A-232441339 2022-08-24 not yet calculated CVE-2022-20122
MISC
gosecure — titan Key reuse in GoSecure Titan Inbox Detection & Response (IDR) through 2022-04-05 leads to remote code execution. To exploit this vulnerability, an attacker must craft and sign a serialized payload. 2022-08-25 not yet calculated CVE-2022-28747
MISC
MISC
gravitee — api_management HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request. 2022-08-23 not yet calculated CVE-2019-25075
MISC
MISC
grokability– snipe-it Session Fixation in GitHub repository snipe/snipe-it prior to 6.0.10. 2022-08-25 not yet calculated CVE-2022-2997
MISC
CONFIRM
h3c — b5_mini H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetMacAccessMode. 2022-08-25 not yet calculated CVE-2022-36471
MISC
h3c — b5_mini H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function EditMacList.d. 2022-08-25 not yet calculated CVE-2022-36467
MISC
h3c — b5_mini H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed. 2022-08-25 not yet calculated CVE-2022-36468
MISC
h3c — b5_mini H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetAP5GWifiById. 2022-08-25 not yet calculated CVE-2022-36470
MISC
h3c — b5_mini H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById. 2022-08-25 not yet calculated CVE-2022-36469
MISC
h3c — b5_mini H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Edit_BasicSSID. 2022-08-25 not yet calculated CVE-2022-36478
MISC
h3c — b5_mini H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function AddWlanMacList. 2022-08-25 not yet calculated CVE-2022-36477
MISC
h3c — b5_mini H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function AddMacList. 2022-08-25 not yet calculated CVE-2022-36475
MISC
h3c — b5_mini H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function WlanWpsSet. 2022-08-25 not yet calculated CVE-2022-36474
MISC
h3c — b5_mini H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Edit_BasicSSID_5G. 2022-08-25 not yet calculated CVE-2022-36473
MISC
h3c — b5_mini H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetMobileAPInfoById. 2022-08-25 not yet calculated CVE-2022-36472
MISC
h3c — gr-1200w H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function switch_debug_info_set. 2022-08-25 not yet calculated CVE-2022-37074
MISC
h3c — gr-1200w
 
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList. 2022-08-25 not yet calculated CVE-2022-37070
MISC
h3c — gr-1200w
 
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateOne2One. 2022-08-25 not yet calculated CVE-2022-37071
MISC
h3c — gr-1200w
 
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateMacCloneFinal. 2022-08-25 not yet calculated CVE-2022-37068
MISC
h3c — gr-1200w
 
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanLinkspyMulti. 2022-08-25 not yet calculated CVE-2022-37072
MISC
h3c — gr-1200w
 
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanModeMulti. 2022-08-25 not yet calculated CVE-2022-37073
MISC
h3c — gr-1200w
 
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanParamsMulti. 2022-08-25 not yet calculated CVE-2022-37067
MISC
h3c — gr-1200w
 
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateSnat. 2022-08-25 not yet calculated CVE-2022-37069
MISC
h3c — gr-1200w
 
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function AddWlanMacList. 2022-08-25 not yet calculated CVE-2022-36519
MISC
h3c — gr-1200w
 
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateDDNS. 2022-08-25 not yet calculated CVE-2022-37066
MISC
h3c — gr-1200w
 
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function EditWlanMacList. 2022-08-25 not yet calculated CVE-2022-36518
MISC
h3c — gr-1200w
 
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function EditApAdvanceInfo. 2022-08-25 not yet calculated CVE-2022-36511
MISC
h3c — gr-1200w
 
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function edditactionlist. 2022-08-25 not yet calculated CVE-2022-36513
MISC
h3c — gr-1200w
 
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function addactionlist. 2022-08-25 not yet calculated CVE-2022-36515
MISC
h3c — gr-1200w
 
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function ap_version_check. 2022-08-25 not yet calculated CVE-2022-36516
MISC
h3c — gr-1200w
 
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function debug_wlan_advance. 2022-08-25 not yet calculated CVE-2022-36517
MISC
h3c — gr-1200w
 
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function WanModeSetMultiWan. 2022-08-25 not yet calculated CVE-2022-36514
MISC
h3c — gr-1200w
 
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function DEleteusergroup. 2022-08-25 not yet calculated CVE-2022-36520
MISC
h3c — gr2200 H3C GR2200 MiniGR1A0V100R014 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList. 2022-08-25 not yet calculated CVE-2022-36510
MISC
h3c — gr3200 H3C GR3200 MiniGR1B0V100R014 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList. 2022-08-25 not yet calculated CVE-2022-36509
MISC
h3c — h200
 
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function SetAPInfoById. 2022-08-25 not yet calculated CVE-2022-37097
MISC
h3c — h200
 
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateMacClone. 2022-08-25 not yet calculated CVE-2022-37100
MISC
h3c — h200
 
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateSnat. 2022-08-25 not yet calculated CVE-2022-37099
MISC
h3c — h200
 
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateIpv6Params. 2022-08-25 not yet calculated CVE-2022-37098
MISC
h3c — h200
 
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function SetMobileAPInfoById. 2022-08-25 not yet calculated CVE-2022-37087
MISC
h3c — h200
 
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function EnableIpv6. 2022-08-25 not yet calculated CVE-2022-37096
MISC
h3c — h200
 
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function AddMacList. 2022-08-25 not yet calculated CVE-2022-37093
MISC
h3c — h200
 
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateWanParams. 2022-08-25 not yet calculated CVE-2022-37095
MISC
h3c — h200
 
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function Edit_BasicSSID. 2022-08-25 not yet calculated CVE-2022-37090
MISC
h3c — h200
 
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function Edit_BasicSSID_5G. 2022-08-25 not yet calculated CVE-2022-37094
MISC
h3c — h200
 
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function EditWlanMacList. 2022-08-25 not yet calculated CVE-2022-37091
MISC
h3c — h200
 
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed. 2022-08-25 not yet calculated CVE-2022-37086
MISC
h3c — h200
 
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById. 2022-08-25 not yet calculated CVE-2022-37092
MISC
h3c — h200
 
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function SetAP5GWifiById. 2022-08-25 not yet calculated CVE-2022-37088
MISC
h3c — h200
 
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function EditMacList. 2022-08-25 not yet calculated CVE-2022-37089
MISC
h3c — h200
 
H3C H200 H200V100R004 was discovered to contain a stack overflow via the AddWlanMacList function. 2022-08-25 not yet calculated CVE-2022-37085
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EditMacList. 2022-08-25 not yet calculated CVE-2022-36490
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function DEleteusergroup. 2022-08-25 not yet calculated CVE-2022-36499
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EnableIpv6. 2022-08-25 not yet calculated CVE-2022-36489
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetAPInfoById. 2022-08-25 not yet calculated CVE-2022-36508
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function AddWlanMacList. 2022-08-25 not yet calculated CVE-2022-36507
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetMacAccessMode. 2022-08-25 not yet calculated CVE-2022-36506
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Edit_BasicSSID. 2022-08-25 not yet calculated CVE-2022-36504
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateMacClone. 2022-08-25 not yet calculated CVE-2022-36503
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateWanParams. 2022-08-25 not yet calculated CVE-2022-36502
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateSnat. 2022-08-25 not yet calculated CVE-2022-36501
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EditWlanMacList. 2022-08-25 not yet calculated CVE-2022-36500
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EDitusergroup. 2022-08-25 not yet calculated CVE-2022-36505
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed. 2022-08-25 not yet calculated CVE-2022-36498
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetMobileAPInfoById. 2022-08-25 not yet calculated CVE-2022-36496
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function addactionlist. 2022-08-25 not yet calculated CVE-2022-36495
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function edditactionlist. 2022-08-25 not yet calculated CVE-2022-36494
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById. 2022-08-25 not yet calculated CVE-2022-36493
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function AddMacList. 2022-08-25 not yet calculated CVE-2022-36492
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateIpv6Params. 2022-08-25 not yet calculated CVE-2022-36491
MISC
h3c — magic_nx18_plus H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Edit_BasicSSID_5G. 2022-08-25 not yet calculated CVE-2022-36497
MISC
hdfgroup — hdf5 A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. 2022-08-22 not yet calculated CVE-2022-26061
MISC
hdfgroup — hdf5 An out-of-bounds write vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. 2022-08-22 not yet calculated CVE-2022-25972
MISC
hdfgroup — hdf5 An out-of-bounds read vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. 2022-08-22 not yet calculated CVE-2022-25942
MISC
honda — remote_keyless_entry_receiving_unit
 
The Remote Keyless Entry (RKE) receiving unit on certain Honda vehicles through 2018 allows remote attackers to perform unlock operations and force a resynchronization after capturing five consecutive valid RKE signals over the radio, aka a RollBack attack. The attacker retains the ability to unlock indefinitely. 2022-08-24 not yet calculated CVE-2022-37305
MISC
MISC
MISC
MISC
MISC
htmly — htmly
 
htmly v2.8.1 was discovered to contain an arbitrary file deletion vulnerability via the component viewsbackup.html.php. 2022-08-26 not yet calculated CVE-2021-40285
MISC
ibm — datapower_gateway
 
IBM DataPower Gateway V10CD, 10.0.1, and 2018.4.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 228357. 2022-08-26 not yet calculated CVE-2022-31773
XF
CONFIRM
ibm — maximo_asset_management IBM Maximo Asset Management 7.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 231116. 2022-08-26 not yet calculated CVE-2022-35714
CONFIRM
XF
ibm — mq IBM MQ 8.0, (9.0, 9.1, 9.2 LTS), and (9.1 and 9.2 CD) are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226339. 2022-08-19 not yet calculated CVE-2022-22489
XF
CONFIRM
ibm — openbmc_op910_and_op940 IBM OPENBMC OP910 and OP940 could allow a privileged user to upload an improper site identity certificate that may cause it to lose network services. IBM X-Force ID: 207221. 2022-08-22 not yet calculated CVE-2021-29891
XF
CONFIRM
icewarp — lenovo_pcmanager A potential vulnerability was reported in Lenovo PCManager prior to version 5.0.10.4191 that may allow code execution when visiting a specially crafted website. 2022-08-23 not yet calculated CVE-2022-1513
MISC
icewarp — webclient_dc2 IceWarp WebClient DC2 – Update 2 Build 9 (13.0.2.9) was discovered to contain a SQL injection vulnerability via the search parameter at /webmail/server/webmail.php. 2022-08-23 not yet calculated CVE-2022-35115
MISC
MISC
imagemagick — imagemagick
 
A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks. 2022-08-26 not yet calculated CVE-2021-3574
MISC
MISC
MISC
imagemagick — imagemagick
 
An integer overflow issue was discovered in ImageMagick’s ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the ‘unsigned char’. When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash. 2022-08-25 not yet calculated CVE-2021-20224
MISC
MISC
MISC
ingredients_stock_management — ingredients_stock_management Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/view_item.php. 2022-08-25 not yet calculated CVE-2022-36701
MISC
jenkins — collabnet Jenkins CollabNet Plugins Plugin 2.0.8 and earlier stores a RabbitMQ password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. 2022-08-23 not yet calculated CVE-2022-38665
CONFIRM
MLIST
jenkins — git Jenkins Git Plugin 4.11.4 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log provided by the Git Username and Password (`gitUsernamePassword`) credentials binding. 2022-08-23 not yet calculated CVE-2022-38663
CONFIRM
MLIST
jenkins — job_configuration_history Jenkins Job Configuration History Plugin 1165.v8cc9fd1f4597 and earlier does not escape the job name on the System Configuration History page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure job names. 2022-08-23 not yet calculated CVE-2022-38664
CONFIRM
MLIST
jfinal_cms — jfinal_cms JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/user/list. 2022-08-23 not yet calculated CVE-2022-37199
MISC
jfinal_cms — jfinal_cms JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/role/list. 2022-08-23 not yet calculated CVE-2022-37223
MISC
jfinal_cms — jfinal_cms Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the post title text field under the publish blog module. 2022-08-25 not yet calculated CVE-2022-36527
MISC
jizhicms — jizhicms An issue was discovered in jizhicms v2.3.1. There is a CSRF vulnerability that can add a admin. 2022-08-19 not yet calculated CVE-2022-36577
MISC
jizhicms — jizhicms jizhicms v2.3.1 has SQL injection in the background. 2022-08-19 not yet calculated CVE-2022-36578
MISC
jsonxx — jsonxx Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx use of the Value class may lead to memory corruption via a double free or via a use after free. The value class has a default assignment operator which may be used with pointer types which may point to alterable data where the pointer itself is not updated. This issue exists on the current commit of the jsonxx project. The project itself has been archived and updates are not expected. Users are advised to find a replacement. 2022-08-19 not yet calculated CVE-2022-23459
CONFIRM
jsonxx — jsonxx Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx json parsing may lead to stack exhaustion in an address sanitized (ASAN) build. This issue may lead to Denial of Service if the program using the jsonxx library crashes. This issue exists on the current commit of the jsonxx project and the project itself has been archived. Updates are not expected. Users are advised to find a replacement. 2022-08-19 not yet calculated CVE-2022-23460
CONFIRM
kensite_cms — kensite_cms
 
Kensite CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities via the name and oldname parameters at /framework/mod/db/DBMapper.xml. 2022-08-26 not yet calculated CVE-2022-36529
MISC
MISC
laravel — laravel A vulnerability, which was classified as critical, was found in Laravel 5.1. Affected is an unknown function. The manipulation leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-206688. 2022-08-19 not yet calculated CVE-2022-2886
N/A
N/A
lexmark — multiple_products Various Lexmark products through 2022-04-27 allow External Control of a System or Configuration Setting because of Improper Input Validation. 2022-08-26 not yet calculated CVE-2022-29850
MISC
MISC
libarchive — libarchive An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system. 2022-08-23 not yet calculated CVE-2021-31566
MISC
MISC
MISC
MISC
libarchive — libarchive An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to change the ACL of a file on the system and gain more privileges. 2022-08-23 not yet calculated CVE-2021-23177
MISC
MISC
MISC
MISC
libpng — pngcheck A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file. 2022-08-23 not yet calculated CVE-2020-35511
MISC
libpngs — pngimage.c A heap overflow flaw was found in libpngs’ pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service. 2022-08-24 not yet calculated CVE-2021-4214
MISC
MISC
MISC
MISC
library_management — library_management Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Textbook parameter at /admin/modify.php. 2022-08-25 not yet calculated CVE-2022-36721
MISC
library_management — library_management Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the ok parameter at /admin/history.php. 2022-08-25 not yet calculated CVE-2022-36719
MISC
library_management — library_management Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/modify1.php. 2022-08-25 not yet calculated CVE-2022-36720
MISC
library_management — library_management Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/changestock.php. 2022-08-25 not yet calculated CVE-2022-36716
MISC
library_management — library_management Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/search.php. 2022-08-25 not yet calculated CVE-2022-36715
MISC
linksys — mr8300_router
 
Command injection vulnerability in Linksys MR8300 router while Registration to DDNS Service. By specifying username and password, an attacker connected to the router’s web interface can execute arbitrary OS commands. The username and password fields are not sanitized correctly and are used as URL construction arguments, allowing URL redirection to an arbitrary server, downloading an arbitrary script file, and eventually executing the file in the device. This issue affects: Linksys MR8300 Router 1.0. 2022-08-24 not yet calculated CVE-2022-38132
MISC
linux — linux_kernel A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability. 2022-08-22 not yet calculated CVE-2021-3659
MISC
MISC
MISC
linux — linux_kernel A flaw was found in the Linux kernel. A memory leak problem was found in mbochs_ioctl in samples/vfio-mdev/mbochs.c in Virtual Function I/O (VFIO) Mediated devices. This flaw could allow a local attacker to leak internal kernel information. 2022-08-23 not yet calculated CVE-2021-3736
MISC
MISC
MISC
linux — linux_kernel A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability. 2022-08-23 not yet calculated CVE-2021-3759
MISC
MISC
MISC
linux — linux_kernel A flaw was found in the Linux kernel’s implementation of reading the SVC RDMA counters. Reading the counter sysctl panics the system. This flaw allows a local attacker with local access to cause a denial of service while the system reboots. The issue is specific to CentOS/RHEL. 2022-08-24 not yet calculated CVE-2021-4218
MISC
MISC
MISC
linux — linux_kernel A memory leak flaw was found in the Linux kernel’s ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability. 2022-08-23 not yet calculated CVE-2021-3764
MISC
MISC
MISC
MISC
linux — linux_kernel An out-of-bounds (OOB) memory access flaw was found in the Linux kernel’s eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information. 2022-08-24 not yet calculated CVE-2021-4204
MISC
MISC
MISC
MISC
linux — linux_kernel An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system. 2022-08-22 not yet calculated CVE-2022-2873
MISC
linux — linux_kernel
 
A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. 2022-08-24 not yet calculated CVE-2022-2978
MISC
linux — linux_kernel
 
A flaw in the Linux kernel’s implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system. 2022-08-24 not yet calculated CVE-2021-4028
MISC
MISC
MISC
MISC
MISC
linux — linux_kernel
 
A race condition was found in the Linux kernel’s watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system. 2022-08-25 not yet calculated CVE-2022-2959
MISC
MISC
linux — linux_kernel
 
A heap-based buffer overflow was found in the Linux kernel’s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability. 2022-08-25 not yet calculated CVE-2022-2991
MISC
MISC
linux — linux_kernel
 
A flaw was found in the Linux kernels memory deduplication mechanism. Previous work has shown that memory deduplication can be attacked via a local exploitation mechanism. The same technique can be used if an attacker can upload page sized files and detect the change in access time from a networked service to determine if the page has been merged. 2022-08-23 not yet calculated CVE-2021-3714
MISC
MISC
MISC
MISC
linux — linux_kernel
 
A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV). 2022-08-26 not yet calculated CVE-2022-0171
MISC
MISC
MISC
linux — linux_kernel
 
A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system. 2022-08-26 not yet calculated CVE-2022-0168
MISC
MISC
MISC
linux — linux_kernel
 
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS. 2022-08-26 not yet calculated CVE-2021-3669
MISC
MISC
MISC
MISC
linux — linux_kernel
 
A flaw was found in the Linux kernel’s implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects. 2022-08-23 not yet calculated CVE-2022-2938
MISC
linux — linux_kernel
 
A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS. 2022-08-24 not yet calculated CVE-2021-4037
MISC
MISC
MISC
MISC
MISC
linux — linux_kernel
 
A vulnerability was found in the Linux kernel’s EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel. 2022-08-24 not yet calculated CVE-2021-4159
MISC
MISC
MISC
MISC
litejs — uri-template-lite An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the uri-template-lite npm package, when an attacker is able to supply arbitrary input to the “URI.expand” method 2022-08-24 not yet calculated CVE-2021-43309
MISC
logitech — streamlabs_desktop StreamLabs Desktop Application 1.9.0 is vulnerable to Incorrect Access Control via obs64.exe. An attacker can execute arbitrary code via a crafted .exe file. 2022-08-19 not yet calculated CVE-2022-36263
MISC
malighting — grandma2_light MA Lighting grandMA2 Light has a password of root for the root account. NOTE: The vendor’s position is that the product was designed for isolated networks. Also, the successor product, grandMA3, is not affected by this vulnerability. 2022-08-21 not yet calculated CVE-2022-30036
MISC
MISC
mapgis — igserver MapGIS IGServer 10.5.6.11 is vulnerable to Arbitrary file deletion. 2022-08-19 not yet calculated CVE-2022-36171
MISC
mapgis — igserver MapGIS 10.5 Pro IGServer has hardcoded credentials in the front-end and can lead to escalation of privileges and arbitrary file deletion. 2022-08-19 not yet calculated CVE-2022-36170
MISC
MISC
mariadb — mariadb
 
The exotel (aka exotel-py) package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party. 2022-08-27 not yet calculated CVE-2022-38792
MISC
MISC
MISC
MISC
mariadb — mariadb
 
In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock. 2022-08-27 not yet calculated CVE-2022-38791
MISC
matrix — dendrite gomatrixserverlib is a Go library for matrix protocol federation. Dendrite is a Matrix homeserver written in Go, an alternative to Synapse. The power level parsing within gomatrixserverlib was failing to parse the `”events_default”` key of the `m.room.power_levels` event, defaulting the event default power level to zero in all cases. Power levels are the matrix terminology for user access level. In rooms where the `”events_default”` power level had been changed, this could result in events either being incorrectly authorised or rejected by Dendrite servers. gomatrixserverlib contains a fix as of commit `723fd49` and Dendrite 0.9.3 has been updated accordingly. Matrix rooms where the `”events_default”` power level has not been changed from the default of zero are not vulnerable. Users are advised to upgrade. There are no known workarounds for this issue. 2022-08-19 not yet calculated CVE-2022-36009
MISC
MISC
CONFIRM
mazda — remote_keyless_entry_receiving_unit
 
The Remote Keyless Entry (RKE) receiving unit on certain Mazda vehicles through 2020 allows remote attackers to perform unlock operations and force a resynchronization after capturing three consecutive valid key-fob signals over the radio, aka a RollBack attack. The attacker retains the ability to unlock indefinitely. 2022-08-24 not yet calculated CVE-2022-36945
MISC
MISC
MISC
MISC
MISC
mdaemon_technologies — security_gateway_for_email_servers MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the whitelist endpoint. 2022-08-25 not yet calculated CVE-2022-37243
MISC
MISC
mdaemon_technologies — security_gateway_for_email_servers MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the data_leak_list_ajax endpoint. 2022-08-25 not yet calculated CVE-2022-37241
MISC
MISC
mdaemon_technologies — security_gateway_for_email_servers MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter. 2022-08-25 not yet calculated CVE-2022-37240
MISC
MISC
mdaemon_technologies — security_gateway_for_email_servers MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the currentRequest parameter. 2022-08-25 not yet calculated CVE-2022-37238
MISC
MISC
mdaemon_technologies — security_gateway_for_email_servers MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the rulles_list_ajax endpoint. 2022-08-25 not yet calculated CVE-2022-37239
MISC
MISC
mdaemon_technologies — security_gateway_for_email_servers MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the Blacklist endpoint. 2022-08-25 not yet calculated CVE-2022-37245
MISC
MISC
mdaemon_technologies — security_gateway_for_email_servers
 
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to IFRAME Injectionvia the currentRequest parameter. after login leads to inject malicious tag leads to IFRAME injection. 2022-08-25 not yet calculated CVE-2022-37244
MISC
MISC
mdaemon_technologies — security_gateway_for_email_servers
 
MDaemon Technologies SecurityGateway for Email Servers 8.5.2, is vulnerable to HTTP Response splitting via the data parameter. 2022-08-25 not yet calculated CVE-2022-37242
MISC
MISC
mealie — mealie Mealie1.0.0beta3 does not terminate download tokens after a user logs out, allowing attackers to perform a man-in-the-middle attack via a crafted GET request. 2022-08-19 not yet calculated CVE-2022-34624
MISC
MISC
MISC
mealie — mealie Mealie 1.0.0beta3 was discovered to contain an Insecure Direct Object Reference (IDOR) vulnerability which allows attackers to modify user passwords and other attributes via modification of the user_id parameter. 2022-08-19 not yet calculated CVE-2022-34621
MISC
MISC
MISC
MISC
MISC
mealie — mealie Mealie 1.0.0beta3 employs weak password requirements which allows attackers to potentially gain unauthorized access to the application via brute-force attacks. 2022-08-19 not yet calculated CVE-2022-34615
MISC
MISC
MISC
MISC
mealie — mealie Mealie1.0.0beta3 is vulnerable to user enumeration via timing response discrepancy between users and non-users when an invalid password message is displayed during an authentication attempt. 2022-08-19 not yet calculated CVE-2022-34623
MISC
MISC
MISC
MISC
mikrotik — routeros
 
The container package in MikroTik RouterOS 7.4beta4 allows an attacker to create mount points pointing to symbolic links, which resolve to locations on the host device. This allows the attacker to mount any arbitrary file to any location on the host. 2022-08-25 not yet calculated CVE-2022-34960
MISC
MISC
mikrotik — routeros
 
Mikrotik RouterOs through stable v6.48.3 was discovered to contain an assertion failure in the component /advanced-tools/nova/bin/netwatch. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. 2022-08-26 not yet calculated CVE-2022-36522
MISC
mm-wiki — mm-wiki
 
mm-wiki v0.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the markdown editor. 2022-08-26 not yet calculated CVE-2021-39393
MISC
mm-wiki — mm-wiki
 
mm-wiki v0.2.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add user accounts and modify user information. 2022-08-26 not yet calculated CVE-2021-39394
MISC
mod_wsgi — mod_wsgi
 
A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing. 2022-08-25 not yet calculated CVE-2022-2255
MISC
MISC
MISC
mongoose — mongoose
 
Schema in lib/schema.js in Mongoose before 6.4.6 is vulnerable to prototype pollution. 2022-08-26 not yet calculated CVE-2022-24304
MISC
CONFIRM
CONFIRM
monospace — directus Directus is a free and open-source data platform for headless content management. The Directus process can be aborted by having an authorized user update the `filename_disk` value to a folder and accessing that file through the `/assets` endpoint. This vulnerability has been patched and release v9.15.0 contains the fix. Users are advised to upgrade. Users unable to upgrade may prevent this problem by making sure no (untrusted) non-admin users have permissions to update the `filename_disk` field on `directus_files`. 2022-08-19 not yet calculated CVE-2022-36031
CONFIRM
moveable_type — moveable_type
 
Movable Type XMLRPC API provided by Six Apart Ltd. contains a command injection vulnerability. Sending a specially crafted message by POST method to Movable Type XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. Affected products and versions are as follows: Movable Type 7 r.5202 and earlier, Movable Type Advanced 7 r.5202 and earlier, Movable Type 6.8.6 and earlier, Movable Type Advanced 6.8.6 and earlier, Movable Type Premium 1.52 and earlier, and Movable Type Premium Advanced 1.52 and earlier. Note that all versions of Movable Type 4.0 or later including unsupported (End-of-Life, EOL) versions are also affected by this vulnerability. 2022-08-24 not yet calculated CVE-2022-38078
MISC
MISC
multiple_vendors — remote_keyless_entry_receiving_unit
 
The Remote Keyless Entry (RKE) receiving unit on certain Nissan, Kia, and Hyundai vehicles through 2017 allows remote attackers to perform unlock operations and force a resynchronization after capturing two consecutive valid key fob signals over the radio, aka a RollBack attack. The attacker retains the ability to unlock indefinitely. 2022-08-24 not yet calculated CVE-2022-37418
MISC
MISC
MISC
MISC
MISC
mumara_classic — mumara_classic Odyssey passes to client unencrypted bytes from man-in-the-middle When Odyssey storage is configured to use the PostgreSQL server using ‘trust’ authentication with a ‘clientcert’ requirement or to use ‘cert’ authentication, a man-in-the-middle attacker can inject false responses to the client’s first few queries. Despite the use of SSL certificate verification and encryption, Odyssey will pass these results to client as if they originated from valid server. This is similar to CVE-2021-23222 for PostgreSQL. 2022-08-25 not yet calculated CVE-2021-43767
MISC
MISC
mumara_classic — mumara_classic Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to use certificate Common Name for client authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. This is similar to CVE-2021-23214 for PostgreSQL. 2022-08-25 not yet calculated CVE-2021-43766
MISC
MISC
mumara_classic — mumara_classic
 
A SQL injection vulnerability in license_update.php in Mumara Classic through 2.93 allows a remote unauthenticated attacker to execute arbitrary SQL commands via the license parameter. 2022-08-25 not yet calculated CVE-2021-43329
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
mupdf — mupdf A Floating point exception (division-by-zero) flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream. 2022-08-26 not yet calculated CVE-2021-4216
MISC
MISC
myscada — mypro
 
An authenticated mySCADA myPRO 8.26.0 user may be able to modify parameters to run commands directly in the operating system. 2022-08-24 not yet calculated CVE-2022-2234
CONFIRM
new_horizon_datasys — new_horizon_datasys_bootloader
 
A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. 2022-08-26 not yet calculated CVE-2022-34302
MISC
MISC
node-opcua_project — node-opcua The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False. 2022-08-24 not yet calculated CVE-2022-24375
CONFIRM
CONFIRM
CONFIRM
CONFIRM
node-opcua_project — node-opcua The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks – per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk. 2022-08-23 not yet calculated CVE-2022-21208
CONFIRM
CONFIRM
CONFIRM
CONFIRM
node-opcua — node-opcua The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) by sending a specifically crafted OPC UA message with a special OPC UA NodeID, when the requested memory allocation exceeds the v8’s memory limit. 2022-08-23 not yet calculated CVE-2022-25231
CONFIRM
CONFIRM
CONFIRM
nortek_control — linear_emerge_devices
 
Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building’s doors. (This occurs in situations where the CVE-2019-7271 default credentials have been changed.) 2022-08-25 not yet calculated CVE-2022-31269
MISC
MISC
MISC
MISC
nortek_control — linear_emerge_devices
 
Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /card_scan.php?CardFormatNo= XSS with session fixation (via PHPSESSID) when they are chained together. This would allow an attacker to take over an admin account or a user account. 2022-08-25 not yet calculated CVE-2022-31798
MISC
MISC
MISC
nortek_control — linear_emerge_devices
 
Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256. 2022-08-25 not yet calculated CVE-2022-31499
MISC
MISC
MISC
notrinos — notrinoserp Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp prior to 0.7. 2022-08-23 not yet calculated CVE-2022-2965
MISC
CONFIRM
notrinos — notrinoserp Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notrinoserp prior to v0.7. This results in privilege escalation to a system administrator account. An attacker can gain access to protected functionality such as create/update companies, install/update languages, install/activate extensions, install/activate themes and other permissive actions. 2022-08-21 not yet calculated CVE-2022-2921
MISC
CONFIRM
notrinos — notrinoserp Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7. 2022-08-22 not yet calculated CVE-2022-2927
CONFIRM
MISC
noxen — noxen A vulnerability classified as problematic has been found in ConsoleTVs Noxen. Affected is an unknown function of the file /Noxen-master/users.php. The manipulation of the argument create_user_username with the input “><script>alert(/xss/)</script> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-207000. 2022-08-23 not yet calculated CVE-2022-2956
MISC
MISC
octoprint — octoprint Unverified Password Change in GitHub repository octoprint/octoprint prior to 1.8.3. 2022-08-22 not yet calculated CVE-2022-2930
CONFIRM
MISC
online_diagnostic_lab_management_system — online_diagnostic_lab_management_system An issue was discovered in Online Diagnostic Lab Management System 1.0, There is a SQL injection vulnerability via “dob” parameter in “/classes/Users.php?f=save_client” 2022-08-26 not yet calculated CVE-2022-37152
MISC
MISC
online_diagnostic_lab_management_system — online_diagnostic_lab_management_system There is an unauthorized access vulnerability in Online Diagnostic Lab Management System 1.0. 2022-08-26 not yet calculated CVE-2022-37151
MISC
MISC
online_diagnostic_lab_management_system — online_diagnostic_lab_management_system An issue was discovered in Online Diagnostic Lab Management System 1.0. There is a stored XSS vulnerability via firstname, address, middlename, lastname , gender, email, contact parameters. 2022-08-26 not yet calculated CVE-2022-37150
MISC
MISC
opc_ua_stack — opc_ua_stack All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a missing handler for failed casting when unvalidated data is forwarded to boost::get function in OpcUaNodeIdBase.h. Exploiting this vulnerability is possible when sending a specifically crafted OPC UA message with a special encoded NodeId. 2022-08-23 not yet calculated CVE-2022-25302
CONFIRM
opcfoundation — ua_.net_standard_reference_server OPC UA .NET Standard Reference Server 1.04.368 allows a remote attacker to cause the application to access sensitive information. 2022-08-23 not yet calculated CVE-2022-33916
MISC
MISC
opcua-asyncio — opcua-asyncio All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks – per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk. 2022-08-23 not yet calculated CVE-2022-25304
CONFIRM
CONFIRM
CONFIRM
opcua — opcua The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) via the ExtensionObjects and Variants objects, when it allows unlimited nesting levels, which could result in a stack overflow even if the message size is less than the maximum allowed. 2022-08-24 not yet calculated CVE-2022-25903
CONFIRM
CONFIRM
CONFIRM
opcua — opcua The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks – per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk. 2022-08-23 not yet calculated CVE-2022-25888
CONFIRM
CONFIRM
CONFIRM
open62541 — open62541 The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks – per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk. 2022-08-23 not yet calculated CVE-2022-25761
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
openexr — openexr A flaw was found in OpenEXR’s B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability. 2022-08-23 not yet calculated CVE-2021-20298
MISC
MISC
MISC
MISC
MISC
openexr — openexr A flaw was found in OpenEXR’s hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability. 2022-08-23 not yet calculated CVE-2021-20304
MISC
MISC
MISC
MISC
MISC
openvswitch — openvswitch A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments. 2022-08-23 not yet calculated CVE-2021-3905
MISC
MISC
MISC
MISC
MISC
oretnom23 — fast_food_ordering_system A vulnerability was found in oretnom23 Fast Food Ordering System. It has been rated as critical. Affected by this issue is some unknown functionality of the file ffos/admin/reports/index.php. The manipulation of the argument date leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-207422 is the identifier assigned to this vulnerability. 2022-08-27 not yet calculated CVE-2022-3012
N/A
N/A
oretnom23 — fast_food_ordering_system A vulnerability, which was classified as problematic, has been found in oretnom23 Fast Food Ordering System. This issue affects some unknown processing of the file admin/?page=reports. The manipulation of the argument date leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-207425 was assigned to this vulnerability. 2022-08-27 not yet calculated CVE-2022-3015
N/A
parity — frontier Frontier is Substrate’s Ethereum compatibility layer. A security issue was discovered affecting parsing of the RPC result of the exit reason in case of EVM reversion. In release build, this would cause the exit reason being incorrectly parsed and returned by RPC. In debug build, this would cause an overflow panic. No action is needed unless you have a bridge node that needs to distinguish different reversion exit reasons and you used RPC for this. There are currently no known workarounds. 2022-08-19 not yet calculated CVE-2022-36008
MISC
MISC
CONFIRM
pega — pega_platform Pega Platform from 8.5.4 to 8.7.3 is affected by an XSS issue with an unauthenticated user and the redirect parameter. 2022-08-22 not yet calculated CVE-2022-35654
MISC
pega — pega_platform Pega Platform from 8.3 to 8.7.3 vulnerability may allow authenticated security administrators to alter CSRF settings directly. 2022-08-22 not yet calculated CVE-2022-35656
MISC
pega — pega_platform Pega Platform from 7.3 to 8.7.3 is affected by an XSS issue due to a misconfiguration of a datapage setting. 2022-08-22 not yet calculated CVE-2022-35655
MISC
pimcore — pimcore Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.5.4. 2022-08-23 not yet calculated CVE-2022-2796
MISC
CONFIRM
planex — mzk-dp150n Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows attackers to execute system command as root via etc_ro/web/syscmd.asp. 2022-08-22 not yet calculated CVE-2021-37289
MISC
MISC
MISC
powerdns — recursor PowerDNS Recursor up to and including 4.5.9, 4.6.2 and 4.7.1, when protobuf logging is enabled, has Improper Cleanup upon a Thrown Exception, leading to a denial of service (daemon crash) via a DNS query that leads to an answer with specific properties. 2022-08-23 not yet calculated CVE-2022-37428
MISC
MISC
printerlogic — printerlogic
 
PrinterLogic Windows Client through 25.0.0.676 allows attackers to execute directory traversal. Authenticated users with prior knowledge of the driver filename could exploit this to escalate privileges or distribute malicious content. 2022-08-25 not yet calculated CVE-2022-32427
MISC
MISC
project-nexus — project-nexus Project-nexus is a general-purpose blog website framework. Affected versions are subject to SQL injection due to a lack of sensitization of user input. This issue has not yet been patched. Users are advised to restrict user input and to upgrade when a new release becomes available. 2022-08-20 not yet calculated CVE-2022-36030
CONFIRM
prosody — prosody
 
It was discovered that an internal Prosody library to load XML based on libexpat does not properly restrict the XML features allowed in parsed XML data. Given suitable attacker input, this results in expansion of recursive entity references from DTDs (CWE-776). In addition, depending on the libexpat version used, it may also allow injections using XML External Entity References (CWE-611). 2022-08-26 not yet calculated CVE-2022-0217
MISC
MISC
MISC
pukiwiki — pukiwiki Path traversal vulnerability in PukiWiki versions 1.4.5 to 1.5.3 allows a remote authenticated attacker with an administrative privilege to execute a malicious script via unspecified vectors. 2022-08-23 not yet calculated CVE-2022-34486
MISC
MISC
pukiwiki — pukiwiki Stored cross-site scripting vulnerability in PukiWiki versions 1.3.1 to 1.5.3 allows a remote attacker to inject an arbitrary script via unspecified vectors. 2022-08-23 not yet calculated CVE-2022-36350
MISC
MISC
pukiwiki — pukiwiki Reflected cross-site scripting vulnerability in PukiWiki versions 1.5.1 to 1.5.3 allows a remote attacker to inject an arbitrary script via unspecified vectors. 2022-08-23 not yet calculated CVE-2022-27637
MISC
MISC
python — python A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible. 2022-08-24 not yet calculated CVE-2021-4189
MISC
MISC
MISC
MISC
MISC
MISC
qt — qt A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability. 2022-08-22 not yet calculated CVE-2021-3481
MISC
MISC
MISC
MISC
radare — radare2 An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c. This could allow an attacker to cause a crash, and perform a denail of service attack. 2022-08-19 not yet calculated CVE-2020-27793
MISC
MISC
radare — radare2 A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command “adf” has no or wrong argument, anal_fcn_data (core, input + 1) –> RAnalFunction *fcn = r_anal_get_fcn_in (core->anal, core->offset, -1); returns null pointer for fcn causing segmentation fault later in ensure_fcn_range (fcn). 2022-08-19 not yet calculated CVE-2020-27795
MISC
MISC
MISC
radare — radare2 A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing a crash. 2022-08-19 not yet calculated CVE-2020-27794
MISC
MISC
redhat — amq_broker A flaw was found in the Red Hat AMQ Broker management console in version 7.8 where an existing user is able to access some limited information even when the role the user is assigned to should not be allow access to the management console. The main impact is to confidentiality as this flaw means some role bindings are incorrectly checked, some privileged meta information such as queue names and configuration details are disclosed but the impact is limited as not all information is accessible and there is no affect to integrity. 2022-08-23 not yet calculated CVE-2021-3763
MISC
MISC
MISC
redhat — amq_broker
 
A flaw was found in AMQ Broker. This issue can cause a partial interruption to the availability of AMQ Broker via an Out of memory (OOM) condition. This flaw allows an attacker to partially disrupt availability to the broker through a sustained attack of maliciously crafted messages. The highest threat from this vulnerability is system availability. 2022-08-24 not yet calculated CVE-2021-4040
MISC
MISC
MISC
MISC
redhat — ansible-runner A race condition flaw was found in ansible-runner, where an attacker could watch for rapid creation and deletion of a temporary directory, substitute their directory at that name, and then have access to ansible-runner’s private_data_dir the next time ansible-runner made use of the private_data_dir. The highest Threat out of this flaw is to integrity and confidentiality. 2022-08-23 not yet calculated CVE-2021-3702
MISC
MISC
MISC
redhat — ansible-runner
 
A flaw was found in ansible-runner. An improper escaping of the shell command, while calling the ansible_runner.interface.run_command, can lead to parameters getting executed as host’s shell command. A developer could unintentionally write code that gets executed in the host rather than the virtual environment. 2022-08-24 not yet calculated CVE-2021-4041
MISC
MISC
MISC
redhat — ansible-tower
 
A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment. 2022-08-25 not yet calculated CVE-2021-4112
MISC
MISC
redhat — ansible_runner A flaw was found in ansible-runner where the default temporary files configuration in ansible-2.0.0 are written to world R/W locations. This flaw allows an attacker to pre-create the directory, resulting in reading private information or forcing ansible-runner to write files as the legitimate user in a place they did not expect. The highest threat from this vulnerability is to confidentiality and integrity. 2022-08-23 not yet calculated CVE-2021-3701
MISC
MISC
MISC
MISC
redhat — ceph_storage
 
A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks. 2022-08-25 not yet calculated CVE-2021-3979
MISC
MISC
MISC
MISC
MISC
redhat — classloader
 
ClassLoaderTheme and ClasspathThemeResourceProviderFactory allows reading any file available as a resource to the classloader. By sending requests for theme resources with a relative path from an external HTTP client, the client will receive the content of random files if available. 2022-08-26 not yet calculated CVE-2021-3856
MISC
MISC
MISC
MISC
MISC
redhat — coreos-installer A flaw was found in the coreos-installer, where it writes the Ignition config to the target system with world-readable access permissions. This flaw allows a local attacker to have read access to potentially sensitive data. The highest threat from this vulnerability is to confidentiality. 2022-08-23 not yet calculated CVE-2021-3917
MISC
MISC
MISC
MISC
redhat — cryptsetup
 
It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium. 2022-08-24 not yet calculated CVE-2021-4122
MISC
MISC
MISC
MISC
MISC
redhat — dpdk_vhost_library A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate `msg->payload.inflight.num_queues`, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability. 2022-08-23 not yet calculated CVE-2021-3839
MISC
MISC
MISC
redhat — enterprise
 
It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. 2022-08-26 not yet calculated CVE-2021-35939
MISC
MISC
MISC
MISC
MISC
redhat — fabric_8_kubernetes_client A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML. 2022-08-24 not yet calculated CVE-2021-4178
MISC
MISC
MISC
MISC
redhat — foreman A flaw was found in Foreman project. A credential leak was identified which will expose Azure Compute Profile password through JSON of the API output. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. 2022-08-22 not yet calculated CVE-2021-3590
MISC
MISC
redhat — foreman
 
A flaw was found in the Foreman project. The Datacenter plugin exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. 2022-08-26 not yet calculated CVE-2021-20260
MISC
MISC
redhat — glib
 
A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition. 2022-08-23 not yet calculated CVE-2021-3800
MISC
MISC
MISC
MISC
redhat — gnutls A NULL pointer dereference flaw was found in GnuTLS. As Nettle’s hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances. 2022-08-24 not yet calculated CVE-2021-4209
MISC
MISC
MISC
MISC
MISC
redhat — jboss_core_services_http_server
 
A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity. 2022-08-26 not yet calculated CVE-2021-3688
MISC
MISC
redhat — jss A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service. 2022-08-24 not yet calculated CVE-2021-4213
MISC
MISC
MISC
MISC
MISC
redhat — keycloak A flaw was found in keycloak where a brute force attack is possible even when the permanent lockout feature is enabled. This is due to a wrong error message displayed when wrong credentials are entered. The highest threat from this vulnerability is to confidentiality. 2022-08-22 not yet calculated CVE-2021-3513
MISC
MISC
redhat — keycloak A flaw was found in keycloak affecting versions 11.0.3 and 12.0.0. An expired certificate would be accepted by the direct-grant authenticator because of missing time stamp validations. The highest threat from this vulnerability is to data confidentiality and integrity. 2022-08-23 not yet calculated CVE-2020-35509
MISC
redhat — keycloak
 
A flaw was found in Keycloak. This vulnerability allows anyone to register a new security device or key when there is not a device already registered for any user by using the WebAuthn password-less login flow. 2022-08-26 not yet calculated CVE-2021-3632
MISC
MISC
MISC
MISC
MISC
redhat — keycloak
 
A flaw was found in Keycloak. This flaw allows a privileged attacker to use the malicious payload as the group name while creating a new group from the admin console, leading to a stored Cross-site scripting (XSS) attack. 2022-08-26 not yet calculated CVE-2022-0225
MISC
MISC
redhat — keycloak
 
A flaw was found in keycloak where an attacker is able to register himself with the username same as the email ID of any existing user. This may cause trouble in getting password recovery email in case the user forgets the password. 2022-08-26 not yet calculated CVE-2021-3754
MISC
MISC
redhat — libvirt A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash. 2022-08-23 not yet calculated CVE-2021-3975
MISC
MISC
MISC
MISC
redhat — opencryptoki
 
A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via C_CreateObject, nor when C_DeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid curve attack. 2022-08-23 not yet calculated CVE-2021-3798
MISC
MISC
MISC
MISC
redhat — openshift_api_management A flaw was found in the Red Hat OpenShift API Management product. User input is not validated allowing an authenticated user to inject scripts into some text boxes leading to a XSS attack. The highest threat from this vulnerability is to data confidentiality. 2022-08-22 not yet calculated CVE-2021-3442
MISC
MISC
redhat — openshift_container_platform A flaw was found in cluster-ingress-operator. A change to how the router-default service allows only certain IP source ranges could allow an attacker to access resources that would otherwise be restricted to specified IP ranges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.. 2022-08-22 not yet calculated CVE-2020-27836
MISC
MISC
MISC
MISC
redhat — openshift_metering_hive_container It was found that the original fix for log4j CVE-2021-44228 and CVE-2021-45046 in the OpenShift metering hive containers was incomplete, as not all JndiLookup.class files were removed. This CVE only applies to the OpenShift Metering hive container images, shipped in OpenShift 4.8, 4.7 and 4.6. 2022-08-24 not yet calculated CVE-2021-4125
MISC
MISC
MISC
MISC
MISC
MISC
MISC
redhat — openshift_service_mesh A flaw was found in servicemesh-operator. The NetworkPolicy resources installed for Maistra do not properly specify which ports may be accessed, allowing access to all ports on these resources from any pod. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. 2022-08-22 not yet calculated CVE-2021-3586
MISC
MISC
redhat — openstack-keystone
 
A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity. 2022-08-26 not yet calculated CVE-2021-3563
MISC
MISC
MISC
MISC
redhat — openstack-tripleo-heate-templates
 
A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager. 2022-08-26 not yet calculated CVE-2021-3585
MISC
MISC
MISC
MISC
MISC
redhat — qemu
 
A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. 2022-08-24 not yet calculated CVE-2021-4158
MISC
MISC
MISC
MISC
MISC
redhat — qemu
 
A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function nvme_ctrl_reset(), data structs will be freed leading to a use-after-free issue. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition or, potentially, executing arbitrary code within the context of the QEMU process on the host. 2022-08-25 not yet calculated CVE-2021-3929
MISC
MISC
MISC
MISC
MISC
redhat — qemu
 
A deadlock issue was found in the AHCI controller device of QEMU. It occurs on a software reset (ahci_reset_port) while handling a host-to-device Register FIS (Frame Information Structure) packet from the guest. A privileged user inside the guest could use this flaw to hang the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. 2022-08-26 not yet calculated CVE-2021-3735
MISC
MISC
MISC
redhat — rpm
 
A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. 2022-08-25 not yet calculated CVE-2021-35937
MISC
MISC
MISC
MISC
redhat — rpm
 
A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. 2022-08-25 not yet calculated CVE-2021-35938
MISC
MISC
MISC
MISC
MISC
MISC
redhat — satellite
 
The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple content access) certificate for authentication with Candlepin. 2022-08-24 not yet calculated CVE-2021-4142
MISC
MISC
MISC
MISC
MISC
redhat — satellite
 
A flaw was found in satellite. When giving granular permission related to the organization, other permissions allowing a user to view and manage other organizations are also granted. The highest threat from this vulnerability is to data confidentiality. 2022-08-26 not yet calculated CVE-2021-3414
MISC
MISC
redhat — serverless_and_serverless_client_kn
 
It was found that the CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196 have been incorrectly mentioned as fixed in RHSA for Serverless 1.16.0 and Serverless client kn 1.16.0. These have been fixed with Serverless 1.17.0. 2022-08-26 not yet calculated CVE-2021-3703
MISC
MISC
redhat — single_sign-on A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. By exploiting this behavior, an attacker can bypass the MFA authentication by sending a SOAP request with an AuthnRequest and Authorization header with the user’s credentials. The highest threat from this vulnerability is to confidentiality and integrity. 2022-08-23 not yet calculated CVE-2021-3827
MISC
MISC
MISC
MISC
redhat — smallrye_health_metrics
 
It was found that the smallrye health metrics UI component did not properly sanitize some user inputs. An attacker could use this flaw to conduct cross-site scripting attacks. 2022-08-25 not yet calculated CVE-2021-3914
MISC
MISC
redhat — sox
 
A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploitable with a crafted file, that could cause an application to crash. 2022-08-25 not yet calculated CVE-2021-23159
MISC
MISC
MISC
MISC
redhat — sox
 
A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function startread() in hcom.c file. The vulnerability is exploitable with a crafted hcomn file, that could cause an application to crash. 2022-08-25 not yet calculated CVE-2021-23172
MISC
MISC
MISC
MISC
redhat — sox
 
A floating point exception (divide-by-zero) issue was discovered in SoX in functon startread() of wav.c file. An attacker with a crafted wav file, could cause an application to crash. 2022-08-25 not yet calculated CVE-2021-33844
MISC
MISC
MISC
MISC
redhat — sox
 
A floating point exception (divide-by-zero) issue was discovered in SoX in functon read_samples() of voc.c file. An attacker with a crafted file, could cause an application to crash. 2022-08-25 not yet calculated CVE-2021-23210
MISC
MISC
MISC
MISC
redhat — suid_binary
 
A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a result, if the descendant process crashes and core_pattern is set to a relative value, its core dump is stored in the current directory with uid:gid permissions. An unprivileged local user with eligible root SUID binary could use this flaw to place core dumps into root-owned directories, potentially resulting in escalation of privileges. 2022-08-26 not yet calculated CVE-2021-3864
MISC
MISC
MISC
MISC
MISC
MISC
MISC
redhat — undertow A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability. 2022-08-23 not yet calculated CVE-2021-3690
MISC
MISC
MISC
MISC
redhat — undertow
 
A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks. 2022-08-26 not yet calculated CVE-2021-3859
MISC
MISC
MISC
MISC
MISC
redhat — unzip
 
A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. 2022-08-24 not yet calculated CVE-2021-4217
MISC
MISC
MISC
redhat — vdsm
 
A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear text. 2022-08-26 not yet calculated CVE-2022-0207
MISC
MISC
MISC
MISC
MISC
redhat — wildfly-core
 
A flaw was found in wildfly-core in all versions. If a vault expression is in the form of a single attribute that contains multiple expressions, a user who was granted access to the management interface can potentially access a vault expression they should not be able to access and possibly retrieve the item which was stored in the vault. The highest threat from this vulnerability is data confidentiality and integrity. 2022-08-26 not yet calculated CVE-2021-3644
MISC
MISC
MISC
MISC
MISC
MISC
redhat — xfs_filesystem
 
A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them. 2022-08-24 not yet calculated CVE-2021-4155
MISC
MISC
MISC
MISC
MISC
redhat — xnio A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up. 2022-08-26 not yet calculated CVE-2022-0084
MISC
MISC
MISC
MISC
redhat — qemu
 
A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout function. This flaw allows a malicious privileged user within the guest to crash the QEMU process on the host, resulting in a denial of service. 2022-08-26 not yet calculated CVE-2022-0216
MISC
MISC
MISC
MISC
MISC
rhonabwy — rhonabwy Rhonabwy 0.9.99 through 1.1.x before 1.1.7 doesn’t check the RSA private key length before RSA-OAEP decryption. This allows attackers to cause a Denial of Service via a crafted JWE (JSON Web Encryption) token. 2022-08-20 not yet calculated CVE-2022-38493
MISC
rizin — rizin
 
A vulnerability was found in rizin. The bug involves an ELF64 binary for the HPPA architecture. When a specially crafted binarygets analysed by rizin, it causes rizin to crash by freeing an uninitialized (and potentially user controlled, depending on the build) memory address. 2022-08-25 not yet calculated CVE-2021-4022
MISC
rockwellautomation — isagraf_workbench Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software when opened. If the software is running at the SYSTEM level, then the attacker will gain admin level privileges. User interaction is required for this exploit to be successful. 2022-08-25 not yet calculated CVE-2022-2463
MISC
rockwellautomation — isagraf_workbench Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an attacker to traverse the file system when opened by ISaGRAF Workbench. If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the ISaGRAF Workbench software. User interaction is required for this exploit to be successful. 2022-08-25 not yet calculated CVE-2022-2464
MISC
rockwellautomation — isagraf_workbench Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in ISaGRAF Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited. 2022-08-25 not yet calculated CVE-2022-2465
MISC
rpm — rpm There is a flaw in RPM’s signature functionality. OpenPGP subkeys are associated with a primary key via a “binding signature.” RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another party to add a malicious subkey to a legitimate public key, RPM could wrongly trust a malicious signature. The greatest impact of this flaw is to data integrity. To exploit this flaw, an attacker must either compromise an RPM repository or convince an administrator to install an untrusted RPM or public key. It is strongly recommended to only use RPMs and public keys from trusted sources. 2022-08-22 not yet calculated CVE-2021-3521
MISC
MISC
MISC
MISC
rubrik — rubrik_cdm A buffer overflow vulnerability in the Rubrik Backup Service (RBS) Agent for Linux or Unix-based systems in Rubrik CDM 7.0.1, 7.0.1-p1, 7.0.1-p2 or 7.0.1-p3 before CDM 7.0.2-p2 could allow a local attacker to obtain root privileges by sending a crafted message to the RBS agent. 2022-08-26 not yet calculated CVE-2022-30984
MISC
MISC
ruoyi — ruoyi
 
RuoYi v3.8.3 has a Weak password vulnerability in the management system. 2022-08-25 not yet calculated CVE-2022-37158
MISC
samba — samba A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl. 2022-08-25 not yet calculated CVE-2022-32746
MISC
samba — samba A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault. 2022-08-25 not yet calculated CVE-2022-32745
MISC
samba — samba A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users’ passwords, enabling full domain takeover. 2022-08-25 not yet calculated CVE-2022-32744
MISC
samba — samba A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share. 2022-08-23 not yet calculated CVE-2021-20316
MISC
MISC
MISC
MISC
MISC
samba — samba A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control the area of the server memory written to the file (or printer). 2022-08-25 not yet calculated CVE-2022-32742
MISC
samba — samba
 
A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other’s tickets. A user who has been requested to change their password, can exploit this flaw to obtain and use tickets to other services. 2022-08-25 not yet calculated CVE-2022-2031
MISC
samba — samba
 
MaxQueryDuration not honoured in Samba AD DC LDAP 2022-08-23 not yet calculated CVE-2021-3670
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
schroot — schroot Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session. 2022-08-27 not yet calculated CVE-2022-2787
MISC
MISC
MISC
servicenow — servicenow ServiceNow through San Diego Patch 3 allows XSS via the name field during creation of a new dashboard for the Performance Analytics dashboard. 2022-08-23 not yet calculated CVE-2022-38172
CONFIRM
servicenow — servicenow ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality. 2022-08-23 not yet calculated CVE-2022-38463
CONFIRM
simple_task_scheduling_system — simple_task_scheduling_system Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_schedule. 2022-08-26 not yet calculated CVE-2022-36680
MISC
simple_task_scheduling_system — simple_task_scheduling_system Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=user/manage_user. 2022-08-26 not yet calculated CVE-2022-36679
MISC
simple_task_scheduling_system — simple_task_scheduling_system Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_payment. 2022-08-26 not yet calculated CVE-2022-36683
MISC
simple_task_scheduling_system — simple_task_scheduling_system Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_account. 2022-08-26 not yet calculated CVE-2022-36681
MISC
simple_task_scheduling_system — simple_task_scheduling_system Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_item. 2022-08-25 not yet calculated CVE-2022-36693
MISC
simple_task_scheduling_system — simple_task_scheduling_system Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_stockin. 2022-08-25 not yet calculated CVE-2022-36695
MISC
simple_task_scheduling_system — simple_task_scheduling_system Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_waste. 2022-08-25 not yet calculated CVE-2022-36697
MISC
simple_task_scheduling_system — simple_task_scheduling_system Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/view_category.php. 2022-08-25 not yet calculated CVE-2022-36698
MISC
simple_task_scheduling_system — simple_task_scheduling_system Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/manage_category.php. 2022-08-25 not yet calculated CVE-2022-36699
MISC
simple_task_scheduling_system — simple_task_scheduling_system Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/manage_item.php. 2022-08-25 not yet calculated CVE-2022-36700
MISC
simple_task_scheduling_system — simple_task_scheduling_system Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /stocks/manage_stockin.php. 2022-08-25 not yet calculated CVE-2022-36703
MISC
simple_task_scheduling_system — simple_task_scheduling_system Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category. 2022-08-25 not yet calculated CVE-2022-36692
MISC
simple_task_scheduling_system — simple_task_scheduling_system Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_student. 2022-08-26 not yet calculated CVE-2022-36682
MISC
simple_task_scheduling_system — simple_task_scheduling_system Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_stockout. 2022-08-25 not yet calculated CVE-2022-36696
MISC
simple_task_scheduling_system — simple_task_scheduling_system Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category. 2022-08-26 not yet calculated CVE-2022-36678
MISC
siteservercms — siteservercms SiteServerCMS 5.X has a Remote-download-Getshell-vulnerability via /SiteServer/Ajax/ajaxOtherService.aspx. 2022-08-26 not yet calculated CVE-2022-36226
MISC
MISC
sonic_wall — sma100
 
A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the appliance or potentially lead to code execution. This vulnerability impacts 10.2.1.5-34sv and earlier versions. 2022-08-26 not yet calculated CVE-2022-2915
CONFIRM
sourcecodester — gym_management A vulnerability classified as critical has been found in SourceCodester Gym Management System. This affects an unknown part of the file login.php. The manipulation of the argument user_email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-206451. 2022-08-22 not yet calculated CVE-2022-2842
MISC
MISC
sourcecodester — simple_and_nice_shopping_cart_script A vulnerability classified as critical was found in SourceCodester Simple and Nice Shopping Cart Script. Affected by this vulnerability is an unknown functionality of the file /mkshop/Men/profile.php. The manipulation of the argument mem_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-207001 was assigned to this vulnerability. 2022-08-25 not yet calculated CVE-2022-2957
N/A
N/A
sourcecodester — simple_and_nice_shopping_cart_script A vulnerability was found in SourceCodester Simple and Nice Shopping Cart Script. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /mkshop/Men/profile.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206845 was assigned to this vulnerability. 2022-08-20 not yet calculated CVE-2022-2909
MISC
MISC
sourcecodester — simple_task_managing_system A vulnerability classified as problematic was found in SourceCodester Simple Task Managing System. This vulnerability affects unknown code. The manipulation of the argument student_add leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-207424. 2022-08-27 not yet calculated CVE-2022-3014
N/A
N/A
sourcecodester — simple_task_managing_system A vulnerability classified as critical has been found in SourceCodester Simple Task Managing System. This affects an unknown part of the file /loginVaLidation.php. The manipulation of the argument login leads to sql injection. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-207423. 2022-08-27 not yet calculated CVE-2022-3013
N/A
sqlite — sqlite
 
An issue was found in fts5UnicodeTokenize() in ext/fts5/fts5_tokenize.c in Sqlite. A unicode61 tokenizer configured to treat unicode “control-characters” (class Cc), was treating embedded nul characters as tokens. The issue was fixed in sqlite-3.34.0 and later. 2022-08-25 not yet calculated CVE-2021-20223
MISC
MISC
MISC
stormshield — network_security Flooding SNS firewall 3.7.0 to 3.7.26 with udp or icmp randomizing the source through an internal to internal or external to internal interfaces will lead the firewall to overwork. It will consume 100% CPU, 100 RAM and won’t be available and can crash. 2022-08-24 not yet calculated CVE-2022-27812
MISC
symantec — multiple_products
 
A malicious unauthorized PAM user can access the administration configuration data and change the values. 2022-08-26 not yet calculated CVE-2022-25625
MISC
systemd — systemd A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp. 2022-08-23 not yet calculated CVE-2021-3997
MISC
MISC
MISC
MISC
tabit_technologies — tabit Tabit – password enumeration. Description: Tabit – password enumeration. The passwords for the Tabit system is a 4 digit OTP. One can resend OTP and try logging in indefinitely. Once again, this is an example of OWASP: API4 – Rate limiting. 2022-08-22 not yet calculated CVE-2022-34772
MISC
tabit_technologies — tabit Tabit – HTTP Method manipulation. bridge.tabit.cloud/configuration/addresses-query – can be POST-ed to add addresses to the DB. This is an example of OWASP:API8 – Injection. 2022-08-22 not yet calculated CVE-2022-34773
MISC
tabit_technologies — tabit Tabit – Arbitrary account modification. One of the endpoints mapped by the tiny URL, was a page where an adversary can modify personal details, such as email addresses and phone numbers of a specific user in a restaurant’s loyalty program. Possibly allowing account takeover (the mail can be used to reset password). 2022-08-22 not yet calculated CVE-2022-34774
MISC
tabit_technologies — tabit Tabit – Excessive data exposure. Another endpoint mapped by the tiny url, was one for reservation cancellation, containing the MongoDB ID of the reservation, and organization. This can be used to query the tgm-api.tabit.cloud/rsv/management/{reservationId}?organization={orgId} API which returns a lot of data regarding the reservation (OWASP: API3): Name, mail, phone number, the number of visits of the user to this specific restaurant, the money he spent there, the money he spent on alcohol, whether he left a deposit etc. This information can easily be used for a phishing attack. 2022-08-22 not yet calculated CVE-2022-34775
MISC
tabit_technologies — tabit Tabit – giftcard stealth. Several APIs on the web system display, without authorization, sensitive information such as health statements, previous bills in a specific restaurant, alcohol consumption and smoking habits. Each of the described APIs, has in its URL one or more MongoDB ID which is not so simple to enumerate. However, they each receive a ‘tiny URL’ in tabits domain, in the form of tbit.be/{suffix} with suffix being a 5 character long string containing numbers, lower and upper case letters. It is not so simple to enumerate them all, but really easy to find some that work and lead to a personal endpoint. Furthermore, the redirect URL disclosed the MongoDB IDs discussed above, and we could use them to query other endpoints disclosing more personal information. 2022-08-22 not yet calculated CVE-2022-34776
MISC
tabit_technologies — tabit Tabit – sensitive information disclosure. Several APIs on the web system display, without authorization, sensitive information such as health statements, previous bills in a specific restaurant, alcohol consumption and smoking habits. Each of the described API’s, has in its URL one or more MongoDB ID which is not so simple to enumerate. However, they each receive a ‘tiny URL’ in Tabit’s domain, in the form of tbit.be/{suffix} with suffix being a 5 characters long string containing numbers, lower- and upper-case letters. It is not so simple to enumerate them all, but really easy to find some that work and lead to a personal endpoint. This is both an example of OWASP: API4 – rate limiting and OWASP: API1 – Broken object level authorization. Furthermore, the redirect URL disclosed the MongoDB IDs discussed above, and we could use them to query other endpoints disclosing more personal information. For example: The URL tabitisrael.co.il/online-reservations/health-statement?orgId={org_id}&healthStatementId={health_statement_id} is used to invite friends to fill a health statement before attending the restaurant. We can use the health_statement_id to access the tgm-api.tabit.cloud/health-statement/{health_statement_id} API which disclose medical information as well as id number. 2022-08-22 not yet calculated CVE-2022-34770
MISC
tabit_technologies — tabit Tabit – arbitrary SMS send on Tabits behalf. The resend OTP API of tabit allows an adversary to send messages on tabits behalf to anyone registered on the system – the API receives the parameters: phone number, and CustomMessage, We can use that API to craft malicious messages to any user of the system. In addition, the API probably has some kind of template injection potential. When entering {{OTP}} in the custom message field it is formatted into an OTP. 2022-08-22 not yet calculated CVE-2022-34771
MISC
taogogo — taocms An arbitrary file deletion vulnerability was discovered in taocms 3.0.2, that allows attacker to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt 2022-08-23 not yet calculated CVE-2022-36261
MISC
MISC
tcpdump — tcpdump
 
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463. 2022-08-27 not yet calculated CVE-2019-15167
CONFIRM
teleport — teleport
 
Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. An attacker can craft a malicious ssh agent installation link by URL encoding a bash escape with carriage return line feed. This url encoded payload can be used in place of a token and sent to a user in a social engineering attack. This is fully unauthenticated attack utilizing the trusted teleport server to deliver the payload. 2022-08-24 not yet calculated CVE-2022-36633
MISC
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter at the function setSmartPowerManagement. 2022-08-25 not yet calculated CVE-2022-37799
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function fromSetRouteStatic. 2022-08-25 not yet calculated CVE-2022-37800
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand. 2022-08-25 not yet calculated CVE-2022-37801
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetVirtualSer. 2022-08-25 not yet calculated CVE-2022-37798
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromNatStaticSetting. 2022-08-25 not yet calculated CVE-2022-37802
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the firewallEn parameter in the function formSetFirewallCfg. 2022-08-25 not yet calculated CVE-2022-37812
MISC
tenda — ac1206 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetIpMacBind. 2022-08-25 not yet calculated CVE-2022-37817
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromSetIpMacBind. 2022-08-25 not yet calculated CVE-2022-37816
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the PPPOEPassword parameter in the function formQuickIndex. 2022-08-25 not yet calculated CVE-2022-37815
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain multiple stack overflows via the deviceMac and the device_id parameters in the function addWifiMacFilter. 2022-08-25 not yet calculated CVE-2022-37814
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromSetSysTime. 2022-08-25 not yet calculated CVE-2022-37813
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the startIp parameter in the function formSetPPTPServer. 2022-08-25 not yet calculated CVE-2022-37811
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo. 2022-08-25 not yet calculated CVE-2022-37804
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac. 2022-08-25 not yet calculated CVE-2022-37810
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the speed_dir parameter in the function formSetSpeedWan. 2022-08-25 not yet calculated CVE-2022-37809
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the index parameter in the function formWifiWpsOOB. 2022-08-25 not yet calculated CVE-2022-37808
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function formSetClientState. 2022-08-25 not yet calculated CVE-2022-37807
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromDhcpListClient. 2022-08-25 not yet calculated CVE-2022-37806
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromWizardHandle. 2022-08-25 not yet calculated CVE-2022-37805
MISC
tenda — ac1206 Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromAddressNat. 2022-08-25 not yet calculated CVE-2022-37803
MISC
tenda — ac15_firmware Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet. 2022-08-19 not yet calculated CVE-2022-37175
MISC
MISC
tenda — ac18 Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability. 2022-08-19 not yet calculated CVE-2022-35201
MISC
MISC
MISC
tenda — ax12 Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub_42FDE4 function, which satisfies the request of the upper-level interface function sub_430124, that is, handles the post request under /goform/SetIpMacBind. 2022-08-25 not yet calculated CVE-2022-37292
MISC
tenda — ax1803 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ProvinceCode parameter in the function formSetProvince. 2022-08-25 not yet calculated CVE-2022-37821
MISC
tenda — ax1803 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. 2022-08-25 not yet calculated CVE-2022-37824
MISC
tenda — ax1803 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the timezone parameter in the function fromSetSysTime. 2022-08-25 not yet calculated CVE-2022-37819
MISC
tenda — ax1803 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ddnsEn parameter in the function formSetSysToolDDNS. 2022-08-25 not yet calculated CVE-2022-37820
MISC
tenda — ax1803 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand. 2022-08-25 not yet calculated CVE-2022-37818
MISC
tenda — ax1803 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetRouteStatic. 2022-08-25 not yet calculated CVE-2022-37822
MISC
tenda — ax1803 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetVirtualSer. 2022-08-25 not yet calculated CVE-2022-37823
MISC
totolink — a3600r TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi. 2022-08-25 not yet calculated CVE-2022-36455
MISC
totolink — a3700r TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter. 2022-08-25 not yet calculated CVE-2022-36465
MISC
totolink — a3700r TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules. 2022-08-25 not yet calculated CVE-2022-36464
MISC
totolink — a3700r TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg. 2022-08-25 not yet calculated CVE-2022-36463
MISC
totolink — a3700r TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg. 2022-08-25 not yet calculated CVE-2022-36462
MISC
totolink — a3700r TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg. 2022-08-25 not yet calculated CVE-2022-36461
MISC
totolink — a3700r TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile. 2022-08-25 not yet calculated CVE-2022-36460
MISC
totolink — a3700r TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg. 2022-08-25 not yet calculated CVE-2022-36466
MISC
totolink — a3700r TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost. 2022-08-25 not yet calculated CVE-2022-36459
MISC
totolink — a3700r TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg. 2022-08-25 not yet calculated CVE-2022-36458
MISC
totolink — a7000r TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg. 2022-08-25 not yet calculated CVE-2022-37079
MISC
totolink — a7000r TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the lang parameter at /setting/setLanguageCfg. 2022-08-25 not yet calculated CVE-2022-37078
MISC
totolink — a7000r TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the ip parameter at the function setDiagnosisCfg. 2022-08-25 not yet calculated CVE-2022-37083
MISC
totolink — a7000r TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the host_time parameter at the function NTPSyncWithHost. 2022-08-25 not yet calculated CVE-2022-37082
MISC
totolink — a7000r TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the command parameter at setting/setTracerouteCfg. 2022-08-25 not yet calculated CVE-2022-37081
MISC
totolink — a7000r TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg. 2022-08-25 not yet calculated CVE-2022-37075
MISC
totolink — a7000r TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile. 2022-08-25 not yet calculated CVE-2022-37076
MISC
totolink — a7000r TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the command parameter at setting/setTracerouteCfg. 2022-08-25 not yet calculated CVE-2022-37080
MISC
totolink — a7000r TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the pppoeUser parameter. 2022-08-25 not yet calculated CVE-2022-37077
MISC
totolink — a7000r TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the sPort parameter at the addEffect function. 2022-08-25 not yet calculated CVE-2022-37084
MISC
totolink — a720r TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi. 2022-08-25 not yet calculated CVE-2022-36456
MISC
totolink — n350rt TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the function setDiagnosisCfg. 2022-08-25 not yet calculated CVE-2022-36484
MISC
totolink — n350rt TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the ip parameter in the function setDiagnosisCfg. 2022-08-25 not yet calculated CVE-2022-36481
MISC
totolink — n350rt TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile. 2022-08-25 not yet calculated CVE-2022-36486
MISC
totolink — n350rt TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the pppoeUser parameter. 2022-08-25 not yet calculated CVE-2022-36483
MISC
totolink — n350rt TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg. 2022-08-25 not yet calculated CVE-2022-36485
MISC
totolink — n350rt TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost. 2022-08-25 not yet calculated CVE-2022-36479
MISC
totolink — n350rt TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg. 2022-08-25 not yet calculated CVE-2022-36487
MISC
totolink — n350rt TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules. 2022-08-25 not yet calculated CVE-2022-36488
MISC
totolink — n350rt TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg. 2022-08-25 not yet calculated CVE-2022-36480
MISC
totolink — n350rt TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the lang parameter in the function setLanguageCfg. 2022-08-25 not yet calculated CVE-2022-36482
MISC
tp-link — archer_a7 TP-Link Archer A7 Archer A7(US)_V5_210519 is affected by a command injection vulnerability in /usr/bin/tddp. The vulnerability is caused by the program taking part of the received data packet as part of the command. This will cause an attacker to execute arbitrary commands on the router. 2022-08-23 not yet calculated CVE-2021-42232
MISC
MISC
MISC
trendnet — tv-ip572p An access control issue in TrendNet TV-IP572PI v1.0 allows unauthenticated attackers to access sensitive system information. 2022-08-23 not yet calculated CVE-2022-35203
MISC
MISC
MISC
unimo — udr-ja1004 Missing authentication for critical function vulnerability in UNIMO Technology digital video recorders (UDR-JA1004/JA1008/JA1016 firmware versions v1.0.20.13 and earlier, and UDR-JA1016 firmware versions v2.0.20.13 and earlier) allows a remote unauthenticated attacker to execute an arbitrary OS command by sending a specially crafted request to the affected device web interface. 2022-08-23 not yet calculated CVE-2022-35733
MISC
MISC
uninett — mod_auth_mellon A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threat from this liability is to confidentiality and integrity. 2022-08-22 not yet calculated CVE-2021-3639
MISC
MISC
MISC
upx — upx An invalid memory address reference was discovered in the adjABS function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file. 2022-08-25 not yet calculated CVE-2020-27798
MISC
upx– upx An floating point exception was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file. 2022-08-25 not yet calculated CVE-2020-27802
MISC
upx — upx A heap-based buffer over-read was discovered in the get_le64 function in bele.h in UPX 4.0.0 via a crafted Mach-O file. 2022-08-25 not yet calculated CVE-2020-27801
MISC
upx — upx A heap-based buffer over-read was discovered in the get_le32 function in bele.h in UPX 4.0.0 via a crafted Mach-O file. 2022-08-25 not yet calculated CVE-2020-27800
MISC
upx — upx A heap-based buffer over-read was discovered in the acc_ua_get_be32 function in miniacc.h in UPX 4.0.0 via a crafted Mach-O file. 2022-08-25 not yet calculated CVE-2020-27799
MISC
upx — upx An invalid memory address reference was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file. 2022-08-25 not yet calculated CVE-2020-27797
MISC
upx — upx A heap-based buffer over-read was discovered in the invert_pt_dynamic function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file. 2022-08-25 not yet calculated CVE-2020-27796
MISC
util-linux — util-linux
 
A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to unmount FUSE filesystems that belong to certain other users who have a UID that is a prefix of the UID of the attacker in its string form. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems. 2022-08-23 not yet calculated CVE-2021-3995
MISC
MISC
MISC
MISC
util-linux — util-linux
 
A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users’ filesystems that are either world-writable themselves (like /tmp) or mounted in a world-writable directory. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems. 2022-08-23 not yet calculated CVE-2021-3996
MISC
MISC
MISC
MISC
MISC
vim — vim NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240. 2022-08-22 not yet calculated CVE-2022-2923
CONFIRM
MISC
vim — vim Use After Free in GitHub repository vim/vim prior to 9.0.0246. 2022-08-23 not yet calculated CVE-2022-2946
CONFIRM
MISC
vim — vim NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259. 2022-08-25 not yet calculated CVE-2022-2980
MISC
CONFIRM
vim — vim Use After Free in GitHub repository vim/vim prior to 9.0.0260. 2022-08-25 not yet calculated CVE-2022-2982
MISC
CONFIRM
virgl — virtual_opengl_renderer
 
A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading to information disclosure. 2022-08-26 not yet calculated CVE-2022-0175
MISC
MISC
MISC
MISC
MISC
virgl — virtual_opengl_renderer
 
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution. 2022-08-25 not yet calculated CVE-2022-0135
MISC
vmware — multiple_products
 
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 are susceptible to a vulnerability which could allow an attacker to discover cluster, node and Active IQ Unified Manager specific information via AutoSupport telemetry data that is sent even when AutoSupport has been disabled. 2022-08-25 not yet calculated CVE-2022-23235
MISC
vmware — vmware_tools
 
VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine. 2022-08-23 not yet calculated CVE-2022-31676
MISC
MLIST
DEBIAN
MLIST
vtk — vtk
 
There is a NULL pointer dereference vulnerability in VTK, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn’t check the return value of libxml2 API ‘xmlDocGetRootElement’, and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer dereference may crash the application. 2022-08-25 not yet calculated CVE-2021-42521
MISC
wellcms — wellcms Wellcms 2.2.0 is vulnerable to Cross Site Request Forgery (CSRF). 2022-08-19 not yet calculated CVE-2022-36579
MISC
wkhtmltopdf — wkhtmltopdf wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to get initial access into the target’s system by injecting iframe tag with initial asset IP address on it’s source. This allows the attacker to takeover the whole infrastructure by accessing their internal assets. 2022-08-22 not yet calculated CVE-2022-35583
MISC
MISC
MISC
wordpress — wordpress PHP Object Injection vulnerability in Easy Digital Downloads plugin <= 3.0.1 at WordPress. 2022-08-22 not yet calculated CVE-2022-33900
CONFIRM
CONFIRM
wordpress — wordpress Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WebbaPlugins Webba Booking plugin <= 4.2.21 at WordPress. 2022-08-22 not yet calculated CVE-2021-36847
CONFIRM
CONFIRM
wordpress — wordpress Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in 8 Degree Themes otification Bar for WordPress plugin <= 1.1.8 at WordPress. 2022-08-23 not yet calculated CVE-2022-29476
CONFIRM
CONFIRM
wordpress — wordpress The WPQA Builder WordPress plugin before 5.7 which is a companion plugin to the Hilmer and Discy , does not check authorization before displaying private messages, allowing any logged in user to read other users private message using the message id, which can easily be brute forced. 2022-08-22 not yet calculated CVE-2022-2198
MISC
wordpress — wordpress The WP Edit Menu WordPress plugin before 1.5.0 does not have CSRF in an AJAX action, which could allow attackers to make a logged in admin delete arbitrary posts/pages from the blog via a CSRF attack 2022-08-22 not yet calculated CVE-2022-2275
MISC
wordpress — wordpress The WP Edit Menu WordPress plugin before 1.5.0 does not have authorisation and CSRF in an AJAX action, which could allow unauthenticated attackers to delete arbitrary posts/pages from the blog 2022-08-22 not yet calculated CVE-2022-2276
CONFIRM
MISC
wordpress — wordpress The Student Result or Employee Database WordPress plugin before 1.7.5 does not have CSRF in its AJAX actions, allowing attackers to make logged in user with a role as low as contributor to add/edit and delete students via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site scripting 2022-08-22 not yet calculated CVE-2022-2312
MISC
wordpress — wordpress The WP Social Chat WordPress plugin before 6.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks. 2022-08-22 not yet calculated CVE-2022-2361
MISC
wordpress — wordpress The Download Manager WordPress plugin before 3.2.50 prioritizes getting a visitor’s IP from certain HTTP headers over PHP’s REMOTE_ADDR, which makes it possible to bypass IP-based download blocking restrictions. 2022-08-22 not yet calculated CVE-2022-2362
MISC
wordpress — wordpress The WP Sticky Button WordPress plugin before 1.4.1 does not have authorisation and CSRF checks when saving its settings, allowing unauthenticated users to update them. Furthermore, due to the lack of escaping in some of them, it could lead to Stored Cross-Site Scripting issues 2022-08-22 not yet calculated CVE-2022-2375
MISC
wordpress — wordpress The Directorist WordPress plugin before 7.3.0 does not have authorisation and CSRF checks in an AJAX action, allowing any authenticated users to send arbitrary emails on behalf of the blog 2022-08-22 not yet calculated CVE-2022-2377
MISC
wordpress — wordpress The Product Slider for WooCommerce WordPress plugin before 2.5.7 has flawed CSRF checks and lack authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber to call them. One in particular could allow them to delete arbitrary blog options. 2022-08-22 not yet calculated CVE-2022-2382
MISC
wordpress — wordpress The Feed Them Social WordPress plugin before 3.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting 2022-08-22 not yet calculated CVE-2022-2383
MISC
wordpress — wordpress The WP Coder WordPress plugin before 2.5.3 does not have CSRF check in place when deleting code created by the plugin, which could allow attackers to make a logged in admin delete arbitrary ones via a CSRF attack 2022-08-22 not yet calculated CVE-2022-2388
MISC
wordpress — wordpress The Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder & Marketing Automation By Autonami WordPress plugin before 2.1.2 does not have authorisation and CSRF checks in one of its AJAX action, allowing any authenticated users, such as subscriber to create automations 2022-08-22 not yet calculated CVE-2022-2389
MISC
wordpress — wordpress The Transposh WordPress Translation WordPress plugin before 1.0.8 does not have CSRF check in its tp_translation AJAX action, which could allow attackers to make authorised users add a translation. Given the lack of sanitisation in the tk0 parameter, this could lead to a Stored Cross-Site Scripting issue which will be executed in the context of a logged in admin 2022-08-22 not yet calculated CVE-2021-24912
MISC
wordpress — wordpress The Transposh WordPress Translation WordPress plugin before 1.0.8 does not sanitise and escape the tk0 parameter from the tp_translation AJAX action, leading to Stored Cross-Site Scripting, which will trigger in the admin dashboard of the plugin. The minimum role needed to perform such attack depends on the plugin “Who can translate ?” setting. 2022-08-22 not yet calculated CVE-2021-24911
MISC
wordpress — wordpress Authenticated (subscriber+) Denial Of Service (DoS) vulnerability in WordPlus WordPress Better Messages plugin <= 1.9.10.57 at WordPress. 2022-08-23 not yet calculated CVE-2022-33142
CONFIRM
CONFIRM
wordpress — wordpress The Lana Downloads Manager WordPress plugin before 1.8.0 is affected by an arbitrary file download vulnerability that can be exploited by users with “Contributor” permissions or higher. 2022-08-22 not yet calculated CVE-2022-2392
MISC
wordpress — wordpress The WP phpMyAdmin WordPress plugin before 5.2.0.4 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup) 2022-08-22 not yet calculated CVE-2022-2407
MISC
wordpress — wordpress The Feed Them Social WordPress plugin before 3.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting 2022-08-22 not yet calculated CVE-2022-2532
MISC
wordpress — wordpress The Ninja Job Board WordPress plugin before 1.3.3 does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated Directory Listing which allows the download of uploaded resumes. 2022-08-22 not yet calculated CVE-2022-2544
CONFIRM
MISC
wordpress — wordpress The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated visitors accessing the main installer endpoint of the plugin, if the installer script has been run once by an administrator, allowing download of the full site backup without authenticating. 2022-08-22 not yet calculated CVE-2022-2551
MISC
MISC
wordpress — wordpress The Duplicator WordPress plugin before 1.4.7.1 does not authenticate or authorize visitors before displaying information about the system such as server software, php version and full file system path to the site. 2022-08-22 not yet calculated CVE-2022-2552
MISC
MISC
wordpress — wordpress The Auto-hyperlink URLs WordPress plugin through 5.4.1 does not set rel=”noopener noreferer” on generated links, which can lead to Tab Nabbing by giving the target site access to the source tab through the window.opener DOM object. 2022-08-22 not yet calculated CVE-2022-2600
MISC
wordpress — wordpress The Advanced Custom Fields WordPress plugin before 5.12.3, Advanced Custom Fields Pro WordPress plugin before 5.12.3 allows unauthenticated users to upload files allowed in a default WP configuration (so PHP is not possible) if there is a frontend form available. This vulnerability was introduced in the 5.0 rewrite and did not exist prior to that release. 2022-08-22 not yet calculated CVE-2022-2594
MISC
MISC
wordpress — wordpress The Better Search Replace WordPress plugin before 1.4.1 does not properly sanitise and escape table data before inserting it into a SQL query, which could allow high privilege users to perform SQL Injection attacks 2022-08-22 not yet calculated CVE-2022-2593
MISC
wordpress — wordpress The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high privilege users such as admin to perform RCE 2022-08-22 not yet calculated CVE-2022-25812
MISC
wordpress — wordpress The Transposh WordPress Translation WordPress plugin through 1.0.8 does not sanitise and escape the order and orderby parameters before using them in a SQL statement, leading to a SQL injection 2022-08-22 not yet calculated CVE-2022-25811
MISC
wordpress — wordpress The Transposh WordPress Translation WordPress plugin through 1.0.8 exposes a couple of sensitive actions such has “tp_resetâ€? under the Utilities tab (/wp-admin/admin.php?page=tp_utils), which can be used/executed as the lowest-privileged user. Basically all Utilities functionalities are vulnerable this way, which involves resetting configurations and backup/restore operations. 2022-08-22 not yet calculated CVE-2022-25810
MISC
wordpress — wordpress The Simple Job Board WordPress plugin before 2.10.0 is susceptible to Directory Listing which allows the public listing of uploaded resumes in certain configurations. 2022-08-22 not yet calculated CVE-2022-2558
MISC
wordpress — wordpress The LinkWorth WordPress plugin before 3.3.4 does not implement nonce checks, which could allow attackers to make a logged in admin change settings via a CSRF attack. 2022-08-22 not yet calculated CVE-2022-2172
CONFIRM
MISC
wordpress — wordpress The Rezgo Online Booking WordPress plugin before 4.1.8 does not sanitise and escape some parameters before outputting them back in a page, leading to a Reflected Cross-Site Scripting, which can be exploited either via a LFI in an AJAX action, or direct call to the affected file 2022-08-22 not yet calculated CVE-2022-1932
MISC
wordpress — wordpress The Yotpo Reviews for WooCommerce WordPress plugin through 2.0.4 lacks nonce check when updating its settings, which could allow attacker to make a logged in admin change them via a CSRF attack. 2022-08-22 not yet calculated CVE-2022-2555
MISC
wordpress — wordpress Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking plugin <= 1.10.5 at WordPress. 2022-08-22 not yet calculated CVE-2021-36852
CONFIRM
CONFIRM
wordpress — wordpress Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in amCharts: Charts and Maps plugin <= 1.4 at WordPress. 2022-08-23 not yet calculated CVE-2022-36405
CONFIRM
CONFIRM
wordpress — wordpress Authenticated (author+) SQL Injection (SQLi) vulnerability in Contest Gallery plugin <= 17.0.4 at WordPress. 2022-08-23 not yet calculated CVE-2022-36394
CONFIRM
CONFIRM
wordpress — wordpress Cross-Site Request Forgery (CSRF) vulnerability in WordPlus Better Messages plugin <= 1.9.9.148 at WordPress. 2022-08-23 not yet calculated CVE-2022-36389
CONFIRM
CONFIRM
wordpress — wordpress Cross-Site Request Forgery (CSRF) leading to plugin settings update in YooMoney ?Kassa ??? WooCommerce plugin <= 2.3.0 at WordPress. 2022-08-23 not yet calculated CVE-2022-36379
CONFIRM
CONFIRM
wordpress — wordpress Cross-Site Request Forgery (CSRF) vulnerability in SEO Scout plugin <= 0.9.83 at WordPress allows attackers to trick users with administrative rights to unintentionally change the plugin settings. 2022-08-25 not yet calculated CVE-2022-36358
CONFIRM
CONFIRM
wordpress — wordpress Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alpine Press Alpine PhotoTile for Pinterest plugin <= 1.3.1 at WordPress. 2022-08-23 not yet calculated CVE-2022-36347
CONFIRM
CONFIRM
wordpress — wordpress Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Max Foundry MaxButtons plugin <= 9.2 at WordPress. 2022-08-22 not yet calculated CVE-2022-36346
CONFIRM
CONFIRM
wordpress — wordpress Authenticated (subscriber+) plugin settings change leading to Stored Cross-Site Scripting (XSS) vulnerability in Akash soni’s AS – Create Pinterest Pinboard Pages plugin <= 1.0 at WordPress. 2022-08-23 not yet calculated CVE-2022-36341
CONFIRM
CONFIRM
wordpress — wordpress Cross-Site Request Forgery (CSRF) vulnerabilities in WPChill Gallery PhotoBlocks plugin <= 1.2.6 at WordPress. 2022-08-23 not yet calculated CVE-2022-36292
CONFIRM
CONFIRM
wordpress — wordpress Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in W3 Eden Download Manager plugin <= 3.2.48 at WordPress. 2022-08-23 not yet calculated CVE-2022-36288
CONFIRM
CONFIRM
wordpress — wordpress Authenticated Arbitrary File Upload vulnerability in dmitrylitvinov Uploading SVG, WEBP and ICO files plugin <= 1.0.1 at WordPress. 2022-08-23 not yet calculated CVE-2022-36285
CONFIRM
CONFIRM
wordpress — wordpress Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Roman Pronskiy’s Search Exclude plugin <= 1.2.6 at WordPress. 2022-08-23 not yet calculated CVE-2022-36282
CONFIRM
CONFIRM
wordpress — wordpress Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in wpshopmart Testimonial Builder plugin <= 1.6.1 at WordPress. 2022-08-22 not yet calculated CVE-2021-36857
CONFIRM
CONFIRM
wordpress — wordpress The Coming Soon – Under Construction WordPress plugin through 1.1.9 does not sanitize and escape some of its settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed 2022-08-22 not yet calculated CVE-2022-1322
MISC
wordpress — wordpress Broken Authentication vulnerability in yotuwp Video Gallery plugin <= 1.3.4.5 at WordPress. 2022-08-23 not yet calculated CVE-2022-35726
CONFIRM
CONFIRM
wordpress — wordpress Unauthenticated plugin settings change vulnerability in 59sec THE Leads Management System: 59sec LITE plugin <= 3.4.1 at WordPress. 2022-08-23 not yet calculated CVE-2022-35242
CONFIRM
CONFIRM
wordpress — wordpress Authenticated (admin+) Arbitrary File Read vulnerability in XplodedThemes WPide plugin <= 2.6 at WordPress. 2022-08-23 not yet calculated CVE-2022-35235
CONFIRM
CONFIRM
wordpress — wordpress The Transposh WordPress Translation WordPress plugin before 1.0.8 does not sanitise and escape the a parameter via an AJAX action (available to both unauthenticated and authenticated users when the curl library is installed) before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue 2022-08-22 not yet calculated CVE-2021-24910
MISC
wordpress — wordpress Authenticated Arbitrary Settings Update vulnerability in YooMoney ?Kassa ??? WooCommerce plugin <= 2.3.0 at WordPress. 2022-08-23 not yet calculated CVE-2022-34868
CONFIRM
CONFIRM
wordpress — wordpress Authentication Bypass vulnerability in miniOrange OAuth 2.0 client for SSO plugin <= 1.11.3 at WordPress. 2022-08-22 not yet calculated CVE-2022-34858
CONFIRM
CONFIRM
wordpress — wordpress Reflected Cross-Site Scripting (XSS) vulnerability in smartypants SP Project & Document Manager plugin <= 4.59 at WordPress 2022-08-22 not yet calculated CVE-2022-34857
CONFIRM
CONFIRM
wordpress — wordpress Multiple Authenticated (contributor+) Persistent Cross-Site Scripting (XSS) vulnerabilities in W3 Eden Download Manager plugin <= 3.2.48 at WordPress. 2022-08-23 not yet calculated CVE-2022-34658
CONFIRM
CONFIRM
wordpress — wordpress The Simple Banner WordPress plugin before 2.12.0 does not properly sanitize its “Simple Banner Text” Settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. 2022-08-22 not yet calculated CVE-2022-0446
MISC
wordpress — wordpress Authenticated (author+) Stored Cross-Site Scripting (XSS) vulnerability in dmitrylitvinov Uploading SVG, WEBP and ICO files plugin <= 1.0.1 at WordPress. 2022-08-23 not yet calculated CVE-2022-34648
CONFIRM
CONFIRM
wordpress — wordpress Cross-Site Request Forgery (CSRF) vulnerability in W3 Eden Download Manager plugin <= 3.2.48 at WordPress. 2022-08-22 not yet calculated CVE-2022-34347
CONFIRM
CONFIRM
wordpress — wordpress Authentication Bypass vulnerability in miniOrange WP OAuth Server plugin <= 3.0.4 at WordPress. 2022-08-22 not yet calculated CVE-2022-34149
CONFIRM
CONFIRM
wordpress — wordpress The Ask me WordPress theme before 6.8.4 does not perform nonce checks when processing POST requests to the Edit Profile page, allowing an attacker to trick a user to change their profile information by sending a crafted request. 2022-08-22 not yet calculated CVE-2022-1251
MISC
wordpress — wordpress The Team WordPress plugin before 4.1.2 contains a file which could allow any authenticated users to download arbitrary files from the server via a path traversal vector. Furthermore, the file will also be deleted after its content is returned to the user 2022-08-22 not yet calculated CVE-2022-2557
MISC
wuzhicms — wuzhicms A directory traversal vulnerability was discovered in Wuzhicms 4.1.0. via /coreframe/app/attachment/admin/index.php: 2022-08-26 not yet calculated CVE-2022-36168
MISC
MISC
wwbn — avideo A cross-site request forgery (CSRF) vulnerability exists in WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to increased privileges. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability. 2022-08-22 not yet calculated CVE-2022-29468
MISC
CONFIRM
wwbn — avideo A reflected cross-site scripting (xss) vulnerability exists in the charts tab selection functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability. 2022-08-22 not yet calculated CVE-2022-26842
CONFIRM
MISC
wwbn — avideo Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request by an authenticated user can lead to unauthorized access and takeover of resources. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules plugin, allowing an attacker to bypass authentication by guessing a sequential ID, allowing them to take over the another user’s streams. 2022-08-22 not yet calculated CVE-2022-32768
CONFIRM
MISC
wwbn — avideo A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules plugin, allowing an attacker to inject SQL by manipulating the description parameter. 2022-08-22 not yet calculated CVE-2022-34652
MISC
CONFIRM
wwbn — avideo A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the CloneSite plugin, allowing an attacker to inject SQL by manipulating the url parameter. 2022-08-22 not yet calculated CVE-2022-33149
MISC
CONFIRM
wwbn — avideo A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules plugin, allowing an attacker to inject SQL by manipulating the title parameter. 2022-08-22 not yet calculated CVE-2022-33148
MISC
CONFIRM
wwbn — avideo A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the aVideoEncoder functionality which can be used to add new videos, allowing an attacker to inject SQL by manipulating the videoDownloadedLink or duration parameter. 2022-08-22 not yet calculated CVE-2022-33147
MISC
CONFIRM
wwbn — avideo An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. The session cookie and the pass cookie miss the HttpOnly flag, making them accessible via JavaScript. The session cookie also misses the secure flag, which allows the session cookie to be leaked over non-HTTPS connections. This could allow an attacker to steal the session cookie via crafted HTTP requests.This vulnerability is for the pass cookie, which contains the hashed password and can be leaked via JavaScript. 2022-08-22 not yet calculated CVE-2022-32778
MISC
CONFIRM
wwbn — avideo An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. The session cookie and the pass cookie miss the HttpOnly flag, making them accessible via JavaScript. The session cookie also misses the secure flag, which allows the session cookie to be leaked over non-HTTPS connections. This could allow an attacker to steal the session cookie via crafted HTTP requests.This vulnerabilty is for the session cookie which can be leaked via JavaScript. 2022-08-22 not yet calculated CVE-2022-32777
MISC
CONFIRM
wwbn — avideo A cross-site scripting (xss) vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability.This vulnerability arrises from the “msg” parameter which is inserted into the document with insufficient sanitization. 2022-08-22 not yet calculated CVE-2022-32772
CONFIRM
MISC
wwbn — avideo A cross-site scripting (xss) vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability.This vulnerability arrises from the “success” parameter which is inserted into the document with insufficient sanitization. 2022-08-22 not yet calculated CVE-2022-32771
CONFIRM
MISC
wwbn — avideo Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request by an authenticated user can lead to unauthorized access and takeover of resources. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Playlists plugin, allowing an attacker to bypass authentication by guessing a sequential ID, allowing them to take over the another user’s playlists. 2022-08-22 not yet calculated CVE-2022-32769
CONFIRM
MISC
wwbn — avideo A cross-site scripting (xss) vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability.This vulnerability arrises from the “toast” parameter which is inserted into the document with insufficient sanitization. 2022-08-22 not yet calculated CVE-2022-32770
CONFIRM
MISC
wwbn — avideo An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability. 2022-08-22 not yet calculated CVE-2022-32761
CONFIRM
MISC
wwbn — avideo An os command injection vulnerability exists in the aVideoEncoder wget functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability. 2022-08-22 not yet calculated CVE-2022-32572
CONFIRM
MISC
wwbn — avideo An improper password check exists in the login functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. An attacker that owns a users’ password hash will be able to use it to directly login into the account, leading to increased privileges. 2022-08-22 not yet calculated CVE-2022-32282
MISC
CONFIRM
wwbn — avideo A cross-site scripting (xss) vulnerability exists in the image403 functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability. 2022-08-22 not yet calculated CVE-2022-30690
CONFIRM
MISC
wwbn — avideo A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to increased privileges. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability. 2022-08-22 not yet calculated CVE-2022-30605
CONFIRM
MISC
wwbn — avideo A directory traversal vulnerability exists in the unzipDirectory functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability. 2022-08-22 not yet calculated CVE-2022-30547
CONFIRM
MISC
wwbn — avideo A cross-site scripting (xss) vulnerability exists in the videoAddNew functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability. 2022-08-22 not yet calculated CVE-2022-28712
MISC
CONFIRM
wwbn — avideo An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability. 2022-08-22 not yet calculated CVE-2022-28710
MISC
CONFIRM
wwbn — avideo An OS command injection vulnerability exists in the aVideoEncoder chunkfile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability. 2022-08-22 not yet calculated CVE-2022-30534
CONFIRM
MISC
xpdfreader — xpdf Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2021-30860 (Apple CoreGraphics). 2022-08-22 not yet calculated CVE-2022-38171
MISC
MISC
CONFIRM
MISC
CONFIRM
CONFIRM
MISC
xunruicms — xunruicms XunRuiCMS V4.5.6 is vulnerable to Cross Site Request Forgery (CSRF). 2022-08-19 not yet calculated CVE-2022-36224
MISC
xuxueli — xxl-job XXL-JOB all versions as of 11 July 2022 are vulnerable to Insecure Permissions resulting in the ability to execute admin function with low Privilege account. 2022-08-19 not yet calculated CVE-2022-36157
MISC
yetiforce — yetiforcecompany/yetiforcecrm Cross-site Scripting (XSS) – Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. 2022-08-22 not yet calculated CVE-2022-2890
CONFIRM
MISC
yetiforce — yetiforcecompany/yetiforcecrm Cross-site Scripting (XSS) – Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. 2022-08-22 not yet calculated CVE-2022-1340
MISC
CONFIRM
yetiforce — yetiforcecompany/yetiforcecrm Cross-site Scripting (XSS) – Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. 2022-08-21 not yet calculated CVE-2022-2885
CONFIRM
MISC
yetiforce — yetiforcecompany/yetiforcecrm  Cross-site Scripting (XSS) – Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. 2022-08-23 not yet calculated CVE-2022-2829
MISC
CONFIRM
yimihome — yimioa Ywoa before v6.1 was discovered to contain a SQL injection vulnerability via /oa/setup/checkPool?database. 2022-08-19 not yet calculated CVE-2022-36606
MISC
yimihome — yimioa Yimioa v6.1 was discovered to contain a SQL injection vulnerability via the orderbyGET parameter. 2022-08-19 not yet calculated CVE-2022-36605
MISC
zaver — zaver
 
Zaver through 2020-12-15 allows directory traversal via the GET /.. substring. 2022-08-27 not yet calculated CVE-2022-38794
MISC
zengenti — contensis The file upload wizard in Zengenti Contensis Classic before 15.2.1.79 does not correctly check that a user has authenticated. By uploading a crafted aspx file, it is possible to execute arbitrary commands. 2022-08-23 not yet calculated CVE-2022-34919
MISC
MISC

Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Vulnerability Summary for the Week of July 11, 2022

07/18/2022 07:52 AM EDT

Original release date: July 18, 2022 | Last revised: July 19, 2022

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
ceneo-web-scrapper_project — ceneo-web-scrapper The adriankoczuruek/ceneo-web-scrapper repository through 2021-03-15 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 7.5 CVE-2022-31570
MISC
clinics_patient_management_system_project — clinics_patient_management_system A vulnerability has been found in SourceCodester Clinics Patient Management System 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /pms/index.php of the component Login Page. The manipulation of the argument user_name with the input admin’ or ‘1’=’1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 2022-07-12 7.5 CVE-2022-2298
MISC
MISC
google — android Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of Finder. 2022-07-12 7.2 CVE-2022-30756
MISC
google — android Implicit Intent hijacking vulnerability in AppLinker prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of AppLinker. 2022-07-12 7.2 CVE-2022-30754
MISC
huawei — ese620x_vess_firmware There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service condition. 2022-07-12 7.8 CVE-2021-39999
MISC
microsoft — windows_10 Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-30206, CVE-2022-30226. 2022-07-12 9 CVE-2022-22041
MISC
microsoft — windows_10 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30202, CVE-2022-30224. 2022-07-12 8.5 CVE-2022-22037
MISC
microsoft — windows_10 Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026, CVE-2022-22049. 2022-07-12 7.2 CVE-2022-22047
MISC
microsoft — windows_10 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability. 2022-07-12 7.2 CVE-2022-22043
MISC
microsoft — windows_10 Windows Graphics Component Elevation of Privilege Vulnerability. 2022-07-12 7.2 CVE-2022-22034
MISC
microsoft — windows_10 Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability. 2022-07-12 7.2 CVE-2022-22031
MISC
microsoft — windows_10 Internet Information Services Dynamic Compression Module Denial of Service Vulnerability. 2022-07-12 7.5 CVE-2022-22040
MISC
microsoft — windows_10 Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22047, CVE-2022-22049. 2022-07-12 7.2 CVE-2022-22026
MISC
microweber — microweber Business Logic Errors in GitHub repository microweber/microweber prior to 1.2.20. 2022-07-11 7.5 CVE-2022-2368
CONFIRM
MISC
redhat — keycloak A privilege escalation flaw was found in the token exchange feature of keycloak. Missing authorization allows a client application holding a valid access token to exchange tokens for any target client by passing the client_id of the target. This could allow a client to gain unauthorized access to additional services. 2022-07-08 7.5 CVE-2022-1245
MISC
roxy-wi — roxy-wi Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 6.1.1.0 are subject to a remote code execution vulnerability. System commands can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Attackers need not be authenticated to exploit this vulnerability. Users are advised to upgrade. There are no known workarounds for this vulnerability. 2022-07-08 10 CVE-2022-31137
CONFIRM
MISC
rpc.py_project — rpc.py rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the “serializer: pickle” HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle. 2022-07-08 7.5 CVE-2022-35411
MISC
MISC
MISC
samsung — galaxy_store Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. 2022-07-12 7.2 CVE-2022-33708
MISC
samsung — galaxy_store Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. 2022-07-12 7.2 CVE-2022-33709
MISC
samsung — galaxy_store Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. 2022-07-12 7.2 CVE-2022-33710
MISC
siemens — scalance_x200-4p_irt_firmware A vulnerability has been identified in SCALANCE X200-4P IRT (All versions), SCALANCE X200-4P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS (All versions < V5.2.6), SCALANCE X204-2TS (All versions < V5.2.6), SCALANCE X204IRT (All versions), SCALANCE X204IRT (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X206-1 (All versions < V5.2.6), SCALANCE X206-1LD (All versions < V5.2.6), SCALANCE X208 (All versions < V5.2.6), SCALANCE X208PRO (All versions < V5.2.6), SCALANCE X212-2 (All versions < V5.2.6), SCALANCE X212-2LD (All versions < V5.2.6), SCALANCE X216 (All versions < V5.2.6), SCALANCE X224 (All versions < V5.2.6), SCALANCE XF201-3P IRT (All versions), SCALANCE XF202-2P IRT (All versions), SCALANCE XF204 (All versions < V5.2.6), SCALANCE XF204-2 (All versions < V5.2.6), SCALANCE XF204-2BA IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF206-1 (All versions < V5.2.6), SCALANCE XF208 (All versions < V5.2.6). The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions. 2022-07-12 7.5 CVE-2022-26647
CONFIRM
siemens — scalance_x204-2_firmware A vulnerability has been identified in SCALANCE X200-4P IRT (All versions), SCALANCE X200-4P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS (All versions < V5.2.6), SCALANCE X204-2TS (All versions < V5.2.6), SCALANCE X204IRT (All versions), SCALANCE X204IRT (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X206-1 (All versions < V5.2.6), SCALANCE X206-1LD (All versions < V5.2.6), SCALANCE X208 (All versions < V5.2.6), SCALANCE X208PRO (All versions < V5.2.6), SCALANCE X212-2 (All versions < V5.2.6), SCALANCE X212-2LD (All versions < V5.2.6), SCALANCE X216 (All versions < V5.2.6), SCALANCE X224 (All versions < V5.2.6), SCALANCE XF201-3P IRT (All versions), SCALANCE XF202-2P IRT (All versions), SCALANCE XF204 (All versions < V5.2.6), SCALANCE XF204-2 (All versions < V5.2.6), SCALANCE XF204-2BA IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF206-1 (All versions < V5.2.6), SCALANCE XF208 (All versions < V5.2.6). Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices. 2022-07-12 7.8 CVE-2022-26649
CONFIRM
siemens — scalance_x204-2_firmware A vulnerability has been identified in SCALANCE X200-4P IRT (All versions), SCALANCE X200-4P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS (All versions < V5.2.6), SCALANCE X204-2TS (All versions < V5.2.6), SCALANCE X204IRT (All versions), SCALANCE X204IRT (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X206-1 (All versions < V5.2.6), SCALANCE X206-1LD (All versions < V5.2.6), SCALANCE X208 (All versions < V5.2.6), SCALANCE X208PRO (All versions < V5.2.6), SCALANCE X212-2 (All versions < V5.2.6), SCALANCE X212-2LD (All versions < V5.2.6), SCALANCE X216 (All versions < V5.2.6), SCALANCE X224 (All versions < V5.2.6), SCALANCE XF201-3P IRT (All versions), SCALANCE XF202-2P IRT (All versions), SCALANCE XF204 (All versions < V5.2.6), SCALANCE XF204-2 (All versions < V5.2.6), SCALANCE XF204-2BA IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF206-1 (All versions < V5.2.6), SCALANCE XF208 (All versions < V5.2.6). Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices. 2022-07-12 7.8 CVE-2022-26648
CONFIRM
siemens — simatic_cp_1242-7_v2_firmware A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions). The application lacks proper validation of user-supplied data when parsing specific messages. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of device. 2022-07-12 9.3 CVE-2022-34819
CONFIRM
siemens — simatic_cp_1242-7_v2_firmware A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges. 2022-07-12 9.3 CVE-2022-34821
CONFIRM
siemens — simatic_cp_1242-7_v2_firmware A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions). The application does not correctly escape some user provided fields during the authentication process. This could allow an attacker to inject custom commands and execute arbitrary code with elevated privileges. 2022-07-12 9.3 CVE-2022-34820
CONFIRM
syntactics — free_booking_plugin_for_hotels,_restaurant_and_car_rental The Free Booking Plugin for Hotels, Restaurant and Car Rental WordPress plugin before 1.1.16 suffers from insufficient input validation which leads to arbitrary file upload and subsequently to remote code execution. An AJAX action accessible to unauthenticated users is affected by this issue. An allowlist of valid file extensions is defined but is not used during the validation steps. 2022-07-11 7.5 CVE-2022-1952
MISC
varktech — pricing_deals_for_woocommerce The Pricing Deals for WooCommerce WordPress plugin through 2.0.2.02 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection 2022-07-11 7.5 CVE-2022-1057
MISC
zimbra — collaboration Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created password (from the “zmprove ca” command). It is visible in cleartext on port UDP 514 (aka the syslog port). 2022-07-11 7.5 CVE-2022-32294
MISC
MISC
MISC
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
admin_management_xtended_project — admin_management_xtended The Admin Management Xtended WordPress plugin before 2.4.5 does not have CSRF checks in some of its AJAX actions, allowing attackers to make a logged users with the right capabilities to call them. This can lead to changes in post status (draft, published), slug, post date, comment status (enabled, disabled) and more. 2022-07-11 4.3 CVE-2022-1599
MISC
anuvaad-corpus_project — anuvaad-corpus The project-anuvaad/anuvaad-corpus repository through 2020-11-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31552
MISC
audio_aligner_app_project — audio_aligner_app The longmaoteamtf/audio_aligner_app repository through 2020-01-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31577
MISC
automatedquizeval_project — automatedquizeval The sravaniboinepelli/AutomatedQuizEval repository through 2020-04-27 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31583
MISC
averta — shortcodes_and_extra_features_for_phlox_theme The Shortcodes and extra features for Phlox WordPress plugin before 2.9.8 does not sanitise and escape a parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting 2022-07-11 4.3 CVE-2022-1910
MISC
awin — awin_data_feed The Awin Data Feed WordPress plugin through 1.6 does not sanitise and escape a parameter before outputting it back via an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting 2022-07-11 4.3 CVE-2022-1937
MISC
baiduwenkuspider_flaskweb_project — baiduwenkuspider_flaskweb The ChangeWeDer/BaiduWenkuSpider_flaskWeb repository before 2021-11-29 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31504
MISC
MISC
barry_voice_assistant_project — barry_voice_assistant The lyubolp/Barry-Voice-Assistant repository through 2021-01-18 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31541
MISC
bonn_activity_maps_annotation_tool_project — bonn_activity_maps_annotation_tool The bonn-activity-maps/bam_annotation_tool repository through 2021-08-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31528
MISC
bt_lnmp_project — bt_lnmp The piaoyunsoft/bt_lnmp repository through 2019-10-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 5 CVE-2022-31578
MISC
carceresbe_project — carceresbe The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31515
MISC
caretakerr-api_project — caretakerr-api The sanojtharindu/caretakerr-api repository through 2021-05-17 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31580
MISC
chainer — chainerrl-visualizer The chainer/chainerrl-visualizer repository through 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31573
MISC
changepop-back_project — changepop-back The unizar-30226-2019-06/ChangePop-Back repository through 2019-06-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31586
MISC
clinics_patient_management_system_project — clinics_patient_management_system A vulnerability, which was classified as critical, was found in SourceCodester Clinics Patient Management System 2.0. Affected is an unknown function of the file /pms/update_user.php?user_id=1. The manipulation of the argument profile_picture with the input <?php phpinfo();?> leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. 2022-07-12 6.5 CVE-2022-2297
MISC
MISC
cmu — opendiamond The cmusatyalab/opendiamond repository through 10.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31506
MISC
MISC
cockybook_project — cockybook The ceee-vip/cockybook repository through 2015-04-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31572
MISC
codesys — opc_da_server The CODESYS OPC DA Server prior V3.5.18.20 stores PLC passwords as plain text in its configuration file so that it is visible to all authorized Microsoft Windows users of the system. 2022-07-11 4.7 CVE-2022-1794
CONFIRM
comment_license_project — comment_license The Comment License WordPress plugin before 1.4.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack 2022-07-11 4.3 CVE-2022-1957
MISC
csm_server_project — csm_server The csm-aut/csm repository through 3.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31530
MISC
cuyz — valinor Valinor is a PHP library that helps to map any input into a strongly-typed value object structure. Prior to version 0.12.0, Valinor can use `Throwable#getMessage()` when it should not have permission to do so. This is a problem with cases such as an SQL exception showing an SQL snippet, a database connection exception showing database IP address/username/password, or a timeout detail / out of memory detail. Attackers could use this information for potential data exfiltration, denial of service attacks, enumeration attacks, etc. Version 0.12.0 contains a patch for this vulnerability. 2022-07-11 6.4 CVE-2022-31140
CONFIRM
MISC
cybozu — garoon Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files. 2022-07-11 5.5 CVE-2022-30602
MISC
MISC
cybozu — garoon Browsing restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data of Bulletin. 2022-07-11 4 CVE-2022-30943
MISC
MISC
cybozu — garoon Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to obtain the data of Cabinet. 2022-07-11 4 CVE-2022-31472
MISC
MISC
cybozu — garoon Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing privilege. 2022-07-11 4 CVE-2022-29512
MISC
MISC
dainst — cilantro The dainst/cilantro repository through 0.0.4 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31531
MISC
data_stream_algorithm_benchmark_project — data_stream_algorithm_benchmark The DSAB-local/DSAB repository through 2019-02-18 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 5 CVE-2022-31566
MISC
data_stream_algorithm_benchmark_project — data_stream_algorithm_benchmark The DSABenchmark/DSAB repository through 2.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31567
MISC
deep_learning_studio_project — deep_learning_studio The SummaLabs/DLS repository through 0.1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31525
MISC
eclipse — equinox_p2 In Eclipse p2, installable units are able to alter the Eclipse Platform installation and the local machine via touchpoints during installation. Those touchpoints can, for example, alter the command-line used to start the application, injecting things like agent or other settings that usually require particular attention in term of security. Although p2 has built-in strategies to ensure artifacts are signed and then to help establish trust, there is no such strategy for the metadata part that does configure such touchpoints. As a result, it’s possible to install a unit that will run malicious code during installation without user receiving any warning about this installation step being risky when coming from untrusted source. 2022-07-08 6.8 CVE-2021-41037
CONFIRM
equanimity_project — equanimity The AFDudley/equanimity repository through 2014-04-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31511
MISC
fan_platform_project — fan_platform The Caoyongqi912/Fan_Platform repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31514
MISC
fishtank_project — fishtank The freefood89/Fishtank repository through 2015-06-24 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31535
MISC
flask-file-server_project — flask-file-server The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31527
MISC
flask-mongo-skel_project — flask-mongo-skel The pleomax00/flask-mongo-skel repository through 2012-11-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31551
MISC
flask-mvc_project — flask-mvc The Atom02/flask-mvc repository through 2020-09-14 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31512
MISC
flask-yeoman_project — flask-yeoman The tsileo/flask-yeoman repository through 2013-09-13 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31559
MISC
foxy-shop — foxyshop The FoxyShop WordPress plugin before 4.8.2 does not sanitise and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting 2022-07-11 4.3 CVE-2022-1220
MISC
ganga_project — ganga The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31507
MISC
MISC
MISC
glance_project — glance The nlpweb/glance repository through 2014-06-27 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31546
MISC
golem_project — golem The seveas/golem repository through 2016-05-17 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31557
MISC
google — android Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent. 2022-07-12 4.6 CVE-2022-30755
MISC
google — android Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities. 2022-07-12 4.6 CVE-2022-33704
MISC
google — android Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows unauthorized access to the service. 2022-07-12 4.6 CVE-2022-33695
MISC
google — android Improper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities. 2022-07-12 4.6 CVE-2022-33703
MISC
h3c — ssl_vpn H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS. 2022-07-11 4.3 CVE-2022-35416
MISC
harveyzyh_python_project — harveyzyh_python The Harveyzyh/Python repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31516
MISC
helm-flask-celery_project — helm-flask-celery The olmax99/helm-flask-celery repository before 2022-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31549
MISC
MISC
hin-eng-preprocessing_project — hin-eng-preprocessing The kumardeepak/hin-eng-preprocessing repository through 2019-07-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31540
MISC
home__internet_project — home__internet The umeshpatil-dev/Home__internet repository through 2020-08-28 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31585
MISC
homepage_project — homepage The nrlakin/homepage repository through 2017-03-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31548
MISC
hotel_management_system_project — hotel_management_system A vulnerability was found in SourceCodester Hotel Management System 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /ci_hms/search of the component Search. The manipulation of the argument search with the input “><script>alert(“XSS”)</script> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. 2022-07-12 4.3 CVE-2022-2291
MISC
MISC
huawei — emui Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality. 2022-07-12 5 CVE-2021-40012
MISC
iasset_project — iasset The ralphjzhang/iasset repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31579
MISC
ibm — cics_tx IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim’s Web browser within the security context of the hosting site. IBM X-Force ID: 229330. 2022-07-08 5.8 CVE-2022-34160
CONFIRM
CONFIRM
XF
ibm — cics_tx IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 229435. 2022-07-08 5.5 CVE-2022-34306
XF
CONFIRM
CONFIRM
ibm — open_liberty IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. IBM X-Force ID: 225604. 2022-07-08 6 CVE-2022-22476
CONFIRM
XF
ibm — qradar_network_security IBM QRadar Network Security 5.4.0 and 5.5.0 discloses sensitive information to unauthorized users which could be used to mount further attacks against the system. IBM X-Force ID: 174339. 2022-07-12 5 CVE-2020-4159
XF
CONFIRM
ibm — qradar_network_security IBM QRadar Network Security 5.4.0 and 5.5.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174337. 2022-07-12 5 CVE-2020-4157
CONFIRM
XF
ibm — qradar_security_information_and_event_manager IBM QRadar SIEM 7.3, 7.4, and 7.5 may be vulnerable to partial denial of service attack, resulting in some protocols not listening to specified ports. IBM X-Force ID: 214028. 2022-07-12 5 CVE-2021-39041
CONFIRM
XF
ibm — security_verify_access IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 225079. 2022-07-08 6.4 CVE-2022-22463
CONFIRM
XF
ibm — security_verify_access IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225081. 2022-07-08 5 CVE-2022-22464
CONFIRM
XF
ibm — security_verify_access IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 could allow a local user to obtain elevated privileges due to improper access permissions. IBM X-Force ID: 225082. 2022-07-08 4.6 CVE-2022-22465
CONFIRM
XF
idayrus — e-voting The idayrus/evoting repository before 2022-05-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31508
MISC
MISC
iedadata — usap-dc_web_submission_and_dataset_search The iedadata/usap-dc-website repository through 1.0.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31509
MISC
internshipsystem_project — internshipsystem The waveyan/internshipsystem repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31562
MISC
karaokey_project — karaokey The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31522
MISC
kg-fashion-chatbot_project — kg-fashion-chatbot The yuriyouzhou/KG-fashion-chatbot repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31587
MISC
kitestudio — core_plugin_for_kitestudio_themes The core plugin for kitestudio WordPress plugin before 2.3.1 does not sanitise and escape some parameters before outputting them back in a response of an AJAX action, available to both unauthenticated and authenticated users when a premium theme from the vendor is active, leading to a Reflected Cross-Site Scripting. 2022-07-11 4.3 CVE-2022-1951
MISC
kotekan_project — kotekan The kotekan/kotekan repository through 2021.11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31539
MISC
krypton_project — krypton The BolunHan/Krypton repository through 2021-06-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31513
MISC
linuxfoundation — kubeedge KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, a large response received by the viaduct WSClient can cause a DoS from memory exhaustion. The entire body of the response is being read into memory which could allow an attacker to send a request that returns a response with a large body. The consequence of the exhaustion is that the process which invokes a WSClient will be in a denial of service. The software is affected If users who are authenticated to the edge side connect to `cloudhub` from the edge side through WebSocket protocol. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. There are currently no known workarounds. 2022-07-11 4 CVE-2022-31080
CONFIRM
linuxfoundation — kubeedge KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, several endpoints in the Cloud AdmissionController may be susceptible to a DoS attack if an HTTP request containing a very large Body is sent to it. The consequence of the exhaustion is that the Cloud AdmissionController will be in denial of service. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. There is currently no known workaround. 2022-07-11 4 CVE-2022-31074
CONFIRM
linuxfoundation — kubeedge KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the ServiceBus server on the edge side may be susceptible to a DoS attack if an HTTP request containing a very large Body is sent to it. It is possible for the node to be exhausted of memory. The consequence of the exhaustion is that other services on the node, e.g. other containers, will be unable to allocate memory and thus causing a denial of service. Malicious apps accidentally pulled by users on the host and have the access to send HTTP requests to localhost may make an attack. It will be affected only when users enable the `ServiceBus` module in the config file `edgecore.yaml`. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. As a workaround, disable the `ServiceBus` module in the config file `edgecore.yaml`. 2022-07-11 4.3 CVE-2022-31073
MISC
CONFIRM
MISC
MISC
litecart — litecart Cross-site scripting vulnerability in LiteCart versions prior to 2.4.2 allows a remote attacker to inject an arbitrary script via unspecified vectors. 2022-07-11 4.3 CVE-2022-27168
MISC
MISC
MISC
MISC
livro_python_project — livro_python The duducosmos/livro_python repository through 2018-06-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31575
MISC
logstash-management-api_project — logstash-management-api The Luxas98/logstash-management-api repository through 2020-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31520
MISC
mdweb_project — mdweb The mandoku/mdweb repository through 2015-05-07 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31542
MISC
mercadoenlineaback_project — mercadoenlineaback The cheo0/MercadoEnLineaBack repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31505
MISC
mercury_sample_manager_project — mercury_sample_manager The HolgerGraef/MSM repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31517
MISC
microsoft — windows_10 Windows Hyper-V Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30223. 2022-07-12 4 CVE-2022-22042
MISC
microsoft — windows_10 Windows.Devices.Picker.dll Elevation of Privilege Vulnerability. 2022-07-12 6.9 CVE-2022-22045
MISC
microsoft — windows_10 Remote Procedure Call Runtime Remote Code Execution Vulnerability. 2022-07-12 6.8 CVE-2022-22038
MISC
microsoft — windows_10 Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability. 2022-07-12 6.9 CVE-2022-22023
MISC
microsoft — windows_10 Windows Internet Information Services Cachuri Module Denial of Service Vulnerability. 2022-07-12 5 CVE-2022-22025
MISC
microsoft — windows_10 Windows Kernel Information Disclosure Vulnerability. 2022-07-12 4.7 CVE-2022-21845
MISC
microsoft — windows_10 Performance Counters for Windows Elevation of Privilege Vulnerability. 2022-07-12 4.4 CVE-2022-22036
MISC
microsoft — windows_10 Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22024. 2022-07-12 6.8 CVE-2022-22027
MISC
microsoft — windows_10 Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22027. 2022-07-12 5.1 CVE-2022-22024
MISC
microsoft — windows_server_2008 Windows Network File System Information Disclosure Vulnerability. 2022-07-12 4.3 CVE-2022-22028
MISC
microsoft — windows_server_2008 Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22039. 2022-07-12 6.8 CVE-2022-22029
MISC
microsoft — windows_server_2008 Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22029. 2022-07-12 6 CVE-2022-22039
MISC
microweber — microweber Prior to microweber/microweber v1.2.20, due to improper neutralization of input, an attacker can steal tokens to perform cross-site request forgery, fetch contents from same-site and redirect a user. 2022-07-09 4.3 CVE-2022-2353
MISC
CONFIRM
modelconverter_project — modelconverter The ml-inory/ModelConverter repository through 2021-04-26 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31545
MISC
monorepo_project — monorepo The cinemaproject/monorepo repository through 2021-03-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31529
MISC
mosaic_project — mosaic The Niyaz-Mohamed/mosaic repository through 1.0.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31521
MISC
movie-review-sentiment-analysis_project — movie-review-sentiment-analysis The rohitnayak/movie-review-sentiment-analysis repository through 2017-05-07 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31554
MISC
mp-m08-interface_project — mp-m08-interface The joaopedro-fg/mp-m08-interface repository through 2020-12-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31538
MISC
munhak — munhak-moa The woduq1414/munhak-moa repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31564
MISC
MISC
novastar — novaicare An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete users, view roles, and other unspecified impacts. 2022-07-12 6.5 CVE-2021-38289
MISC
MISC
nurse_quest_project — nurse_quest The romain20100/nursequest repository through 2018-02-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31555
MISC
onyxforum_project — onyxforum The ChaoticOnyx/OnyxForum repository before 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31501
MISC
MISC
orchest — orchest The orchest/orchest repository before 2022.05.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31503
MISC
MISC
MISC
paddlepaddle — anakin The PaddlePaddle/Anakin repository through 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31523
MISC
photo_tag_project — photo_tag The uncleYiba/photo_tag repository through 2020-08-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31560
MISC
portswigger — burp_suite A URL disclosure issue was discovered in Burp Suite before 2022.6. If a user views a crafted response in the Repeater or Intruder, it may be incorrectly interpreted as a redirect. 2022-07-08 4.3 CVE-2022-35406
MISC
projects_project — projects The RipudamanKaushikDal/projects repository through 2022-04-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31569
MISC
purestorage — pure_swagger The PureStorage-OpenConnect/swagger repository through 1.1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31524
MISC
python-flask-restful-api_project — python-flask-restful-api The akashtalole/python-flask-restful-api repository through 2019-09-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31571
MISC
python-recipe-database_project — python-recipe-database The JustAnotherSoftwareDeveloper/Python-Recipe-Database repository through 2021-03-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31518
MISC
python_athena_stack_project — python_athena_stack The olmax99/pyathenastack repository through 2019-11-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31550
MISC
pythonweb_project — pythonweb The echoleegroup/PythonWeb repository through 2018-10-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31534
MISC
realestate_project — realestate The deepaliupadhyay/RealEstate repository through 2018-11-30 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31574
MISC
rename_wp-login_project — rename_wp-login The Rename wp-login.php WordPress plugin through 2.6.0 does not have CSRF check in place when updating the secret login URL, which could allow attackers to make a logged in admin change them via a CSRF attack 2022-07-11 4.3 CVE-2022-1732
MISC
rexians — rex-web The Rexians/rex-web repository through 2022-06-05 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31568
MISC
s3label_project — s3label The stonethree/s3label repository through 2019-08-14 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31584
MISC
samsung — find_my_mobile Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to identify the device. 2022-07-12 5 CVE-2022-33707
MISC
sap — business_objects_business_intelligence_platform Due to insufficient input validation, SAP Business Objects – version 420, allows an authenticated attacker to submit a malicious request through an allowed operation. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application. 2022-07-12 4.9 CVE-2022-31598
MISC
MISC
sap — business_one SAP Business One client – version 10.0 allows an attacker with low privileges, to inject code that can be executed by the application. An attacker could thereby control the behavior of the application. 2022-07-12 6.5 CVE-2022-31593
MISC
MISC
sap — businessobjects_business_intelligence_platform SAP BusinessObjects CMC allows an unauthenticated attacker to retrieve token information over the network which would otherwise be restricted. This can be achieved only when a legitimate user accesses the application and a local compromise occurs, like sniffing or social engineering. On successful exploitation, the attacker can completely compromise the application. 2022-07-12 6.8 CVE-2022-35228
MISC
MISC
sap — businessobjects_business_intelligence_platform Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x – versions 420,430 allows user Administrator to view, edit or modify rights of objects it doesn’t own and which would otherwise be restricted. 2022-07-12 5.5 CVE-2022-29619
MISC
MISC
sap — businessobjects_bw_publisher_service SAP BusinessObjects BW Publisher Service – versions 420, 430, uses a search path that contains an unquoted element. A local attacker can gain elevated privileges by inserting an executable file in the path of the affected service 2022-07-12 4.6 CVE-2022-31591
MISC
MISC
sap — enterprise_extension_defense_forces_ amp;_public_security The application SAP Enterprise Extension Defense Forces & Public Security – versions 605, 606, 616,617,618, 802, 803, 804, 805, 806, does not perform necessary authorization checks for an authenticated user over the network, resulting in escalation of privileges leading to a limited impact on confidentiality. 2022-07-12 4 CVE-2022-31592
MISC
MISC
sap — enterprise_portal SAP Enterprise Portal – versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. This attack can be used to non-permanently deface or modify portal content. The execution of script content by a victim registered on the portal could compromise the confidentiality and integrity of victim?s web browser session. 2022-07-12 4.3 CVE-2022-35224
MISC
MISC
scorelab — openmf The scorelab/OpenMF repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31581
MISC
MISC
setupbox_project — setupbox The maxtortime/SetupBox repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31543
MISC
shackerpanel_project — shackerpanel The heidi-luong1109/shackerpanel repository through 2021-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31576
MISC
shiva-server_project — shiva-server The tooxie/shiva-server repository through 0.10.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31558
MISC
shortcut_macros_project — shortcut_macros The Shortcut Macros WordPress plugin through 1.3 does not have authorisation and CSRF checks in place when updating its settings, which could allow any authenticated users, such as subscriber, to update them. 2022-07-11 4 CVE-2022-1956
MISC
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to execute code in the context of the current process. (FG-VD-22-037, FG-VD-22-059) 2022-07-12 6.8 CVE-2022-34272
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-038) 2022-07-12 6.8 CVE-2022-34273
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-039) 2022-07-12 6.8 CVE-2022-34274
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-040) 2022-07-12 6.8 CVE-2022-34275
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-041) 2022-07-12 6.8 CVE-2022-34276
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-042) 2022-07-12 6.8 CVE-2022-34277
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-055) 2022-07-12 4.3 CVE-2022-34290
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-051) 2022-07-12 6.8 CVE-2022-34286
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-057, FG-VD-22-058, FG-VD-22-060) 2022-07-12 4.3 CVE-2022-34291
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-047) 2022-07-12 4.3 CVE-2022-34282
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-054) 2022-07-12 6.8 CVE-2022-34289
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-052, FG-VD-22-056) 2022-07-12 4.3 CVE-2022-34287
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-050) 2022-07-12 4.3 CVE-2022-34285
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-048) 2022-07-12 4.3 CVE-2022-34283
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-043) 2022-07-12 6.8 CVE-2022-34278
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to execute code in the context of the current process. (FG-VD-22-044) 2022-07-12 6.8 CVE-2022-34279
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to execute code in the context of the current process. (FG-VD-22-045) 2022-07-12 6.8 CVE-2022-34280
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to execute code in the context of the current process. (FG-VD-22-046) 2022-07-12 6.8 CVE-2022-34281
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-049) 2022-07-12 6.8 CVE-2022-34284
CONFIRM
siemens — pads_viewer A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-053) 2022-07-12 4.3 CVE-2022-34288
CONFIRM
siemens — simatic_easie_core_package A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The underlying MQTT service of affected systems does not perform authentication in the default configuration. This could allow an unauthenticated remote attacker to send arbitrary messages to the service and thereby issue arbitrary requests in the affected system. 2022-07-12 6.4 CVE-2021-44222
CONFIRM
siemens — simatic_easie_core_package A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The affected systems do not properly validate input that is sent to the underlying message passing framework. This could allow an remote attacker to trigger a denial of service of the affected system. 2022-07-12 5 CVE-2021-44221
CONFIRM
siemens — simatic_mv540_h_firmware A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). Affected devices do not perform authentication for several web API endpoints. This could allow an unauthenticated remote attacker to read and download data from the device. 2022-07-12 5 CVE-2022-33138
CONFIRM
siemens — simatic_mv540_h_firmware A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). The web session management of affected devices does not invalidate session ids in certain logout scenarios. This could allow an authenticated remote attacker to hijack other users’ sessions. 2022-07-12 6 CVE-2022-33137
CONFIRM
siemens — simcenter_femap A vulnerability has been identified in Simcenter Femap (All versions < V2022.2). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17293) 2022-07-12 6.8 CVE-2022-34748
CONFIRM
simple-rat_project — simple-rat The sergeKashkin/Simple-RAT repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31510
MISC
MISC
sleep_learner_project — sleep_learner The rainsoupah/sleep-learner repository through 2021-02-21 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31553
MISC
solar-system-simulator_project — solar-system-simulator The jmcginty15/Solar-system-simulator repository through 2021-07-26 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31537
MISC
sphere_imagebackend_project — sphere_imagebackend The varijkapil13/Sphere_ImageBackend repository through 2019-10-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31561
MISC
sphere_project — sphere The noamezekiel/sphere repository through 2020-05-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31547
MISC
syrabond_project — syrabond The yogson/syrabond repository through 2020-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31565
MISC
testplatform_project — testplatform The zippies/testplatform repository through 2016-07-19 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31588
MISC
themeisle — wp_maintenance_mode_ amp;_coming_soon The WP Maintenance Mode & Coming Soon WordPress plugin before 2.4.5 is lacking CSRF when emptying the subscribed users list, which could allow attackers to make a logged in admin perform such action via a CSRF attack 2022-07-11 4.3 CVE-2022-1576
MISC
thunderatz — thunderdocs The ThundeRatz/ThunderDocs repository through 2020-05-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31526
MISC
trainenergyserver_project — trainenergyserver The rusyasoft/TrainEnergyServer repository through 2017-08-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31556
MISC
travel_blahg_project — travel_blahg The dankolbman/travel_blahg repository through 2016-01-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31532
MISC
umbral_project — umbral The decentraminds/umbral repository through 2020-01-15 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31533
MISC
videoserver_project — videoserver The shaolo1/VideoServer repository through 2019-09-21 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31582
MISC
vim — vim Use After Free in GitHub repository vim/vim prior to 9.0.0046. 2022-07-08 6.8 CVE-2022-2345
CONFIRM
MISC
vim — vim Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. 2022-07-08 6.8 CVE-2022-2344
MISC
CONFIRM
visser — woocommerce_-_product_importer The WooCommerce – Product Importer WordPress plugin through 1.5.2 does not sanitise and escape the imported data before outputting it back in the page, leading to a Reflected Cross-Site Scripting 2022-07-11 4.3 CVE-2022-1546
MISC
vprj_project — vprj The whmacmac/vprj repository through 2022-04-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31563
MISC
webswing — webswing Webswing before 22.1.3 allows X-Forwarded-For header injection. The client IP address is associated with a variable in the configuration page. The {clientIp} variable can be used as an application startup argument. The X-Forwarded-For header can be manipulated by a client to store an arbitrary value that is used to replace the clientIp variable (without sanitization). A client can thus inject multiple arguments into the session startup. Systems that do not use the clientIP variable in the configuration are not vulnerable. The vulnerability is fixed in these versions: 20.1.16, 20.2.19, 21.1.8, 21.2.12, and 22.1.3. 2022-07-08 6.8 CVE-2022-34914
MISC
MISC
windmill_project — windmill The Lukasavicus/WindMill repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31519
MISC
withknown — known An issue in the isSVG() function of Known v1.2.2+2020061101 allows attackers to execute arbitrary code via a crafted SVG file. 2022-07-08 4.3 CVE-2022-32115
MISC
MISC
MISC
withknown — known Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR). 2022-07-08 4 CVE-2022-30852
MISC
MISC
MISC
wormnest_project — wormnest The operatorequals/wormnest repository through 0.4.7 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31502
MISC
MISC
wp-eventmanager — wp_event_manager The WP Event Manager WordPress plugin before 3.1.28 does not sanitise and escape its search before outputting it back in an attribute on the event dashboard, leading to a Reflected Cross-Site Scripting 2022-07-11 4.3 CVE-2022-1474
MISC
wp_opt-in_project — wp_opt-in The WP Opt-in WordPress plugin through 1.4.1 is vulnerable to CSRF which allows changed plugin settings and can be used for sending spam emails. 2022-07-11 4.3 CVE-2022-2123
MISC
xtomo — robo-tom The meerstein/rbtm repository through 1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31544
MISC
ytdl-sync_project — ytdl-sync The jaygarza1982/ytdl-sync repository through 2021-01-02 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. 2022-07-11 6.4 CVE-2022-31536
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
awin — awin_data_feed The Awin Data Feed WordPress plugin through 1.6 does not sanitise and escape a header when processing request to generate analytics data, allowing unauthenticated users to perform Stored Cross-Site Scripting attacks against a logged in admin viewing the plugin’s settings 2022-07-11 3.5 CVE-2022-1938
MISC
bold-themes — bold_page_builder The Bold Page Builder WordPress plugin before 4.3.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed. 2022-07-11 3.5 CVE-2022-2089
MISC
digitalguardian — digital_guardian Digital Guardian Agent 7.7.4.0042 allows an administrator (who ordinarily does not have a supported way to uninstall the product) to disable some of the agent functionality and then exfiltrate files to an external USB device. 2022-07-08 3.6 CVE-2022-35412
MISC
MISC
google — android Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected by using WIFI_AP_STA_STATE_CHANGED action. 2022-07-12 2.1 CVE-2022-30752
MISC
google — android Improper authorization vulnerability in Knoxguard prior to SMR Jul-2022 Release 1 allows local attacker to disable keyguard and bypass Knoxguard lock by factory reset. 2022-07-12 2.1 CVE-2022-33702
MISC
google — android Improper access control vulnerability in KnoxCustomManagerService prior to SMR Jul-2022 Release 1 allows attacker to call PowerManaer.goToSleep method which is protected by system permission by sending braodcast intent. 2022-07-12 2.1 CVE-2022-33701
MISC
google — android Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log. 2022-07-12 2.1 CVE-2022-33700
MISC
google — android Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log. 2022-07-12 2.1 CVE-2022-33699
MISC
google — android Exposure of Sensitive Information in Telecom application prior to SMR Jul-2022 Release 1 allows local attackers to access ICCID via log. 2022-07-12 2.1 CVE-2022-33698
MISC
google — android Sensitive information exposure vulnerability in ImsServiceSwitchBase in ImsCore prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log. 2022-07-12 2.1 CVE-2022-33697
MISC
google — android Exposure of Sensitive Information in Telephony service prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log. 2022-07-12 2.1 CVE-2022-33696
MISC
google — android Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting. 2022-07-12 2.1 CVE-2022-33694
MISC
google — android Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log. 2022-07-12 2.1 CVE-2022-33693
MISC
google — android Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected by using WIFI_AP_STA_DHCPACK_EVENT action. 2022-07-12 2.1 CVE-2022-30751
MISC
google — android Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log. 2022-07-12 2.1 CVE-2022-33692
MISC
google — android Improper authorization in isemtelephony prior to SMR Jul-2022 Release 1 allows attacker to obtain CID without ACCESS_FINE_LOCATION permission. 2022-07-12 2.1 CVE-2022-30757
MISC
google — android A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations. 2022-07-12 1.9 CVE-2022-33691
MISC
google — android Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to access arbitrary file. 2022-07-12 2.1 CVE-2022-33690
MISC
google — android Improper use of a unique device ID in unprotected SecSoterService prior to SMR Jul-2022 Release 1 allows local attackers to get the device ID without permission. 2022-07-12 2.1 CVE-2022-30753
MISC
google — android Improper access control vulnerability in updateLastConnectedClientInfo function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected. 2022-07-12 2.1 CVE-2022-30750
MISC
google — android Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to access some protected information with privilege of Finder. 2022-07-12 2.1 CVE-2022-30758
MISC
google — android Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information. 2022-07-12 2.1 CVE-2022-33685
MISC
google — android Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log. 2022-07-12 2.1 CVE-2022-33686
MISC
google — android Exposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows local attackers to access IMSI via log. 2022-07-12 2.1 CVE-2022-33687
MISC
google — android Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log. 2022-07-12 2.1 CVE-2022-33688
MISC
google — android Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows attackers to change preferred network type by unprotected binder call. 2022-07-12 2.1 CVE-2022-33689
MISC
hotel_management_system_project — hotel_management_system A vulnerability classified as problematic has been found in SourceCodester Hotel Management System 2.0. Affected is an unknown function of the file /ci_hms/massage_room/edit/1 of the component Room Edit Page. The manipulation of the argument massageroomDetails with the input “><script>alert(“XSS”)</script> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. 2022-07-12 3.5 CVE-2022-2292
MISC
MISC
hpe — flexnetwork_5130_ei_firmware A potential security vulnerability has been identified in certain HPE FlexNetwork and FlexFabric switch products. The vulnerability could be remotely exploited to allow cross site scripting (XSS). HPE has made the following software updates to resolve the vulnerability. HPE FlexNetwork 5130EL_7.10.R3507P02 and HPE FlexFabric 5945_7.10.R6635. 2022-07-08 3.5 CVE-2022-28624
MISC
huawei — magic_ui Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality. 2022-07-12 3.3 CVE-2021-40016
MISC
huawei — magic_ui Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity. 2022-07-12 3.3 CVE-2021-40013
MISC
ibm — cics_tx IBM CICS TX Standard and Advanced 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229430. 2022-07-08 3.5 CVE-2022-34166
CONFIRM
XF
CONFIRM
ibm — cics_tx IBM CICS TX Standard and Advanced 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229432. 2022-07-08 3.5 CVE-2022-34167
CONFIRM
XF
CONFIRM
linuxfoundation — kubeedge KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the Cloud Stream server and the Edge Stream server reads the entire message into memory without imposing a limit on the size of this message. An attacker can exploit this by sending a large message to exhaust memory and cause a DoS. The Cloud Stream server and the Edge Stream server are under DoS attack in this case. The consequence of the exhaustion is that the CloudCore and EdgeCore will be in a denial of service. Only an authenticated user can cause this issue. It will be affected only when users enable `cloudStream` module in the config file `cloudcore.yaml` and enable `edgeStream` module in the config file `edgecore.yaml`. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. As a workaround, disable cloudStream module in the config file `cloudcore.yaml` and disable edgeStream module in the config file `edgecore.yaml`. 2022-07-11 3.5 CVE-2022-31079
CONFIRM
linuxfoundation — kubeedge KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the CloudCore Router does not impose a limit on the size of responses to requests made by the REST handler. An attacker could use this weakness to make a request that will return an HTTP response with a large body and cause DoS of CloudCore. In the HTTP Handler API, the rest handler makes a request to a pre-specified handle. The handle will return an HTTP response that is then read into memory. The consequence of the exhaustion is that CloudCore will be in a denial of service. Only an authenticated user of the cloud can make an attack. It will be affected only when users enable `router` module in the config file `cloudcore.yaml`. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. As a workaround, disable the router switch in the config file `cloudcore.yaml`. 2022-07-11 3.5 CVE-2022-31078
CONFIRM
linuxfoundation — kubeedge KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, EdgeCore may be susceptible to a DoS attack on CloudHub if an attacker was to send a well-crafted HTTP request to `/edge.crt`. If an attacker can send a well-crafted HTTP request to CloudHub, and that request has a very large body, that request can crash the HTTP service through a memory exhaustion vector. The request body is being read into memory, and a body that is larger than the available memory can lead to a successful attack. Because the request would have to make it through authorization, only authorized users may perform this attack. The consequence of the exhaustion is that CloudHub will be in denial of service. KubeEdge is affected only when users enable the CloudHub module in the file `cloudcore.yaml`. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. As a workaround, disable the CloudHub switch in the config file `cloudcore.yaml`. 2022-07-11 3.5 CVE-2022-31075
CONFIRM
maxfoundry — wp-paginate The WP-Paginate WordPress plugin before 2.1.9 does not escape one of its settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when unfiltered_html is disallowed 2022-07-11 3.5 CVE-2022-2050
MISC
microsoft — windows_10 Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22041, CVE-2022-30206, CVE-2022-30226. 2022-07-12 3.6 CVE-2022-22022
MISC
ninjateam — wp_duplicate_page The WP Duplicate Page WordPress plugin before 1.3 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed. 2022-07-11 3.5 CVE-2022-2093
MISC
pagebar_project — pagebar The Pagebar WordPress plugin through 2.65 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of sanitisation in some of them, it could also lead to Stored XSS issues 2022-07-11 3.5 CVE-2022-1757
MISC
samsung — samsung_gallery Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical attackers to access the pictures using S Pen air gesture. 2022-07-12 2.1 CVE-2022-33706
MISC
sharebar_project — sharebar The Sharebar WordPress plugin through 1.4.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and also lead to Stored Cross-Site Scripting issue due to the lack of sanitisation and escaping in some of them 2022-07-11 3.5 CVE-2022-1626
MISC
simple_parking_management_system_project — simple_parking_management_system A vulnerability, which was classified as problematic, has been found in SourceCodester Simple Parking Management System 1.0. Affected by this issue is some unknown functionality of the file /ci_spms/admin/search/searching/. The manipulation of the argument search with the input “><script>alert(“XSS”)</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 2022-07-12 3.5 CVE-2022-2363
MISC
MISC
simple_parking_management_system_project — simple_parking_management_system A vulnerability, which was classified as problematic, was found in SourceCodester Simple Parking Management System 1.0. This affects an unknown part of the file /ci_spms/admin/category. The manipulation of the argument vehicle_type with the input “><script>alert(“XSS”)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. 2022-07-12 3.5 CVE-2022-2364
MISC
MISC
simple_sales_management_system_project — simple_sales_management_system A vulnerability classified as problematic was found in SourceCodester Simple Sales Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ci_ssms/index.php/orders/create. The manipulation of the argument customer_name with the input <script>alert(“XSS”)</script> leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 2022-07-12 3.5 CVE-2022-2293
MISC
MISC
sygnoos — popup_builder The Popup Builder WordPress plugin before 4.1.11 does not escape and sanitize some settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when the unfiltred_html is disallowed 2022-07-11 3.5 CVE-2022-1894
MISC
synology — calendar Improper neutralization of input during web page generation (‘Cross-site Scripting’) vulnerability in Event Management in Synology Calendar before 2.4.5-10930 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. 2022-07-12 3.5 CVE-2022-22682
CONFIRM
trilium_project — trilium Cross-site Scripting (XSS) – Stored in GitHub repository zadam/trilium prior to 0.53.3. 2022-07-10 3.5 CVE-2022-2365
MISC
CONFIRM
vmware — vrealize_log_insight VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations. 2022-07-12 3.5 CVE-2022-31654
MISC
vmware — vrealize_log_insight VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts. 2022-07-12 3.5 CVE-2022-31655
MISC
withknown — known A cross-site scripting (XSS) vulnerability in Known v1.2.2+2020061101 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text field. 2022-07-08 3.5 CVE-2022-31290
MISC
MISC
MISC
MISC

Back to top

 

Severity Not Yet Assigned

adobe — acrobat_reader

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34219
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34230
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Resource Using Incompatible Type (‘Type Confusion’) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34221
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34222
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34223
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34225
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34220
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34228
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34229
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34226
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34215
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34233
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34216
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34234
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34236
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.. 2022-07-15 not yet calculated CVE-2022-34237
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34239
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34217
MISC
adobe — acrobat_reader Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34232
MISC
adobe — character_animator Adobe Character Animator version 4.4.7 (and earlier) and 22.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34241
MISC
adobe — character_animator Adobe Character Animator version 4.4.7 (and earlier) and 22.4 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34242
MISC
adobe — incopy Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34252
MISC
adobe — incopy Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34249
MISC
adobe — incopy Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34250
MISC
adobe — incopy Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34251
MISC
adobe — indesign Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34247
MISC
adobe — indesign Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34245
MISC
adobe — indesign Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34248
MISC
adobe — indesign Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34246
MISC
adobe — photoshop Adobe Photoshop versions 22.5.7 (and earlier) and 23.3.2 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34244
MISC
adobe — photoshop Adobe Photoshop versions 22.5.7 (and earlier) and 23.3.2 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-07-15 not yet calculated CVE-2022-34243
MISC
adobe — robohelp
 
Adobe RoboHelp versions 2020.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser. 2022-07-15 not yet calculated CVE-2022-23201
MISC
amazon_eks — aws-iam-authenticator
 
A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges. 2022-07-12 not yet calculated CVE-2022-2385
MISC
MISC
amd — branch_predictor
 
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. 2022-07-14 not yet calculated CVE-2022-23825
MISC
FEDORA
FEDORA
DEBIAN
FEDORA
amd — microprocessor_families
 
AMD microprocessor families 15h to 18h are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions. 2022-07-12 not yet calculated CVE-2022-29900
CONFIRM
MLIST
CONFIRM
MLIST
MLIST
MLIST
FEDORA
FEDORA
DEBIAN
FEDORA
amd — system_management_interface
 
A malformed SMI (System Management Interface) command may allow an attacker to establish a corrupted SMI Trigger Info data structure, potentially leading to out-of-bounds memory reads and writes when triggering an SMI resulting in a potential loss of resources. 2022-07-14 not yet calculated CVE-2021-26384
MISC
amd — audio_co-processor_firmware An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor (ACP,) irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting in a denial of service. 2022-07-14 not yet calculated CVE-2021-26382
MISC
apache — hive
 
Apache Hive before 3.1.3 “CREATE” and “DROP” function operations does not check for necessary authorization of involved entities in the query. It was found that an unauthorized user can manipulate an existing UDF without having the privileges to do so. This allowed unauthorized or underprivileged users to drop and recreate UDFs pointing them to new jars that could be potentially malicious. 2022-07-16 not yet calculated CVE-2021-34538
CONFIRM
apache — tapestry
 
Apache Tapestry up to version 5.8.1 is vulnerable to Regular Expression Denial of Service (ReDoS) in the way it handles Content Types. Specially crafted Content Types may cause catastrophic backtracking, taking exponential time to complete. Specifically, this is about the regular expression used on the parameter of the org.apache.tapestry5.http.ContentType class. Apache Tapestry 5.8.2 has a fix for this vulnerability. Notice the vulnerability cannot be triggered by web requests in Tapestry code alone. It would only happen if there’s some non-Tapestry codepath passing some outside input to the ContentType class constructor. 2022-07-13 not yet calculated CVE-2022-31781
MISC
argo_project — argo_cd All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level. 2022-07-12 not yet calculated CVE-2022-1025
MISC
argo_project — argo_cd
 
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with 2.3.0 and prior to 2.3.6 and 2.4.5 is vulnerable to a cross-site scripting (XSS) bug which could allow an attacker to inject arbitrary JavaScript in the `/auth/callback` page in a victim’s browser. This vulnerability only affects Argo CD instances which have single sign on (SSO) enabled. The exploit also assumes the attacker has 1) access to the API server’s encryption key, 2) a method to add a cookie to the victim’s browser, and 3) the ability to convince the victim to visit a malicious `/auth/callback` link. The vulnerability is classified as low severity because access to the API server’s encryption key already grants a high level of access. Exploiting the XSS would allow the attacker to impersonate the victim, but would not grant any privileges which the attacker could not otherwise gain using the encryption key. A patch for this vulnerability has been released in the following Argo CD versions 2.4.5 and 2.3.6. There is currently no known workaround. 2022-07-12 not yet calculated CVE-2022-31102
CONFIRM
MISC
MISC
argo_project — argo_cd
 
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.4.0 and prior to 2.2.11, 2.3.6, and 2.4.5 is vulnerable to an improper certificate validation bug which could cause Argo CD to trust a malicious (or otherwise untrustworthy) OpenID Connect (OIDC) provider. A patch for this vulnerability has been released in Argo CD versions 2.4.5, 2.3.6, and 2.2.11. There are no complete workarounds, but a partial workaround is available. Those who use an external OIDC provider (not the bundled Dex instance), can mitigate the issue by setting the `oidc.config.rootCA` field in the `argocd-cm` ConfigMap. This mitigation only forces certificate validation when the API server handles login flows. It does not force certificate verification when verifying tokens on API calls. 2022-07-12 not yet calculated CVE-2022-31105
CONFIRM
MISC
MISC
arox — arox_school_erp_pro Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the dispatchcategory parameter in backoffice.inc.php. 2022-07-15 not yet calculated CVE-2022-32118
MISC
MISC
arox — arox_school_erp_pro Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1finance_master.inc.php. 2022-07-15 not yet calculated CVE-2022-32119
MISC
MISC
MISC

atlassian — jira

The Transition Scheduler add-on 6.5.0 for Atlassian Jira is prone to stored XSS via the project name to the creation function. 2022-07-13 not yet calculated CVE-2022-32274
MISC
MISC
autotrace — autotrace AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660. 2022-07-14 not yet calculated CVE-2022-32323
MISC
aws — aws_sdk_for_java
 
The AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the `downloadDirectory` method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK control the `destinationDirectory` argument, but S3 object keys are determined by the application that uploaded the objects. The `downloadDirectory` method allows the caller to pass a filesystem object in the object key but contained an issue in the validation logic for the key name. A knowledgeable actor could bypass the validation logic by including a UNIX double-dot in the bucket key. Under certain conditions, this could permit them to retrieve a directory from their S3 bucket that is one level up in the filesystem from their working directory. This issue’s scope is limited to directories whose name prefix matches the destinationDirectory. E.g. for destination directory`/tmp/foo`, the actor can cause a download to `/tmp/foo-bar`, but not `/tmp/bar`. If `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory` is used to download an untrusted buckets contents, the contents of that bucket can be written outside of the intended destination directory. Version 1.12.261 contains a patch for this issue. As a workaround, when calling `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory`, pass a `KeyFilter` that forbids `S3ObjectSummary` objects that `getKey` method return a string containing the substring `..` . 2022-07-15 not yet calculated CVE-2022-31159
CONFIRM
aws –aws_credentials
 
Implemented protections on AWS credentials that were not properly protected. 2022-07-12 not yet calculated CVE-2022-22998
MISC
bentley — bentley_microstation An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a DGN file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of DGN files could enable an attacker to read information in the context of the current process. 2022-07-15 not yet calculated CVE-2022-35906
MISC
bentley — bentley_microstation An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a JP2 file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of JP2 files could enable an attacker to read information in the context of the current process. 2022-07-15 not yet calculated CVE-2022-35900
MISC
bentley — bentley_microstation An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an OBJ file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of OBJ files could enable an attacker to read information in the context of the current process. 2022-07-15 not yet calculated CVE-2022-35902
MISC
bentley — bentley_microstation An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a 3DS file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of 3DS files could enable an attacker to read information in the context of the current process. 2022-07-15 not yet calculated CVE-2022-35903
MISC
bentley — bentley_microstation An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an FBX file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of FBX files could enable an attacker to read information in the context of the current process. 2022-07-15 not yet calculated CVE-2022-35905
MISC
bentley — bentley_microstation An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an IFC file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of IFC files could enable an attacker to read information in the context of the current process. 2022-07-15 not yet calculated CVE-2022-35904
MISC
bentley — bentley_microstation An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a J2K file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of J2K files could enable an attacker to read information in the context of the current process. 2022-07-15 not yet calculated CVE-2022-35901
MISC
best_practical_solutions — best_practical_request_tracker
 
Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment. 2022-07-14 not yet calculated CVE-2022-25802
MISC
CONFIRM
CONFIRM
best_practical_solutions — best_practical_request_tracker
 
Best Practical Request Tracker (RT) before 5.0.3 has an Open Redirect via a ticket search. 2022-07-14 not yet calculated CVE-2022-25803
MISC
CONFIRM
best_practical_solutions — best_practical_rt_for_incident_response
 
Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via Scripted Action tools. 2022-07-14 not yet calculated CVE-2022-25801
MISC
CONFIRM
CONFIRM
best_practical_solutions — best_practical_rt_for_incident_response
 
Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via the whois lookup tool. 2022-07-14 not yet calculated CVE-2022-25800
MISC
CONFIRM
CONFIRM
codecov — codecov
 
This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method. 2022-07-13 not yet calculated CVE-2019-10800
MISC
MISC
codesys — codesys
 
In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected. 2022-07-11 not yet calculated CVE-2022-30791
CONFIRM
codesys — codesys
 
In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected. 2022-07-11 not yet calculated CVE-2022-30792
CONFIRM
couchbase — couchbase_server An algorithm-downgrade issue was discovered in Couchbase Server before 7.0.4. Analytics Remote Links may temporarily downgrade to non-TLS connection to determine the TLS port number, using SCRAM-SHA instead. 2022-07-12 not yet calculated CVE-2022-33173
MISC
MISC
MISC
couchbase — couchbase_server In Couchbase Server 7.1.x before 7.1.1, an encrypted Private Key passphrase may be leaked in the logs. 2022-07-15 not yet calculated CVE-2022-34826
MISC
couchbase — couchbase_server An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in logged validation messages for Analytics Service. An Unauthorized Actor may be able to obtain Sensitive Information. 2022-07-12 not yet calculated CVE-2022-33911
MISC
MISC
MISC
debian — mat2 mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows ../ directory traversal during the ZIP archive cleaning process. This primarily affects mat2 web instances, in which clients could obtain sensitive information via a crafted archive. 2022-07-08 not yet calculated CVE-2022-35410
MISC
MISC
MISC
DEBIAN
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. 2022-07-11 not yet calculated CVE-2020-35166
CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. 2022-07-11 not yet calculated CVE-2020-35168
CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Improper Input Validation Vulnerability. 2022-07-11 not yet calculated CVE-2020-35169
CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. 2022-07-11 not yet calculated CVE-2020-35167
CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use of Insufficiently Random Values Vulnerability. 2022-07-11 not yet calculated CVE-2020-35163
CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. 2022-07-11 not yet calculated CVE-2020-35164
CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Improper Input Validation Vulnerability. 2022-07-11 not yet calculated CVE-2020-29508
CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability. 2022-07-11 not yet calculated CVE-2020-29507
CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Key Management Error Vulnerability. 2022-07-11 not yet calculated CVE-2020-29505
CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability. 2022-07-11 not yet calculated CVE-2020-29506
CONFIRM
druva — druva
 
An issue was discovered in Druva 6.9.0 for MacOS, allows attackers to gain escalated local privileges via the inSyncDecommission. 2022-07-12 not yet calculated CVE-2021-36666
MISC
MISC
MISC
druva — druva
 
An issue was discovered in Druva 6.9.0 for macOS, allows attackers to gain escalated local privileges via the inSyncUpgradeDaemon. 2022-07-12 not yet calculated CVE-2021-36665
MISC
MISC
MISC
druva — druva_insync URL injection in Druva inSync 6.9.0 for MacOS, allows attackers to force a visit to an arbitrary url via the port parameter to the Electron App. 2022-07-12 not yet calculated CVE-2021-36668
MISC
MISC
MISC
druva — druva_insync
 
Command injection vulnerability in Druva inSync 6.9.0 for MacOS, allows attackers to execute arbitrary commands via crafted payload to the local HTTP server due to un-sanitized call to the python os.system library. 2022-07-12 not yet calculated CVE-2021-36667
MISC
MISC
MISC
egt-kommunikationstechnik_ug — mediacenter
 
EGT-Kommunikationstechnik UG Mediacenter before v2.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Online_Update.php. 2022-07-12 not yet calculated CVE-2022-31904
MISC
MISC
MISC
eip_stack_group — opener EIPStackGroup OpENer v2.3.0 was discovered to contain a stack overflow via /bin/posix/src/ports/POSIX/OpENer+0x56073d. 2022-07-15 not yet calculated CVE-2022-32434
MISC
MISC
fast_food_ordering_system — fast_food_ordering_system Fast Food Ordering System v1.0 was discovered to contain a persistent cross-site scripting (XSS) vulnerability via the component /ffos/classes/Master.php?f=save_category. 2022-07-14 not yet calculated CVE-2022-32318
MISC
fastify — fastify
 
@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750, the bearer token has only base64 valid characters, reducing the range of characters for a brute force attack. Version 7.0.2 and 8.0.1 of @fastify/bearer-auth contain a patch. There are currently no known workarounds. The package fastify-bearer-auth, which covers versions 6.0.3 and prior, is also vulnerable starting at version 5.0.1. Users of fastify-bearer-auth should upgrade to a patched version of @fastify/bearer-auth. 2022-07-14 not yet calculated CVE-2022-31142
MISC
MISC
CONFIRM
MISC
MISC
flyte — flyte
 
FlyteAdmin is the control plane for Flyte responsible for managing entities and administering workflow executions. In versions 1.1.30 and prior, authenticated users using an external identity provider can continue to use Access Tokens and ID Tokens even after they expire. Users who use FlyteAdmin as the OAuth2 Authorization Server are unaffected by this issue. A patch is available on the `master` branch of the repository. As a workaround, rotating signing keys immediately will invalidate all open sessions and force all users to attempt to obtain new tokens. Those who use this workaround should continue to rotate keys until FlyteAdmin has been upgraded and hide FlyteAdmin deployment ingress URL from the internet. 2022-07-13 not yet calculated CVE-2022-31145
MISC
CONFIRM
MISC
git — git
 
Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks. 2022-07-12 not yet calculated CVE-2022-29187
MISC
MISC
CONFIRM
MLIST
git — git
 
Git for Windows is a fork of Git that contains Windows-specific patches. This vulnerability in versions prior to 2.37.1 lets Git for Windows’ installer execute a binary into `C:mingw64bingit.exe` by mistake. This only happens upon a fresh install, not when upgrading Git for Windows. A patch is included in version 2.37.1. Two workarounds are available. Create the `C:mingw64` folder and remove read/write access from this folder, or disallow arbitrary authenticated users to create folders in `C:

You are subscribed to Vulnerability Bulletins for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available.

.

2022-07-12 not yet calculated CVE-2022-31012
MISC
CONFIRM
golang — go Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 – 1 bytes. 2022-07-15 not yet calculated CVE-2022-30634
MISC
MISC
MISC
MISC
gollum — gollum
 
Cross site scripting (XSS) in gollum 5.0 to 5.1.2 via the filename parameter to the ‘New Page’ dialog. 2022-07-15 not yet calculated CVE-2020-35305
MISC
MISC
MISC
MISC
google — android
 
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-223578534 2022-07-13 not yet calculated CVE-2022-20223
MISC
google — android
 
A drm driver have oob problem, could cause the system crash or EOPProduct: AndroidVersions: Android SoCAndroid ID: A-233124709 2022-07-13 not yet calculated CVE-2022-20236
MISC
google — android
 
In Car Settings app, the NotificationAccessConfirmationActivity is exported. In NotificationAccessConfirmationActivity, it gets both ‘mComponentName’ and ‘pkgTitle’ from user.An unprivileged app can use a malicous mComponentName with a benign pkgTitle (e.g. Settings app) to make users enable notification access permission for the malicious app. That is, users believe they enable the notification access permission for the Settings app, but actually they enable the notification access permission for the malicious app.Once the malicious app gets the notification access permission, it can read all notifications, including users’ personal information.Product: AndroidVersions: Android-12LAndroid ID: A-225189301 2022-07-13 not yet calculated CVE-2022-20234
MISC
google — android
 
In choosePrivateKeyAlias of KeyChain.java, there is a possible access to the user’s certificate due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221859869 2022-07-13 not yet calculated CVE-2022-20230
MISC
google — android
 
In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224536184 2022-07-13 not yet calculated CVE-2022-20229
MISC
google — android
 
In various functions of C2DmaBufAllocator.cpp, there is a possible memory corruption due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-213850092 2022-07-13 not yet calculated CVE-2022-20228
MISC
google — android
 
In USB driver, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216825460References: Upstream kernel 2022-07-13 not yet calculated CVE-2022-20227
MISC
google — android
 
In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-213644870 2022-07-13 not yet calculated CVE-2022-20226
MISC
google — android
 
In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220732646 2022-07-13 not yet calculated CVE-2022-20224
MISC
google — android
 
In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-219015884 2022-07-13 not yet calculated CVE-2022-20220
MISC
google — android
 
In avrc_ctrl_pars_vendor_cmd of avrc_pars_ct.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-205571133 2022-07-13 not yet calculated CVE-2022-20221
MISC
google — android
 
In read_attr_value of gatt_db.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-228078096 2022-07-13 not yet calculated CVE-2022-20222
MISC
google — android
 
In multiple functions of StorageManagerService.java and UserManagerService.java, there is a possible way to leave user’s directories unencrypted due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224585613 2022-07-13 not yet calculated CVE-2022-20219
MISC
google — android
 
In PermissionController, there is a possible way to get and retain permissions without user’s consent due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-223907044 2022-07-13 not yet calculated CVE-2022-20218
MISC
google — android
 
There is a unauthorized broadcast in the SprdContactsProvider. A third-party app could use this issue to delete Fdn contact.Product: AndroidVersions: Android SoCAndroid ID: A-232441378 2022-07-13 not yet calculated CVE-2022-20217
MISC
google — android
 
android exported is used to set third-party app access permissions, and the default value of intent-filter is true. com.sprd.firewall has set exported as true.Product: AndroidVersions: Android SoCAndroid ID: A-231911916 2022-07-13 not yet calculated CVE-2022-20216
MISC
google — android
 
In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-182282630 2022-07-13 not yet calculated CVE-2022-20212
MISC
google — android
 
‘remap_pfn_range’ here may map out of size kernel memory (for example, may map the kernel area), and because the ‘vma->vm_page_prot’ can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID: A-233154555 2022-07-13 not yet calculated CVE-2022-20238
MISC
google — android
 
In getSubscriptionProperty of SubscriptionController.java, there is a possible read of a sensitive identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-213457638 2022-07-13 not yet calculated CVE-2022-20225
MISC
gradle — gradle
 
Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This can occur in two ways. When signature verification is disabled but the verification metadata contains entries for dependencies that only have a `gpg` element but no `checksum` element. When signature verification is enabled, the verification metadata contains entries for dependencies with a `gpg` element but there is no signature file on the remote repository. In both cases, the verification will accept the dependency, skipping signature verification and not complaining that the dependency has no checksum entry. For builds that are vulnerable, there are two risks. Gradle could download a malicious binary from a repository outside your organization due to name squatting. For those still using HTTP only and not HTTPS for downloading dependencies, the build could download a malicious library instead of the expected one. Gradle 7.5 patches this issue by making sure to run checksum verification if signature verification cannot be completed, whatever the reason. Two workarounds are available: Remove all `gpg` elements from dependency verification metadata if you disable signature validation and/or avoid adding `gpg` entries for dependencies that do not have signature files. 2022-07-14 not yet calculated CVE-2022-31156
MISC
CONFIRM
grafana — grafana
 
Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user’s external user id is not already associated with an account in Grafana, the malicious user’s email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user’s Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address. 2022-07-15 not yet calculated CVE-2022-31107
MISC
MISC
CONFIRM
MISC
grafana — grafana
 
Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting. 2022-07-15 not yet calculated CVE-2022-31097
MISC
CONFIRM
MISC
MISC
gtkradiant — gtkradiant
 
GtkRadiant v1.6.6 was discovered to contain a buffer overflow via the component q3map2. This vulnerability can cause a Denial of Service (DoS) via a crafted MAP file. 2022-07-14 not yet calculated CVE-2022-32406
MISC
honeywell — honeywell_alerton_ascent_control_module Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller configuration without the knowledge of other users, altering the controller’s function capabilities. The changed configuration is not updated in the User Interface, which creates an inconsistency between the configuration display and the actual configuration on the controller. After the configuration change, remediation requires reverting to the correct configuration, requiring either physical or remote access depending on the configuration that was altered. 2022-07-15 not yet calculated CVE-2022-30242
MISC
MISC
MISC
honeywell — honeywell_alerton_ascent_control_module Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be store on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller’s function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function. 2022-07-15 not yet calculated CVE-2022-30244
MISC
MISC
MISC
honeywell — honeywell_alerton_compass_software Honeywell Alerton Compass Software 1.6.5 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller configuration without the knowledge of other users, altering the controller’s function capabilities. The changed configuration is not updated in the User Interface, which creates an inconsistency between the configuration display and the actual configuration on the controller. After the configuration change, remediation requires reverting to the correct configuration, requiring either physical or remote access depending on the configuration that was altered. 2022-07-15 not yet calculated CVE-2022-30245
MISC
MISC
MISC
honeywell — honeywell_alerton_visual_logic Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be stored on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller’s function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function. 2022-07-15 not yet calculated CVE-2022-30243
MISC
MISC
MISC
huawei — emui/magic_ui The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality. 2022-07-12 not yet calculated CVE-2022-34737
MISC
MISC
huawei — emui/magic_ui The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability. 2022-07-12 not yet calculated CVE-2022-34736
MISC
MISC
huawei — emui/magic_ui The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability. 2022-07-12 not yet calculated CVE-2022-34735
MISC
MISC
huawei — harmony_os The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity. 2022-07-12 not yet calculated CVE-2021-46741
MISC
MISC
huawei — harmonyos The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background. 2022-07-12 not yet calculated CVE-2022-34738
MISC
MISC
huawei — harmonyos The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings. 2022-07-12 not yet calculated CVE-2022-34739
MISC
MISC
huawei — harmonyos The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation. 2022-07-12 not yet calculated CVE-2022-34740
MISC
MISC
huawei — harmonyos The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation. 2022-07-12 not yet calculated CVE-2022-34741
MISC
MISC
huawei — harmonyos The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. 2022-07-12 not yet calculated CVE-2022-34742
MISC
MISC
huawei — harmonyos The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability. 2022-07-12 not yet calculated CVE-2022-34743
MISC
MISC
ibm — digital_certificate_manager IBM i 7.2, 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 230516. 2022-07-13 not yet calculated CVE-2022-34358
CONFIRM
XF
ibm — engineering_lifecycle_optimization_publishing IBM Engineering Lifecycle Optimization – Publishing 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213655. 2022-07-14 not yet calculated CVE-2021-39015
CONFIRM
XF
ibm — engineering_lifecycle_optimization_publishing IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the software to transmit more traffic than should be allowed for that actor. IBM X-Force ID: 213722. 2022-07-14 not yet calculated CVE-2021-39016
XF
CONFIRM
ibm — engineering_lifecycle_optimization_publishing IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 213725. 2022-07-14 not yet calculated CVE-2021-39017
CONFIRM
XF
ibm — engineering_lifecycle_optimization_publishing IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose sensitive information in a SQL error message that could aid in further attacks against the system. IBM X-Force ID: 213726. 2022-07-14 not yet calculated CVE-2021-39018
CONFIRM
XF
ibm — engineering_lifecycle_optimization_publishing IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose highly sensitive information through an HTTP GET request to an authenticated user. IBM X-Force ID: 213728. 2022-07-14 not yet calculated CVE-2021-39019
CONFIRM
XF
ibm — engineering_lifecycle_optimization_publishing IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 213866. 2022-07-14 not yet calculated CVE-2021-39028
XF
CONFIRM
ibm — security_verify_access
 
IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 221194. 2022-07-08 not yet calculated CVE-2022-22370
CONFIRM
XF

ibm — security_verify_identify_manager

IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security in an HTTP request. IBM X-Force ID: 224916. 2022-07-14 not yet calculated CVE-2022-22450
CONFIRM
XF
ibm — security_verify_identify_manager

 

IBM Security Verify Identity Manager 10.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 224919. 2022-07-14 not yet calculated CVE-2022-22453
XF
CONFIRM
ibm — security_verify_identify_manager

 

IBM Security Verify Identity Manager 10.0 contains sensitive information in the source code repository that could be used in further attacks against the system. IBM X-Force ID: 225013. 2022-07-14 not yet calculated CVE-2022-22460
XF
CONFIRM
ibm — security_verify_identify_manager
 
IBM Security Verify Identity Manager 10.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 224918. 2022-07-14 not yet calculated CVE-2022-22452
CONFIRM
XF
ibm — security_verify_information_queue IBM Security Verify Information Queue 10.0.2 could allow an authenticated user to cause a denial of service with a specially crafted HTTP request. 2022-07-14 not yet calculated CVE-2022-35283
XF
CONFIRM
ibm — siteprotector_appliance
 
IBM SiteProtector Appliance 3.1.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174142. 2022-07-11 not yet calculated CVE-2020-4150
XF
CONFIRM
ibm — siteprotector_appliance
 
IBM SiteProtector Appliance 3.1.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174049. 2022-07-11 not yet calculated CVE-2020-4138
XF
CONFIRM
ibm — websphere_application_server
 
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console data. This information could be used in further attacks against the system. IBM X-Force ID: 225347. 2022-07-14 not yet calculated CVE-2022-22473
XF
CONFIRM
ibm — websphere_application_server
 
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 225605. 2022-07-14 not yet calculated CVE-2022-22477
CONFIRM
XF
inductive_automation — inductive_automation_ignition An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. Designer and Vision Client Session IDs are mishandled. An attacker can determine which session IDs were generated in the past and then hijack sessions assigned to these IDs via Randy. 2022-07-15 not yet calculated CVE-2022-35890
MISC
MISC
inductive_automation — inductive_automation_ignition An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. The ScriptInvoke function allows remote attackers to execute arbitrary code by supplying a Python script. 2022-07-16 not yet calculated CVE-2022-36126
MISC
MISC
MISC
intel — intel_microprocessor
 
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions. 2022-07-12 not yet calculated CVE-2022-29901
MLIST
CONFIRM
CONFIRM
MLIST
MLIST
MLIST
FEDORA
FEDORA
isode — swift
 
Isode SWIFT v4.0.2 was discovered to contain hard-coded credentials in the Registry Editor. This allows attackers to access sensitive information such as user credentials and certificates. 2022-07-14 not yet calculated CVE-2022-32389
MISC
MISC
MISC
itechscripts — auction_script
 
A vulnerability was found in Itech Auction Script 6.49. It has been classified as critical. This affects an unknown part of the file /mcategory.php. The manipulation of the argument mcid with the input 4′ AND 1734=1734 AND ‘Ggks’=’Ggks leads to sql injection (Blind). It is possible to initiate the attack remotely. 2022-07-16 not yet calculated CVE-2017-20138
MISC
itechscripts — b2b_script
 
A vulnerability was found in Itech B2B Script 4.28. It has been rated as critical. This issue affects some unknown processing of the file /catcompany.php. The manipulation of the argument token with the input 704667c6a1e7ce56d3d6fa748ab6d9af3fd7′ AND 6539=6539 AND ‘Fakj’=’Fakj leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. 2022-07-16 not yet calculated CVE-2017-20137
MISC
MISC
itechscripts — classifieds_script
 
A vulnerability classified as critical has been found in Itech Classifieds Script 7.27. Affected is an unknown function of the file /subpage.php. The manipulation of the argument scat with the input =51′ AND 4941=4941 AND ‘hoCP’=’hoCP leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. 2022-07-16 not yet calculated CVE-2017-20136
MISC
MISC
itechscripts — dating_script
 
A vulnerability classified as critical was found in Itech Dating Script 3.26. Affected by this vulnerability is an unknown functionality of the file /see_more_details.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 2022-07-16 not yet calculated CVE-2017-20135
MISC
MISC
itechscripts — freelancer_script
 
A vulnerability, which was classified as critical, has been found in Itech Freelancer Script 5.13. Affected by this issue is some unknown functionality of the file /category.php. The manipulation of the argument sk leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 2022-07-16 not yet calculated CVE-2017-20134
MISC
MISC
itechscripts — job_portal_script
 
A vulnerability, which was classified as critical, was found in Itech Job Portal Script 9.13. This affects an unknown part of the file /admin. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. 2022-07-16 not yet calculated CVE-2017-20133
MISC
itechscripts — multi_vendor_script
 
A vulnerability was found in Itech Multi Vendor Script 6.49 and classified as critical. This issue affects some unknown processing of the file /multi-vendor-shopping-script/product-list.php. The manipulation of the argument pl leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. 2022-07-16 not yet calculated CVE-2017-20132
MISC
MISC
itechscripts — news_portal
 
A vulnerability was found in Itech News Portal 6.28. It has been classified as critical. Affected is an unknown function of the file /news-portal-script/information.php. The manipulation of the argument inf leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. 2022-07-16 not yet calculated CVE-2017-20131
MISC
MISC
itechscripts — real_estate_script
 
A vulnerability was found in Itech Real Estate Script 3.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /real-estate-script/search_property.php. The manipulation of the argument property_for leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 2022-07-16 not yet calculated CVE-2017-20130
MISC
MISC
jerryscript — jerryscript Jerryscript v2.4.0 was discovered to contain a stack buffer overflow via the function jerryx_print_unhandled_exception in /util/print.c. 2022-07-13 not yet calculated CVE-2022-32117
MISC
joomla — joomlatools_docman In Joomla component ‘Joomlatools – DOCman 3.5.13 (and likely most versions below)’ are affected to an reflected Cross-Site Scripting (XSS) in an image upload function 2022-07-10 not yet calculated CVE-2022-27910
MISC
jquery_validation — jquery_validation
 
The jQuery Validation Plugin (jquery-validation) provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service (ReDoS) when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix for CVE-2021-43306. Users should upgrade to version 1.19.5 to receive a patch. 2022-07-14 not yet calculated CVE-2022-31147
MISC
CONFIRM
MISC
kb_software — login_authentication
 
A vulnerability was found in KB Login Authentication Script 1.1 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument username/password with the input ‘or”=’ leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 2022-07-13 not yet calculated CVE-2017-20127
MISC
MISC
kb_software — messages_php_script
 
A vulnerability has been found in KB Messages PHP Script 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username/password with the input ‘or”=’ leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 2022-07-13 not yet calculated CVE-2017-20128
MISC
MISC
kb_software — referral_script
 
A vulnerability was found in KB Affiliate Referral Script 1.0. It has been classified as critical. This affects an unknown part of the file /index.php. The manipulation of the argument username/password with the input ‘or”=’ leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. 2022-07-13 not yet calculated CVE-2017-20126
MISC
MISC
kvf-admin — kvf-admin kvf-admin through 2022-02-12 allows remote attackers to execute arbitrary code because deserialization is mishandled. The rememberMe parameter is encrypted with a hardcoded key from the com.kalvin.kvf.common.shiro.ShiroConfig file. 2022-07-13 not yet calculated CVE-2022-35857
MISC
lacuna_software — pki-core
 
A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content. 2022-07-14 not yet calculated CVE-2022-2393
MISC
lenze — cabinet_series
 
Multiple Lenze products of the cabinet series skip the password verification upon second login. After a user has been logged on to the device once, a remote attacker can get full access without knowledge of the password. 2022-07-11 not yet calculated CVE-2022-2302
CONFIRM
libguestfs — libguestfs
 
A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor. 2022-07-12 not yet calculated CVE-2022-2211
MISC
linux — kernel A memory leak vulnerability was found in the Linux kernel’s eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data. 2022-07-14 not yet calculated CVE-2021-4135
MISC
linux — linux_kernel
 
The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel. 2022-07-13 not yet calculated CVE-2022-2380
MISC
linux — linux_kernel
 
Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*. 2022-07-12 not yet calculated CVE-2011-4916
MISC
MISC
live555 — live555 Live555 through 1.08 does not handle socket connections properly. A huge number of incoming socket connections in a short time invokes the error-handling module, in which a heap-based buffer overflow happens. An attacker can leverage this to launch a DoS attack. 2022-07-12 not yet calculated CVE-2021-41396
MISC
MISC
logostore — logostore
 
A vulnerability was found in LogoStore. It has been classified as critical. Affected is an unknown function of the file /LogoStore/search.php. The manipulation of the argument query with the input test’ UNION ALL SELECT CONCAT(CONCAT(‘qqkkq’,’VnPVWVaYxljWqGpLLbEIyPIHBjjjjASQTnaqfKaV’),’qvvpq’),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL– oCrh&search= leads to sql injection. It is possible to launch the attack remotely. 2022-07-14 not yet calculated CVE-2017-20129
MISC
mailcow — mailcow
 
mailcow is a mailserver suite. Prior to mailcow-dockerized version 2022-06a, an extended privilege vulnerability can be exploited by manipulating the custom parameters regexmess, skipmess, regexflag, delete2foldersonly, delete2foldersbutnot, regextrans2, pipemess, or maxlinelengthcmd to execute arbitrary code. Users should update their mailcow instances with the `update.sh` script in the mailcow root directory to 2022-06a or newer to receive a patch for this issue. As a temporary workaround, the Syncjob ACL can be removed from all mailbox users, preventing changes to those settings. 2022-07-11 not yet calculated CVE-2022-31138
MISC
MISC
CONFIRM
MISC
mattermost — guest_account_feature
 
The Guest account feature in Mattermost version 6.7.0 and earlier fails to properly restrict the permissions, which allows a guest user to fetch a list of all public channels in the team, in spite of not being part of those channels. 2022-07-14 not yet calculated CVE-2022-2408
MISC
mattermost — legacy_slack_import_feature
 
The legacy Slack import feature in Mattermost version 6.7.0 and earlier fails to properly limit the sizes of imported files, which allows an authenticated attacker to crash the server by importing large files via the Slack import REST API. 2022-07-14 not yet calculated CVE-2022-2406
MISC
mattermost — mattermost
 
Unrestricted information disclosure of all users in Mattermost version 6.7.0 and earlier allows team members to access some sensitive information by directly accessing the APIs. 2022-07-14 not yet calculated CVE-2022-2401
MISC
mattermost — trusted_ip_header
 
Incorrect default configuration for trusted IP header in Mattermost version 6.7.0 and earlier allows attacker to bypass some of the rate limitations in place or use manipulated IPs for audit logging via manipulating the request headers. 2022-07-12 not yet calculated CVE-2022-2366
MISC
mealie — mealie The login function of Mealie v1.0.0beta-2 allows attackers to enumerate existing usernames by timing the server’s response time. 2022-07-14 not yet calculated CVE-2022-32425
MISC
mendix — mendix
 
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (All versions < V8.18.18), Mendix Applications using Mendix 9 (All versions < V9.14.0), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.2), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.12). In case of access to an active user session in an application that is built with an affected version, it’s possible to change that user’s password bypassing password validations within a Mendix application. This could allow to set weak passwords. 2022-07-12 not yet calculated CVE-2022-31257
CONFIRM
microsoft — active_directory_federation_services Active Directory Federation Services Elevation of Privilege Vulnerability. 2022-07-12 not yet calculated CVE-2022-30215
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-33667
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-33663
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-33664
MISC
microsoft — azure Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-33678. 2022-07-12 not yet calculated CVE-2022-33676
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-33665
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-33675
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-33666
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-33671
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-33668
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-33669
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675. 2022-07-12 not yet calculated CVE-2022-33677
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-33673
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-33658
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-30181
MISC
microsoft — azure Azure Storage Library Information Disclosure Vulnerability. 2022-07-12 not yet calculated CVE-2022-30187
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-33662
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-33650
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-33661
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-33652
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33675, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-33674
MISC
microsoft — azure Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. 2022-07-12 not yet calculated CVE-2022-33657
MISC
microsoft — azure<