Vulnerability Summary for the Week of May 9, 2022

Released
May 16, 2022
Document ID
SB22-136

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis. 


 

High Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
adobe -- photoshopAdobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-069.3CVE-2022-23205
MISC
adobe -- photoshopAdobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an improper input validation vulnerability when parsing a PCX file that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PCX file.2022-05-069.3CVE-2022-24098
MISC
adobe -- photoshopAdobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious U3D file.2022-05-069.3CVE-2022-24105
MISC
adobe -- after_effectsAdobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in After Effects.2022-05-069.3CVE-2022-27783
MISC
adobe -- photoshopAdobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in After Effects.2022-05-069.3CVE-2022-27784
MISC
adobe -- photoshopAdobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious SVG file.2022-05-069.3CVE-2022-28270
MISC
adobe -- photoshopAdobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file.2022-05-069.3CVE-2022-28271
MISC
adobe -- photoshopAdobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-069.3CVE-2022-28272
MISC
adobe -- photoshopAdobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-069.3CVE-2022-28273
MISC
edmonsoft -- countdown_builderAdobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-069.3CVE-2022-28274
MISC
edmonsoft -- countdown_builderAdobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-069.3CVE-2022-28275
MISC
edmonsoft -- countdown_builderAdobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-069.3CVE-2022-28276
MISC
edmonsoft -- countdown_builderAdobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file.2022-05-069.3CVE-2022-28277
MISC
piwigo -- piwigoSQL Injection vulnerability in cat_move.php in piwigo v2.9.5, via the selection parameter to move_categories.2022-05-067.5CVE-2020-19213
MISC
broadcom -- sannavIn Brocade SANnav before Brocade SANnav 2.2.0, multiple endpoints associated with Zone management are susceptible to SQL injection, allowing an attacker to run arbitrary SQL commands.2022-05-067.5CVE-2022-28163
MISC
edmonsoft -- countdown_builderPro Features Lock Bypass vulnerability in Countdown & Clock plugin <= 2.3.2 at WordPress.2022-05-067.5CVE-2022-29423
CONFIRM
CONFIRM
webkitgtk -- webkitgtkIn WebKitGTK through 2.36.0 (and WPE WebKit), there is a use-after-free in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.2022-05-067.5CVE-2022-30294
MISC
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
piwigo -- piwigoSQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=user_perm.2022-05-066.5CVE-2020-19215
MISC
piwigo -- piwigoSQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=group_perm.2022-05-066.5CVE-2020-19216
MISC
piwigo -- piwigoSQL Injection vulnerability in admin/batch_manager.php in piwigo v2.9.5, via the filter_category parameter to admin.php?page=batch_manager.2022-05-066.5CVE-2020-19217
MISC
fluxcd -- flux2Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious `kustomization.yaml` allows an attacker to expose sensitive data from the controller’s pod filesystem and possibly privilege escalation in multi-tenancy deployments. Workarounds include automated tooling in the user's CI/CD pipeline to validate `kustomization.yaml` files conform with specific policies. This vulnerability is fixed in kustomize-controller v0.24.0 and included in flux2 v0.29.0.2022-05-066.5CVE-2022-24877
CONFIRM
kubernetes -- ingress-nginxA security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.2022-05-065.5CVE-2021-25746
MISC
MISC
webkitgtk -- webkitgtkIn WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.2022-05-065.1CVE-2022-30293
MISC
MISC
adobe -- photoshopAdobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-064.3CVE-2022-24099
MISC
contao -- contaoContao is a powerful open source CMS that allows you to create professional websites and scalable web applications. In versions of Contao prior to 4.13.3 it is possible to inject code into the canonical tag. As a workaround users may disable canonical tags in the root page settings.2022-05-064.3CVE-2022-24899
CONFIRM
MISC
MISC
splunk -- splunkThe Monitoring Console app configured in Distributed mode allows for a Reflected XSS in a query parameter in Splunk Enterprise versions before 8.1.4. The Monitoring Console app is a bundled app included in Splunk Enterprise, not for download on SplunkBase, and not installed on Splunk Cloud Platform instances. Note that the Cloud Monitoring Console is not impacted.2022-05-064.3CVE-2022-27183
MISC
MISC
piwigo -- piwigoSQL Injection vulnerability in admin/group_list.php in piwigo v2.9.5, via the group parameter to delete.2022-05-064CVE-2020-19212
MISC
broadcom -- sannavIBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved. IBM X-Force ID: 213865.2022-05-064CVE-2021-39027
XF
CONFIRM
fluxcd -- flux2Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious `kustomization.yaml` allows an attacker to cause a Denial of Service at the controller level. Workarounds include automated tooling in the user's CI/CD pipeline to validate `kustomization.yaml` files conform with specific policies. This vulnerability is fixed in kustomize-controller v0.24.0 and included in flux2 v0.29.0. Users are recommended to upgrade.2022-05-064CVE-2022-24878
CONFIRM
broadcom -- sannavBrocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm for the storage of passwords. This could allow an authenticated attacker to decrypt stored account passwords.2022-05-064CVE-2022-28164
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
google-news-sitemap_project -- google-news-sitemapStored Cross-Site Scripting (XSS) vulnerability in Andrea Pernici News Sitemap for Google plugin <= 1.0.16 on WordPress, attackers must have contributor or higher user role.2022-05-063.5CVE-2021-36912
CONFIRM
CONFIRM
bdt-121_project -- bdt-121_firmwareDragon Path Technologies Bharti Airtel Routers Hardware BDT-121 version 1.0 is vulnerable to Cross Site Scripting (XSS) via Dragon path router admin page.2022-05-063.5CVE-2022-28507
MISC
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
admesh -- admesg
 
ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_connects_remove_1 (called from stl_remove_degenerate) in connect.c in libadmesh.a.2022-05-08not yet calculatedCVE-2018-25033
MISC
wordpress -- wpgraphql_wordpress_plugin
 
The WPGraphQL WordPress plugin before 0.3.5 doesn't properly restrict access to information about other users' roles on the affected site. Because of this, a remote attacker could forge a GraphQL query to retrieve the account roles of every user on the site.2022-05-09not yet calculatedCVE-2019-25060
MISC
MISC
bludit -- bludit
 
An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows attackers to upload arbitrary files.2022-05-11not yet calculatedCVE-2020-19228
MISC
MISC
microstrategy -- web_sdkA Server-Side Request Forgery (SSRF) vulnerability exists in MicroStrategy Web SDK 11.1 and earlier, allows remote unauthenticated attackers to conduct a server-side request forgery (SSRF) attack via the srcURL parameter to the shortURL task.2022-05-13not yet calculatedCVE-2020-22983
MISC
MISC
MISC
MISC
MISC
microstrategy -- web_sdkCross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via key parameter to the getGoogleExtraConfig task.2022-05-12not yet calculatedCVE-2020-22984
MISC
MISC
MISC
MISC
microstrategy -- web_sdk
 
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task.2022-05-12not yet calculatedCVE-2020-22985
MISC
MISC
MISC
MISC
microstrategy -- web_sdk
 
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the searchString parameter to the wikiScrapper task.2022-05-12not yet calculatedCVE-2020-22986
MISC
MISC
MISC
MISC
MISC
microstrategy -- web_sdk
 
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the fileToUpload parameter to the uploadFile task.2022-05-12not yet calculatedCVE-2020-22987
MISC
MISC
MISC
MISC
intel -- manageability_commander
 
Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.2022-05-12not yet calculatedCVE-2021-0126
MISC
intel -- bios_firmware
 
Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.2022-05-12not yet calculatedCVE-2021-0153
MISC
intel -- bios_firmware
 
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.2022-05-12not yet calculatedCVE-2021-0154
MISC
intel -- bios_firmware
 
Unchecked return value in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.2022-05-12not yet calculatedCVE-2021-0155
MISC
intel -- bios_authenticated_code_module
 
Improper input validation in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.2022-05-12not yet calculatedCVE-2021-0159
MISC
intel -- bios_firmware
 
Return of pointer value outside of expected range in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.2022-05-12not yet calculatedCVE-2021-0188
MISC
intel -- bios_firmware
 
Use of out-of-range pointer offset in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.2022-05-12not yet calculatedCVE-2021-0189
MISC
intel -- bios_firmware
 
Uncaught exception in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.2022-05-12not yet calculatedCVE-2021-0190
MISC
intel -- in-band_manageability_software
 
Improper authentication in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access.2022-05-12not yet calculatedCVE-2021-0193
MISC
intel -- in-band_manageability_software
 
Improper access control in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access.2022-05-12not yet calculatedCVE-2021-0194
MISC
ibm -- cloud_pak_system
 
IBM Cloud Pak System 2.3.0 through 2.3.3.3 Interim Fix 1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 197498.2022-05-09not yet calculatedCVE-2021-20479
XF
CONFIRM
b&r -- automation_runtime_webserver
 
Buffer Overflow vulnerability in B&R Automation Runtime webserver allows an unauthenticated network-based attacker to stop the cyclic program on the device and cause a denial of service.2022-05-13not yet calculatedCVE-2021-22275
MISC
microfocus -- access_manager
 
A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.02022-05-12not yet calculatedCVE-2021-22531
MISC
intel -- killer_control_center_software
 
Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4.3337.0 may allow an authorized user to potentially enable escalation of privilege via local access.2022-05-12not yet calculatedCVE-2021-26258
MISC
amd -- smm
 
Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify SPI flash resulting in a potential arbitrary code execution.2022-05-12not yet calculatedCVE-2021-26317
MISC
amd -- sev-es_tmr
 
A bug with the SEV-ES TMR may lead to a potential loss of memory integrity for SNP-active VMs.2022-05-10not yet calculatedCVE-2021-26324
MISC
amd -- sev-es_tmr
 
Failure to verify SEV-ES TMR is not in MMIO space, SEV-ES FW could result in a potential loss of integrity or availability.2022-05-10not yet calculatedCVE-2021-26332
MISC
amd -- core_logic
 
A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers.2022-05-11not yet calculatedCVE-2021-26339
MISC
MISC
amd -- sev
 
In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for disclosure of SEV guest memory contents. Users of SEV-ES/SEV-SNP guest VMs are not impacted by this vulnerability.2022-05-11not yet calculatedCVE-2021-26342
MISC
amd -- system_management_unit
 
TOCTOU (time-of-check to time-of-use) issue in the System Management Unit (SMU) may result in a DMA (Direct Memory Access) to invalid DRAM address that could result in denial of service.2022-05-11not yet calculatedCVE-2021-26347
MISC
amd -- gen_amd_epyc
 
Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.2022-05-11not yet calculatedCVE-2021-26348
MISC
amd -- gen_amd_epyc
 
Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA).2022-05-11not yet calculatedCVE-2021-26349
MISC
amd -- gen_amd_epyc
 
A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a message port register which may result in a potential denial of service.2022-05-11not yet calculatedCVE-2021-26350
MISC
amd -- system_management_unit
 
Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA (Direct Memory Access) read/write from/to invalid DRAM address that could result in denial of service.2022-05-12not yet calculatedCVE-2021-26351
MISC
amd -- system_management_unit
 
Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service.2022-05-10not yet calculatedCVE-2021-26352
MISC
amd -- gen_amd_epyc
 
Due to a mishandled error, it is possible to leave the DRTM UApp in a partially initialized state, which can result in unchecked memory writes when the UApp handles subsequent mailbox commands.2022-05-10not yet calculatedCVE-2021-26353
MISC
amd -- gen_amd_epyc
 
A malicious or compromised User Application (UApp) or AGESA Boot Loader (ABL) could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure.2022-05-12not yet calculatedCVE-2021-26361
MISC
amd -- gen_amd_epyc
 
A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call which results in mapping sensitive System Management Network (SMN) registers leading to a loss of integrity and availability.2022-05-12not yet calculatedCVE-2021-26362
MISC
amd -- gen_amd_epycA malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the fenced area, potentially leading to data exposure.2022-05-12not yet calculatedCVE-2021-26363
MISC
amd -- gen_amd_epyc
 
Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.2022-05-11not yet calculatedCVE-2021-26364
MISC
amd -- gen_amd_epyc
 
An attacker, who gained elevated privileges via some other vulnerability, may be able to read data from Boot ROM resulting in a loss of system integrity.2022-05-12not yet calculatedCVE-2021-26366
MISC
amd -- trusted_os
 
Insufficient check of the process type in Trusted OS (TOS) may allow an attacker with privileges to enable a lesser privileged process to unmap memory owned by a higher privileged process resulting in a denial of service.2022-05-12not yet calculatedCVE-2021-26368
MISC
amd -- gen_amd_epyc
 
A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses.2022-05-12not yet calculatedCVE-2021-26369
MISC
amd -- gen_amd_epyc
 
Improper validation of destination address in SVC_LOAD_FW_IMAGE_BY_INSTANCE and SVC_LOAD_BINARY_BY_ATTRIB in a malicious UApp or ABL may allow an attacker to overwrite arbitrary bootloader memory with SPI ROM contents resulting in a loss of integrity and availability.2022-05-10not yet calculatedCVE-2021-26370
MISC
amd -- system_management_unit
 
Insufficient bound checks related to PCIE in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service.2022-05-11not yet calculatedCVE-2021-26372
MISC
MISC
simple_management_unit -- simple_management_unitInsufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service.2022-05-11not yet calculatedCVE-2021-26373
MISC
MISC
system_management_unit -- system_management_unitInsufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.2022-05-11not yet calculatedCVE-2021-26375
MISC
MISC
system_management_unit -- system_management_unitInsufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling features potentially resulting in denial of resources and/or denial of service.2022-05-11not yet calculatedCVE-2021-26376
MISC
MISC
system_management_unit -- system_management_unitInsufficient bound checks in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service.2022-05-11not yet calculatedCVE-2021-26378
MISC
MISC
amd -- amd_ryzen
 
A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call to the Stage 2 Bootloader potentially leading to corrupt memory and code execution.2022-05-12not yet calculatedCVE-2021-26386
MISC
amd -- bios_directory
 
Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial of service.2022-05-11not yet calculatedCVE-2021-26388
MISC
MISC
amd -- amd_ryzenA malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data.2022-05-10not yet calculatedCVE-2021-26390
MISC
amd -- amd_ryzenAMD processors may speculatively re-order load instructions which can result in stale data being observed when multiple processors are operating on shared memory, resulting in potential data leakage.2022-05-11not yet calculatedCVE-2021-26400
MISC
amd -- sev-legacy
 
Insufficient validation of elliptic curve points in SEV-legacy firmware may compromise SEV-legacy guest migration potentially resulting in loss of guest's integrity or confidentiality.2022-05-10not yet calculatedCVE-2021-26408
MISC
eipstackgroup -- opener_ethernet/ip
 
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may cause a denial-of-service condition.2022-05-12not yet calculatedCVE-2021-27478
CONFIRM
CONFIRM
eipstackgroup -- opener_ethernet/ipA specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may allow the attacker to read arbitrary data.2022-05-12not yet calculatedCVE-2021-27482
CONFIRM
CONFIRM
eipstackgroup -- opener_ethernet/ipA specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition.2022-05-12not yet calculatedCVE-2021-27498
CONFIRM
CONFIRM
eipstackgroup -- opener_ethernet/ipA specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition.2022-05-12not yet calculatedCVE-2021-27500
CONFIRM
CONFIRM
myscada -- mypro
 
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive directory listing information.2022-05-13not yet calculatedCVE-2021-27505
MISC
CONFIRM
hcl_software -- hcl_bigfix_webui
 
Cookie without HTTPONLY flag set. NUMBER cookie(s) was set without Secure or HTTPOnly flags. The images show the cookie with the missing flag. (WebUI)2022-05-06not yet calculatedCVE-2021-27764
CONFIRM
hcl_software -- hcl_bigfix_server_api
 
The BigFix Server API installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed.2022-05-06not yet calculatedCVE-2021-27765
CONFIRM
MISC
hcl_software -- hcl_bigfix_client_installer
 
The BigFix Client installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed.2022-05-06not yet calculatedCVE-2021-27766
CONFIRM
MISC
hcl_software -- hcl_bigfix_console_installer
 
The BigFix Console installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed.2022-05-06not yet calculatedCVE-2021-27767
CONFIRM
MISC
hcl_software -- android
 
Using the ability to perform a Man-in-the-Middle (MITM) attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted. In this specific scenario, the application's network traffic was intercepted using a proxy server set up in 'transparent' mode while a certificate with an invalid hostname was active. The Android application was found to have hostname verification issues during the server setup and login flows; however, the application did not process requests post-login.2022-05-12not yet calculatedCVE-2021-27768
MISC
hcl_software -- sametime
 
Information leakage occurs when a website reveals information that could aid an attacker to further exploit the system. This information may or may not be sensitive and does not automatically mean a breach is likely to occur. Overall, any information that could be used for an attack should be limited whenever possible.2022-05-12not yet calculatedCVE-2021-27769
MISC
hcl_software -- sametime
 
The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded URL which is then requested by the webserver. We assume this service is used by the “meetings”-function where users can specify an external URL where the online meeting will take place.2022-05-12not yet calculatedCVE-2021-27770
MISC
hcl_software -- sametime
 
User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID (SID). This value is also used when sending chat messages, receiving notifications and/or transferring files.2022-05-12not yet calculatedCVE-2021-27771
MISC
hcl_software -- sametime
 
Users are able to read group conversations without actively taking part in them. Next to one to one conversations, users are able to start group conversations with multiple users. It was found possible to obtain the contents of these group conversations without being part of it. This could lead to information leakage where confidential information discussed in private groups is read by other users without the users knowledge.2022-05-12not yet calculatedCVE-2021-27772
MISC
hcl_software -- sametimeThis vulnerability allows users to execute a clickjacking attack in the meeting's chat.2022-05-12not yet calculatedCVE-2021-27773
MISC
hcl_software -- unica_platform
 
XML External Entity (XXE) injection vulnerabilities occur when poorly configured XML parsers process user supplied input without sufficient validation. Attackers can exploit this vulnerability to manipulate XML content and inject malicious external entity references.2022-05-12not yet calculatedCVE-2021-27777
MISC
skoruba -- skoruba
 
A cross-site scripting (XSS) vulnerability in Skoruba IdentityServer4.Admin before 2.0.0 via unencoded value passed to the data-secret-value parameter.2022-05-11not yet calculatedCVE-2021-28290
MISC
gaia_portal -- multiple_productsThe Check Point Gaia Portal's GUI Clients allowed authenticated administrators with permission for the GUI Clients settings to inject a command that would run on the Gaia OS.2022-05-11not yet calculatedCVE-2021-30361
MISC
review_board -- review_board
 
A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent.2022-05-11not yet calculatedCVE-2021-31330
MISC
MISC
MISC
MISC
asus -- dsl-n14u-b1
 
Asus DSL-N14U-B1 1.1.2.3_805 allows remote attackers to cause a Denial of Service (DoS) via a TCP SYN scan using nmap.2022-05-11not yet calculatedCVE-2021-3254
MISC
MISC
myscada -- mypro
 
mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to arbitrary directories.2022-05-13not yet calculatedCVE-2021-33005
MISC
CONFIRM
myscada -- mypro
 
mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to the file system.2022-05-13not yet calculatedCVE-2021-33009
MISC
CONFIRM
myscada -- mypro
 
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive system information.2022-05-13not yet calculatedCVE-2021-33013
MISC
CONFIRM
intel -- multiple_products
 
Improper resource shutdown or release in firmware for some Intel(R) SSD, Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC may allow a privileged user to potentially enable denial of service via local access.2022-05-12not yet calculatedCVE-2021-33069
MISC
intel -- multiple_productsProtection mechanism failure in firmware for some Intel(R) SSD, Intel(R) SSD DC and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access.2022-05-12not yet calculatedCVE-2021-33074
MISC
intel -- multiple_products
 
Race condition in firmware for some Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products may allow a privileged user to potentially enable denial of service via local access.2022-05-12not yet calculatedCVE-2021-33075
MISC
intel -- multiple_products
 
Insufficient control flow management in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access.2022-05-12not yet calculatedCVE-2021-33077
MISC
intel -- multiple_products
 
Race condition within a thread in firmware for some Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow a privileged user to potentially enable denial of service via local access.2022-05-12not yet calculatedCVE-2021-33078
MISC
intel -- multiple_products
 
Exposure of sensitive system information due to uncleared debug information in firmware for some Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products may allow an unauthenticated user to potentially enable information disclosure or escalation of privilege via physical access.2022-05-12not yet calculatedCVE-2021-33080
MISC
intel -- multiple_products
 
Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access.2022-05-12not yet calculatedCVE-2021-33082
MISC
intel -- multiple_productsImproper authentication in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products may allow an privileged user to potentially enable information disclosure via local access.2022-05-12not yet calculatedCVE-2021-33083
MISC
intel -- bios
 
Unintended intermediary in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.2022-05-12not yet calculatedCVE-2021-33103
MISC
intel -- in-band_manageability_softwae
 
Improper input validation in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via local access.2022-05-12not yet calculatedCVE-2021-33108
MISC
intel -- xeon
 
Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access.2022-05-12not yet calculatedCVE-2021-33117
MISC
intel -- bios
 
Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.2022-05-12not yet calculatedCVE-2021-33122
MISC
intel -- biosImproper access control in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.2022-05-12not yet calculatedCVE-2021-33123
MISC
intel -- biosOut-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.2022-05-12not yet calculatedCVE-2021-33124
MISC
intel -- realsense_id_solution_f450
 
Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical access.2022-05-12not yet calculatedCVE-2021-33130
MISC
intel -- linux_kernel_drivers
 
Uncontrolled resource consumption in the Linux kernel drivers for Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access.2022-05-12not yet calculatedCVE-2021-33135
MISC
intel -- processors
 
Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.2022-05-12not yet calculatedCVE-2021-33149
MISC
trendnet -- ti-pg1284i_switch
 
The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of PortID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access.2022-05-11not yet calculatedCVE-2021-33315
MISC
trendnet -- ti-pg1284i_switch
 
The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of ChassisID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access.2022-05-11not yet calculatedCVE-2021-33316
MISC
trendnet -- ti-pg1284i_switchThe TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if ChassisID TLV is contained in the packet, by sending a crafted lldp packet to the device, an attacker can crash the process due to null pointer dereference.2022-05-11not yet calculatedCVE-2021-33317
MISC
mp3gain -- mp3gain
 
Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, a different vulnerability than CVE-2017-9872. CVE-2017-14409, and CVE-2018-10778.2022-05-11not yet calculatedCVE-2021-34085
MISC
xinje -- xinje
 
A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file. This vulnerability can be triggered by manually opening an infected project file, or by initiating an upload program request from an infected Xinje PLC. This can result in remote code execution, information disclosure and denial of service of the system running the XINJE XD/E Series PLC Program Tool.2022-05-11not yet calculatedCVE-2021-34605
CONFIRM
xinje -- xinje
 
A vulnerability exists in XINJE XD/E Series PLC Program Tool in versions up to v3.5.1 that can allow an authenticated, local attacker to load a malicious DLL. Local access is required to successfully exploit this vulnerability. This means the potential attacker must have access to the system and sufficient file-write privileges. If exploited, the attacker could place a malicious DLL file on the system, that when running XINJE XD/E Series PLC Program Tool will allow the attacker to execute arbitrary code with the privileges of another user's account.2022-05-11not yet calculatedCVE-2021-34606
CONFIRM
qemu -- intel_hd_audio_device
 
A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0.2022-05-11not yet calculatedCVE-2021-3611
MISC
MISC
mikrotik -- routeros
 
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).2022-05-11not yet calculatedCVE-2021-36613
MISC
mikrotik -- routeros
 
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).2022-05-11not yet calculatedCVE-2021-36614
MISC
eset -- multiple_products
 
Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0; 6.0 versions prior to 8.1.2050.0; 6.0 versions prior to 8.0.2053.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0; 6.0 versions prior to 8.1.2050.0; 6.0 versions prior to 8.0.2053.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.2022-05-11not yet calculatedCVE-2021-37851
MISC
ibm -- spectrum_virtualize
 
IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. IBM X-Force ID: 212609.2022-05-11not yet calculatedCVE-2021-38969
CONFIRM
XF
ibm -- guardian_data_encryption
 
IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213862.2022-05-10not yet calculatedCVE-2021-39024
XF
CONFIRM
ibm -- jazz_foundation
 
IBM Jazz Foundation (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214619.2022-05-11not yet calculatedCVE-2021-39059
CONFIRM
XF
android -- setstream
 
In setStream of WallpaperManager.java, there is a possible way to cause a permanent DoS due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-2040871392022-05-10not yet calculatedCVE-2021-39670
MISC
android -- android
 
In the policies of adbd.te, there was a logic error which caused the CTS Listening Ports Test to report invalid results. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-2016457902022-05-10not yet calculatedCVE-2021-39700
MISC
android -- carsetting
 
In CarSetings, there is a possible to pair BT device bypassing user's consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2161905092022-05-10not yet calculatedCVE-2021-39738
MISC
cisco -- wps_spreadsheets
 
An exploitable use-after-free vulnerability exists in WPS Spreadsheets ( ET ) as part of WPS Office, version 11.2.0.10351. A specially-crafted XLS file can cause a use-after-free condition, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.2022-05-12not yet calculatedCVE-2021-40399
MISC
CONFIRM
siemens -- desigo
 
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). When the controller receives a specific BACnet protocol packet, an exception causes the BACnet communication function to go into a “out of work” state and could result in the controller going into a “factory reset” state.2022-05-10not yet calculatedCVE-2021-41545
MISC
ramda -- ramda
 
Prototype poisoning in function mapObjIndexed in Ramda 0.27.0 and earlier allows attackers to compromise integrity or availability of application via supplying a crafted object (that contains an own property "__proto__") as an argument to the function.2022-05-10not yet calculatedCVE-2021-42581
MISC
MISC
cmsimple-xh -- cmsimple-xhCMSimple_XH 1.7.4 is affected by a remote code execution (RCE) vulnerability. To exploit this vulnerability, an attacker must use the "File" parameter to upload a PHP payload to get a reverse shell from the vulnerable host.2022-05-10not yet calculatedCVE-2021-42645
MISC
MISC
wso2 -- multiple_products
 
XML External Entity (XXE) vulnerability in the file based service provider creation feature of the Management Console in WSO2 API Manager 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; and WSO2 IS as Key Manager 5.7.0, 5.9.0, and 5.10.0; and WSO2 Identity Server 5.7.0, 5.8.0, 5.9.0, 5.10.0, and 5.11.0. Allows attackers to gain read access to sensitive information or cause a denial of service via crafted GET requests.2022-05-11not yet calculatedCVE-2021-42646
MISC
MISC
coder -- coder-server
 
Cross-site scripting (XSS) vulnerability exists in Coder Code-Server before 3.12.0, allows attackers to execute arbitrary code via crafted URL.2022-05-11not yet calculatedCVE-2021-42648
MISC
pentest-collaboration-framework -- pentest-collaboration-framework 
 
A Server Side Template Injection (SSTI) vulnerability in Pentest-Collaboration-Framework v1.0.8 allows an authenticated remote attacker to execute arbitrary code through /project/PROJECTNAME/reports/.2022-05-11not yet calculatedCVE-2021-42651
MISC
jerryscript -- jerryscript
 
A buffer overflow in ecma_builtin_typedarray_prototype_filter() in JerryScript version fe3a5c0 allows an attacker to construct a fake object or a fake arraybuffer with unlimited size.2022-05-12not yet calculatedCVE-2021-42863
MISC
MISC
novel-plus -- novel-plus
 
Unrestricted file upload in /novel-admin/src/main/java/com/java2nb/common/controller/FileController.java in novel-plus all versions allows allows an attacker to upload malicious JSP files.2022-05-13not yet calculatedCVE-2021-42967
MISC
anaconda3 -- anaconda3
 
Certain Anaconda3 2021.05 are affected by OS command injection. When a user installs Anaconda, an attacker can create a new file and write something in usercustomize.py. When the user opens the terminal or activates Anaconda, the command will be executed.2022-05-13not yet calculatedCVE-2021-42969
MISC
safedog_apache -- safedog_apache
 
In Safedog Apache v4.0.30255, attackers can bypass this product for SQL injection. Attackers can bypass access to sensitive data.2022-05-10not yet calculatedCVE-2021-43010
MISC
fortinet -- forticlientwindows
 
A external control of file name or path in Fortinet FortiClientWindows version 7.0.2 and below, version 6.4.6 and below, version 6.2.9 and below, version 6.0.10 and below allows attacker to escalate privilege via the MSI installer.2022-05-11not yet calculatedCVE-2021-43066
CONFIRM
fortinet -- fortios
 
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.2022-05-11not yet calculatedCVE-2021-43081
CONFIRM
openmrs -- reference_application_standalone_edition
 
An SQL Injection vulnerability exists in OpenMRS Reference Application Standalone Edition <=2.11 and Platform Standalone Edition <=2.4.0 via GET requests on arbitrary parameters in patient.page.2022-05-10not yet calculatedCVE-2021-43094
MISC
MISC
MISC
sourcecodester -- employee_daily_task_management_system
 
Stored XSS in Add New Employee Form in Sourcecodester Employee Daily Task Management System 1.0 Allows Remote Attacker to Inject/Store Arbitrary Code via the Name Field.2022-05-09not yet calculatedCVE-2021-43712
MISC
MISC
MISC
fortinet -- forticlient
 
An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient for Linux version 6.0.8 and below, 6.2.9 and below, 6.4.7 and below, 7.0.2 and below may allow an unauthenticated attacker to access sensitive information in log files and directories via symbolic links.2022-05-11not yet calculatedCVE-2021-44167
CONFIRM
amd -- sev
 
An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time.2022-05-11not yet calculatedCVE-2021-46744
MISC
amd -- secure_processor_firmwareInsufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by a compromised user application.2022-05-10not yet calculatedCVE-2021-46771
MISC
huawei -- emuiThe Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.2022-05-13not yet calculatedCVE-2021-46785
MISC
MISC
huawei -- emuiThe audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access.2022-05-13not yet calculatedCVE-2021-46786
MISC
MISC
huawei -- emui
 
The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash.2022-05-13not yet calculatedCVE-2021-46787
MISC
MISC
huawei -- iconnect_module
 
Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations.2022-05-13not yet calculatedCVE-2021-46788
MISC
huawei -- emuiConfiguration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.2022-05-13not yet calculatedCVE-2021-46789
MISC
huawei -- emuiHardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access.2022-05-12not yet calculatedCVE-2022-0004
MISC
intel -- multiple_products
 
Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access.2022-05-12not yet calculatedCVE-2022-0005
MISC
palo_alto_networks -- pan-os
 
A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committed on both hardware and virtual firewalls. This issue does not impact Panorama appliances or Prisma Access customers. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.23; PAN-OS 9.0 versions earlier than PAN-OS 9.0.16; PAN-OS 9.1 versions earlier than PAN-OS 9.1.13; PAN-OS 10.0 versions earlier than PAN-OS 10.0.10; PAN-OS 10.1 versions earlier than PAN-OS 10.1.5.2022-05-11not yet calculatedCVE-2022-0024
MISC
palo_alto_networks -- cortex_xdr_agent_software
 
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This issue impacts: All versions of the Cortex XDR agent when upgrading to Cortex XDR agent 7.7.0 on Windows; Cortex XDR agent 7.7.0 without content update 500 or a later version on Windows. This issue does not impact other platforms or other versions of the Cortex XDR agent.2022-05-11not yet calculatedCVE-2022-0025
MISC
palo_alto_networks -- cortex_xdr_agent_software
 
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This issue impacts all versions of Cortex XDR agent without content update 330 or a later content update version.2022-05-11not yet calculatedCVE-2022-0026
MISC
palo_alto_networks -- cortex_xsoar_softwareAn improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the user does not have access. This issue impacts: All versions of Cortex XSOAR 6.1; All versions of Cortex XSOAR 6.2; All versions of Cortex XSOAR 6.5; Cortex XSOAR 6.6 versions earlier than Cortex XSOAR 6.6.0 build 6.6.0.2585049.2022-05-11not yet calculatedCVE-2022-0027
MISC
wordpress -- popup_by_supsystic_wordpress_plugin
 
The Popup by Supsystic WordPress plugin before 1.10.9 does not have any authentication and authorisation in an AJAX action, allowing unauthenticated attackers to call it and get the email addresses of subscribed users2022-05-09not yet calculatedCVE-2022-0424
MISC
wordpress -- mapsvg_wordpress_plugin
 
The MapSVG WordPress plugin before 6.2.20 does not validate and escape a parameter via a REST endpoint before using it in a SQL statement, leading to a SQL Injection exploitable by unauthenticated users.2022-05-09not yet calculatedCVE-2022-0592
MISC
wordpress -- admin_menu_editor_wordpress_pluginThe Admin Menu Editor WordPress plugin through 1.0.4 does not sanitize and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.2022-05-09not yet calculatedCVE-2022-0625
MISC
wordpress -- ubigeo_de_pera_para_woocommerce_wordpress_plugin
 
The Ubigeo de Perú para Woocommerce WordPress plugin before 3.6.4 does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections2022-05-09not yet calculatedCVE-2022-0814
MISC
wordpress -- badgeos_wordpress_plugin
 
The BadgeOS WordPress plugin through 3.7.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users2022-05-09not yet calculatedCVE-2022-0817
MISC
wordpress -- wp_video_gallery_wordpress_plugin
 
The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users2022-05-09not yet calculatedCVE-2022-0826
MISC
wordpress -- sema_api_wordpress_pluginThe SEMA API WordPress plugin through 3.64 does not properly sanitise and escape some parameters before using them in SQL statements via an AJAX action, leading to SQL Injections exploitable by unauthenticated users2022-05-09not yet calculatedCVE-2022-0836
MISC
jboss -- jboss_eap
 
This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the org.jboss.as.ejb3.security.RunAsPrincipalInterceptor to keep track of the current identity prior to switching to a new identity created using the RunAs principal. The exploit consist that the EJBComponent#incomingRunAsIdentity field is currently just a SecurityIdentity. This means in a concurrent environment, where multiple users are repeatedly invoking an EJB that is configured with a RunAs principal, it's possible for the wrong the caller principal to be returned from EJBComponent#getCallerPrincipal. Similarly, it's also possible for EJBComponent#isCallerInRole to return the wrong value. Both of these methods rely on incomingRunAsIdentity. Affects all versions of JBoss EAP from 7.1.0 and all versions of WildFly 11+ when Elytron is enabled.2022-05-10not yet calculatedCVE-2022-0866
MISC
wordpress -- wp_social_buttons_wordpress_plugin
 
The WP Social Buttons WordPress plugin through 2.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.2022-05-09not yet calculatedCVE-2022-0874
MISC
wordpress -- igniteup_wordpress_plugin
 
The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don't have the unfiltered_html capability, which could lead to Stored Cross-Site Scripting issues2022-05-09not yet calculatedCVE-2022-0898
MISC
abb -- arg600_wireless_gateway
 
A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the vulnerability by remotely connecting to the serial port gateway, and/or protocol converter, depending on the configuration.2022-05-10not yet calculatedCVE-2022-0947
MISC
wordpress -- woocommerce_wordpress_ pluginThe Order Listener for WooCommerce WordPress plugin before 3.2.2 does not sanitise and escape the id parameter before using it in a SQL statement via a REST route available to unauthenticated users, leading to an SQL injection2022-05-09not yet calculatedCVE-2022-0948
CONFIRM
MISC
wordpress -- personal_dictionary_wordpress_pluginThe Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability.2022-05-09not yet calculatedCVE-2022-1013
MISC
polonel -- trudesk
 
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1.2022-05-12not yet calculatedCVE-2022-1044
CONFIRM
MISC
wordpress -- themify_post_type_builder_search_addon_wordpress plugin
 
The Themify Post Type Builder Search Addon WordPress plugin before 1.4.0 does not properly escape the current page URL before reusing it in a HTML attribute, leading to a reflected cross site scripting vulnerability.2022-05-09not yet calculatedCVE-2022-1047
MISC
keylime -- keylime
 
Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. This allows an attacker to use one AK, EK pair from a real TPM to pass EK validation and give the verifier an AK of a software TPM. A successful attack breaks the entire chain of trust because a not validated AK is used by the verifier. This issue is worse if the validation happens first and then the agent gets added to the verifier because the timing is easier and the verifier does not validate the regcount entry being equal to 1,2022-05-06not yet calculatedCVE-2022-1053
MISC
MISC
MISC
FEDORA
FEDORA
FEDORA
wordpress -- popup_maker_wordpress_plugin
 
The Popup Maker WordPress plugin before 1.16.5 does not sanitise and escape some of its Popup settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed2022-05-09not yet calculatedCVE-2022-1104
MISC
gitlab -- ce/ee
 
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0, allowing Guest project members to access trace log of jobs when it is enabled2022-05-11not yet calculatedCVE-2022-1124
MISC
MISC
CONFIRM
wordpress -- vertical_scroll_wordpresspluginThe Vertical scroll recent post WordPress plugin before 14.0 does not sanitise and escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting2022-05-09not yet calculatedCVE-2022-1171
MISC
wordpress -- ultimate_member_plugin
 
The Ultimate Member plugin for WordPress is vulnerable to open redirects due to insufficient validation on supplied URLs in the social fields of the Profile Page, which makes it possible for attackers to redirect unsuspecting victims in versions up to, and including, 2.3.1 granted the victim clicks on a social icon on a user's profile page.2022-05-10not yet calculatedCVE-2022-1209
MISC
MISC
MISC
MISC
wordpress -- slide_anything_wordpress_plugin
 
The Slide Anything WordPress plugin before 2.3.44 does not sanitize and escape sliders' description, which could allow high privilege users such as editor and above to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed2022-05-09not yet calculatedCVE-2022-1303
MISC
wordpress -- easily_generate_rest_api_url_wordpress_plugin
 
The Easily Generate Rest API Url WordPress plugin through 1.0.0 does not escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed2022-05-09not yet calculatedCVE-2022-1338
MISC
gitlab -- gitlab
 
Due to an insecure direct object reference vulnerability in Gitlab EE/CE affecting all versions from 11.0 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1, an endpoint may reveal the issue title to a user who crafted an API call with the ID of the issue from a public project that restricts access to issue only to project members.2022-05-11not yet calculatedCVE-2022-1352
MISC
MISC
CONFIRM
plantuml -- plantuml
 
URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. An attacker can abuse this to bypass URL restrictions that are imposed by the different security profiles and achieve server side request forgery (SSRF). This allows accessing restricted internal resources/servers or sending requests to third party servers.2022-05-14not yet calculatedCVE-2022-1379
MISC
CONFIRM
alextselegidis --easyappointmentsAPI Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover.2022-05-10not yet calculatedCVE-2022-1397
CONFIRM
MISC
gitlab -- gitlab
 
Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0 allows a Developer to read protected Group or Project CI/CD variables by importing a malicious project2022-05-11not yet calculatedCVE-2022-1406
CONFIRM
MISC
MISC
gitlab -- gitlab
 
Improper access control in GitLab CE/EE affecting all versions starting from 8.12 before 14.8.6, all versions starting from 14.9 before 14.9.4, and all versions starting from 14.10 before 14.10.1 allows non-project members to access contents of Project Members-only Wikis via malicious CI jobs2022-05-10not yet calculatedCVE-2022-1417
MISC
CONFIRM
MISC
gitlab -- gitlab
 
An issue has been discovered in GitLab affecting all versions starting from 12.6 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly authenticating a user that had some certain amount of information which allowed an user to authenticate without a personal access token.2022-05-11not yet calculatedCVE-2022-1426
MISC
CONFIRM
MISC
gitlab -- gitlab
 
An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was incorrectly verifying throttling limits for authenticated package requests which resulted in limits not being enforced.2022-05-11not yet calculatedCVE-2022-1428
CONFIRM
MISC
gitlab -- gitlab
 
An issue has been discovered in GitLab affecting all versions starting from 12.10 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly handling malicious requests to the PyPi API endpoint allowing the attacker to cause uncontrolled resource consumption.2022-05-10not yet calculatedCVE-2022-1431
MISC
CONFIRM
MISC
gitlab -- gitlabAn issue has been discovered in GitLab affecting all versions starting from 14.4 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. Missing invalidation of Markdown caching causes potential payloads from a previously exploitable XSS vulnerability (CVE-2022-1175) to persist and execute.2022-05-11not yet calculatedCVE-2022-1433
MISC
CONFIRM
MISC
wordpress -- metform_wordpress_plugin
 
The Metform WordPress plugin is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/action.php file which can be exploited by an unauthenticated attacker to view all API keys and secrets of integrated third-party APIs like that of PayPal, Stripe, Mailchimp, Hubspot, HelpScout, reCAPTCHA and many more, in versions up to and including 2.1.3.2022-05-10not yet calculatedCVE-2022-1442
MISC
MISC
MISC
wordpress -- rsvpmaker_plugin
 
The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-util.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to and including 9.2.5.2022-05-10not yet calculatedCVE-2022-1453
MISC
MISC
MISC
gitlab -- gitlab
 
An issue has been discovered in GitLab affecting all versions starting from 9.2 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not performing correct authorizations on scheduled pipelines allowing a malicious user to run a pipeline in the context of another user.2022-05-11not yet calculatedCVE-2022-1460
MISC
CONFIRM
MISC
wordpress -- booking_calendar_wordpress_plugin
 
The Booking Calendar plugin for WordPress is vulnerable to PHP Object Injection via the [bookingflextimeline] shortcode in versions up to, and including, 9.1. This could be exploited by subscriber-level users and above to call arbitrary PHP objects on a vulnerable site.2022-05-10not yet calculatedCVE-2022-1463
MISC
wordpress -- all-in-one_wp_migration_plugin
 
The All-in-One WP Migration plugin for WordPress is vulnerable to arbitrary file deletion via directory traversal due to insufficient file validation via the ~/lib/model/class-ai1wm-backups.php file, in versions up to, and including, 7.58. This can be exploited by administrative users, and users who have access to the site's secret key.2022-05-10not yet calculatedCVE-2022-1476
MISC
MISC
wordpress -- rsvpmaker_plugin
 
The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-api-endpoints.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to and including 9.2.6.2022-05-10not yet calculatedCVE-2022-1505
MISC
MISC
gitlab -- gitlab
 
An issue has been discovered in GitLab affecting all versions starting from 13.9 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly handling malicious text in the CI Editor and CI Pipeline details page allowing the attacker to cause uncontrolled resource consumption.2022-05-11not yet calculatedCVE-2022-1510
MISC
CONFIRM
MISC
gruntjs -- grunt
 
file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt prior to 1.5.3. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a lower-privileged user has write access to both source and destination directories as the lower-privileged user can create a symlink to the GruntJS user's .bashrc file or replace /etc/shadow file if the GruntJS user is root.2022-05-10not yet calculatedCVE-2022-1537
CONFIRM
MISC
gitlab -- gitlab
 
It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1 if an unauthorised project member was tagged in the note.2022-05-11not yet calculatedCVE-2022-1545
CONFIRM
MISC
wordpress -- wp-js_plugin
 
The WP-JS plugin for WordPress contains a script called wp-js.php with the function wp_js_admin, that accepts unvalidated user input and echoes it back to the user. This can be used for reflected Cross-Site Scripting in versions up to, and including, 2.0.6.2022-05-10not yet calculatedCVE-2022-1567
MISC
MISC
vim -- vimUse after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution2022-05-07not yet calculatedCVE-2022-1616
MISC
CONFIRM
FEDORA
FEDORA
vim -- vim
 
Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution2022-05-08not yet calculatedCVE-2022-1619
CONFIRM
MISC
FEDORA
FEDORA
vim -- vim
 
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.2022-05-08not yet calculatedCVE-2022-1620
CONFIRM
MISC
FEDORA
FEDORA
vim -- vimHeap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution2022-05-10not yet calculatedCVE-2022-1621
CONFIRM
MISC
libtiff - libtiff
 
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.2022-05-11not yet calculatedCVE-2022-1622
MISC
MISC
CONFIRM
libtiff - libtiff
 
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.2022-05-11not yet calculatedCVE-2022-1623
MISC
MISC
CONFIRM
vim -- vim
 
Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution2022-05-10not yet calculatedCVE-2022-1629
MISC
CONFIRM
microweber -- microweber
 
Users Account Pre-Takeover or Users Account Takeover. in GitHub repository microweber/microweber prior to 1.2.15. Victim Account Take Over. Since, there is no email confirmation, an attacker can easily create an account in the application using the Victim’s Email. This allows an attacker to gain pre-authentication to the victim’s account. Further, due to the lack of proper validation of email coming from Social Login and failing to check if an account already exists, the victim will not identify if an account is already existing. Hence, the attacker’s persistence will remain. An attacker would be able to see all the activities performed by the victim user impacting the confidentiality and attempt to modify/corrupt the data impacting the integrity and availability factor. This attack becomes more interesting when an attacker can register an account from an employee’s email address. Assuming the organization uses G-Suite, it is much more impactful to hijack into an employee’s account.2022-05-09not yet calculatedCVE-2022-1631
CONFIRM
MISC
radareorg -- radare2
 
Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/476.html).2022-05-10not yet calculatedCVE-2022-1649
MISC
CONFIRM
eventsource -- eventsourceExposure of Sensitive Information to an Unauthorized Actor in GitHub repository eventsource/eventsource prior to v2.0.2.2022-05-12not yet calculatedCVE-2022-1650
CONFIRM
MISC
vim -- vim
 
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input.2022-05-12not yet calculatedCVE-2022-1674
CONFIRM
MISC
requarks -- wiki
 
Authentication Bypass Using an Alternate Path or Channel in GitHub repository requarks/wiki prior to 2.5.281. User can get root user permissions2022-05-12not yet calculatedCVE-2022-1681
CONFIRM
MISC
neorazorx -- facturascripts
 
Reflected Xss using url based payload in GitHub repository neorazorx/facturascripts prior to 2022.07. Xss can use to steal user's cookies which lead to Account takeover or do any malicious activity in victim's browser2022-05-12not yet calculatedCVE-2022-1682
MISC
CONFIRM
causefx -- organizr
 
Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.2022-05-12not yet calculatedCVE-2022-1698
CONFIRM
MISC
causefx -- organizr
 
Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.2022-05-12not yet calculatedCVE-2022-1699
CONFIRM
MISC
sonicwall -- sma1000
 
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data.2022-05-13not yet calculatedCVE-2022-1701
CONFIRM
sonicwall -- sma1000
 
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to Open redirection vulnerability.2022-05-13not yet calculatedCVE-2022-1702
CONFIRM
radareorg -- radare2
 
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.2022-05-13not yet calculatedCVE-2022-1714
CONFIRM
MISC
neorazorx -- facturascriptsAccount Takeover in GitHub repository neorazorx/facturascripts prior to 2022.07.2022-05-13not yet calculatedCVE-2022-1715
CONFIRM
MISC
android -- android
 
In checkSlicePermission of SliceManagerService.java, it is possible to access any slice URI due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-1796997672022-05-10not yet calculatedCVE-2022-20004
MISC
android -- android
 
In validateApkInstallLocked of PackageInstallerSession.java, there is a way to force a mismatch between running code and a parsed APK . This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2190446642022-05-10not yet calculatedCVE-2022-20005
MISC
android -- android
 
In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way to briefly view what's under the lockscreen due to a race condition. This could lead to local escalation of privilege if a Guest user is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-1510958712022-05-10not yet calculatedCVE-2022-20006
MISC
android -- android
 
In startActivityForAttachedApplicationIfNeeded of RootWindowContainer.java, there is a possible way to overlay an app that believes it's still in the foreground, when it is not, due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2114813422022-05-10not yet calculatedCVE-2022-20007
MISC
android -- android
 
In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216481035References: Upstream kernel2022-05-10not yet calculatedCVE-2022-20008
MISC
android -- android
 
In various functions of the USB gadget subsystem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213172319References: Upstream kernel2022-05-10not yet calculatedCVE-2022-20009
MISC
android -- android
 
In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-2135191762022-05-10not yet calculatedCVE-2022-20010
MISC
android -- android
 
In getArray of NotificationManagerService.java , there is a possible leak of one user notifications to another due to missing check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2149991282022-05-10not yet calculatedCVE-2022-20011
MISC
android -- android
 
In getAvailabilityStatus of PrivateDnsPreferenceController.java, there is a possible way for a guest user to change private DNS settings due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2069877622022-05-10not yet calculatedCVE-2022-20112
MISC
android -- android
 
In mPreference of DefaultUsbConfigurationPreferenceController.java, there is a possible way to enable file transfer mode due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-2059965172022-05-10not yet calculatedCVE-2022-20113
MISC
android -- android
 
In placeCall of TelecomManager.java, there is a possible way for an application to keep itself running with foreground service importance due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2111140162022-05-10not yet calculatedCVE-2022-20114
MISC
android -- android
 
In broadcastServiceStateChanged of TelephonyRegistry.java, there is a possible way to learn base station information without location permission due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-2101184272022-05-10not yet calculatedCVE-2022-20115
MISC
android -- android
 
In onEntryUpdated of OngoingCallController.kt, it is possible to launch non-exported activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-2124674402022-05-10not yet calculatedCVE-2022-20116
MISC
android -- android
 
In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-217475903References: N/A2022-05-10not yet calculatedCVE-2022-20117
MISC
android -- android
 
In ion_ioctl and related functions of ion.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205707793References: N/A2022-05-10not yet calculatedCVE-2022-20118
MISC
android -- android
 
In private_handle_t of mali_gralloc_buffer.h, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213170715References: N/A2022-05-10not yet calculatedCVE-2022-20119
MISC
android -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A2022-05-10not yet calculatedCVE-2022-20120
MISC
android -- android
 
In getNodeValue of USCCDMPlugin.java, there is a possible disclosure of ICCID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-212573046References: N/A2022-05-10not yet calculatedCVE-2022-20121
MISC
intel -- advisor_software
 
Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access.2022-05-12not yet calculatedCVE-2022-21128
MISC
intel -- xeon
 
Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.2022-05-12not yet calculatedCVE-2022-21131
MISC
intel -- xeon
 
Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial of service via local access.2022-05-12not yet calculatedCVE-2022-21136
MISC
cisco -- estsoft_alyac
 
An out of bounds read vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.7.7. A specially-crafted PE file can trigger this vulnerability to cause denial of service and termination of malware scan. An attacker can provide a malicious file to trigger this vulnerability.2022-05-12not yet calculatedCVE-2022-21147
MISC
CONFIRM
intel -- processors
 
Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.2022-05-12not yet calculatedCVE-2022-21151
MISC
cisco -- inhand_networks_inrouter302A privilege escalation vulnerability exists in the router configuration import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability.2022-05-12not yet calculatedCVE-2022-21182
MISC
CONFIRM
mozilla -- mozilla
 
This affects the package convict before 6.2.3. This is a bypass of [CVE-2022-22143](https://security.snyk.io/vuln/SNYK-JS-CONVICT-2340604). The [fix](https://github.com/mozilla/node-convict/commit/3b86be087d8f14681a9c889d45da7fe3ad9cd880) introduced, relies on the startsWith method and does not prevent the vulnerability: before splitting the path, it checks if it starts with __proto__ or this.constructor.prototype. To bypass this check it's possible to prepend the dangerous paths with any string value followed by a dot, like for example foo.__proto__ or foo.this.constructor.prototype.2022-05-13not yet calculatedCVE-2022-21190
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
intel -- nuc
 
Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.2022-05-12not yet calculatedCVE-2022-21237
MISC
cisco -- inhand_networks_inrouter302
 
A cross-site scripting (xss) vulnerability exists in the info.jsp functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.2022-05-12not yet calculatedCVE-2022-21238
CONFIRM
MISC
cisco -- inhand_networks_inrouter302
 
A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can upload a malicious file to trigger this vulnerability.2022-05-12not yet calculatedCVE-2022-21809
MISC
CONFIRM
microsoft -- point-to-point_tunneling_protocolPoint-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23270.2022-05-10not yet calculatedCVE-2022-21972
MISC
microsoft -- exchange_serverMicrosoft Exchange Server Elevation of Privilege Vulnerability.2022-05-10not yet calculatedCVE-2022-21978
MISC
micosoft -- graphics
 
Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-26934, CVE-2022-29112.2022-05-10not yet calculatedCVE-2022-22011
MISC
microsoft -- ldap
 
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141.2022-05-10not yet calculatedCVE-2022-22012
MISC
microsoft -- ldap
 
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141.2022-05-10not yet calculatedCVE-2022-22013
MISC
microsoft -- ldap
 
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141.2022-05-10not yet calculatedCVE-2022-22014
MISC
microsoft -- remote_desktop_protocol
 
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability.2022-05-10not yet calculatedCVE-2022-22015
MISC
microsoft -- playtomanager
 
Windows PlayToManager Elevation of Privilege Vulnerability.2022-05-10not yet calculatedCVE-2022-22016
MISC
microsoft -- remote_desktop_client
 
Remote Desktop Client Remote Code Execution Vulnerability.2022-05-10not yet calculatedCVE-2022-22017
MISC
microsoft -- remote_procedure_callRemote Procedure Call Runtime Remote Code Execution Vulnerability.2022-05-10not yet calculatedCVE-2022-22019
MISC
intel -- xtu_softwareUncontrolled search path in the Intel(R) XTU software before version 7.3.0.33 may allow an authenticated user to potentially enable escalation of privilege via local access.2022-05-12not yet calculatedCVE-2022-22139
MISC
huawei -- dfx_module
 
The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability.2022-05-13not yet calculatedCVE-2022-22252
MISC
MISC
huawei -- kernel_module
 
The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability.2022-05-13not yet calculatedCVE-2022-22260
MISC
MISC
huawei -- hialserver
 
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services.2022-05-13not yet calculatedCVE-2022-22261
MISC
MISC
sonicwall -- ssl-vpn_netextender_windows_clientA buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender Windows Client (32 and 64 bit) in 10.2.322 and earlier versions, allows an attacker to potentially execute arbitrary code in the host windows operating system.2022-05-13not yet calculatedCVE-2022-22281
CONFIRM
sonicwall -- sma1000
 
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts access to a resource using HTTP connections from an unauthorized actor leading to Improper Access Control vulnerability.2022-05-13not yet calculatedCVE-2022-22282
CONFIRM
ibm -- robotic_process_automation
 
IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disruption for any scripts dependent on the queue. IBM X-Force ID: 218366.2022-05-09not yet calculatedCVE-2022-22319
XF
CONFIRM
CONFIRM
ibm -- qradar_siem
 
IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 218367.2022-05-11not yet calculatedCVE-2022-22320
XF
CONFIRM
ibm -- mq
 
IBM MQ (IBM MQ for HPE NonStop 8.1.0) can inadvertently disclose sensitive information under certain circumstances to a local user from a stack trace. IBM X-Force ID: 218853.2022-05-13not yet calculatedCVE-2022-22325
CONFIRM
XF
ibm -- websphere_application_server_liberty
 
IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ID: 222078.2022-05-13not yet calculatedCVE-2022-22393
CONFIRM
XF
ibm -- robotic_process_automation
 
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 223022.2022-05-12not yet calculatedCVE-2022-22413
XF
CONFIRM
ibm -- infosphere_information_server
 
IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.2022-05-10not yet calculatedCVE-2022-22454
XF
CONFIRM
ibm -- navigator
 
IBM Navigator for i 7.2, 7.3, and 7.4 (heritage version) could allow a remote attacker to obtain access to the web interface without valid credentials. By modifying the sign on request, an attacker can gain visibility to the fully qualified domain name of the target system and the navigator tasks page, however they do not gain the ability to perform those tasks on the system or see any specific system data. IBM X-Force ID: 225899.2022-05-09not yet calculatedCVE-2022-22481
CONFIRM
XF
microsoft -- hyper-v
 
Windows Hyper-V Denial of Service Vulnerability.2022-05-10not yet calculatedCVE-2022-22713
MISC
tibco_software_inc -- multiple_products
 
The DOM XML parser and SAX XML parser components of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center, TIBCO Managed File Transfer Command Center, TIBCO Managed File Transfer Internet Server, and TIBCO Managed File Transfer Internet Server contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to execute XML External Entity (XXE) attacks on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center: versions 8.3.1 and below, TIBCO Managed File Transfer Command Center: versions 8.4.0 and 8.4.1, TIBCO Managed File Transfer Internet Server: versions 8.3.1 and below, and TIBCO Managed File Transfer Internet Server: versions 8.4.0 and 8.4.1.2022-05-10not yet calculatedCVE-2022-22774
CONFIRM
CONFIRM
sysaid -- sysaid_system_takeover
 
Sysaid – Sysaid System Takeover - An attacker can bypass the authentication process by accessing to: /wmiwizard.jsp, Then to: /ConcurrentLogin.jsp, then click on the login button, and it will redirect you to /home.jsp without any authentication.2022-05-12not yet calculatedCVE-2022-22796
MISC
sysaid -- sysaid_open_redirect
 
Sysaid – sysaid Open Redirect - An Attacker can change the redirect link at the parameter "redirectURL" from"GET" request from the url location: /CommunitySSORedirect.jsp?redirectURL=https://google.com. Unvalidated redirects and forwards are possible when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input. By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.2022-05-12not yet calculatedCVE-2022-22797
MISC
sysaid -- multiple_products
 
Sysaid – Pro Plus Edition, SysAid Help Desk Broken Access Control v20.4.74 b10, v22.1.20 b62, v22.1.30 b49 - An attacker needs to log in as a guest after that the system redirects him to the service portal or EndUserPortal.JSP, then he needs to change the path in the URL to /ConcurrentLogin%2ejsp after that he will receive an error message with a login button, by clicking on it, he will connect to the system dashboard. The attacker can receive sensitive data like server details, usernames, workstations, etc. He can also perform actions such as uploading files, deleting calls from the system.2022-05-12not yet calculatedCVE-2022-22798
MISC
spring_by_vmware -- spring_framework
 
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.2022-05-12not yet calculatedCVE-2022-22970
MISC
spring_by_vmware -- spring_framework
 
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user.2022-05-12not yet calculatedCVE-2022-22971
MISC
spring_by_vmware -- pinniped_supervisor 
 
An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. An attack would involve the malicious user changing the common name (CN) of their user entry on the LDAP or AD server to include special characters, which could be used to perform LDAP query injection on the Supervisor's LDAP query which determines their Kubernetes group membership.2022-05-11not yet calculatedCVE-2022-22975
MISC
solana -- rbpf
 
In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to transfer tokens or not. The vulnerability affects both integrity and may cause serious availability problems.2022-05-09not yet calculatedCVE-2022-23066
MISC
MISC
zte -- zxcdn
 
ZTE's ZXCDN product has a reflective XSS vulnerability. The attacker could modify the parameters in the content clearing request url, and when a user clicks the url, an XSS attack will be triggered.2022-05-11not yet calculatedCVE-2022-23137
MISC
zte -- zxmp_m721
 
ZTE's ZXMP M721 product has a permission and access control vulnerability. Since the folder permission viewed by sftp is 666, which is inconsistent with the actual permission. It’s easy for?users to?ignore the modification?of?the file permission configuration, so that low-authority accounts could actually obtain higher operating permissions on key files.2022-05-12not yet calculatedCVE-2022-23139
MISC
sysaid -- sysaid
 
Sysaid – Sysaid 14.2.0 Reflected Cross-Site Scripting (XSS) - The parameter "helpPageName" used by the page "/help/treecontent.jsp" suffers from a Reflected Cross-Site Scripting vulnerability. For an attacker to exploit this Cross-Site Scripting vulnerability, it's necessary for the affected product to expose the Offline Help Pages. An attacker may gain access to sensitive information or execute client-side code in the browser session of the victim user. Furthermore, an attacker would require the victim to open a malicious link. An attacker may exploit this vulnerability in order to perform phishing attacks. The attacker can receive sensitive data like server details, usernames, workstations, etc. He can also perform actions such as uploading files, deleting calls from the system2022-05-12not yet calculatedCVE-2022-23165
MISC
sysaid -- sysaid_local_file_inclusion
 
Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to "/lib/tinymce/examples/index.html" path. in the "Insert/Edit Embedded Media" window Choose Type : iFrame and File/URL : [here is the LFI] Solution: Update to 22.2.20 cloud version, or to 22.1.64 on premise version.2022-05-12not yet calculatedCVE-2022-23166
MISC
micrsoft -- .net_and_visual_studio
 
.NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-29117, CVE-2022-29145.2022-05-10not yet calculatedCVE-2022-23267
MISC
microsoft -- point-to-point_tunneling_protocolPoint-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21972.2022-05-10not yet calculatedCVE-2022-23270
MISC
microsoft -- alpc
 
Windows ALPC Elevation of Privilege Vulnerability.2022-05-10not yet calculatedCVE-2022-23279
MISC
shenzen_ejoin_information_technology_co -- manual_ping_form
 
Command injection vulnerability in Manual Ping Form (Web UI) in Shenzhen Ejoin Information Technology Co., Ltd. ACOM508/ACOM516/ACOM532 609-915-041-100-020 allows a remote attacker to inject arbitrary code via the field.2022-05-09not yet calculatedCVE-2022-23332
MISC
MISC
aruba_networks -- arubaos_switch
 
A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.03.xxxx: All versions; ArubaOS-Switch 16.04.xxxx: All versions; ArubaOS-Switch 16.05.xxxx: All versions; ArubaOS-Switch 16.06.xxxx: All versions; ArubaOS-Switch 16.07.xxxx: All versions; ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0024 and below; ArubaOS-Switch 16.09.xxxx: KB/WB/WC/YA/YB/YC.16.09.0019 and below; ArubaOS-Switch 16.10.xxxx: KB/WB/WC/YA/YB/YC.16.10.0019 and below; ArubaOS-Switch 16.11.xxxx: KB/WB/WC/YA/YB/YC.16.11.0003 and below. Aruba has released upgrades for ArubaOS-Switch Devices that address these security vulnerabilities.2022-05-10not yet calculatedCVE-2022-23676
MISC
aruba_networks -- arubaos_switch
 
A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.03.xxxx: All versions; ArubaOS-Switch 16.04.xxxx: All versions; ArubaOS-Switch 16.05.xxxx: All versions; ArubaOS-Switch 16.06.xxxx: All versions; ArubaOS-Switch 16.07.xxxx: All versions; ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0024 and below; ArubaOS-Switch 16.09.xxxx: KB/WB/WC/YA/YB/YC.16.09.0019 and below; ArubaOS-Switch 16.10.xxxx: KB/WB/WC/YA/YB/YC.16.10.0019 and below; ArubaOS-Switch 16.11.xxxx: KB/WB/WC/YA/YB/YC.16.11.0003 and below. Aruba has released upgrades for ArubaOS-Switch Devices that address these security vulnerabilities.2022-05-10not yet calculatedCVE-2022-23677
MISC
hpe -- integrated_lights-out4
 
A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later.2022-05-09not yet calculatedCVE-2022-23704
MISC
hpe -- multiple_products
 
A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays, and HPE Nimble Storage Secondary Flash Arrays which could potentially allow the upload, but not execution, of unauthorized update binaries to the array. HPE has made the following software updates to resolve the vulnerability in HPE Nimble Storage: 5.0.10.100 or later, 5.2.1.0 or later, 6.0.0.100 or later.2022-05-09not yet calculatedCVE-2022-23705
MISC
zonealarm -- check_point_endpoint_security_clientCheck Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links.2022-05-12not yet calculatedCVE-2022-23742
MISC
MISC
zonealarm -- check_point
 
Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process.2022-05-11not yet calculatedCVE-2022-23743
MISC
siemens -- desigo
 
A vulnerability has been identified in Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The “addCell” JavaScript function fails to properly sanitize user-controllable input before including it into the generated XML body of the XLS report document, such that it is possible to inject arbitrary content (e.g., XML tags) into the generated file. An attacker with restricted privileges, by poisoning any of the content used to generate XLS reports, could be able to leverage the application to deliver malicious files against higher-privileged users and obtain Remote Code Execution (RCE) against the administrator’s workstation.2022-05-10not yet calculatedCVE-2022-24039
MISC
siemens -- desigo
 
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application fails to enforce an upper bound to the cost factor of the PBKDF2 derived key during the creation or update of an account. An attacker with the user profile access privilege could cause a denial of service (DoS) condition through CPU consumption by setting a PBKDF2 derived key with a remarkably high cost effort and then attempting a login to the so-modified account.2022-05-10not yet calculatedCVE-2022-24040
MISC
siemens -- desigo
 
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application stores the PBKDF2 derived key of users passwords with a low iteration count. An attacker with user profile access privilege can retrieve the stored password hashes of other accounts and then successfully perform an offline cracking attack and recover the plaintext passwords of other users.2022-05-10not yet calculatedCVE-2022-24041
MISC
siemens -- desigo
 
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application returns an AuthToken that does not expire at the defined auto logoff delay timeout. An attacker could be able to capture this token and re-use old session credentials or session IDs for authorization.2022-05-10not yet calculatedCVE-2022-24042
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-24101
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-24102
MISC
adobe -- acrobat_reader_dcAcrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-24103
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-24104
MISC
intel -- nucsImproper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.2022-05-12not yet calculatedCVE-2022-24297
MISC
intel -- nucs
 
Improper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.2022-05-12not yet calculatedCVE-2022-24382
MISC
microsoft -- hyper-vWindows Hyper-V Security Feature Bypass Vulnerability.2022-05-10not yet calculatedCVE-2022-24466
MISC
yubico -- otp
 
Incorrect access control in Yubico OTP functionality of the YubiKey hardware tokens along with the Yubico OTP validation server. The Yubico OTP supposedly creates hardware bound second factor credentials. When a user reprograms the OTP functionality by "writing" it on a token using the Yubico Personalization Tool, they can then upload the new configuration to Yubicos OTP validation servers.2022-05-11not yet calculatedCVE-2022-24584
MISC
MISC
MISC
openclinica -- openclinica
 
OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known workarounds. This issue has been patched and users are recommended to upgrade.2022-05-14not yet calculatedCVE-2022-24830
CONFIRM
MISC
openclinica -- openclinica
 
OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). Versions prior to 3.16.1 are vulnerable to SQL injection due to the use of string concatenation to create SQL queries instead of prepared statements. No known workarounds exist. This issue has been patched in 3.16.1, 3.15.9, 3.14.1, and 3.13.1 and users are advised to upgrade.2022-05-14not yet calculatedCVE-2022-24831
CONFIRM
MISC
ecdsautils -- ecdsautils
 
ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[prepare_]legacy()` does not check whether the signature values `r` and `s` are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge signatures. Requiring multiple signatures from different public keys does not mitigate the issue: `ecdsa_verify_list_legacy()` will accept an arbitrary number of such forged signatures. Both the `ecdsautil verify` CLI command and the libecdsautil library are affected. The issue has been fixed in ecdsautils 0.4.1. All older versions of ecdsautils (including versions before the split into a library and a CLI utility) are vulnerable.2022-05-06not yet calculatedCVE-2022-24884
MISC
CONFIRM
MISC
MLIST
DEBIAN
FEDORA
FEDORA
FEDORA
cisco -- inhand_networks_inrouter302
 
A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.2022-05-12not yet calculatedCVE-2022-24910
CONFIRM
MISC
cisco -- inhand_networks_inrouter302
 
An information disclosure vulnerability exists in the web interface session cookie functionality of InHand Networks InRouter302 V3.5.4. The session cookie misses the HttpOnly flag, making it accessible via JavaScript and thus allowing an attacker, able to perform an XSS attack, to steal the session cookie.2022-05-12not yet calculatedCVE-2022-25172
CONFIRM
MISC
blogengine.net -- blogengine.net
 
BlogEngine.NET v3.3.8.0 was discovered to contain an arbitrary file deletion vulnerability which allows attackers to delete files within the web server root directory via a crafted HTTP request.2022-05-13not yet calculatedCVE-2022-25591
MISC
MISC
apache -- tomcat
 
If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that the application will continue to use the socket after it has been closed. The error handling triggered in this case could cause the a pooled object to be placed in the pool twice. This could result in subsequent connections using the same object concurrently which could result in data being returned to the wrong use and/or other errors.2022-05-13not yet calculatedCVE-2022-25762
MISC
sds -- sds
 
This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. **Note:** This vulnerability derives from an incomplete fix to [CVE-2020-7618](https://security.snyk.io/vuln/SNYK-JS-SDS-564123)2022-05-13not yet calculatedCVE-2022-25862
CONFIRM
CONFIRM
microsoft -- workspace_tools
 
The package workspace-tools before 0.18.4 are vulnerable to Command Injection via git argument injection. When calling the fetchRemoteBranch(remote: string, remoteBranch: string, cwd: string) function, both the remote and remoteBranch parameters are passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.2022-05-13not yet calculatedCVE-2022-25865
CONFIRM
CONFIRM
CONFIRM
cisco -- inhand_networks_inrouter302A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.2022-05-12not yet calculatedCVE-2022-25995
MISC
CONFIRM
cisco -- inhand_networks_inrouter302A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of malicious packets to trigger this vulnerability.2022-05-12not yet calculatedCVE-2022-26002
MISC
CONFIRM
cisco -- inhand_networks_inrouter302
 
An OS command injection vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability.2022-05-12not yet calculatedCVE-2022-26007
MISC
CONFIRM
cisco -- inhand_networks_inrouter302
 
An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability.2022-05-12not yet calculatedCVE-2022-26020
MISC
CONFIRM
cisco -- inhand_networks_inrouter302
 
An OS command injection vulnerability exists in the daretools binary functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.2022-05-12not yet calculatedCVE-2022-26042
MISC
CONFIRM
cisco -- inhand_networks_inrouter302
 
An OS command injection vulnerability exists in the console infactory_wlan functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.2022-05-12not yet calculatedCVE-2022-26075
MISC
CONFIRM
cisco -- inhand_networks_inrouter302
 
An OS command injection vulnerability exists in the httpd wlscan_ASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.2022-05-12not yet calculatedCVE-2022-26085
MISC
CONFIRM
fortinet -- fortinac
 
Multiple improper neutralization of special elements used in SQL commands ('SQL Injection') vulnerability [CWE-89] in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.2 and below may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted strings parameters.2022-05-11not yet calculatedCVE-2022-26116
CONFIRM
cisco -- inhand_networks_inrouter302An OS command injection vulnerability exists in the console infactory_port functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.2022-05-12not yet calculatedCVE-2022-26420
MISC
CONFIRM
cisco -- inhand_networks_inrouter302A firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted HTTP request can lead to firmware update. An attacker can send a sequence of requests to trigger this vulnerability.2022-05-12not yet calculatedCVE-2022-26510
MISC
CONFIRM
cisco -- inhand_networks_inrouter302
 
An OS command injection vulnerability exists in the console infactory_net functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.2022-05-12not yet calculatedCVE-2022-26518
MISC
CONFIRM
cisco -- inhand_networks_inrouter302Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`'s `user_define_init` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution.2022-05-12not yet calculatedCVE-2022-26780
CONFIRM
MISC
cisco -- inhand_networks_inrouter302Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`'s `user_define_print` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution.2022-05-12not yet calculatedCVE-2022-26781
CONFIRM
MISC
cisco -- inhand_networks_inrouter302
 
Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`'s `user_define_set_item` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution.2022-05-12not yet calculatedCVE-2022-26782
CONFIRM
MISC
microsoft -- authentication_security_featureWindows Authentication Security Feature Bypass Vulnerability.2022-05-10not yet calculatedCVE-2022-26913
MISC
microsoft -- active_directory_domain_servicesActive Directory Domain Services Elevation of Privilege Vulnerability.2022-05-10not yet calculatedCVE-2022-26923
MISC
microsoft -- lsaWindows LSA Spoofing Vulnerability.2022-05-10not yet calculatedCVE-2022-26925
MISC
microsoft -- address_bookWindows Address Book Remote Code Execution Vulnerability.2022-05-10not yet calculatedCVE-2022-26926
MISC
microsoft -- graphics_componentWindows Graphics Component Remote Code Execution Vulnerability.2022-05-10not yet calculatedCVE-2022-26927
MISC
microsoft -- remote_access_connection_managerWindows Remote Access Connection Manager Information Disclosure Vulnerability.2022-05-10not yet calculatedCVE-2022-26930
MISC
microsoft -- kerberosWindows Kerberos Elevation of Privilege Vulnerability.2022-05-10not yet calculatedCVE-2022-26931
MISC
microsoft -- storage_spaces_directStorage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26938, CVE-2022-26939.2022-05-10not yet calculatedCVE-2022-26932
MISC
microsoft -- ntfsWindows NTFS Information Disclosure Vulnerability.2022-05-10not yet calculatedCVE-2022-26933
MISC
microsoft -- grapics_componentWindows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22011, CVE-2022-29112.2022-05-10not yet calculatedCVE-2022-26934
MISC
microsoft -- wlan_autoconfigWindows WLAN AutoConfig Service Information Disclosure Vulnerability.2022-05-10not yet calculatedCVE-2022-26935
MISC
microsoft -- server_service_Windows Server Service Information Disclosure Vulnerability.2022-05-10not yet calculatedCVE-2022-26936
MISC
microsoft -- network_file_systemWindows Network File System Remote Code Execution Vulnerability.2022-05-10not yet calculatedCVE-2022-26937
MISC
microsoft -- storage_spaces_directStorage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26932, CVE-2022-26939.2022-05-10not yet calculatedCVE-2022-26938
MISC
microsoft -- storage_spaces_directStorage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26932, CVE-2022-26938.2022-05-10not yet calculatedCVE-2022-26939
MISC
microsoft -- remote_desktop_protocol_clientRemote Desktop Protocol Client Information Disclosure Vulnerability.2022-05-10not yet calculatedCVE-2022-26940
MISC
tp-link -- tp-link_tl-wdr7660
 
TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MmtAtePrase` function. Local users could get remote code execution.2022-05-10not yet calculatedCVE-2022-26987
MISC
MISC
MISC
tp-link -- tp-link_tl-wdr7660
 
TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MntAte` function. Local users could get remote code execution.2022-05-10not yet calculatedCVE-2022-26988
MISC
MISC
MISC
htmldoc -- htmldoc
 
There is a vulnerability in htmldoc 1.9.16. In image_load_jpeg function image.cxx when it calls malloc,'img->width' and 'img->height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer overflow/Address boundary error in the jpeg_read_scanlines function.2022-05-09not yet calculatedCVE-2022-27114
MISC
MISC
MLIST
eosio -- eosio
 
EOSIO batdappboomx v327c04cf has an Access-control vulnerability in the `transfer` function of the smart contract which allows remote attackers to win the cryptocurrency without paying ticket fee via the `std::string memo` parameter.2022-05-13not yet calculatedCVE-2022-27134
MISC
eset -- multiple_products
 
Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit "Repair" and "Uninstall" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.2022-05-10not yet calculatedCVE-2022-27167
MISC
cisco -- inrouter302
 
A hard-coded password vulnerability exists in the console infactory functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted network request can lead to privileged operation execution. An attacker can send a sequence of requests to trigger this vulnerability.2022-05-12not yet calculatedCVE-2022-27172
MISC
CONFIRM
galleon -- nts-6002-gps
 
An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated attacker can perform command injection as root via shell metacharacters within the Network Tools section of the web-management interface. All three networking tools are affected (Ping, Traceroute, and DNS Lookup) and their respective input fields (ping_address, trace_address, nslookup_address).2022-05-09not yet calculatedCVE-2022-27224
MISC
MISC
cdsoft -- onlinetools
 
onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an attacker to download sensitive information about any customer (e.g., data of birth, full address, mail information, and phone number) via GastKont Insecure Direct Object Reference.2022-05-13not yet calculatedCVE-2022-27247
MISC
MISC
phprojekt -- phpsimplygest
 
A stored cross-site scripting (XSS) vulnerability in PHProjekt PhpSimplyGest v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a project title.2022-05-09not yet calculatedCVE-2022-27308
MISC
MISC
MISC
explore_cms -- explore_cms
 
Explore CMS v1.0 was discovered to contain a SQL injection vulnerability via a /page.php?id= request.2022-05-09not yet calculatedCVE-2022-27412
MISC
MISC
sap -- web_dispatcher_and_the_internet_communication_manager
 
The Web administration UI of SAP Web Dispatcher and the Internet Communication Manager (ICM) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.2022-05-11not yet calculatedCVE-2022-27656
MISC
MISC
adobe -- acrobat_reader_dcAcrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-27785
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-27786
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-27787
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-27788
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-27789
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-27790
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a stack-based buffer overflow vulnerability due to insecure processing of a font, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file2022-05-11not yet calculatedCVE-2022-27791
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-27792
MISC
adobe -- acrobat_reader_dcAcrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-27793
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by the use of a variable that has not been initialized when processing of embedded fonts, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file2022-05-11not yet calculatedCVE-2022-27794
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-27795
MISC
adobe -- acrobat_reader_dcAcrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-27796
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-27797
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-27798
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-27799
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-27800
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-27801
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-27802
MISC
joomla -- joomla
 
In Joomla component 'jDownloads 3.9.8.2 Stable' the remote user can change some parameters in the address bar and see the names of other users' files2022-05-06not yet calculatedCVE-2022-27909
MISC
MISC
home_owners_collection_management -- home_owners_collection_managementHome Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['s'] parameter.2022-05-11not yet calculatedCVE-2022-28077
MISC
MISC
home_owners_collection_management -- home_owners_collection_managementHome Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['page'] parameter.2022-05-11not yet calculatedCVE-2022-28078
MISC
MISC
hotel_management_system -- hotel_management_systemHotel Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at the login page.2022-05-10not yet calculatedCVE-2022-28110
MISC
MISC
broadcom -- brocade_sannav
 
An information exposure through log file vulnerability in Brocade SANNav versions before Brocade SANnav 2.2.0 could allow an authenticated, local attacker to view sensitive information such as ssh passwords in filetansfer.log in debug mode. To exploit this vulnerability, the attacker would need to have valid user credentials and turn on debug mode.2022-05-09not yet calculatedCVE-2022-28161
MISC
broadcom -- brocade_sannavBrocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text.2022-05-09not yet calculatedCVE-2022-28162
MISC
sap -- businessobjects_enterprise_and_central_management_server
 
During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) - versions 420, 430, authentication credentials are being exposed in Sysmon event logs. This Information Disclosure could cause a high impact on systems’ Confidentiality, Integrity, and Availability.2022-05-11not yet calculatedCVE-2022-28214
MISC
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28230
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by an out-of-bounds read vulnerability when processing a doc object, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28231
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the collab object that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28232
MISC
adobe -- acrobat_reader_dcAcrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28233
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a heap-based buffer overflow vulnerability due to insecure handling of a crafted .pdf file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file2022-05-11not yet calculatedCVE-2022-28234
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28235
MISC
adobe -- acrobat_reader_dcAcrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28236
MISC
adobe -- acrobat_reader_dcAcrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28237
MISC
adobe -- acrobat_reader_dcAcrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28238
MISC
adobe -- acrobat_reader_dcAcrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28239
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28240
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28241
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28242
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28243
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a violation of secure design principles through bypassing the content security policy, which could result in an attacker sending arbitrarily configured requests to the cross-origin attack target domain. Exploitation requires user interaction in which the victim needs to access a crafted PDF file on an attacker's server.2022-05-11not yet calculatedCVE-2022-28244
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28245
MISC
adobe -- acrobat_reader_dcAcrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28246
MISC
adobe -- acrobat_reader_dcAcrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an uncontrolled search path vulnerability that could lead to local privilege escalation. Exploitation of this issue requires user interaction in that a victim must run the uninstaller with Admin privileges.2022-05-11not yet calculatedCVE-2022-28247
MISC
adobe -- acrobat_reader_dcAcrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28248
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28249
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28250
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28251
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28252
MISC
adobe -- acrobat_reader_dcAcrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28253
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28254
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28255
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28256
MISC
adobe -- acrobat_reader_dcAcrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28257
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28258
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28259
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28260
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28261
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28262
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28263
MISC
adobe -- acrobat_reader_dcAcrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28264
MISC
adobe -- acrobat_reader_dcAcrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28265
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28266
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28267
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28268
MISC
adobe -- acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of Annotation objects that could result in a memory leak in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28269
MISC
imagemagick -- imagemagick
 
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.2022-05-08not yet calculatedCVE-2022-28463
MISC
MISC
MISC
MLIST
pypl -- pypl
 
marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor.2022-05-08not yet calculatedCVE-2022-28470
MISC
MISC
MISC
lms_doctor -- simple_2fa_plugin_for_moodle
 
A Two-Factor Authentication (2FA) bypass vulnerability in "Simple 2FA Plugin for Moodle" by LMS Doctor allows remote attackers to overwrite the phone number used for confirmation via the profile.php file. Therefore, allowing them to bypass the phone verification mechanism.2022-05-10not yet calculatedCVE-2022-28601
MISC
MISC
ruby -- ruby
 
A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations.2022-05-09not yet calculatedCVE-2022-28738
MISC
CONFIRM
MISC
ruby -- ruby
 
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.2022-05-09not yet calculatedCVE-2022-28739
MISC
MISC
CONFIRM
sap -- host_agent
 
Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be restricted.2022-05-11not yet calculatedCVE-2022-28774
MISC
MISC
adobe -- coldfusion
 
ColdFusion versions CF2021U3 (and earlier) and CF2018U13 are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-05-12not yet calculatedCVE-2022-28818
MISC
adobe -- character_animator
 
Adobe Character Animator versions 4.4.2 (and earlier) and 22.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious SVG file.2022-05-12not yet calculatedCVE-2022-28819
MISC
adobe -- framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-13not yet calculatedCVE-2022-28821
MISC
adobe -- framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-13not yet calculatedCVE-2022-28822
MISC
adobe -- framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by a Use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-13not yet calculatedCVE-2022-28823
MISC
adobe -- framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by a Use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-13not yet calculatedCVE-2022-28824
MISC
adobe -- framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-13not yet calculatedCVE-2022-28825
MISC
adobe -- framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-13not yet calculatedCVE-2022-28826
MISC
adobe -- framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-13not yet calculatedCVE-2022-28827
MISC
adobe -- framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-13not yet calculatedCVE-2022-28828
MISC
adobe -- framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-13not yet calculatedCVE-2022-28829
MISC
adobe -- framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-13not yet calculatedCVE-2022-28830
MISC
adobe -- acrobat_pro_dc
 
Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28837
MISC
adobe -- acrobat_pro_dc
 
Acrobat Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-05-11not yet calculatedCVE-2022-28838
MISC
f-secure -- safe_browser
 
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails in a loop.2022-05-12not yet calculatedCVE-2022-28872
MISC
f-secure -- safe_browser
 
A vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functionality in SAFE Browser which could lead address bar spoofing attacks.2022-05-12not yet calculatedCVE-2022-28873
MISC
MISC
d-link -- dir882A command injection vulnerability in the component /setnetworksettings/IPAddress of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.2022-05-10not yet calculatedCVE-2022-28895
MISC
MISC
d-link -- dir882A command injection vulnerability in the component /setnetworksettings/SubnetMask of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.2022-05-10not yet calculatedCVE-2022-28896
MISC
MISC
d-link -- dir882
 
A command injection vulnerability in the component /SetTriggerLEDBlink/Blink of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.2022-05-10not yet calculatedCVE-2022-28901
MISC
MISC
totolink -- n600r
 
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicemac parameter in /setting/setDeviceName.2022-05-10not yet calculatedCVE-2022-28905
MISC
totolink -- n600r
 
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg.2022-05-10not yet calculatedCVE-2022-28906
MISC
totolink -- n600rTOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost.2022-05-10not yet calculatedCVE-2022-28907
MISC
totolink -- n600rTOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg.2022-05-10not yet calculatedCVE-2022-28908
MISC
totolink -- n600rTOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx.2022-05-10not yet calculatedCVE-2022-28909
MISC
totolink -- n600rTOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName.2022-05-10not yet calculatedCVE-2022-28910
MISC
totolink -- n600rTOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/CloudACMunualUpdate.2022-05-10not yet calculatedCVE-2022-28911
MISC
totolink -- n600r
 
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUpgradeFW.2022-05-10not yet calculatedCVE-2022-28912
MISC
totolink -- n600r
 
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUploadSetting.2022-05-10not yet calculatedCVE-2022-28913
MISC
d-link -- dir-816
 
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a command injection vulnerability via the admuser and admpass parameters in /goform/setSysAdm.2022-05-10not yet calculatedCVE-2022-28915
MISC
MISC
htmlcreator -- htmlcreator
 
HTMLCreator release_stable_2020-07-29 was discovered to contain a cross-site scripting (XSS) vulnerability via the function _generateFilename.2022-05-12not yet calculatedCVE-2022-28919
MISC
tieba-cloud-sign -- tieba-cloud-sign
 
Tieba-Cloud-Sign v4.9 was discovered to contain a cross-site scripting (XSS) vulnerability via the function strip_tags.2022-05-12not yet calculatedCVE-2022-28920
MISC
lms_doctor_simple_2_factor_authentication_plugin -- lms_doctor_simple_2_factor_authentication_pluginLMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: 2021072900 has an Insecure direct object references (IDOR) vulnerability, which allows remote attackers to update sensitive records such as email, password and phone number of other user accounts.2022-05-10not yet calculatedCVE-2022-28986
MISC
MISC
MISC
directory_management_system -- directory_management_systemMultiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication.2022-05-11not yet calculatedCVE-2022-29006
MISC
dairy_farm_shop_management_system -- dairy_farm_shop_management_systemMultiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication.2022-05-11not yet calculatedCVE-2022-29007
MISC
bus_pass_management_system -- bus_pass_management_systemAn insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information.2022-05-11not yet calculatedCVE-2022-29008
MISC
cyber_cafe_management_system_project -- cyber_cafe_management_system_project 
 
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication.2022-05-11not yet calculatedCVE-2022-29009
MISC
microsoft -- failover_clusterWindows Failover Cluster Information Disclosure Vulnerability.2022-05-10not yet calculatedCVE-2022-29102
MISC
microsoft -- windows_remote_access_connection_managerWindows Remote Access Connection Manager Elevation of Privilege Vulnerability.2022-05-10not yet calculatedCVE-2022-29103
MISC
microsoft -- print_spoolerWindows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29132.2022-05-10not yet calculatedCVE-2022-29104
MISC
microsoft -- windows_media_foundationMicrosoft Windows Media Foundation Remote Code Execution Vulnerability.2022-05-10not yet calculatedCVE-2022-29105
MISC
microsoft -- hyper-v_shared_virtual_diskWindows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability.2022-05-10not yet calculatedCVE-2022-29106
MISC
microsoft -- office
 
Microsoft Office Security Feature Bypass Vulnerability.2022-05-10not yet calculatedCVE-2022-29107
MISC
microsoft -- sharepointMicrosoft SharePoint Server Remote Code Execution Vulnerability.2022-05-10not yet calculatedCVE-2022-29108
MISC
microsoft -- excelMicrosoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29110.2022-05-10not yet calculatedCVE-2022-29109
MISC
microsoft -- excel
 
Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29109.2022-05-10not yet calculatedCVE-2022-29110
MISC
microsoft -- graphics
 
Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22011, CVE-2022-26934.2022-05-10not yet calculatedCVE-2022-29112
MISC
microsoft -- digital_media_receiver
 
Windows Digital Media Receiver Elevation of Privilege Vulnerability.2022-05-10not yet calculatedCVE-2022-29113
MISC
microsoft -- windows_print_spooler
 
Windows Print Spooler Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29140.2022-05-10not yet calculatedCVE-2022-29114
MISC
microsoft -- windows_fax_service
 
Windows Fax Service Remote Code Execution Vulnerability.2022-05-10not yet calculatedCVE-2022-29115
MISC
microsoft -- windows_kernel
 
Windows Kernel Information Disclosure Vulnerability.2022-05-10not yet calculatedCVE-2022-29116
MISC
microsoft -- .net_and_visual_studio.NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29145.2022-05-10not yet calculatedCVE-2022-29117
MISC
microsoft -- windows_clusteredWindows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29122, CVE-2022-29123, CVE-2022-29134.2022-05-10not yet calculatedCVE-2022-29120
MISC
microsoft -- windows_wlanWindows WLAN AutoConfig Service Denial of Service Vulnerability.2022-05-10not yet calculatedCVE-2022-29121
MISC
microsoft -- windows_clustered
 
Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29120, CVE-2022-29123, CVE-2022-29134.2022-05-10not yet calculatedCVE-2022-29122
MISC
microsoft -- windows_clustered
 
Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29120, CVE-2022-29122, CVE-2022-29134.2022-05-10not yet calculatedCVE-2022-29123
MISC
microsoft -- windows_push_notifications_app
 
Windows Push Notifications Apps Elevation of Privilege Vulnerability.2022-05-10not yet calculatedCVE-2022-29125
MISC
microsoft -- tablet_windows_user_interface_application
 
Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability.2022-05-10not yet calculatedCVE-2022-29126
MISC
microsoft -- bitlocker
 
BitLocker Security Feature Bypass Vulnerability.2022-05-10not yet calculatedCVE-2022-29127
MISC
microsoft -- ldap
 
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141.2022-05-10not yet calculatedCVE-2022-29128
MISC
microsoft -- ldap
 
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141.2022-05-10not yet calculatedCVE-2022-29129
MISC
microsoft -- ldapWindows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141.2022-05-10not yet calculatedCVE-2022-29130
MISC
microsoft -- ldap
 
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141.2022-05-10not yet calculatedCVE-2022-29131
MISC
microsoft -- print_spooler_elevation
 
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29104.2022-05-10not yet calculatedCVE-2022-29132
MISC
microsoft -- windows_kernel
 
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29142.2022-05-10not yet calculatedCVE-2022-29133
MISC
microsoft -- clustered_shared_volumeWindows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29120, CVE-2022-29122, CVE-2022-29123.2022-05-10not yet calculatedCVE-2022-29134
MISC
microsoft -- clustered_shared_volumeWindows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29150, CVE-2022-29151.2022-05-10not yet calculatedCVE-2022-29135
MISC
microsoft -- ldap
 
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29139, CVE-2022-29141.2022-05-10not yet calculatedCVE-2022-29137
MISC
microsoft -- clustered_shared_volumeWindows Clustered Shared Volume Elevation of Privilege Vulnerability.2022-05-10not yet calculatedCVE-2022-29138
MISC
microsoft -- ldapWindows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29141.2022-05-10not yet calculatedCVE-2022-29139
MISC
microsoft -- print_spoolerWindows Print Spooler Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29114.2022-05-10not yet calculatedCVE-2022-29140
MISC
microsoft -- windows_ldap
 
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139.2022-05-10not yet calculatedCVE-2022-29141
MISC
microsoft -- windows_kernelWindows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29133.2022-05-10not yet calculatedCVE-2022-29142
MISC
microsoft -- .net_and_visual_studio.NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29117.2022-05-10not yet calculatedCVE-2022-29145
MISC
microsoft -- visual_studioVisual Studio Remote Code Execution Vulnerability.2022-05-10not yet calculatedCVE-2022-29148
MISC
microsoft -- multiple_productsWindows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29135, CVE-2022-29151.2022-05-10not yet calculatedCVE-2022-29150
MISC
microsoft -- multiple_productsWindows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29135, CVE-2022-29150.2022-05-10not yet calculatedCVE-2022-29151
MISC
charmbracelet -- charm
 
A vulnerability in which attackers could forge HTTP requests to manipulate the `charm` data directory to access or delete anything on the server. This has been patched and is available in release [v0.12.1](https://github.com/charmbracelet/charm/releases/tag/v0.12.1). We recommend that all users running self-hosted `charm` instances update immediately. This vulnerability was found in-house and we haven't been notified of any potential exploiters. ### Additional notes * Encrypted user data uploaded to the Charm server is safe as Charm servers cannot decrypt user data. This includes filenames, paths, and all key-value data. * Users running the official Charm [Docker images](https://github.com/charmbracelet/charm/blob/main/docker.md) are at minimal risk because the exploit is limited to the containerized filesystem.2022-05-07not yet calculatedCVE-2022-29180
MISC
CONFIRM
rubygems -- rubygems
 
RubyGems is a package registry used to supply software for the Ruby language ecosystem. An ordering mistake in the code that accepts gem uploads allowed some gems (with platforms ending in numbers, like `arm64-darwin-21`) to be temporarily replaced in the CDN cache by a malicious package. The bug has been patched, and is believed to have never been exploited, based on an extensive review of logs and existing gems by rubygems. The easiest way to ensure that an application has not been exploited by this vulnerability is to verify all downloaded .gems checksums match the checksum recorded in the RubyGems.org database. RubyGems.org has been patched and is no longer vulnerable to this issue.2022-05-13not yet calculatedCVE-2022-29218
CONFIRM
solarview_compact -- solarview_compactSolarView Compact ver.6.00 allows attackers to access sensitive files via directory traversal.2022-05-12not yet calculatedCVE-2022-29298
MISC
solarview_compact -- solarview_compactSolarView Compact ver.6.00 was discovered to contain a local file disclosure via /html/Solar_Ftp.php.2022-05-12not yet calculatedCVE-2022-29302
MISC
solarview_compact -- solarview_compactSolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php.2022-05-12not yet calculatedCVE-2022-29303
MISC
ionize -- ionizecms
 
IonizeCMS v1.0.8.1 was discovered to contain a SQL injection vulnerability via the id_page parameter in application/models/article_model.php.2022-05-12not yet calculatedCVE-2022-29306
MISC
ionize -- ionizecms
 
IonizeCMS v1.0.8.1 was discovered to contain a command injection vulnerability via the function copy_lang_content in application/models/lang_model.php.2022-05-12not yet calculatedCVE-2022-29307
MISC
complete_online_job_search_system -- complete_online_job_search_systemComplete Online Job Search System v1.0 was discovered to contain a SQL injection vulnerability via /eris/index.php?q=result&searchfor=advancesearch.2022-05-11not yet calculatedCVE-2022-29316
MISC
simple_bus_ticket_booking_system  -- simple_bus_ticket_booking_systemSimple Bus Ticket Booking System v1.0 was discovered to contain multiple SQL injection vulnerbilities via the username and password parameters at /assets/partials/_handleLogin.php.2022-05-11not yet calculatedCVE-2022-29317
MISC
car_rental_management_system -- new_entry_module
 
An arbitrary file upload vulnerability in the New Entry module of Car Rental Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.2022-05-11not yet calculatedCVE-2022-29318
MISC
d-link -- dir-816
 
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the lanip parameter in /goform/setNetworkLan.2022-05-10not yet calculatedCVE-2022-29321
MISC
MISC
d-link -- dir-816
 
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the IPADDR and nvmacaddr parameters in /goform/form2Dhcpip.2022-05-10not yet calculatedCVE-2022-29322
MISC
MISC
d-link -- dir-816
 
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the MAC parameter in /goform/editassignment.2022-05-10not yet calculatedCVE-2022-29323
MISC
MISC
d-link -- dir-816
 
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the proto parameter in /goform/form2IPQoSTcAdd.2022-05-10not yet calculatedCVE-2022-29324
MISC
MISC
d-link -- dir-816
 
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addurlfilter parameter in /goform/websURLFilter.2022-05-10not yet calculatedCVE-2022-29325
MISC
MISC
d-link -- dir-816
 
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addhostfilter parameter in /goform/websHostFilter.2022-05-10not yet calculatedCVE-2022-29326
MISC
MISC
d-link -- dir-816D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the urladd parameter in /goform/websURLFilterAddDel.2022-05-10not yet calculatedCVE-2022-29327
MISC
MISC
d-link -- dap-1330_oss-firmwareD-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a stack overflow via the function checkvalidupgrade.2022-05-10not yet calculatedCVE-2022-29328
MISC
MISC
d-link -- dap-1330_oss-firmwareD-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a heap overflow via the devicename parameter in /goform/setDeviceSettings.2022-05-10not yet calculatedCVE-2022-29329
MISC
MISC
phpok -- phpok
 
Phpok v6.1 was discovered to contain a deserialization vulnerability via the update_f() function in login_control.php. This vulnerability allows attackers to getshell via writing arbitrary files.2022-05-12not yet calculatedCVE-2022-29363
MISC
moddable -- moddable
 
Moddable commit before 135aa9a4a6a9b49b60aa730ebc3bcc6247d75c45 was discovered to contain an out-of-bounds read via the function fxUint8Getter at /moddable/xs/sources/xsDataView.c.2022-05-12not yet calculatedCVE-2022-29368
MISC
MISC
nginx -- nginx_njs
 
Nginx NJS v0.7.2 was discovered to contain a segmentation violation via njs_lvlhsh_bucket_find at njs_lvlhsh.c.2022-05-12not yet calculatedCVE-2022-29369
MISC
MISC
netgear -- prosafe_ssl_vpn
 
NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi.2022-05-13not yet calculatedCVE-2022-29383
MISC
MISC
totolink -- n600rTOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8.2022-05-10not yet calculatedCVE-2022-29391
MISC
totolink -- n600rTOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24.2022-05-10not yet calculatedCVE-2022-29392
MISC
totolink -- n600rTOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc.2022-05-10not yet calculatedCVE-2022-29393
MISC
totolink -- n600rTOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448.2022-05-10not yet calculatedCVE-2022-29394
MISC
totolink -- n600rTOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4.2022-05-10not yet calculatedCVE-2022-29395
MISC
totolink -- n600rTOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418f10.2022-05-10not yet calculatedCVE-2022-29396
MISC
totolink -- n600rTOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8.2022-05-10not yet calculatedCVE-2022-29397
MISC
totolink -- n600r
 
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the File parameter in the function FUN_0041309c.2022-05-10not yet calculatedCVE-2022-29398
MISC
totolink -- n600r
 
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the url parameter in the function FUN_00415bf0.2022-05-10not yet calculatedCVE-2022-29399
MISC
wordpress -- donations_plugin
 
Authenticated (contributor or higher role) Cross-Site Scripting (XSS) vulnerability in Donations plugin <= 1.8 on WordPress.2022-05-13not yet calculatedCVE-2022-29433
CONFIRM
CONFIRM
gruppo_tim - resi_gemini-net_web
 
RESI Gemini-Net Web 4.2 is affected by Improper Access Control in authorization logic. An unauthenticated user is able to access some critical resources.2022-05-12not yet calculatedCVE-2022-29538
MISC
MISC
gruppo_tim - resi_gemini-net
 
resi-calltrace in RESI Gemini-Net 4.2 is affected by OS Command Injection. It does not properly check the parameters sent as input before they are processed on the server. Due to the lack of validation of user input, an unauthenticated attacker can bypass the syntax intended by the software (e.g., concatenate `&|;\r\ commands) and inject arbitrary system commands with the privileges of the application user.2022-05-12not yet calculatedCVE-2022-29539
MISC
MISC
 tend -- tx9_proTenda TX9 Pro 22.03.02.10 devices have a SetNetControlList buffer overflow.2022-05-10not yet calculatedCVE-2022-29591
MISC
microstrategy -- enterprise_manager_2022
 
MicroStrategy Enterprise Manager 2022 allows authentication bypass by triggering a login failure and then entering the Uid=/../../../../../../../../../../../windows/win.ini%00.jpg&Pwd=_any_password_&ConnMode=1&3054=Login substring for directory traversal.2022-05-11not yet calculatedCVE-2022-29596
MISC
sap -- netweaver_application_serverSAP NetWeaver Application Server ABAP allows an authenticated attacker to upload malicious files and delete (theme) data, which could result in Stored Cross-Site Scripting (XSS) attack.2022-05-11not yet calculatedCVE-2022-29610
MISC
MISC
sap -- netweaver_application_server
 
SAP NetWeaver Application Server for ABAP and ABAP Platform do not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.2022-05-11not yet calculatedCVE-2022-29611
MISC
MISC
sap -- employee_self_service
 
Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker with user privileges to alter employee number. On successful exploitation, the attacker can view personal details of other users causing a limited impact on confidentiality of the application.2022-05-11not yet calculatedCVE-2022-29613
MISC
MISC
sap -- multiple_products
 
SAP Host Agent, SAP NetWeaver and ABAP Platform allow an attacker to leverage logical errors in memory management to cause a memory corruption.2022-05-11not yet calculatedCVE-2022-29616
MISC
MISC
wedding_management_system -- upload_photos_module
 
An arbitrary file upload vulnerability in the Upload Photos module of Wedding Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.2022-05-11not yet calculatedCVE-2022-29655
MISC
wedding_management_system -- wedding_management_systemWedding Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Wedding-Management/package_detail.php.2022-05-11not yet calculatedCVE-2022-29656
MISC
survey_sparrow -- enterprise_survery_softwareSurvey Sparrow Enterprise Survey Software 2022 has a Stored cross-site scripting (XSS) vulnerability in the Signup parameter.2022-05-11not yet calculatedCVE-2022-29727
MISC
MISC
survey_sparrow -- enterprise_survery_softwareSurvey Sparrow Enterprise Survey Software 2022 has a Reflected cross-site scripting (XSS) vulnerability in the test parameter.2022-05-11not yet calculatedCVE-2022-29728
MISC
MISC
money_transfer_management_system -- money_transfer_management_systemMoney Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=transaction/send&id=, id.2022-05-12not yet calculatedCVE-2022-29738
MISC
money_transfer_management_system -- money_transfer_management_systemMoney Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=user/manage_user&id=.2022-05-12not yet calculatedCVE-2022-29739
MISC
money_transfer_management_system -- money_transfer_management_systemMoney Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=delete_fee.2022-05-12not yet calculatedCVE-2022-29741
MISC
money_transfer_management_system -- money_transfer_management_systemMoney Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=delete_transaction.2022-05-12not yet calculatedCVE-2022-29745
MISC
money_transfer_management_system -- money_transfer_management_systemMoney Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/classes/Users.php?f=delete.2022-05-12not yet calculatedCVE-2022-29746
MISC
simple_client_management_system -- simple_client_management_systemSimple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/manage_invoice&id= // Leak place ---> id.2022-05-12not yet calculatedCVE-2022-29747
MISC
simple_client_management_system -- simple_client_management_systemSimple Client Management System 1.0 is vulnerable to SQL Injection via \cms\admin?page=client/manage_client&id=.2022-05-12not yet calculatedCVE-2022-29748
MISC
simple_client_management_system -- simple_client_management_systemSimple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_invoice.2022-05-12not yet calculatedCVE-2022-29749
MISC
simple_client_management_system -- simple_client_management_systemSimple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_service.2022-05-12not yet calculatedCVE-2022-29750
MISC
simple_client_management_system -- simple_client_management_systemSimple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_client.2022-05-12not yet calculatedCVE-2022-29751
MISC
huawei -- hialserverThe HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services.2022-05-13not yet calculatedCVE-2022-29789
MISC
MISC
huawei -- harmonyosThe graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions.2022-05-13not yet calculatedCVE-2022-29790
MISC
MISC
huawei -- hialserverThe HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services.2022-05-13not yet calculatedCVE-2022-29791
MISC
MISC
huawei -- chip_componentThe chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality.2022-05-13not yet calculatedCVE-2022-29792
MISC
MISC
huawei -- activation_lockThere is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability.2022-05-13not yet calculatedCVE-2022-29793
MISC
MISC
huawei -- frame_scheduling_moduleThe frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality.2022-05-13not yet calculatedCVE-2022-29794
MISC
MISC
huawei -- frame_scheduling_moduleThe frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.2022-05-13not yet calculatedCVE-2022-29795
MISC
MISC
huawei -- hialserver
 
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services.2022-05-13not yet calculatedCVE-2022-29796
MISC
MISC
progress -- ipswitch_watchsup_goldIn Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file.2022-05-11not yet calculatedCVE-2022-29845
MISC
MISC
progress -- ipswitch_watchsup_goldIn Progress Ipswitch WhatsUp Gold 16.1 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to obtain the WhatsUp Gold installation serial number.2022-05-11not yet calculatedCVE-2022-29846
MISC
MISC
progress -- ipswitch_watchsup_gold
 
In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host.2022-05-11not yet calculatedCVE-2022-29847
MISC
MISC
progress -- ipswitch_watchsup_gold
 
In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system.2022-05-11not yet calculatedCVE-2022-29848
MISC
MISC
mitel -- 6900_series
 
A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12) and earlier, could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.2022-05-13not yet calculatedCVE-2022-29854
MISC
CONFIRM
mitel -- multiple_products
 
Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.2022-05-11not yet calculatedCVE-2022-29855
MISC
CONFIRM
apple -- 1passord
 
1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass. Malicious software running on the same computer can exfiltrate secrets from 1Password provided that 1Password is running and is unlocked. Affected secrets include vault items and derived values used for signing in to 1Password.2022-05-09not yet calculatedCVE-2022-29868
MISC
apache -- tomcat
 
The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks.2022-05-12not yet calculatedCVE-2022-29885
MISC
phoneix_contact -- rad-ism
 
On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the traceroute utility integrated in the WebUI to execute arbitrary code with root privileges on the OS due to an improper input validation in all versions of the firmware.2022-05-11not yet calculatedCVE-2022-29897
CONFIRM
phoneix_contact -- rad-ismOn various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the configuration file uploader in the WebUI to execute arbitrary code with root privileges on the OS due to an improper validation of an integrity check value in all versions of the firmware.2022-05-11not yet calculatedCVE-2022-29898
CONFIRM
jetbrains -- teamcityIn JetBrains TeamCity before 2022.04 reflected XSS on the Build Chain Status page was possible2022-05-12not yet calculatedCVE-2022-29927
MISC
jetbrains -- teamcityIn JetBrains TeamCity before 2022.04 leak of secrets in TeamCity agent logs was possible2022-05-12not yet calculatedCVE-2022-29928
MISC
jetbrains -- teamcityIn JetBrains TeamCity before 2022.04 potential XSS via Referrer header was possible2022-05-12not yet calculatedCVE-2022-29929
MISC
jetbrains -- ktor_native
 
SHA1 implementation in JetBrains Ktor Native before 2.0.1 was returning the same value2022-05-12not yet calculatedCVE-2022-29930
MISC
MISC
primeur -- spazio
 
The HTTP Server in PRIMEUR SPAZIO 2.5.1.954 (File Transfer) allows an unauthenticated attacker to obtain sensitive data (related to the content of transferred files) via a crafted HTTP request.2022-05-11not yet calculatedCVE-2022-29932
MISC
MISC
craft_cms -- cms
 
Craft CMS through 3.7.36 allows a remote unauthenticated attacker, who knows at least one valid username, to reset the account's password and take over the account by providing a crafted HTTP header to the application while using the password reset functionality. Specifically, the attacker must send X-Forwarded-Host to the /index.php?p=admin/actions/users/send-password-reset-email URI. NOTE: the vendor's position is that a customer can already work around this by adjusting the configuration (i.e., by not using the default configuration).2022-05-09not yet calculatedCVE-2022-29933
MISC
MISC
MISC
MISC
magnitude -- simba_amazon_redshift_odbc_driver
 
An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Athena ODBC Driver 1.1.1 through 1.1.x before 1.1.17 may allow a local user to execute arbitrary code.2022-05-09not yet calculatedCVE-2022-29971
CONFIRM
MISC
magnitude -- simba_amazon_redshift_odbc_driverAn argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift ODBC Driver (1.4.14 through 1.4.21.1001 and 1.4.22 through 1.4.x before 1.4.52) may allow a local user to execute arbitrary code.2022-05-09not yet calculatedCVE-2022-29972
CONFIRM
MISC
mdaemon -- mdaemonAn Authenticated Reflected Cross-site scripting at CC Parameter was discovered in MDaemon before 22.0.0 .2022-05-11not yet calculatedCVE-2022-29975
MISC
mdaemon -- mdaemonAn Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0 .2022-05-11not yet calculatedCVE-2022-29976
MISC
libsixel -- libsixelThere is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.2022-05-11not yet calculatedCVE-2022-29977
MISC
libsixel -- libsixelThere is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.2022-05-11not yet calculatedCVE-2022-29978
MISC
simple_client_management_system -- simple_client_management_systemSimple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_designation.2022-05-12not yet calculatedCVE-2022-29979
MISC
simple_client_management_system -- simple_client_management_systemSimple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=user/manage_user&id=.2022-05-12not yet calculatedCVE-2022-29980
MISC
simple_client_management_system -- simple_client_management_systemSimple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Users.php?f=delete.2022-05-12not yet calculatedCVE-2022-29981
MISC
simple_client_management_system -- simple_client_management_systemSimple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/maintenance/manage_service.php?id=.2022-05-12not yet calculatedCVE-2022-29982
MISC
simple_client_management_system -- simple_client_management_systemSimple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/view_invoice&id=.2022-05-12not yet calculatedCVE-2022-29983
MISC
simple_client_management_system -- simple_client_management_systemSimple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=client/view_client&id=.2022-05-12not yet calculatedCVE-2022-29984
MISC
online_sports_complex_booking_system -- online_sports_complex_booking_systemOnline Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_category.2022-05-12not yet calculatedCVE-2022-29985
MISC
online_sports_complex_booking_system -- online_sports_complex_booking_systemOnline Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_facility.2022-05-12not yet calculatedCVE-2022-29986
MISC
online_sports_complex_booking_system -- online_sports_complex_booking_systemOnline Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=user/manage_user&id=.2022-05-12not yet calculatedCVE-2022-29987
MISC
online_sports_complex_booking_system -- online_sports_complex_booking_systemOnline Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete.2022-05-12not yet calculatedCVE-2022-29988
MISC
online_sports_complex_booking_system -- online_sports_complex_booking_systemOnline Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_booking.2022-05-12not yet calculatedCVE-2022-29989
MISC
online_sports_complex_booking_system -- online_sports_complex_booking_systemOnline Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/view_category.php?id=.2022-05-12not yet calculatedCVE-2022-29990
MISC
online_sports_complex_booking_system -- online_sports_complex_booking_systemOnline Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/manage_category.php?id=.2022-05-12not yet calculatedCVE-2022-29992
MISC
online_sports_complex_booking_system -- online_sports_complex_booking_systemOnline Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/bookings/view_booking.php?id=.2022-05-12not yet calculatedCVE-2022-29993
MISC
online_sports_complex_booking_system -- online_sports_complex_booking_systemOnline Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=facilities/manage_facility&id=.2022-05-12not yet calculatedCVE-2022-29994
MISC
online_sports_complex_booking_system -- online_sports_complex_booking_systemOnline Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=clients/manage_client&id=.2022-05-12not yet calculatedCVE-2022-29995
MISC
insurance_management_system -- insurance_management_systemInsurance Management System 1.0 is vulnerable to SQL Injection via /insurance/clientStatus.php?client_id=.2022-05-12not yet calculatedCVE-2022-29998
MISC
insurance_management_system -- insurance_management_systemInsurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editClient.php?client_id=.2022-05-12not yet calculatedCVE-2022-29999
MISC
insurance_management_system -- insurance_management_systemInsurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editPayment.php?recipt_no=.2022-05-12not yet calculatedCVE-2022-30000
MISC
insurance_management_system -- insurance_management_systemInsurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editAgent.php?agent_id=.2022-05-12not yet calculatedCVE-2022-30001
MISC
insurance_management_system -- insurance_management_systemInsurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editNominee.php?nominee_id=.2022-05-12not yet calculatedCVE-2022-30002
MISC
tenda -- ax1803
 
Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / goform / setsystimecfg of / bin / tdhttpd in ubif file system, attackers can access http://ip/goform/SetSysTimeCfg, and by setting the ntpserve parameter, the stack buffer overflow can be caused to achieve the effect of router denial of service.2022-05-11not yet calculatedCVE-2022-30040
MISC
mingsoft -- mcmsMingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/listExcludeApp URI via orderBy parameter.2022-05-11not yet calculatedCVE-2022-30047
MISC
mingsoft -- mcmsMingsoft MCMS 5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/list URI via orderBy parameter.2022-05-11not yet calculatedCVE-2022-30048
MISC
shopwind -- shopwindShopwind <=v3.4.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability.2022-05-11not yet calculatedCVE-2022-30057
MISC
shopwind -- shopwindShopwind <=v3.4.2 was discovered to contain a Arbitrary File Download vulnerability via the neirong parameter at \backend\controllers\DbController.php.2022-05-11not yet calculatedCVE-2022-30058
MISC
shopwind -- shopwindShopwind <=v3.4.2 was discovered to contain a Arbitrary File Delete vulnerability via the neirong parameter at \backend\controllers\DbController.php.2022-05-11not yet calculatedCVE-2022-30059
MISC
ftcms -- ftcmsftcms <=2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php2022-05-11not yet calculatedCVE-2022-30060
MISC
ftcms -- ftcmsftcms <=2.1 was discovered to be vulnerable to directory traversal attacks via the parameter tp.2022-05-11not yet calculatedCVE-2022-30061
MISC
ftcms -- ftcmsftcms <=2.1 was discovered to be vulnerable to Arbitrary File Read via tp.php2022-05-11not yet calculatedCVE-2022-30062
MISC
ftcms -- ftcmsftcms <=2.1 was discovered to be vulnerable to code execution attacks .2022-05-11not yet calculatedCVE-2022-30063
MISC
microsoft -- visual_studio_codeVisual Studio Code Remote Code Execution Vulnerability.2022-05-10not yet calculatedCVE-2022-30129
MISC
microsoft -- .net_framework.NET Framework Denial of Service Vulnerability.2022-05-10not yet calculatedCVE-2022-30130
MISC
magnitude -- simba_amazon_redshift_jdbc_driverAn argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Athena JDBC Driver 2.0.25 through 2.0.28 may allow a local user to execute code. NOTE: this is different from CVE-2022-29971.2022-05-09not yet calculatedCVE-2022-30239
CONFIRM
MISC
magnitude -- simba_amazon_redshift_jdbc_driverAn argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift JDBC Driver 1.2.40 through 1.2.55 may allow a local user to execute code. NOTE: this is different from CVE-2022-29972.2022-05-09not yet calculatedCVE-2022-30240
CONFIRM
MISC
black_duck -- black_duck_hub
 
A vulnerability in Black Duck Hub’s embedded MadCap Flare documentation files could allow an unauthenticated remote attacker to conduct a cross-site scripting attack. The vulnerability is due to improper validation of user-supplied input to MadCap Flare's framework embedded within Black Duck Hub's Help Documentation to supply content. An attacker could exploit this vulnerability by convincing a user to click a link designed to pass malicious input to the interface. A successful exploit could allow the attacker to conduct cross-site scripting attacks and gain access to sensitive browser-based information.2022-05-10not yet calculatedCVE-2022-30278
MISC
stormshield -- network_security
 
An issue was discovered in Stormshield Network Security (SNS) 4.3.x before 4.3.8. The event logging of the ASQ sofbus lacbus plugin triggers the dereferencing of a NULL pointer, leading to a crash of SNS. An attacker could exploit this vulnerability via forged sofbus lacbus traffic to cause a firmware crash.2022-05-12not yet calculatedCVE-2022-30279
MISC
pyscript -- pyscriptjs
 
pyscriptjs (aka PyScript Demonstrator) in PyScript through 2022-05-04 allows a remote user to read Python source code.2022-05-09not yet calculatedCVE-2022-30286
MISC
MISC
MISC
MISC
MISC
uclibc-ng -- uclibc-ng
 
uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable DNS transaction IDs that may lead to DNS cache poisoning. This is related to a reset of a value to 0x2.2022-05-06not yet calculatedCVE-2022-30295
MISC
CERT-VN
keepkey -- keepkey_firmware
 
In the KeepKey firmware before 7.3.2, the bootloader can be exploited in unusual situations in which the attacker has physical access, convinces the victim to install malicious firmware, or has unspecified other capabilities. lib/board/supervise.c mishandles svhandler_flash_* address range checks. If exploited, any installed malware could persist even after wiping the device and resetting the firmware.2022-05-07not yet calculatedCVE-2022-30330
MISC
MISC
rarlab -- rarlab_unrar
 
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.2022-05-09not yet calculatedCVE-2022-30333
CONFIRM
MISC
brave -- brave
 
Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular private windows that use Tor as a proxy. Brave does NOT implement most of the privacy protections from Tor Browser."2022-05-07not yet calculatedCVE-2022-30334
MISC
MISC
MISC
MISC
bonanza -- wealth_management_system
 
Bonanza Wealth Management System (BWM) 7.3.2 allows SQL injection via the login form. Users who supply the application with a SQL injection payload in the User Name textbox could collect all passwords in encrypted format from the Microsoft SQL Server component.2022-05-09not yet calculatedCVE-2022-30335
MISC
MISC
MISC
air_cargo_management_system -- air_cargo_management_systemAir Cargo Management System v1.0 is vulnerable to file deletion via /acms/classes/Master.php?f=delete_img.2022-05-13not yet calculatedCVE-2022-30367
MISC
air_cargo_management_system -- air_cargo_management_systemAir Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo_type.2022-05-13not yet calculatedCVE-2022-30370
MISC
air_cargo_management_system -- air_cargo_management_systemAir Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/view_cargo_type.php?id=.2022-05-13not yet calculatedCVE-2022-30371
MISC
air_cargo_management_system -- air_cargo_management_systemAir Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo.2022-05-13not yet calculatedCVE-2022-30372
MISC
air_cargo_management_system -- air_cargo_management_systemAir Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/manage_cargo_type.php?id=.2022-05-13not yet calculatedCVE-2022-30373
MISC
air_cargo_management_system -- air_cargo_management_systemAir Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/?page=transactions/manage_transaction&id=.2022-05-13not yet calculatedCVE-2022-30374
MISC
sourcecodester -- simple_social_networking_siteSourcecodester Simple Social Networking Site v1.0 is vulnerable to file deletion via /sns/classes/Master.php?f=delete_img.2022-05-13not yet calculatedCVE-2022-30375
MISC
sourcecodester -- simple_social_networking_siteSourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/members/view_member.php?id=.2022-05-13not yet calculatedCVE-2022-30376
MISC
sourcecodester -- simple_social_networking_siteSourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=posts/view_post&id=.2022-05-13not yet calculatedCVE-2022-30378
MISC
sourcecodester -- simple_social_networking_siteSourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=user/manage_user&id=.2022-05-13not yet calculatedCVE-2022-30379
MISC
merchandise_online_store -- merchandise_online_store Merchandise Online Store v1.0 is vulnerable to file deletion via /vloggers_merch/classes/Master.php?f=delete_img.2022-05-13not yet calculatedCVE-2022-30381
MISC
merchandise_online_store -- merchandise_online_store Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_inventory.2022-05-13not yet calculatedCVE-2022-30384
MISC
merchandise_online_store -- merchandise_online_store Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_order.2022-05-13not yet calculatedCVE-2022-30385
MISC
merchandise_online_store -- merchandise_online_store Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_featured.2022-05-13not yet calculatedCVE-2022-30386
MISC
merchandise_online_store -- merchandise_online_store Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=pay_order.2022-05-13not yet calculatedCVE-2022-30387
MISC
merchandise_online_store -- merchandise_online_store Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_category.2022-05-13not yet calculatedCVE-2022-30391
MISC
merchandise_online_store -- merchandise_online_store Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_sub_category.2022-05-13not yet calculatedCVE-2022-30392
MISC
merchandise_online_store -- merchandise_online_store Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=product/manage_product&id=.2022-05-13not yet calculatedCVE-2022-30393
MISC
merchandise_online_store -- merchandise_online_store Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_cart.2022-05-13not yet calculatedCVE-2022-30395
MISC
merchandise_online_store -- merchandise_online_store Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=inventory/manage_inventory&id=.2022-05-13not yet calculatedCVE-2022-30396
MISC
merchandise_online_store -- merchandise_online_store Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=orders/view_order&id=.2022-05-13not yet calculatedCVE-2022-30398
MISC
merchandise_online_store -- merchandise_online_store Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_category&id=.2022-05-13not yet calculatedCVE-2022-30399
MISC
merchandise_online_store -- merchandise_online_store Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/orders/view_order.php?view=user&id=.2022-05-13not yet calculatedCVE-2022-30400
MISC
merchandise_online_store -- merchandise_online_store Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=view_product&id=.2022-05-13not yet calculatedCVE-2022-30401
MISC
merchandise_online_store -- merchandise_online_store Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_sub_category&id=.2022-05-13not yet calculatedCVE-2022-30402
MISC
merchandise_online_store -- merchandise_online_store Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=products&c=.2022-05-13not yet calculatedCVE-2022-30403
MISC
college_management_system -- college_management_systemCollege Management System v1.0 is vulnerable to SQL Injection via /College_Management_System/admin/display-teacher.php?teacher_id=.2022-05-13not yet calculatedCVE-2022-30404
MISC
pharmacy_sales_and_inventory_system -- pharmacy_sales_and_inventory_systemPharmacy Sales And Inventory System v1.0 is vulnerable to SQL Injection via /pharmacy-sales-and-inventory-system/manage_user.php?id=.2022-05-13not yet calculatedCVE-2022-30407
MISC
covid-19_travel_pass_management_system -- covid-19_travel_pass_management_systemCovid-19 Travel Pass Management System v1.0 is vulnerable to file deletion via /ctpms/classes/Master.php?f=delete_img.2022-05-13not yet calculatedCVE-2022-30408
MISC
covid-19_travel_pass_management_system -- covid-19_travel_pass_management_systemCovid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=individuals/view_individual&id=.2022-05-13not yet calculatedCVE-2022-30411
MISC
covid-19_travel_pass_management_system -- covid-19_travel_pass_management_systemCovid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/individuals/update_status.php?id=.2022-05-13not yet calculatedCVE-2022-30412
MISC
covid-19_travel_pass_management_system -- covid-19_travel_pass_management_systemCovid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master.php?f=delete_application.2022-05-13not yet calculatedCVE-2022-30413
MISC
covid-19_travel_pass_management_system -- covid-19_travel_pass_management_systemCovid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=applications/view_application&id=.2022-05-13not yet calculatedCVE-2022-30414
MISC
covid-19_travel_pass_management_system -- covid-19_travel_pass_management_systemCovid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/applications/update_status.php?id=.2022-05-13not yet calculatedCVE-2022-30415
MISC
covid-19_travel_pass_management_system -- covid-19_travel_pass_management_systemCovid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via ctpms/admin/?page=user/manage_user&id=.2022-05-13not yet calculatedCVE-2022-30417
MISC
php -- hospital_management_systemHospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a File upload vulnerability in treatmentrecord.php.2022-05-11not yet calculatedCVE-2022-30448
MISC
php -- hospital_management_systemHospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in room.php.2022-05-11not yet calculatedCVE-2022-30449
MISC
waimairencms -- waimairencmsA Remote Code Execution (RCE) vulnerability exists in waimairen 9.1 via wx.php2022-05-11not yet calculatedCVE-2022-30450
MISC
waimairencms -- waimairencmsAn authenticated user could execute code via a SQLi vulnerability in waimairenCMS before version 9.1.2022-05-11not yet calculatedCVE-2022-30451
MISC
shopwind -- shopwind
 
ShopWind <= v3.4.2 has a Sql injection vulnerability in Database.php2022-05-11not yet calculatedCVE-2022-30452
MISC
shopwind -- shopwind
 
ShopWind <= 3.4.2 has a RCE vulnerability in Database.php2022-05-11not yet calculatedCVE-2022-30453
MISC
wavlink -- wavlink_wn535_g3
 
WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi.2022-05-13not yet calculatedCVE-2022-30489
MISC
xpdf -- textline_class
 
There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It can be triggered by (for example) sending a crafted pdf file to the pdftotext binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.2022-05-09not yet calculatedCVE-2022-30524
MISC
zyxel -- usg_flex
 
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versions 4.60 through 5.21 Patch 1, which could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.2022-05-12not yet calculatedCVE-2022-30525
CONFIRM
foxit -- pdf_reader
 
Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash because of Unsigned32 mishandling during JavaScript execution.2022-05-11not yet calculatedCVE-2022-30557
MISC
liblsquic -- lsquic
 
liblsquic/lsquic_qenc_hdl.c in LiteSpeed QUIC (aka LSQUIC) before 3.1.0 mishandles MAX_TABLE_CAPACITY.2022-05-11not yet calculatedCVE-2022-30592
MISC
MISC
linux -- linux_kernel
 
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.2022-05-12not yet calculatedCVE-2022-30594
MISC
MISC
MISC
MISC

Back to top

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.