Vulnerability Summary for the Week of June 13, 2022

Released
Jun 20, 2022
Document ID
SB22-171

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis. 


 

High Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
citrix -- application_delivery_managementCorruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted.2022-06-167.8CVE-2022-27511
MISC
convert-svg_project -- convert-svgThe package convert-svg-core before 0.6.4 are vulnerable to Directory Traversal due to improper sanitization of SVG tags. Exploiting this vulnerability is possible by using a specially crafted SVG file.2022-06-107.5CVE-2022-24278
CONFIRM
CONFIRM
CONFIRM
CONFIRM
dell -- supportassist_for_business_pcsDell SupportAssist Client Consumer versions (3.11.0 and versions prior) and Dell SupportAssist Client Commercial versions (3.2.0 and versions prior) contain a privilege escalation vulnerability. A non-admin user can exploit the vulnerability and gain admin access to the system.2022-06-107.2CVE-2022-29092
CONFIRM
dell -- supportassist_for_business_pcsDell SupportAssist Client Consumer versions (3.10.4 and prior) and Dell SupportAssist Client Commercial versions (3.1.1 and prior) contain a cross-site scripting vulnerability. A remote unauthenticated malicious user could potentially exploit this vulnerability under specific conditions leading to execution of malicious code on a vulnerable system.2022-06-107.6CVE-2022-29095
CONFIRM
dynamicvision -- dynamicmarktdynamicMarkt <= 3.10 is affected by SQL injection in the parent parameter of index.php.2022-06-107.5CVE-2021-41754
MISC
MISC
dynamicvision -- dynamicmarktdynamicMarkt <= 3.10 is affected by SQL injection in the kat1 parameter of index.php.2022-06-107.5CVE-2021-41755
MISC
MISC
dynamicvision -- dynamicmarktdynamicMarkt <= 3.10 is affected by SQL injection in the kat parameter of index.php.2022-06-107.5CVE-2021-41756
MISC
MISC
gatsbyjs -- gatsbyThe package gatsby-plugin-mdx before 2.14.1, from 3.0.0 and before 3.15.2 are vulnerable to Deserialization of Untrusted Data when passing input through to the gray-matter package, due to its default configurations that are missing input sanitization. Exploiting this vulnerability is possible when passing input in both webpack (MDX files in src/pages or MDX file imported as a component in frontend / React code) and data mode (querying MDX nodes via GraphQL). Workaround: If an older version of gatsby-plugin-mdx must be used, input passed into the plugin should be sanitized ahead of processing.2022-06-107.5CVE-2022-25863
CONFIRM
CONFIRM
CONFIRM
CONFIRM
git-promise_project -- git-promiseAll versions of package git-promise are vulnerable to Command Injection due to an inappropriate fix of a prior [vulnerability](https://security.snyk.io/vuln/SNYK-JS-GITPROMISE-567476) in this package. **Note:** Please note that the vulnerability will not be fixed. The README file was updated with a warning regarding this issue.2022-06-107.5CVE-2022-24376
CONFIRM
CONFIRM
huawei -- cv81-wdm_firmwareThere is a buffer overflow vulnerability in CV81-WDM FW 01.70.49.29.46. Successful exploitation of this vulnerability may lead to privilege escalation.2022-06-1310CVE-2022-29797
MISC
huawei -- cv81-wdm_firmwareThere is a denial of service vulnerability in CV81-WDM FW versions 01.70.49.29.46. Successful exploitation could cause denial of service.2022-06-137.8CVE-2022-29798
MISC
huawei -- flmg-10_firmwareThere is an improper authentication vulnerability in FLMG-10 10.0.1.0(H100SP22C00). Successful exploitation of this vulnerability may lead to a control of the victim device.2022-06-137.2CVE-2022-22259
MISC
ideaco -- idealmsIdeaLMS 2022 allows SQL injection via the IdeaLMS/ChatRoom/ClassAccessControl/6?isBigBlueButton=0&ClassID= pathname.2022-06-107.5CVE-2022-31788
MISC
MISC
iqonic -- kivicareThe KiviCare WordPress plugin before 2.3.9 does not sanitise and escape some parameters before using them in SQL statements via the ajax_post AJAX action with the get_doctor_details route, leading to SQL Injections exploitable by unauthenticated users2022-06-137.5CVE-2022-0786
MISC
memberhero -- member_heroThe Member Hero WordPress plugin through 1.0.9 lacks authorization checks, and does not validate the a request parameter in an AJAX action, allowing unauthenticated users to call arbitrary PHP functions with no arguments.2022-06-137.5CVE-2022-0885
MISC
nystudio107 -- seomaticIn the SEOmatic plugin up to 3.4.11 for Craft CMS 3, it is possible for unauthenticated attackers to perform a Server-Side Template Injection, allowing for remote code execution.2022-06-127.5CVE-2021-41749
MISC
MISC
phplist -- phplistA vulnerability was found in PHPList 3.2.6 and classified as critical. This issue affects some unknown processing of the file /lists/index.php of the component Edit Subscription. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.3.1 is able to address this issue. It is recommended to upgrade the affected component.2022-06-107.5CVE-2017-20029
MISC
MISC
phplist -- phplistA vulnerability was found in PHPList 3.2.6. It has been rated as critical. Affected by this issue is some unknown functionality of the component Subscription. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.3.1 is able to address this issue. It is recommended to upgrade the affected component.2022-06-107.5CVE-2017-20032
MISC
MISC
presspage -- bestbooksThe Bestbooks WordPress plugin through 2.6.3 does not sanitise and escape some parameters before using them in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users2022-06-137.5CVE-2022-0827
MISC
realvnc -- vnc_serverRealVNC VNC Server 6.9.0 through 5.1.0 for Windows allows local privilege escalation because an installer repair operation executes %TEMP% files as SYSTEM.2022-06-107.2CVE-2022-27502
MISC
MISC
sicunet -- access_controlA vulnerability was found in SICUNET Access Controller 0.32-05z. It has been classified as very critical. This affects an unknown part. The manipulation leads to weak authentication. It is possible to initiate the attack remotely.2022-06-117.5CVE-2017-20039
N/A
N/A
sicunet -- access_controlA vulnerability was found in SICUNET Access Controller 0.32-05z and classified as critical. Affected by this issue is some unknown functionality of the file card_scan_decoder.php. The manipulation of the argument No/door leads to privilege escalation. The attack may be launched remotely.2022-06-117.5CVE-2017-20038
N/A
N/A
tendacn -- ac18_firmwareTenda AC18 router V15.03.05.19 and V15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac.2022-06-1410CVE-2022-31446
MISC
vim -- vimUse After Free in GitHub repository vim/vim prior to 8.2.2022-06-107.5CVE-2022-2042
CONFIRM
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
alibaba -- fastjsonThe package com.alibaba:fastjson before 1.2.83 are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions. Exploiting this vulnerability allows attacking remote servers. Workaround: If upgrading is not possible, you can enable [safeMode](https://github.com/alibaba/fastjson/wiki/fastjson_safemode).2022-06-106.8CVE-2022-25845
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
artbees -- jupiter_x_coreVulnerable versions of the JupiterX Theme (<=2.0.6) allow any logged-in user, including subscriber-level users, to access any of the functions registered in lib/api/api/ajax.php, which also grant access to the jupiterx_api_ajax_ actions registered by the JupiterX Core Plugin (<=2.0.6). This includes the ability to deactivate arbitrary plugins as well as update the theme’s API key.2022-06-135.5CVE-2022-1656
MISC
axiosys -- bento4An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom.cpp.2022-06-104.3CVE-2022-31287
MISC
axiosys -- bento4Bento4 MP4Dump v1.2 was discovered to contain a segmentation violation via an unknown address at /Source/C++/Core/Ap4DataBuffer.cpp:175.2022-06-104.3CVE-2022-31282
MISC
axiosys -- bento4An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core/Ap4Array.h.2022-06-104.3CVE-2022-31285
MISC
byonepress -- social_lockerThe OnePress Social Locker WordPress plugin through 5.6.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack2022-06-134.3CVE-2022-1608
MISC
citrix -- application_delivery_managementTemporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM.2022-06-165CVE-2022-27512
MISC
combodo -- itopITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/webservices/export-v2.php.2022-06-104.3CVE-2022-31402
MISC
MISC
MISC
convert-svg-core_project -- convert-svg-coreThe package convert-svg-core before 0.6.3 are vulnerable to Arbitrary Code Injection when using a specially crafted SVG file. An attacker can read arbitrary files from the file system and then show the file content as a converted PNG file.2022-06-106.8CVE-2022-24429
CONFIRM
CONFIRM
CONFIRM
couchbase -- sync_gatewayAn issue was discovered in Couchbase Sync Gateway 3.x before 3.0.2. Admin credentials are not verified when using X.509 client-certificate authentication from Sync Gateway to Couchbase Server. When Sync Gateway is configured to authenticate with Couchbase Server using X.509 client certificates, the admin credentials provided to the Admin REST API are ignored, resulting in privilege escalation for unauthenticated users. The Public REST API is not impacted by this issue. A workaround is to replace X.509 certificate based authentication with Username and Password authentication inside the bootstrap configuration.2022-06-106.8CVE-2022-32563
MISC
MISC
email_users_project -- email_usersThe Email Users WordPress plugin through 4.8.8 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and change the notification settings of arbitrary users2022-06-134.3CVE-2022-1605
MISC
enqueue_anything_project -- enqueue_anythingThe Enqueue Anything WordPress plugin through 1.0.1 does not have authorisation and CSRF checks in the remove_asset AJAX action, and does not ensure that the item to be deleted is actually an asset. As a result, low privilege users such as subscriber could delete arbitrary assets, as well as put arbitrary posts in the trash.2022-06-134CVE-2021-25116
MISC
generex -- rccmdDirectory traversal vulnerability in RCCMD 4.26 and earlier allows a remote authenticated attacker with an administrative privilege to read or alter an arbitrary file on the server via unspecified vectors.2022-06-135.5CVE-2022-26041
MISC
MISC
gtm4wp -- google_tag_managerThe Google Tag Manager for WordPress plugin for WordPress is vulnerable to reflected Cross-Site Scripting via the s parameter due to the site search populating into the data layer of sites with insufficient sanitization in versions up to an including 1.15. The affected file is ~/public/frontend.php and this could be exploited by unauthenticated attackers.2022-06-134.3CVE-2022-1707
MISC
MISC
MISC
MISC
gunet -- open_eclass_platformGUnet Open eClass (aka openeclass) before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter.2022-06-114.3CVE-2021-44266
MISC
MISC
MISC
guzzlephp -- guzzleGuzzle is an open source PHP HTTP client. In affected versions `Authorization` headers on requests are sensitive information. On making a request using the `https` scheme to a server which responds with a redirect to a URI with the `http` scheme, we should not forward the `Authorization` header on. This is much the same as to how we don't forward on the header if the host changes. Prior to this fix, `https` to `http` downgrades did not result in the `Authorization` header being removed, only changes to the host. Affected Guzzle 7 users should upgrade to Guzzle 7.4.4 as soon as possible. Affected users using any earlier series of Guzzle should upgrade to Guzzle 6.5.7 or 7.4.4. Users unable to upgrade may consider an alternative approach which would be to use their own redirect middleware. Alternately users may simply disable redirects all together if redirects are not expected or required.2022-06-105CVE-2022-31043
CONFIRM
MISC
MISC
CONFIRM
guzzlephp -- guzzleGuzzle is an open source PHP HTTP client. In affected versions the `Cookie` headers on requests are sensitive information. On making a request using the `https` scheme to a server which responds with a redirect to a URI with the `http` scheme, or on making a request to a server which responds with a redirect to a a URI to a different host, we should not forward the `Cookie` header on. Prior to this fix, only cookies that were managed by our cookie middleware would be safely removed, and any `Cookie` header manually added to the initial request would not be stripped. We now always strip it, and allow the cookie middleware to re-add any cookies that it deems should be there. Affected Guzzle 7 users should upgrade to Guzzle 7.4.4 as soon as possible. Affected users using any earlier series of Guzzle should upgrade to Guzzle 6.5.7 or 7.4.4. Users unable to upgrade may consider an alternative approach to use your own redirect middleware, rather than ours. If you do not require or expect redirects to be followed, one should simply disable redirects all together.2022-06-105CVE-2022-31042
CONFIRM
MISC
MISC
CONFIRM
hc_custom_wp-admin_url_project -- hc_custom_wp-admin_urlThe HC Custom WP-Admin URL WordPress plugin through 1.4 leaks the secret login URL when sending a specific crafted request2022-06-135CVE-2022-1595
MISC
huawei -- harmonyosThe kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability.2022-06-134.9CVE-2022-31763
MISC
MISC
huawei -- harmonyosThe Device Manager has a vulnerability in multi-device interaction. Successful exploitation of this vulnerability may affect data integrity.2022-06-135CVE-2021-46812
MISC
MISC
huawei -- magic_uiConfiguration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability.2022-06-135CVE-2021-46815
MISC
huawei -- magic_uiThe video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability.2022-06-135CVE-2021-46814
MISC
MISC
huawei -- magic_uiThe AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation.2022-06-134.6CVE-2022-31762
MISC
MISC
huawei -- magic_uiLogical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features.2022-06-135CVE-2022-31754
MISC
huawei -- magic_uiThe kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.2022-06-134.9CVE-2022-31751
MISC
MISC
huawei -- magic_uiConfiguration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality.2022-06-135CVE-2022-31761
MISC
ibm -- spectrum_copy_data_managementIBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 225887.2022-06-106.8CVE-2022-22479
XF
CONFIRM
ibm -- spectrum_copy_data_managementIBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 could allow a remote attacker to view product configuration information stored in PostgreSQL, which could be used in further attacks against the system. IBM X-Force ID: 228219.2022-06-105CVE-2022-31769
XF
CONFIRM
jpeg -- libjpegThere is an assertion failure in SingleComponentLSScan::ParseMCU in singlecomponentlsscan.cpp in libjpeg before 1.64 via an empty JPEG-LS scan.2022-06-104.3CVE-2022-32978
MISC
MISC
jpeg-js_project -- jpeg-jsThe package jpeg-js before 0.4.4 are vulnerable to Denial of Service (DoS) where a particular piece of input will cause to enter an infinite loop and never return.2022-06-105CVE-2022-25851
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
kuroit -- advanced_admin_searchThe Advanced Admin Search WordPress plugin before 1.1.6 does not sanitize and escape some parameters before outputting them back in an admin page, leading to a Reflected Cross-Site Scripting.2022-06-134.3CVE-2022-0626
MISC
latest_tweets_widget_project -- latest_tweets_widgetThe Latest Tweets Widget WordPress plugin through 1.1.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack2022-06-134.3CVE-2022-1624
MISC
lighttpd -- lighttpdLighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.2022-06-115CVE-2022-30780
MISC
MISC
MISC
MISC
likebtn -- like_button_ratingThe Like Button Rating WordPress plugin before 2.6.45 allows any logged-in user, such as subscriber, to send arbitrary e-mails to any recipient, with any subject and body2022-06-134CVE-2022-0745
MISC
mailerlite -- mailerlite_signup_formsThe MailerLite WordPress plugin before 1.5.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting2022-06-134.3CVE-2022-1604
MISC
money_transfer_management_system_project -- money_transfer_management_systemA Privilege Escalation vulnerability exists in Sourcecodester Money Transfer Management System 1.0, which allows a remote malicious user to gain elevated privileges to the Admin role via any URL.2022-06-106.5CVE-2021-44582
MISC
MISC
navetti -- pricepointA vulnerability was found in Navetti PricePoint 4.6.0.0. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.7.0.0 is able to address this issue. It is recommended to upgrade the affected component.2022-06-136.8CVE-2017-20045
MISC
MISC
navetti -- pricepointA vulnerability has been found in Navetti PricePoint 4.6.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection (Blind). The attack can be launched remotely. Upgrading to version 4.7.0.0 is able to address this issue. It is recommended to upgrade the affected component.2022-06-136.5CVE-2017-20042
MISC
MISC
netwavepr -- indoor_ip_camera_firmwareThere is a memory dump vulnerability on Netwave IP camera devices at //proc/kcore that allows an unauthenticated attacker to exfiltrate sensitive information from the network configuration (e.g., username and password).2022-06-105CVE-2018-17240
MISC
MISC
MISC
nystudio107 -- seomaticA cross-site scripting (XSS) vulnerability in the SEOmatic plugin 3.4.10 for Craft CMS 3 allows remote attackers to inject arbitrary web script via a GET to /index.php?action=seomatic/file/seo-file-link with url parameter containing the base64 encoded URL of a malicious web page / file and fileName parameter containing an arbitrary filename with the intended content-type to be rendered in the user's browser as the extension.2022-06-124.3CVE-2021-41750
MISC
MISC
MISC
octopus -- octopus_deployIn Octopus Server after version 2022.1.1495 and before 2022.1.2647 if private spaces were enabled via the experimental feature flag all new users would have access to the Script Console within their private space.2022-06-134.3CVE-2022-2013
MISC
phplist -- phplistA vulnerability was found in PHPList 3.2.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument sortby with the input password leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.3.1 is able to address this issue. It is recommended to upgrade the affected component.2022-06-104CVE-2017-20031
MISC
MISC
phplist -- phplistA vulnerability was found in PHPList 3.2.6. It has been classified as critical. Affected is an unknown function of the file /lists/admin/ of the component Sending Campain. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.3.1 is able to address this issue. It is recommended to upgrade the affected component.2022-06-106.5CVE-2017-20030
MISC
MISC
phplist -- phplistA vulnerability classified as problematic has been found in PHPList 3.2.6. This affects an unknown part of the file /lists/admin/. The manipulation of the argument page with the input send\'\";><script>alert(8)</script> leads to cross site scripting (Reflected). It is possible to initiate the attack remotely. Upgrading to version 3.3.1 is able to address this issue. It is recommended to upgrade the affected component.2022-06-104.3CVE-2017-20033
MISC
MISC
posix_project -- posixThis affects all versions of package posix. When invoking the toString method, it will fallback to 0x0 value, as the value of toString is not invokable (not a function), and then it will crash with type-check.2022-06-105CVE-2022-21211
CONFIRM
premierethemes -- log_wp_mailThe Log WP_Mail WordPress plugin through 0.1 saves sent email in a publicly accessible directory using predictable filenames, allowing any unauthenticated visitor to obtain potentially sensitive information like generated passwords.2022-06-135CVE-2022-1412
MISC
sicunet -- access_controlA vulnerability has been found in SICUNET Access Controller 0.32-05z and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument c leads to privilege escalation. The attack can be launched remotely.2022-06-116.5CVE-2017-20037
N/A
N/A
simple-membership-plugin -- simple_membershipThe Simple Membership WordPress plugin before 4.1.1 does not properly sanitise and escape parameters before outputting them back in AJAX actions, leading to Reflected Cross-Site Scripting2022-06-134.3CVE-2022-1724
MISC
thalesgroup -- safenet_keysecureImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SafeNet KeySecure allows an authenticated user to read arbitrary files from the underlying system on which the product is deployed.2022-06-104CVE-2021-42811
MISC
thedaylightstudio -- fuel_cmsA Cross Site Request Forgery (CSRF) vulnerability exists in TheDayLightStudio Fuel CMS 1.5.0 via a POST call to /fuel/sitevariables/delete/4.2022-06-106.8CVE-2021-44117
MISC
MISC
themify -- woocommerce_product_filterThemify WordPress plugin before 1.3.8 does not sanitise and escape the page parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting2022-06-134.3CVE-2022-1532
MISC
usabilitydynamics -- wp-crmThe WP-CRM WordPress plugin through 1.2.1 does not validate and sanitise fields when exporting people to a CSV file, leading to a CSV injection vulnerability.2022-06-136.8CVE-2022-1202
MISC
useful_banner_manager_project -- useful_banner_managerThe Useful Banner Manager WordPress plugin through 1.6.1 does not perform CSRF checks on POST requests to its admin page, allowing an attacker to trick a logged in admin to add, modify or delete banners from the plugin by submitting a form.2022-06-134.3CVE-2022-1694
MISC
veronalabs -- wp_statisticsCross-site scripting vulnerability exists in WP Statistics versions prior to 13.2.0 because it improperly processes a platform parameter. By exploiting this vulnerability, an arbitrary script may be executed on the web browser of the user who is logging in to the website using the product.2022-06-134.3CVE-2022-27231
MISC
MISC
MISC
webriti -- webriti_smtp_mailThe Webriti SMTP Mail WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack2022-06-134.3CVE-2022-1612
MISC
wp_svg_icons_project -- wp_svg_iconsThe WP SVG Icons WordPress plugin through 3.2.3 does not properly validate uploaded custom icon packs, allowing an high privileged user like an admin to upload a zip file containing malicious php code, leading to remote code execution.2022-06-136.5CVE-2022-0863
MISC
xgenecloud -- nocodbExposure of Sensitive Information to an Unauthorized Actor in GitHub repository nocodb/nocodb prior to 0.91.7+.2022-06-135CVE-2022-2062
MISC
CONFIRM
zeroshell -- zeroshellZeroShell 3.9.5 has a command injection vulnerability in /cgi-bin/kerbynet IP parameter, which may allow an authenticated attacker to execute system commands.2022-06-116.5CVE-2021-41738
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
ceikay -- carousel_ckThe Carousel CK WordPress plugin through 1.1.0 does not sanitize and escape Slide's descriptions, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed2022-06-133.5CVE-2022-1336
MISC
ceikay -- slideshow_ckThe Slideshow CK WordPress plugin before 1.4.10 does not sanitize and escape Slide's descriptions, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed2022-06-133.5CVE-2022-1335
MISC
dell -- supportassist_for_business_pcsDell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion vulnerability. Authenticated non-admin user could exploit the issue and delete arbitrary files on the system.2022-06-103.6CVE-2022-29093
CONFIRM
dell -- supportassist_for_business_pcsDell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion/overwrite vulnerability. Authenticated non-admin user could exploit the issue and delete or overwrite arbitrary files on the system.2022-06-103.6CVE-2022-29094
CONFIRM
dolibarr -- dolibarrCross-site Scripting (XSS) - Stored in GitHub repository dolibarr/dolibarr prior to 16.0.2022-06-133.5CVE-2022-2060
MISC
CONFIRM
dwbooster -- appointment_hour_bookingThe Appointment Hour Booking WordPress plugin before 1.3.56 does not sanitise and escape a settings of its Calendar fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed.2022-06-133.5CVE-2022-1710
MISC
flatcore -- flatcore-cmsflatCore-CMS version 2.0.8 is affected by Cross Site Scripting (XSS) in the "Create New Page" option through the index page.2022-06-133.5CVE-2021-40902
MISC
helpdeskz -- helpdeskzA cross-site scripting (XSS) vulnerability in /staff/setup/email-addresses of Helpdeskz v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email name field.2022-06-133.5CVE-2022-31400
MISC
helpdeskz -- helpdeskzA cross-site scripting (XSS) vulnerability in /staff/tools/custom-fields of Helpdeskz v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email name field.2022-06-133.5CVE-2022-31398
MISC
huawei -- magic_uiAppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability.2022-06-132.1CVE-2022-31759
MISC
MISC
huawei -- magic_uiThe fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality.2022-06-132.1CVE-2022-31756
MISC
MISC
huawei -- magic_uiThe communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.2022-06-132.1CVE-2022-31755
MISC
MISC
huawei -- magic_uiMissing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality.2022-06-132.1CVE-2022-31752
MISC
ibm -- spectrum_copy_data_managementIBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to reverse tabnabbing where it could allow a page linked to from within IBM Spectrum Copy Data Management to rewrite it. An administrator could enter a link to a malicious URL that another administrator could then click. Once clicked, that malicious URL could then rewrite the original page with a phishing page. IBM X-Force ID: 227363.2022-06-103.5CVE-2022-30610
XF
CONFIRM
ibm -- spectrum_copy_data_managementIBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. An attacker could exploit this vulnerability to bypass authentication and gain unauthorized access to the Spectrum Copy Data Management catalog which contains metadata. IBM X-Force ID: 223718.2022-06-102.1CVE-2022-22426
XF
CONFIRM
ibm -- spectrum_copy_data_managementIBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using some fields of the form in the portal UI to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. IBM X-Force ID: 227364.2022-06-103.5CVE-2022-30611
XF
CONFIRM
intelliants -- subrion_cmsAn issue was discovered in Subrion CMS v4.2.1 There is a stored cross-site scripting (XSS) vulnerability that can execute malicious JavaScript code by modifying the name of the uploaded image, closing the html tag, or adding the onerror attribute.2022-06-113.5CVE-2021-41502
MISC
lepin_ep-kp001_project -- lepinep-kp001_firmwareDue to an insecure design, the Lepin EP-KP001 flash drive through KP001_V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Normally, the encrypted disk partition with this data is unlocked by entering the correct passcode (6 to 14 digits) via the keypad and pressing the Unlock button. This authentication is performed by an unknown microcontroller. By replacing this microcontroller on a target device with one from an attacker-controlled Lepin EP-KP001 whose passcode is known, it is possible to successfully unlock the target device and read the stored data in cleartext.2022-06-102.1CVE-2022-29948
MISC
FULLDISC
navetti -- pricepointA vulnerability was found in Navetti PricePoint 4.6.0.0 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting (Persistent). The attack may be launched remotely. Upgrading to version 4.7.0.0 is able to address this issue. It is recommended to upgrade the affected component.2022-06-133.5CVE-2017-20043
MISC
MISC
navetti -- pricepointA vulnerability was found in Navetti PricePoint 4.6.0.0. It has been classified as problematic. This affects an unknown part. The manipulation leads to basic cross site scripting (Reflected). It is possible to initiate the attack remotely. Upgrading to version 4.7.0.0 is able to address this issue. It is recommended to upgrade the affected component.2022-06-133.5CVE-2017-20044
MISC
MISC
phplist -- phplistA vulnerability classified as problematic was found in PHPList 3.2.6. This vulnerability affects unknown code of the file /lists/admin/ of the component List Name. The manipulation leads to cross site scripting (Persistent). The attack can be initiated remotely. Upgrading to version 3.3.1 is able to address this issue. It is recommended to upgrade the affected component.2022-06-103.5CVE-2017-20034
MISC
MISC
phplist -- phplistA vulnerability, which was classified as problematic, has been found in PHPList 3.2.6. This issue affects some unknown processing of the file /lists/admin/ of the component Subscribe. The manipulation leads to cross site scripting (Persistent). The attack may be initiated remotely. Upgrading to version 3.3.1 is able to address this issue. It is recommended to upgrade the affected component.2022-06-103.5CVE-2017-20035
MISC
MISC
phplist -- phplistA vulnerability, which was classified as problematic, was found in PHPList 3.2.6. Affected is an unknown function of the file /lists/admin/ of the component Bounce Rule. The manipulation leads to cross site scripting (Persistent). It is possible to launch the attack remotely. Upgrading to version 3.3.1 is able to address this issue. It is recommended to upgrade the affected component.2022-06-103.5CVE-2017-20036
MISC
MISC
sicunet -- access_controlA vulnerability was found in SICUNET Access Controller 0.32-05z. It has been declared as problematic. This vulnerability affects unknown code of the component Password Storage. The manipulation leads to weak encryption. Attacking locally is a requirement.2022-06-112.1CVE-2017-20040
N/A
N/A
ultimatemember -- ultimate_memberThe Ultimate Member plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Biography field featured on individual user profile pages due to insufficient input sanitization and output escaping that allows users to encode malicious web scripts with HTML encoding that is reflected back on the page. This affects versions up to, and including, 2.3.2. Please note this issue was partially fixed in version 2.3.2 then subsequently fully patched in version 2.3.3.2022-06-133.5CVE-2022-1208
MISC
MISC
MISC
wp_athletics_project -- wp_athleticsThe WP Athletics WordPress plugin through 1.1.7 does not sanitize parameters before storing them in the database, nor does it escape the values when outputting them back in the admin dashboard, leading to a Stored Cross-Site Scripting vulnerability.2022-06-133.5CVE-2022-1549
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
adobe -- indesignAdobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-16not yet calculatedCVE-2022-30658
MISC
zzcms -- zzcmsAn issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/dl_sendmail.php (when the attacker has admin authority) via the id parameter.2022-06-17not yet calculatedCVE-2019-12353
MISC
1password -- agilebits
 
An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. In specific circumstances, this issue allowed a malicious server to convince a 1Password app or integration it is communicating with the 1Password service.2022-06-15not yet calculatedCVE-2022-32550
MISC
acunetix -- sonatype_nexus_repository_manager
 
https://ossindex.sonatype.org/ Sonatype Nexus Repository Manager OSS 3.37.3-02 is affected by: Incorrect Access Control. The impact is: Authentication Bypass (remote). The component is: Admin Panel. The attack vector is: With the help of response manipulation Attacker can bypass the login panel and view the dashboard menus, No user interaction is required. ¶¶ 1. Go to https://nexus.e-goi.com 2. Click on the Sign In button. 3. Enter the password as admin:admin. 4. Intercept the request in Burp Suite. 5. Capture the Response of the Request. 6. Change the Status Code from 403 Forbidden to 200 OK. 7. You will see the dashboard which provides the admin access.2022-06-14not yet calculatedCVE-2022-31289
MISC
MISC
adaware -- protect
 
Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path.2022-06-16not yet calculatedCVE-2022-31464
MISC
MISC
adobe -- after_effects
 
Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.2022-06-15not yet calculatedCVE-2021-43755
MISC
adobe -- bridgeAdobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-28843
MISC
adobe -- bridge
 
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-28847
MISC
adobe -- bridge
 
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-28844
MISC
adobe -- bridge
 
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-28850
MISC
adobe -- bridge
 
Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-28849
MISC
adobe -- bridge
 
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-28848
MISC
adobe -- bridge
 
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-28839
MISC
adobe -- bridge
 
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-28846
MISC
adobe -- bridge
 
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-28845
MISC
adobe -- bridge
 
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-28841
MISC
adobe -- bridge
 
Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-28840
MISC
adobe -- bridge
 
Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-28842
MISC
adobe -- illustrator
 
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-30668
MISC
adobe -- illustrator
 
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-30669
MISC
adobe -- illustrator
 
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-30666
MISC
adobe -- illustrator
 
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-30667
MISC
adobe -- indesignAccess of Memory Location After End of Buffer (CWE-7882022-06-15not yet calculatedCVE-2021-40727
MISC
adobe -- lightroom_classic
 
Adobe Lightroom Classic 10.3 (and earlier) are affected by a privilege escalation vulnerability in the Offline Lightroom Classic installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product installation to abuse this vulnerability.2022-06-15not yet calculatedCVE-2021-40776
MISC
adobe -- media_encoder
 
Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.2022-06-13not yet calculatedCVE-2021-46818
MISC
adobe -- media_encoder
 
Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.2022-06-13not yet calculatedCVE-2021-46817
MISC
adobe -- photoshop
 
Adobe Photoshop version 22.5.1 (and earlier versions ) is affected by an Access of Memory Location After End of Buffer vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.2022-06-15not yet calculatedCVE-2021-42735
MISC
adobe -- prelude
 
Adobe Prelude version 22.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.2022-06-15not yet calculatedCVE-2021-43754
MISC
adobe -- premiere_pro
 
Adobe Premiere Pro version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.2022-06-13not yet calculatedCVE-2021-46816
MISC
adobe -- animate
 
Adobe Animate version 22.0.5 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-16not yet calculatedCVE-2022-30664
MISC
adobe -- illustratorAdobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-30647
MISC
adobe -- illustratorAdobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-30649
MISC
adobe -- illustratorAdobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2022-30648
MISC
adobe -- incopyAdobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-16not yet calculatedCVE-2022-30656
MISC
adobe -- incopyAdobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-16not yet calculatedCVE-2022-30655
MISC
adobe -- incopyAdobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-16not yet calculatedCVE-2022-30652
MISC
adobe -- incopyAdobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-16not yet calculatedCVE-2022-30651
MISC
adobe -- incopy
 
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-16not yet calculatedCVE-2022-30653
MISC
adobe -- incopy
 
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-16not yet calculatedCVE-2022-30650
MISC
adobe -- incopy
 
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-16not yet calculatedCVE-2022-30657
MISC
adobe -- incopy
 
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-16not yet calculatedCVE-2022-30654
MISC
adobe -- indesignAdobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-16not yet calculatedCVE-2022-30665
MISC
adobe -- indesignAccess of Memory Location After End of Buffer (CWE-788)2022-06-15not yet calculatedCVE-2021-42732
MISC
adobe -- indesignAdobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-16not yet calculatedCVE-2022-30661
MISC
adobe -- indesignAdobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-16not yet calculatedCVE-2022-30663
MISC
adobe -- indesignAdobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-16not yet calculatedCVE-2022-30662
MISC
adobe -- indesign
 
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-16not yet calculatedCVE-2022-30660
MISC
adobe -- indesign
 
Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.2022-06-15not yet calculatedCVE-2021-39820
MISC
adobe -- indesign
 
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-16not yet calculatedCVE-2022-30659
MISC
adobe -- media_encoder
 
Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-06-15not yet calculatedCVE-2021-43756
MISC
adsk -- autodesk
 
A maliciously crafted TIF file in Autodesk 3ds Max 2022 and 2021 can be used to write beyond the allocated buffer while parsing TIF files. This vulnerability in conjunction with other vulnerabilities could lead to arbitrary code execution.2022-06-16not yet calculatedCVE-2022-27532
MISC
adsk -- autodesk
 
A maliciously crafted TIF file can be forced to read beyond allocated boundaries in Autodesk 3ds Max 2022, and 2021 when parsing the TIF files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.2022-06-16not yet calculatedCVE-2022-27531
MISC
amazon -- aws_apache_log4j
 
Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. This Hotpatch package is not a replacement for updating to a log4j version that mitigates CVE-2021-44228 or CVE-2021-45046; it provides a temporary mitigation to CVE-2021-44228 by hotpatching the local Java virtual machines. To do so, it iterates through all running Java processes, performs several checks, and executes the Java virtual machine with the same permissions and capabilities as the running process to load the hotpatch. A local user could cause the hotpatch script to execute a binary with elevated privileges by running a custom java process that performs exec() of an SUID binary after the hotpatch has observed the process path and before it has observed its effective user ID.2022-06-17not yet calculatedCVE-2022-33915
MISC
MISC
amd -- processors
 
A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure.2022-06-15not yet calculatedCVE-2022-23823
MISC
amodat -- mobile_application_gatewayattacker needs to craft a SQL payload. the vulnerable parameter is "agentid" must be authenticated to the admin panel.2022-06-13not yet calculatedCVE-2022-23169
MISC
amodat -- mobile_application_gatewayThe attacker could get access to the database. The SQL injection is in the username parameter at the login panel: username: admin'--2022-06-13not yet calculatedCVE-2022-23168
MISC
amodat -- mobile_application_gatewayAttacker crafts a GET request to: /mobile/downloadfile.aspx? Filename =../.. /windows/boot.ini the LFI is UNAUTHENTICATED.2022-06-13not yet calculatedCVE-2022-23167
MISC
amozing -- ariangAriaNg v0.1.0~v1.2.2 is affected by an incorrect access control vulnerability through not authenticating visitors' access rights.2022-06-15not yet calculatedCVE-2021-41418
MISC
android -- windowmanager
 
In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when processing user input. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-1579292412022-06-15not yet calculatedCVE-2021-39691
MISC
android -- closef
 
In closef of label_backends_android.c, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege during startup of servicemanager, if an attacker can trigger an initialization failure, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-2153874202022-06-15not yet calculatedCVE-2021-39806
MISC
anker -- eufy_homebase_2
 
A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to remote code execution. The device is exposed to attacks from the network.2022-06-17not yet calculatedCVE-2022-21806
MISC
apache -- hadoop
 
There is a potential heap buffer overflow in Apache Hadoop libhdfs native code. Opening a file path provided by user without validation may result in a denial of service or arbitrary code execution. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher.2022-06-13not yet calculatedCVE-2021-37404
CONFIRM
apache -- hadoop
 
In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher.2022-06-15not yet calculatedCVE-2021-33036
MISC
MLIST
apache-- flume
 
Apache Flume versions 1.4.0 through 1.9.0 are vulnerable to a remote code execution (RCE) attack when a configuration uses a JMS Source with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI to allow only the use of the java protocol or no protocol.2022-06-14not yet calculatedCVE-2022-25167
CONFIRM
CONFIRM
MLIST
apache -- nifi
 
The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of operating system commands on Linux and macOS platforms. The ShellUserGroupProvider is not included in the default configuration. Command injection requires ShellUserGroupProvider to be one of the enabled User Group Providers in the Authorizers configuration. Command injection also requires an authenticated user with elevated privileges. Apache NiFi requires an authenticated user with authorization to modify access policies in order to execute the command. Apache NiFi Registry requires an authenticated user with authorization to read user groups in order to execute the command. The resolution removes command formatting based on user-provided arguments.2022-06-15not yet calculatedCVE-2022-33140
MISC
MISC
apple -- mobaku-auction&flea_market
 
'Mobaoku-Auction&Flea Market' App for iOS versions prior to 5.5.16 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack.2022-06-14not yet calculatedCVE-2022-29482
MISC
apple -- swift-corelibs-foundation
 
A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability is caused by the interaction between a deserialization mechanism offered by the Swift standard library, the Codable protocol; and the JSONDecoder class offered by swift-corelibs-foundation, which can deserialize types that adopt the Codable protocol based on the content of a provided JSON document. When a type that adopts Codable requests the initialization of a field with an integer value, the JSONDecoder class uses a type-erased container with different accessor methods to attempt and coerce a corresponding JSON value and produce an integer. In the case the JSON value was a numeric literal with a floating-point portion, JSONDecoder used different type-eraser methods during validation than it did during the final casting of the value. The checked casting produces a deterministic crash due to this mismatch. The JSONDecoder class is often wrapped by popular Swift-based web frameworks to parse the body of HTTP requests and perform basic type validation. This makes the attack low-effort: sending a specifically crafted JSON document during a request to these endpoints will cause them to crash. The attack does not have any confidentiality or integrity risks in and of itself; the crash is produced deterministically by an abort function that ensures that execution does not continue in the face of this violation of assumptions. However, unexpected crashes can lead to violations of invariants in services, so it's possible that this attack can be used to trigger error conditions that escalate the risk. Producing a denial of service may also be the goal of an attacker in itself. This issue is solved in Swift 5.6.2 for Linux and Windows. This issue was solved by ensuring that the same methods are invoked both when validating and during casting, so that no type mismatch occurs. Swift for Linux and Windows versions are not ABI-interchangeable. To upgrade a service, its owner must update to this version of the Swift toolchain, then recompile and redeploy their software. The new version of Swift includes an updated swift-corelibs-foundation package. Versions of Swift running on Darwin-based operating systems are not affected.2022-06-16not yet calculatedCVE-2022-1642
MISC
argo_project -- argo
 
The package github.com/argoproj/argo-events/sensors/artifacts before 1.7.1 are vulnerable to Directory Traversal in the (g *GitArtifactReader).Read() API in git.go. This could allow arbitrary file reads if the GitArtifactReader is provided a pathname containing a symbolic link or an implicit directory name such as ...2022-06-17not yet calculatedCVE-2022-25856
CONFIRM
CONFIRM
CONFIRM
argopro -- argo_events
 
Argo Events is an event-driven workflow automation framework for Kubernetes. Prior to version 1.7.1, several `HandleRoute` endpoints make use of the deprecated `ioutil.ReadAll()`. `ioutil.ReadAll()` reads all the data into memory. As such, an attacker who sends a large request to the Argo Events server will be able to crash it and cause denial of service. A patch for this vulnerability has been released in Argo Events version 1.7.1.2022-06-13not yet calculatedCVE-2022-31054
CONFIRM
MISC
MISC
MISC
asg_technologies -- asg-zena_cross_platform_server_enterpriseASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to Cleartext Storage of Sensitive Information in a Cookie.2022-06-17not yet calculatedCVE-2021-45025
MISC
MISC
MISC
asg_technologies -- asg-zena_cross_platform_server_enterpriseASG technologies ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to Cross Site Scripting (XSS).2022-06-17not yet calculatedCVE-2021-45026
MISC
MISC
MISC
asg_technologies -- asg-zena_cross_platform_server_enterpriseASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to XML External Entity (XXE).2022-06-17not yet calculatedCVE-2021-45024
MISC
MISC
MISC
asus -- rt-n53ASUS RT-N53 3.0.0.4.376.3754 has a command injection vulnerability in the SystemCmd parameter of the apply.cgi interface.2022-06-17not yet calculatedCVE-2022-31874
MISC
av1 -- video_extensionAV1 Video Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30167.2022-06-15not yet calculatedCVE-2022-30193
MISC
axis_communications -- multiple_productsA vulnerability, which was classified as critical, was found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. This affects an unknown part of the component CGI Script. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component.2022-06-15not yet calculatedCVE-2017-20049
N/A
N/A
axis_communications -- multiple_productsA vulnerability has been found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007 and classified as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to improper access controls. The attack can be initiated remotely. It is recommended to upgrade the affected component.2022-06-15not yet calculatedCVE-2017-20050
N/A
N/A
axis_communications -- multiple_products

 

A vulnerability, which was classified as critical, has been found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. Affected by this issue is some unknown functionality of the component Script Editor. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.2022-06-15not yet calculatedCVE-2017-20048
N/A
N/A
N/A
axis_communications -- multiple_products
 
A vulnerability classified as problematic has been found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. It is recommended to upgrade the affected component.2022-06-15not yet calculatedCVE-2017-20046
N/A
N/A
axis_communications -- multiple_products
 
A vulnerability classified as problematic was found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.2022-06-15not yet calculatedCVE-2017-20047
N/A
N/A
N/A
bachmann_visutec -- atvise
 
An information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.2022-06-17not yet calculatedCVE-2022-21184
MISC
bestwebsoft -- contact_form_plugin
 
A vulnerability classified as problematic has been found in BestWebSoft Contact Form Plugin 4.0.0. This affects an unknown part. The manipulation leads to basic cross site scripting (Stored). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.0.2 is able to address this issue. It is recommended to upgrade the affected component.2022-06-16not yet calculatedCVE-2017-20055
MISC
MISC
MISC
biscuit -- biscuit
 
Biscuit is an authentication and authorization token for microservices architectures. The Biscuit specification version 1 contains a vulnerable algorithm that allows malicious actors to forge valid ?-signatures. Such an attack would allow an attacker to create a token with any access level. The version 2 of the specification mandates a different algorithm than gamma signatures and as such is not affected by this vulnerability. The Biscuit implementations in Rust, Haskell, Go, Java and Javascript all have published versions following the v2 specification. There are no known workarounds for this issue.2022-06-13not yet calculatedCVE-2022-31053
CONFIRM
MISC
bitmainer -- antminer_monitor
 
A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server. Settings file has a predefined secret string, which would be randomly generated, however it is static.2022-06-17not yet calculatedCVE-2021-40903
MISC
MISC
MISC
blynk -- blynk_libraryA stack-based buffer overflow vulnerability exists in the BlynkConsole.h runCommand functionality of Blynk -Library v1.0.1. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.2022-06-17not yet calculatedCVE-2022-29496
MISC
brackeen -- brackeen
 
ok-file-formats master 2021-9-12 is affected by a buffer overflow in ok_jpg_convert_data_unit_grayscale and ok_jpg_convert_YCbCr_to_RGB.2022-06-15not yet calculatedCVE-2021-41413
MISC
MISC
broadcom -- ca_automic_automationCA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code.2022-06-16not yet calculatedCVE-2022-33752
MISC
broadcom -- ca_automic_automationCA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could allow a remote attacker to potentially access sensitive data.2022-06-16not yet calculatedCVE-2022-33751
MISC
broadcom -- ca_automic_automationCA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary commands.2022-06-16not yet calculatedCVE-2022-33750
MISC
broadcom -- ca_automic_automationCA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code.2022-06-16not yet calculatedCVE-2022-33754
MISC
broadcom -- ca_automic_automationCA Automic Automation 12.2 and 12.3 contain an insecure input handling vulnerability in the Automic Agent that could allow a remote attacker to potentially enumerate users.2022-06-16not yet calculatedCVE-2022-33755
MISC
broadcom -- ca_automic_automationCA Automic Automation 12.2 and 12.3 contain an insecure file creation and handling vulnerability in the Automic agent that could allow a user to potentially elevate privileges.2022-06-16not yet calculatedCVE-2022-33753
MISC
broadcom -- ca_automic_automation
 
CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data.2022-06-16not yet calculatedCVE-2022-33756
MISC
broadcom -- ca_clarity
 
CA Clarity 15.8 and below and 15.9.0 contain an insecure XML parsing vulnerability that could allow a remote attacker to potentially view the contents of any file on the system.2022-06-16not yet calculatedCVE-2022-33739
MISC
checkmk -- debian
 
A permission issue affects users that deployed the shipped version of the Checkmk Debian package. Packages created by the agent bakery (enterprise editions only) were not affected. Using the shipped version of the agents, the maintainer scripts located at /var/lib/dpkg/info/ will be owned by the user and the group with ID 1001. If such a user exists on the system, they can change the content of these files (which are then executed by root). This leads to a local privilege escalation on the monitored host. Version 1.6 through 1.6.9p29, version 2.0 through 2.0.0p26, version 2.1 through 2.1.0p3, and version 2.2.0i1 are affected.2022-06-17not yet calculatedCVE-2022-33912
MISC
cisc0 -- identity_services_engine
 
A vulnerability in the login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to log in without credentials and access all roles without any restrictions. This vulnerability is due to exposed sensitive Security Assertion Markup Language (SAML) metadata. An attacker could exploit this vulnerability by using the exposed SAML metadata to bypass authentication to the user portal. A successful exploit could allow the attacker to access all roles without any restrictions.2022-06-15not yet calculatedCVE-2022-20733
CISCO
cisco -- appdynamics_controller_software
 
A vulnerability in the web-based management interface of Cisco AppDynamics Controller Software could allow an unauthenticated, remote attacker to access a configuration file and the login page for an administrative console that they would not normally have authorization to access. This vulnerability is due to improper authorization checking for HTTP requests that are submitted to the affected web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected instance of AppDynamics Controller. A successful exploit could allow the attacker to access the login page for an administrative console. AppDynamics has released software updates that address this vulnerability.2022-06-15not yet calculatedCVE-2022-20736
CISCO
cisco -- identity_servies_engine
 
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege levels for sensitive data are not properly enforced. An attacker with read-only privileges for the web-based management interface on an affected device could exploit this vulnerability by browsing to a page that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information about the system configuration.2022-06-15not yet calculatedCVE-2022-20819
CISCO
cisco -- small_business_routers
 
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient user input validation of incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device using root-level privileges. Cisco has not released software updates that address this vulnerability.2022-06-15not yet calculatedCVE-2022-20825
CISCO
cisco -- unified_ip_phones
 
A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to impersonate another user's phone if the Cisco Unified Communications Manager (CUCM) is in secure mode. This vulnerability is due to improper key generation during the manufacturing process that could result in duplicated manufactured keys installed on multiple devices. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on the secure communication between the phone and the CUCM. A successful exploit could allow the attacker to impersonate another user's phone. This vulnerability cannot be addressed with software updates. There is a workaround that addresses this vulnerability.2022-06-15not yet calculatedCVE-2022-20817
CISCO
cisco --secure_email_and_web_manager
 
A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass authentication and log in to the web management interface of an affected device. This vulnerability is due to improper authentication checks when an affected device uses Lightweight Directory Access Protocol (LDAP) for external authentication. An attacker could exploit this vulnerability by entering a specific input on the login page of the affected device. A successful exploit could allow the attacker to gain unauthorized access to the web-based management interface of the affected device.2022-06-15not yet calculatedCVE-2022-20798
CISCO
cisco --secure_email_and_web_manager
 
A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access Protocol (LDAP) external authentication server connected to an affected device. This vulnerability is due to a lack of proper input sanitization while querying the external authentication server. An attacker could exploit this vulnerability by sending a crafted query through an external authentication web page. A successful exploit could allow the attacker to gain access to sensitive information, including user credentials from the external authentication server. To exploit this vulnerability, an attacker would need valid operator-level (or higher) credentials.2022-06-15not yet calculatedCVE-2022-20664
CISCO
connx -- connxIn Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the secure flag set.2022-06-14not yet calculatedCVE-2021-40650
MISC
MISC
connx -- connx
 
In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the HttpOnly flag set.2022-06-14not yet calculatedCVE-2021-40649
MISC
MISC
couchbase -- couchbase_serverCouchbase Server 5.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized Actor.2022-06-13not yet calculatedCVE-2022-32192
MISC
MISC
couchbase -- couchbase_serverCouchbase Server 6.6.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized Actor.2022-06-13not yet calculatedCVE-2022-32193
MISC
MISC
couchbase -- couchbase_serverAn issue was discovered in Couchbase Server before 6.6.5 and 7.x before 7.0.4. Previous mitigations for CVE-2018-15728 were found to be insufficient when it was discovered that diagnostic endpoints could still be accessed from the network.2022-06-14not yet calculatedCVE-2022-32561
MISC
MISC
MISC
couchbase -- couchbase_serverAn issue was discovered in Couchbase Server before 7.0.4. Sample bucket loading may leak internal user passwords during a failure.2022-06-13not yet calculatedCVE-2022-32558
MISC
MISC
MISC
couchbase -- couchbase_serverAn issue was discovered in Couchbase Server before 7.0.4. Operations may succeed on a collection using stale RBAC permission.2022-06-13not yet calculatedCVE-2022-32562
MISC
MISC
MISC
couchbase -- couchbase_serverAn issue was discovered in Couchbase Server before 7.0.4. XDCR lacks role checking when changing internal settings.2022-06-13not yet calculatedCVE-2022-32560
MISC
MISC
MISC
couchbase -- couchbase_serverAn issue was discovered in Couchbase Server before 7.0.4. The Index Service does not enforce authentication for TCP/TLS servers.2022-06-14not yet calculatedCVE-2022-32557
MISC
MISC
MISC
couchbase -- couchbase_serverAn issue was discovered in Couchbase Server before 7.0.4. Random HTTP requests lead to leaked metrics.2022-06-14not yet calculatedCVE-2022-32559
MISC
MISC
MISC
couchbase -- couchbase_server
 
An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted usernames and document ids.2022-06-13not yet calculatedCVE-2022-32565
MISC
MISC
MISC
couchbase -- couchbase_server
 
An issue was discovered in Couchbase Server before 7.0.4. In couchbase-cli, server-eshell leaks the Cluster Manager cookie.2022-06-13not yet calculatedCVE-2022-32564
MISC
MISC
MISC
covesa -- covesa
 
An issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets.2022-06-16not yet calculatedCVE-2022-31291
MISC
d-link -- dir-850l
 
An issue was discovered on D-Link DIR-850L 1.21WW devices. A partially completed WPA handshake is sufficient for obtaining full access to the wireless network. A client can access the network by sending packets on Data Frames to the AP without encryption.2022-06-16not yet calculatedCVE-2018-18907
MISC
MISC
deno -- deno
 
Deno <=1.14.0 file sandbox does not handle symbolic links correctly. When running Deno with specific write access, the Deno.symlink method can be used to gain access to any directory.2022-06-12not yet calculatedCVE-2021-41641
MISC
MISC
devolutions -- remote_desktop_manager
 
A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate attackers to observe sensitive data. A caching issue can cause sensitive fields to sometimes stay revealed when closing and reopening a panel, which could lead to involuntarily disclosing sensitive information. This issue affects: Devolutions Remote Desktop Manager 2022.1.24 version and prior versions.2022-06-15not yet calculatedCVE-2022-1342
MISC
discordjs -- opus
 
All versions of package @discordjs/opus are vulnerable to Denial of Service (DoS) when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash.2022-06-17not yet calculatedCVE-2022-25345
CONFIRM
CONFIRM
discourse -- calendar
 
Discourse Calendar is a calendar plugin for Discourse, an open-source messaging app. Prior to version 1.0.1, parsing and rendering of Event names can be susceptible to cross-site scripting (XSS) attacks. This vulnerability only affects sites which have modified or disabled Discourse’s default Content Security Policy. This issue is patched in version 1.0.1 of the Discourse Calendar plugin. As a workaround, ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks.2022-06-14not yet calculatedCVE-2022-31059
CONFIRM
MISC
MISC
discourse -- discourse
 
Discourse is an open-source discussion platform. Prior to version 2.8.4 in the `stable` branch and version `2.9.0.beta5` in the `beta` and `tests-passed` branches, banner topic data is exposed on login-required sites. This issue is patched in version 2.8.4 in the `stable` branch and version `2.9.0.beta5` in the `beta` and `tests-passed` branches of Discourse. As a workaround, one may disable banners.2022-06-14not yet calculatedCVE-2022-31060
MISC
CONFIRM
MISC
drive_composer -- drive_composer

 

Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.2022-06-15not yet calculatedCVE-2022-31217
MISC
drive_composer -- drive_composer
 
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.2022-06-15not yet calculatedCVE-2022-31216
MISC
drive_composer -- drive_composer
 
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.2022-06-15not yet calculatedCVE-2022-31218
MISC
drive_composer -- drive_composer
 
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.2022-06-15not yet calculatedCVE-2022-31219
MISC
edgex_foundry -- edgex_foundry
 
EdgeX Foundry is an open source project for building a common open framework for Internet of Things edge computing. Prior to version 2.1.1, the /api/v2/config endpoint exposes message bus credentials to local unauthenticated users. In security-enabled mode, message bus credentials are supposed to be kept in the EdgeX secret store and require authentication to access. This vulnerability bypasses the access controls on message bus credentials when running in security-enabled mode. (No credentials are required when running in security-disabled mode.) As a result, attackers could intercept data or inject fake data into the EdgeX message bus. Users should upgrade to EdgeXFoundry Kamakura release (2.2.0) or to the June 2022 EdgeXFoundry LTS Jakarta release (2.1.1) to receive a patch. More information about which go modules, docker containers, and snaps contain patches is available in the GitHub Security Advisory. There are currently no known workarounds for this issue.2022-06-14not yet calculatedCVE-2022-31066
MISC
CONFIRM
MISC
electron -- electron
 
Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components. This kind of attack would require significant privileges in a potential victim's own auto updating infrastructure and the ease of that attack entirely depends on the potential victim's infrastructure security. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. There are no known workarounds.2022-06-13not yet calculatedCVE-2022-29257
CONFIRM
electron -- electron
 
Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows a renderer with JS execution to obtain access to a new renderer process with `nodeIntegrationInSubFrames` enabled which in turn allows effective access to `ipcRenderer`. The `nodeIntegrationInSubFrames` option does not implicitly grant Node.js access. Rather, it depends on the existing sandbox setting. If an application is sandboxed, then `nodeIntegrationInSubFrames` just gives access to the sandboxed renderer APIs, which include `ipcRenderer`. If the application then additionally exposes IPC messages without IPC `senderFrame` validation that perform privileged actions or return confidential data this access to `ipcRenderer` can in turn compromise your application / user even with the sandbox enabled. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. As a workaround, ensure that all IPC message handlers appropriately validate `senderFrame`.2022-06-13not yet calculatedCVE-2022-29247
CONFIRM
electrum -- electrum
 
paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request (e.g., within QR code data). On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename.2022-06-17not yet calculatedCVE-2022-31246
MISC
MISC
elementor -- website_builder
 
DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions.2022-06-13not yet calculatedCVE-2022-29455
CONFIRM
CONFIRM
CONFIRM
employee_leaves_management_system -- employee_leaves_management_systemEmployee Leaves Management System (ELMS) V 2.1 is vulnerable to Cross Site Request Forgery (CSRF) via /myprofile.php.2022-06-14not yet calculatedCVE-2022-30931
MISC
MISC
en100 -- ethernet_module
 
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). Affected applications contains a memory corruption vulnerability while parsing specially crafted HTTP packets to /txtrace endpoint. This could allow an attacker to crash the affected application leading to a denial of service condition.2022-06-14not yet calculatedCVE-2022-30937
MISC
fast-string-search -- fast-string-search
 
All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory.2022-06-17not yet calculatedCVE-2022-25872
CONFIRM
CONFIRM
fast-string-search -- fast-string-search
 
All versions of package fast-string-search are vulnerable to Denial of Service (DoS) when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation.2022-06-17not yet calculatedCVE-2022-22138
CONFIRM
fedai -- fate
 
An issue was discovered in function sync_tree in hetero_decision_tree_guest.py in WeBank FATE (Federated AI Technology Enabler) 0.1 through 1.4.2 allows attackers to read sensitive information during the training process of machine learning joint modeling.2022-06-16not yet calculatedCVE-2020-25459
MISC
festo -- controller
 
In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-refresh-request" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.2022-06-13not yet calculatedCVE-2022-30311
CONFIRM
festo -- controller
 
In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-acknerr-request" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.2022-06-13not yet calculatedCVE-2022-30310
CONFIRM
festo -- controller
 
In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web-viewer-request-on" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.2022-06-13not yet calculatedCVE-2022-30308
CONFIRM
festo -- controller
 
In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web-viewer-request-off" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.2022-06-13not yet calculatedCVE-2022-30309
CONFIRM
filecloud -- filecloudA vulnerability classified as critical has been found in FileCloud. Affected is the NTFS handler which leads to improper access controls. It is possible to launch the attack remotely but it demands some form of authentication. Upgrading to version 21.3.5.18513 is able to address this issue. It is recommended to upgrade the affected component.2022-06-15not yet calculatedCVE-2022-1958
MISC
MISC
MISC
finastra -- nestjs_proxy
 
NestJS Proxy is a NestJS module to decorate and proxy calls. Prior to version 0.7.0, the nestjs-proxy library did not have a way to block sensitive cookies (e.g. session cookies) from being forwarded to backend services configured by the application developer. This could have led to sensitive cookies being inadvertently exposed to such services that should not see them. The patched version now blocks cookies from being forwarded by default. However developers can configure an allow-list of cookie names by using the `allowedCookies` config setting. This issue has been fixed in version 0.7.0 of `@finastra/nestjs-proxy`. Users of `@ffdc/nestjs-proxy` are advised that this package has been deprecated and is no longer being maintained or receiving updates. Such users should update their package.json file to use `@finastra/nestjs-proxy` instead.2022-06-15not yet calculatedCVE-2022-31070
MISC
CONFIRM
finastra -- nestjs_proxy
 
NestJS Proxy is a NestJS module to decorate and proxy calls. Prior to version 0.7.0, the nestjs-proxy library did not have a way to control when Authorization headers should should be forwarded for specific backend services configured by the application developer. This could have resulted in sensitive information such as OAuth bearer access tokens being inadvertently exposed to such services that should not see them. A new feature has been introduced in the patched version of nestjs-proxy that allows application developers to opt out of forwarding the Authorization headers on a per service basis using the `forwardToken` config setting. Developers are advised to review the README for this library on Github or NPM for further details on how this configuration can be applied. This issue has been fixed in version 0.7.0 of `@finastra/nestjs-proxy`. Users of `@ffdc/nestjs-proxy` are advised that this package has been deprecated and is no longer being maintained or receiving updates. Such users should update their package.json file to use `@finastra/nestjs-proxy` instead.2022-06-15not yet calculatedCVE-2022-31069
CONFIRM
MISC
flatcore -- flatcore_cmsflatCore-CMS v2.0.8 has a code execution vulnerability, which could let a remote malicious user execute arbitrary PHP code.2022-06-16not yet calculatedCVE-2021-41402
MISC
flatcore -- flatcore_cmsflatCore-CMS version 2.0.8 calls dangerous functions, causing server-side request forgery vulnerabilities.2022-06-15not yet calculatedCVE-2021-41403
MISC
francoisjacquet -- rosariosis
 
SQL Injection in GitHub repository francoisjacquet/rosariosis prior to 9.0.2022-06-13not yet calculatedCVE-2022-2067
MISC
CONFIRM
fuji_electric -- v-server
 
Out-of-bounds write vulnerability exists in V-Server v4.0.11.0 and earlier and V-Server Lite v4.0.13.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.2022-06-14not yet calculatedCVE-2022-29524
MISC
MISC
MISC
fuji_electric -- v-sftUse after free vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.2022-06-14not yet calculatedCVE-2022-29522
MISC
MISC
fuji_electric -- v-sftOut-of-bounds read vulnerability exist in the simulator module contained in the graphic editor 'V-SFT' v6.1.3.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.2022-06-14not yet calculatedCVE-2022-29506
MISC
MISC
MISC
fuji_electric -- v-sftHeap-based buffer overflow exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.2022-06-14not yet calculatedCVE-2022-26302
MISC
MISC
fuji_electric -- v-sft
 
Access of uninitialized pointer vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.2022-06-14not yet calculatedCVE-2022-29925
MISC
MISC
fujielectric -- v-serverOut-of-bounds read vulnerability exists in V-Server v4.0.11.0 and earlier and V-Server Lite v4.0.13.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.2022-06-16not yet calculatedCVE-2022-30549
MISC
MISC
MISC
fujielectric -- v-sft
 
Out-of-bounds write vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.2022-06-16not yet calculatedCVE-2022-30538
MISC
MISC
fujielectric -- v-sft
 
Out-of-bounds read vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.2022-06-16not yet calculatedCVE-2022-30546
MISC
MISC
ge -- voluson_s8
 
A vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the local network is required for this attack to succeed.2022-06-17not yet calculatedCVE-2020-36549
N/A
N/A
ge -- voluson_s8
 
A vulnerability classified as problematic has been found in GE Voluson S8. Affected is the file /uscgi-bin/users.cgi of the Service Browser. The manipulation leads to improper authentication and elevated access possibilities. It is possible to launch the attack on the local host.2022-06-17not yet calculatedCVE-2020-36548
N/A
N/A
ge -- voluson_s8
 
A vulnerability was found in GE Voluson S8. It has been rated as critical. This issue affects the Service Browser which itroduces hard-coded credentials. Attacking locally is a requirement. It is recommended to change the configuration settings.2022-06-17not yet calculatedCVE-2020-36547
N/A
N/A
ghostscript -- ghostscript
 
A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined for the device that uses it as a prototype that depends upon the number of bits per pixel. For bpp > 64, mem_x_device is used and does not have an init_device_procs defined. This flaw allows an attacker to parse a large number of bits (more than 64 bits per pixel), which triggers a NULL pointer dereference flaw, causing an application to crash.2022-06-16not yet calculatedCVE-2022-2085
MISC
MISC
MISC
giflib -- gif2rgb
 
A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file.2022-06-14not yet calculatedCVE-2021-40633
MISC
git.videolan -- ffmpegA vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.2022-06-18not yet calculatedCVE-2014-125011
MISC
MISC
git.videolan -- ffmpegA vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is the function intra_pred of the file libavcodec/hevcpred_template.c. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.2022-06-18not yet calculatedCVE-2014-125007
MISC
MISC
git.videolan -- ffmpeg
 
A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function add_yblock of the file libavcodec/snow.h. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.2022-06-18not yet calculatedCVE-2014-125009
MISC
MISC
git.videolan -- ffmpeg
 
A vulnerability classified as critical has been found in FFmpeg 2.0. Affected is the function read_var_block_data. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.2022-06-18not yet calculatedCVE-2014-125015
MISC
MISC
git.videolan -- ffmpeg
 
A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is an unknown functionality of the component HEVC Video Decoder. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.2022-06-18not yet calculatedCVE-2014-125014
MISC
MISC
git.videolan -- ffmpeg
 
A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function msrle_decode_frame of the file libavcodec/msrle.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.2022-06-18not yet calculatedCVE-2014-125013
MISC
MISC
git.videolan -- ffmpeg
 
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an unknown function of the file libavcodec/dxtroy.c. The manipulation leads to integer coercion error. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.2022-06-18not yet calculatedCVE-2014-125012
MISC
MISC
git.videolan -- ffmpeg
 
A vulnerability classified as critical was found in FFmpeg 2.0. This vulnerability affects the function rpza_decode_stream. The manipulation leads to memory corruption. The attack can be initiated remotely. The name of the patch is Fixes Invalid Writes. It is recommended to apply a patch to fix this issue.2022-06-18not yet calculatedCVE-2014-125017
MISC
MISC
git.videolan -- ffmpeg
 
A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function decode_slice_header of the file libavcodec/h64.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.2022-06-18not yet calculatedCVE-2014-125010
MISC
MISC
git.videolan -- ffmpeg
 
A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function get_siz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.2022-06-18not yet calculatedCVE-2014-125003
MISC
MISC
git.videolan -- ffmpeg
 
A vulnerability classified as problematic has been found in FFmpeg 2.0. Affected is the function vorbis_header of the file libavformat/oggparsevorbis.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.2022-06-18not yet calculatedCVE-2014-125008
MISC
MISC
git.videolan -- ffmpeg
 
A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function output_frame of the file libavcodec/h264.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.2022-06-18not yet calculatedCVE-2014-125006
MISC
MISC
git.videolan -- ffmpeg
 
A vulnerability was found in Ucweb UC Browser 11.2.5.932. It has been classified as critical. Affected is an unknown function of the component HTML Handler. The manipulation of the argument title leads to improper restriction of rendered ui layers (URL). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.2022-06-13not yet calculatedCVE-2017-20041
MISC
MISC
git.videolan -- ffmpeg
 
A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_vol_header of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.2022-06-18not yet calculatedCVE-2014-125005
MISC
MISC
git.videolan -- ffmpeg
 
A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue.2022-06-18not yet calculatedCVE-2014-125004
MISC
MISC
git.videolan -- ffmpeg
 
A vulnerability was found in FFmpeg 2.0. It has been rated as problematic. This issue affects the function ff_init_buffer_info of the file utils.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.2022-06-18not yet calculatedCVE-2014-125016
MISC
MISC
git.videolan -- ffmpeg
 
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.2022-06-18not yet calculatedCVE-2014-125002
MISC
MISC
google -- android
 
The UE and the EMM communicate with each other using NAS messages. When a new NAS message arrives from the EMM, the modem parses it and fills in internal objects based on the received data. A bug in the parsing code could be used by an attacker to remotely crash the modem, which could lead to DoS or RCE.Product: AndroidVersions: Android SoCAndroid ID: A-2288688882022-06-15not yet calculatedCVE-2022-20210
MISC
google -- android
 
In hme_add_new_node_to_a_sorted_array of hme_utils.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-2075023972022-06-15not yet calculatedCVE-2022-20209
MISC
google -- android
 
In parseRecursively of cppbor_parse.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-1927433732022-06-15not yet calculatedCVE-2022-20208
MISC
google -- android
 
In static definitions of GattServiceConfig.java, there is a possible permission bypass due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-1855137142022-06-15not yet calculatedCVE-2022-20207
MISC
google -- android
 
In setPackageOrComponentEnabled of NotificationManagerService.java, there is a missing permission check. This could lead to local information disclosure about enabled notification listeners with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-2207376342022-06-15not yet calculatedCVE-2022-20206
MISC
google -- android
 
In isFileUri of FileUtil.java, there is a possible way to bypass the check for a file:// scheme due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-2152125612022-06-15not yet calculatedCVE-2022-20205
MISC
google -- android
 
In getUniqueUsagesWithLabels of PermissionUsageHelper.java, there is a possible incorrect permission attribution due to a logic error in the code. This could lead to local escalation of privilege by conflating apps with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-2124341162022-06-15not yet calculatedCVE-2022-20193
MISC
google -- android
 
In getAppSize of InstalldNativeService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-2207338172022-06-15not yet calculatedCVE-2022-20201
MISC
google -- android
 
In registerRemoteBugreportReceivers of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-1714951002022-06-15not yet calculatedCVE-2022-20204
MISC
google -- android
 
In ih264_resi_trans_quant_4x4_sse42 of ih264_resi_trans_quant_sse42.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-2047046142022-06-15not yet calculatedCVE-2022-20202
MISC
google -- android
 
In onCreate of ChooseLockGeneric.java, there is a possible permission bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-2226845102022-06-15not yet calculatedCVE-2022-20194
MISC
google -- android
 
In updateApState of SoftApManager.java, there is a possible leak of hotspot state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-2126950582022-06-15not yet calculatedCVE-2022-20200
MISC
google -- android
 
In llcp_dlc_proc_connect_pdu of llcp_dlc.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure from the NFC stack with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-2218518792022-06-15not yet calculatedCVE-2022-20198
MISC
google -- android
 
In recycle of Parcel.java, there is a possible way to start foreground activity from background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-2082793002022-06-15not yet calculatedCVE-2022-20197
MISC
google -- android
 
In gallery3d and photos, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-2015351482022-06-15not yet calculatedCVE-2022-20196
MISC
google -- android
 
In the keystore library, there is a possible prevention of access to system Settings due to unsafe deserialization. This could lead to local denial of service with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-2131726642022-06-15not yet calculatedCVE-2022-20195
MISC
google -- android
 
In param_find_digests_internal and related functions of the Titan-M source, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222472803References: N/A2022-06-15not yet calculatedCVE-2022-20233
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-207116951References: N/A2022-06-15not yet calculatedCVE-2022-20173
MISC
google -- android
 
In grantEmbeddedWindowFocus of WindowManagerService.java, there is a possible way to change an input channel for embedded hierarchy due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-2159127122022-06-15not yet calculatedCVE-2022-20192
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-209324757References: N/A2022-06-15not yet calculatedCVE-2022-20191
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-210594998References: N/A2022-06-15not yet calculatedCVE-2022-20168
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-208744915References: N/A2022-06-15not yet calculatedCVE-2022-20190
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-207254598References: N/A2022-06-15not yet calculatedCVE-2022-20188
MISC
google -- android
 
In kbase_mem_alias of mali_kbase_mem_linux.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-215001024References: N/A2022-06-15not yet calculatedCVE-2022-20186
MISC
google -- android
 
In TBD of TBD, there is a possible use after free bug. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-208842348References: N/A2022-06-15not yet calculatedCVE-2022-20185
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-209153114References: N/A2022-06-15not yet calculatedCVE-2022-20184
MISC
google -- android
 
In hypx_create_blob_dmabuf of faceauth_hypx.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188911154References: N/A2022-06-15not yet calculatedCVE-2022-20183
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-210936609References: N/A2022-06-15not yet calculatedCVE-2022-20181
MISC
google -- android
 
In onbind of ShannonRcsService.java, there is a possible access to protect data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-206987222References: N/A2022-06-15not yet calculatedCVE-2022-20172
MISC
google -- android
 
In ioctl_dpm_qos_update and ioctl_event_control_set of (TBD), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-224932775References: N/A2022-06-15not yet calculatedCVE-2022-20178
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-211162353References: N/A2022-06-15not yet calculatedCVE-2022-20169
MISC
google -- android
 
In auth_store of sjtag-driver.c, there is a possible read of uninitialized memory due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-197787879References: N/A2022-06-15not yet calculatedCVE-2022-20176
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-209252491References: N/A2022-06-15not yet calculatedCVE-2022-20175
MISC
google -- android
 
In exynos_secEnv_init of mach-gs101.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210847407References: N/A2022-06-15not yet calculatedCVE-2022-20174
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-215565667References: N/A2022-06-15not yet calculatedCVE-2022-20171
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-211683760References: N/A2022-06-15not yet calculatedCVE-2022-20179
MISC
google -- android
 
In multiple locations of the nanopb library, there is a possible way to corrupt memory when decoding untrusted protobuf files. This could lead to local escalation of privilege,with no additional execution privileges needed. User interaction is not needed for exploitation.2022-06-15not yet calculatedCVE-2022-20203
MISC
google -- android
 
In handle_ramdump of pixel_loader.c, there is a possible way to create a ramdump of non-secure memory due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222348453References: N/A2022-06-15not yet calculatedCVE-2022-20182
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-209906686References: N/A2022-06-15not yet calculatedCVE-2022-20177
MISC
google -- android
 
In registerPhoneAccount of PhoneAccountRegistrar.java, there is a possible way to prevent the user from selecting a phone account due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2179344782022-06-15not yet calculatedCVE-2022-20129
MISC
google -- android
 
In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode without user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2034310232022-06-15not yet calculatedCVE-2022-20126
MISC
google -- android
 
In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2218621192022-06-15not yet calculatedCVE-2022-20127
MISC
google -- android
 
In multiple functions of AvatarPhotoController.java, there is a possible access to content owned by system content providers due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-1877028302022-06-15not yet calculatedCVE-2022-20144
MISC
google -- android
 
In deletePackageX of DeletePackageHelper.java, there is a possible way for a Guest user to reset pre-loaded applications for other users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-1706460362022-06-15not yet calculatedCVE-2022-20124
MISC
google -- android
 
In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2218566622022-06-15not yet calculatedCVE-2022-20131
MISC
google -- android
 
In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188677105References: Upstream kernel2022-06-15not yet calculatedCVE-2022-20132
MISC
google -- android
 
In setDiscoverableTimeout of AdapterService.java, there is a possible bypass of user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2068076792022-06-15not yet calculatedCVE-2022-20133
MISC
google -- android
 
In writeToParcel of GateKeeperResponse.java, there is a possible parcel format mismatch. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2203034652022-06-15not yet calculatedCVE-2022-20135
MISC
google -- android
 
In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2207353602022-06-15not yet calculatedCVE-2022-20143
MISC
google -- android
 
In createFromParcel of GeofenceHardwareRequestParcelable.java, there is a possible arbitrary code execution due to parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2166319622022-06-15not yet calculatedCVE-2022-20142
MISC
google -- android
 
In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel2022-06-15not yet calculatedCVE-2022-20141
MISC
google -- android
 
In readArguments of CallSubjectDialog.java, there is a possible way to trick the user to call the wrong phone number due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2183413972022-06-15not yet calculatedCVE-2022-20134
MISC
google -- android
 
In ACTION_MANAGED_PROFILE_PROVISIONED of DevicePolicyManagerService.java, there is a possible way for unprivileged app to send MANAGED_PROFILE_PROVISIONED intent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2104699722022-06-15not yet calculatedCVE-2022-20138
MISC
google -- android
 
In read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-2276189882022-06-15not yet calculatedCVE-2022-20140
MISC
google -- android
 
In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-2069863922022-06-15not yet calculatedCVE-2022-20137
MISC
google -- android
 
In TBD of TBD, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-219513976References: Upstream kernel2022-06-15not yet calculatedCVE-2022-20148
MISC
google -- android
 
In GBoard, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-1944025152022-06-15not yet calculatedCVE-2022-20125
MISC
google -- android
 
In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2243149792022-06-15not yet calculatedCVE-2022-20130
MISC
google -- android
 
In rcu_cblist_dequeue of rcu_segcblist.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222091980References: Upstream kernel2022-06-15not yet calculatedCVE-2022-20153
MISC
google -- android
 
In uploadFile of FileUploadServiceImpl.java, there is a possible incorrect file access due to a confused deputy. This could lead to local information disclosure of private files with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-211757677References: N/A2022-06-15not yet calculatedCVE-2022-20146
MISC
google -- android
 
In nfa_dm_check_set_config of nfa_dm_main.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2212161052022-06-15not yet calculatedCVE-2022-20147
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-209421931References: N/A2022-06-15not yet calculatedCVE-2022-20170
MISC
google -- android
 
In startLegacyVpnPrivileged of Vpn.java, there is a possible way to retrieve VPN credentials due to a protocol downgrade attack. This could lead to remote escalation of privilege if a malicious Wi-Fi AP is used, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-2016606362022-06-15not yet calculatedCVE-2022-20145
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-210712565References: N/A2022-06-15not yet calculatedCVE-2022-20151
MISC
google -- android
 
In the TitanM chip, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-202006198References: N/A2022-06-15not yet calculatedCVE-2022-20152
MISC
google -- android
 
In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-2218524242022-06-15not yet calculatedCVE-2022-20123
MISC
google -- android
 
In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174846563References: Upstream kernel2022-06-15not yet calculatedCVE-2022-20154
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-211685939References: N/A2022-06-15not yet calculatedCVE-2022-20149
MISC
google -- android
 
In ipu_core_jqs_msg_transport_kernel_write_sync of ipu-core-jqs-msg-transport.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-176754369References: N/A2022-06-15not yet calculatedCVE-2022-20155
MISC
google -- android
 
In asn1_ec_pkey_parse of acropora/crypto/asn1_common.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210971465References: N/A2022-06-15not yet calculatedCVE-2022-20159
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-210083655References: N/A2022-06-15not yet calculatedCVE-2022-20160
MISC
google -- android
 
In asn1_p256_int of crypto/asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223492713References: N/A2022-06-15not yet calculatedCVE-2022-20162
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-204891956References: N/A2022-06-15not yet calculatedCVE-2022-20164
MISC
google -- android
 
In asn1_parse of asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-220868345References: N/A2022-06-15not yet calculatedCVE-2022-20165
MISC
google -- android
 
In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182388481References: Upstream kernel2022-06-15not yet calculatedCVE-2022-20166
MISC
google -- android
 
Product: AndroidVersions: Android kernelAndroid ID: A-204956204References: N/A2022-06-15not yet calculatedCVE-2022-20167
MISC
google -- android
 
In unflatten of GraphicBuffer.cpp, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-212803946References: N/A2022-06-15not yet calculatedCVE-2022-20156
MISC
google -- kctf
 
kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect.2022-06-13not yet calculatedCVE-2022-31055
MISC
CONFIRM
MISC
got -- got
 
The got package before 12.1.0 for Node.js allows a redirect to a UNIX socket.2022-06-18not yet calculatedCVE-2022-33987
MISC
MISC
gpac -- mp4box
 
In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability.2022-06-16not yet calculatedCVE-2021-41458
MISC
grafana -- grafana** DISPUTED ** Grafana 8.4.3 allows unauthenticated access via (for example) a /dashboard/snapshot/*?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability.2022-06-17not yet calculatedCVE-2022-32276
MISC
MISC
haraj -- harajA cross-site scripting vulnerability in the ads comment section of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.2022-06-16not yet calculatedCVE-2022-31298
MISC
MISC
MISC
haraj -- harajA cross-site scripting vulnerability in the DM Section component of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.2022-06-16not yet calculatedCVE-2022-31300
MISC
MISC
MISC
haraj -- harajHaraj v3.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Post Ads component.2022-06-16not yet calculatedCVE-2022-31301
MISC
MISC
MISC
haraj -- haraj
 
Haraj v3.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the User Upgrade Form.2022-06-16not yet calculatedCVE-2022-31299
MISC
MISC
MISC
harmonyos -- bone_voice_id_ta
 
The bone voice ID TA has a memory overwrite vulnerability. Successful exploitation of this vulnerability may result in malicious code execution.2022-06-13not yet calculatedCVE-2021-40036
MISC
harmonyos -- huaweiThe setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality.2022-06-13not yet calculatedCVE-2022-31757
MISC
MISC
harmonyos -- huaweiThe kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.2022-06-13not yet calculatedCVE-2022-31758
MISC
MISC
harmonyos -- huawei
 
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability.2022-06-13not yet calculatedCVE-2022-31753
MISC
MISC
harmonyos -- huawei
 
Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality.2022-06-13not yet calculatedCVE-2022-31760
MISC
MISC
harmonyos -- permission_management
 
HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information.2022-06-13not yet calculatedCVE-2021-46811
MISC
MISC
hevc -- video_extensions
 
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29111, CVE-2022-29119.2022-06-15not yet calculatedCVE-2022-30188
MISC
hpjansson -- chafa
 
Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0.2022-06-13not yet calculatedCVE-2022-2061
MISC
CONFIRM
huawei -- emui
 
Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability.2022-06-13not yet calculatedCVE-2021-46813
MISC
ibm -- financial_transaction_manager_for_digital_payments_for_multi-platform
 
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 166801.2022-06-15not yet calculatedCVE-2019-4575
XF
CONFIRM
ibm -- iax
 
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user to exploit a vulnerability in the lpd daemon to cause a denial of service. IBM X-Force ID: 224444.2022-06-15not yet calculatedCVE-2022-22444
CONFIRM
XF
ibm -- spectrum_project_operations_centerIn some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14.000 does not cause the administrator's invalid sign-on count to be incremented on the IBM Spectrum Protect Server. An attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to the IBM Spectrum Protect Server. IBM X-Force ID: 226325.2022-06-17not yet calculatedCVE-2022-22485
XF
CONFIRM
ibm -- x-force_exchange
 
The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c.2022-06-18not yet calculatedCVE-2021-46822
MISC
MISC
ibm -- robotic_process_automationIBM Robotic Process Automation 20.10.0, 20.12.5, 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow a user to obtain sensitive information due to information properly masked in the control center UI. IBM X-Force ID: 227294.2022-06-17not yet calculatedCVE-2022-30607
CONFIRM
XF
imagemagick -- imagemagickA vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.2022-06-16not yet calculatedCVE-2022-32545
MISC
MISC
MISC
imagemagick -- imagemagickA vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.2022-06-16not yet calculatedCVE-2022-32546
MISC
MISC
MISC
imagemagick -- imagemagick
 
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.2022-06-16not yet calculatedCVE-2022-32547
MISC
MISC
MISC
innosetup -- installer
 
A vulnerability was found in InnoSetup Installer. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to uncontrolled search path. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.2022-06-16not yet calculatedCVE-2017-20051
MISC
MISC
intel -- processors
 
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.2022-06-15not yet calculatedCVE-2022-21125
MISC
MLIST
CONFIRM
FEDORA
FEDORA
intel -- processors
 
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.2022-06-15not yet calculatedCVE-2022-21123
MISC
MLIST
FEDORA
FEDORA
intel -- processors
 
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.2022-06-15not yet calculatedCVE-2022-21166
MISC
MLIST
FEDORA
FEDORA
intel -- processors
 
Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access.2022-06-15not yet calculatedCVE-2022-21180
MISC
MLIST
intel -- processors
 
Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access.2022-06-15not yet calculatedCVE-2022-24436
MISC
intel -- processors
 
Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.2022-06-15not yet calculatedCVE-2022-21127
MISC
MLIST
inventree -- inventree
 
Cross-site Scripting (XSS) - Stored in GitHub repository inventree/inventree prior to 0.7.2.2022-06-17not yet calculatedCVE-2022-2113
MISC
CONFIRM
inventree -- inventree
 
Unrestricted Upload of File with Dangerous Type in GitHub repository inventree/inventree prior to 0.7.2.2022-06-17not yet calculatedCVE-2022-2111
MISC
CONFIRM
inventree -- inventree
 
Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2.2022-06-17not yet calculatedCVE-2022-2112
MISC
CONFIRM
invision_community -- ips_community_suite
 
A Server-Side Request Forgery (SSRF) vulnerability in IPS Community Suite before 4.6.2 allows remote authenticated users to request arbitrary URLs or trigger deserialization via phar protocol when generating class names dynamically. In some cases an exploitation is possible by an unauthenticated user.2022-06-13not yet calculatedCVE-2021-40604
MISC
iobit -- iotransferIn IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remote code execution.2022-06-16not yet calculatedCVE-2022-24562
MISC
MISC
MISC
itop -- itops
 
ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/pages/ajax.render.php.2022-06-14not yet calculatedCVE-2022-31403
MISC
MISC
MISC
itsourcecode -- advanced_school_management_systemitsourcecode Advanced School Management System v1.0 is vulnerable to Arbitrary code execution via ip/school/view/all_teacher.php.2022-06-15not yet calculatedCVE-2022-32433
MISC
itsourcecode -- advanced_school_management_systemitsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_events.php?event_id=.2022-06-15not yet calculatedCVE-2022-32376
MISC
itsourcecode -- advanced_school_management_systemitsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_student_subject.php?index=.2022-06-15not yet calculatedCVE-2022-32380
MISC
itsourcecode -- advanced_school_management_systemitsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_parents_profile.php?my_index=.2022-06-15not yet calculatedCVE-2022-32379
MISC
itsourcecode -- advanced_school_management_systemitsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_teacher_profile.php?my_index=.2022-06-15not yet calculatedCVE-2022-32378
MISC
itsourcecode -- advanced_school_management_systemitsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_exam_timetable.php?id=.2022-06-15not yet calculatedCVE-2022-32377
MISC
itsourcecode -- advanced_school_management_systemitsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_subject.php?id=.2022-06-15not yet calculatedCVE-2022-32372
MISC
itsourcecode -- advanced_school_management_systemitsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_admin_profile.php?my_index=.2022-06-15not yet calculatedCVE-2022-32381
MISC
itsourcecode -- advanced_school_management_systemitsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_timetable.php?id=.2022-06-15not yet calculatedCVE-2022-32375
MISC
itsourcecode -- advanced_school_management_systemitsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_subject_routing.php?id=.2022-06-15not yet calculatedCVE-2022-32374
MISC
itsourcecode -- advanced_school_management_systemitsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_exam.php?id=.2022-06-15not yet calculatedCVE-2022-32373
MISC
itsourcecode -- advanced_school_management_systemitsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_teacher.php?id=.2022-06-15not yet calculatedCVE-2022-32371
MISC
itsourcecode -- advanced_school_management_systemitsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_classroom.php?id=.2022-06-15not yet calculatedCVE-2022-32370
MISC
itsourcecode -- advanced_school_management_systemitsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_grade.php?id=.2022-06-15not yet calculatedCVE-2022-32368
MISC
javadelight -- delight_nashorn_sandox
 
An issue was discovered in Delight Nashorn Sandbox 0.2.0. There is an ReDoS vulnerability that can be exploited to launching a denial of service (DoS) attack.2022-06-14not yet calculatedCVE-2021-40660
MISC
jforum -- jforum
 
JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via http://target_host:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts.2022-06-16not yet calculatedCVE-2022-26173
MISC
MISC
MISC
MISC
MISC
joplin -- desktop_appCross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html.2022-06-16not yet calculatedCVE-2021-33295
MISC
MISC
MISC
jupyter -- notebook
 
Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with `ContentsManager.allow_hidden = False` only prevented listing the contents of hidden directories, not accessing individual hidden files or files in hidden directories (i.e. hidden files were 'hidden' but not 'inaccessible'). This could lead to notebook configurations allowing authenticated access to files that may reasonably be expected to be disallowed. Because fully authenticated requests are required, this is of relatively low impact. But if a server's root directory contains sensitive files whose only protection from the server is being hidden (e.g. `~/.ssh` while serving $HOME), then any authenticated requests could access files if their names are guessable. Such contexts also necessarily have full access to the server and therefore execution permissions, which also generally grants access to all the same files. So this does not generally result in any privilege escalation or increase in information access, only an additional, unintended means by which the files could be accessed. Version 6.4.12 contains a patch for this issue. There are currently no known workarounds.2022-06-14not yet calculatedCVE-2022-29238
CONFIRM
jupyter -- server
 
Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter Notebook. Prior to version 1.17.1, if notebook server is started with a value of `root_dir` that contains the starting user's home directory, then the underlying REST API can be used to leak the access token assigned at start time by guessing/brute forcing the PID of the jupyter server. While this requires an authenticated user session, this URL can be used from a cross-site scripting payload or from a hooked or otherwise compromised browser to leak this access token to a malicious third party. This token can be used along with the REST API to interact with Jupyter services/notebooks such as modifying or overwriting critical files, such as .bashrc or .ssh/authorized_keys, allowing a malicious user to read potentially sensitive data and possibly gain control of the impacted system. This issue is patched in version 1.17.1.2022-06-14not yet calculatedCVE-2022-29241
CONFIRM
jvn -- ec-cube4
 
Cross-site request forgery (CSRF) vulnerability in Easy Blog for EC-CUBE4 Ver.1.0.1 and earlier allows a remote unauthenticated attacker to hijack the authentication of the administrator and delete a blog article or a category via a specially crafted page.2022-06-13not yet calculatedCVE-2022-27174
MISC
MISC
jvn -- revoworks
 
Incomplete filtering of special elements vulnerability exists in RevoWorks SCVX using 'File Sanitization Library' 1.043 and prior versions, RevoWorks Browser 2.2.67 and prior versions (when using 'File Sanitization Option'), and RevoWorks Desktop 2.1.84 and prior versions (when using 'File Sanitization Option'), which may allow an attacker to execute a malicious macro by having a user to download, import, and open a specially crafted file in the local environment.2022-06-14not yet calculatedCVE-2022-27176
MISC
MISC
jvn -- t&d_data_server
 
Directory traversal vulnerability in T&D Data Server (Japanese Edition) Ver.2.22 and earlier, T&D Data Server (English Edition) Ver.2.30 and earlier, THERMO RECORDER DATA SERVER (Japanese Edition) Ver.2.13 and earlier, and THERMO RECORDER DATA SERVER (English Edition) Ver.2.13 and earlier allows a remote attacker to view an arbitrary file on the server via unspecified vectors.2022-06-14not yet calculatedCVE-2022-29509
MISC
MISC
MISC
kiegroup -- drools
 
drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability.2022-06-16not yet calculatedCVE-2021-41411
MISC
kreado -- kreasfero
 
Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution.2022-06-14not yet calculatedCVE-2021-42675
MISC
MISC
MISC
kromitgmbh -- titra
 
Weak Password Requirements in GitHub repository kromitgmbh/titra prior to 0.78.1.2022-06-16not yet calculatedCVE-2022-2098
MISC
CONFIRM
linux -- linux_kernel
 
drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.2022-06-18not yet calculatedCVE-2022-33981
MISC
MISC
MISC
MISC
linux -- linux_kernel
 
An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers.2022-06-10not yet calculatedCVE-2022-32981
MISC
MLIST
magicpin -- magicpinAn XML external entity (XXE) injection vulnerability in Magicpin v3.4 allows attackers to access sensitive database information via a crafted SVG file.2022-06-14not yet calculatedCVE-2022-31447
MISC
MISC
maianaffiliate -- maianaffiliateA PHP code injection vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker to gain RCE through the MaianAffiliate admin panel.2022-06-16not yet calculatedCVE-2021-41421
MISC
MISC
maianaffiliate -- maianaffiliate
 
A stored XSS vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker for arbitrary JavaScript code execution in the context of authenticated and unauthenticated users through the MaianAffiliate admin panel.2022-06-16not yet calculatedCVE-2021-41420
MISC
MISC
mendix -- saml_moduleA vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.16.6), Mendix SAML Module (Mendix 8 compatible) (All versions < V2.2.2), Mendix SAML Module (Mendix 9 compatible) (All versions < V3.2.3). In certain configurations SAML module is vulnerable to Cross Site Scripting (XSS) attacks due to insufficient error message sanitation. This could allow an attacker to execute malicious code by tricking users into accessing a malicious link.2022-06-14not yet calculatedCVE-2022-32286
MISC
mendix -- saml_module
 
A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.16.6), Mendix SAML Module (Mendix 8 compatible) (All versions < V2.2.2), Mendix SAML Module (Mendix 9 compatible) (All versions < V3.2.3). The affected module is vulnerable to XML External Entity (XXE) attacks due to insufficient input sanitation. This may allow an attacker to disclose confidential data under certain circumstances.2022-06-14not yet calculatedCVE-2022-32285
MISC
mercury -- mipc451-4
 
MERCURY MIPC451-4 1.0.22 Build 220105 Rel.55642n was discovered to contain a remote code execution (RCE) vulnerability which is exploitable via a crafted POST request.2022-06-16not yet calculatedCVE-2022-31849
MISC
metasys -- ads_adx_oas
 
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface.2022-06-15not yet calculatedCVE-2022-21938
CONFIRM
CERT
metasys -- ads_adx_oas
 
A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change.2022-06-15not yet calculatedCVE-2022-21935
CONFIRM
CERT
metasys -- ads_adx_oas
 
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the web interface.2022-06-15not yet calculatedCVE-2022-21937
CONFIRM
CERT
microsoft -- av1_vide_extensionAV1 Video Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30193.2022-06-15not yet calculatedCVE-2022-30167
MISC
microsoft -- azureAzure Service Fabric Container Elevation of Privilege Vulnerability.2022-06-15not yet calculatedCVE-2022-30137
MISC
microsoft -- azureAzure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30177, CVE-2022-30179.2022-06-15not yet calculatedCVE-2022-30178
MISC
microsoft -- azureAzure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30177, CVE-2022-30178.2022-06-15not yet calculatedCVE-2022-30179
MISC
microsoft -- azureAzure RTOS GUIX Studio Information Disclosure Vulnerability.2022-06-15not yet calculatedCVE-2022-30180
MISC
microsoft -- azure
 
Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30178, CVE-2022-30179.2022-06-15not yet calculatedCVE-2022-30177
MISC
microsoft -- azure
 
Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability.2022-06-15not yet calculatedCVE-2022-29149
MISC
microsoft -- excel
 
Microsoft Excel Remote Code Execution Vulnerability.2022-06-15not yet calculatedCVE-2022-30173
MISC
microsoft -- hevc_video_extensions
 
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29111, CVE-2022-30188.2022-06-15not yet calculatedCVE-2022-29119
MISC
microsoft -- hevc_video_extensions
 
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29111, CVE-2022-29119, CVE-2022-30188.2022-06-15not yet calculatedCVE-2022-22018
MISC
microsoft -- hevc_video_extensions
 
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29119, CVE-2022-30188.2022-06-15not yet calculatedCVE-2022-29111
MISC
microsoft -- kerberos
 
Kerberos AppContainer Security Feature Bypass Vulnerability.2022-06-15not yet calculatedCVE-2022-30164
MISC
microsoft -- officeMicrosoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30171.2022-06-15not yet calculatedCVE-2022-30172
MISC
microsoft -- office
 
Microsoft Office Remote Code Execution Vulnerability.2022-06-15not yet calculatedCVE-2022-30174
MISC
microsoft -- office
 
Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30172.2022-06-15not yet calculatedCVE-2022-30171
MISC
microsoft -- photos
 
Microsoft Photos App Remote Code Execution Vulnerability.2022-06-15not yet calculatedCVE-2022-30168
MISC
microsoft -- sql_server
 
Microsoft SQL Server Remote Code Execution Vulnerability.2022-06-15not yet calculatedCVE-2022-29143
MISC
microsoft -- windowsWindows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability.2022-06-15not yet calculatedCVE-2022-30131
MISC
microsoft -- windowsWindows Media Center Elevation of Privilege Vulnerability.2022-06-15not yet calculatedCVE-2022-30135
MISC
microsoft -- windowsWindows Container Manager Service Elevation of Privilege Vulnerability.2022-06-15not yet calculatedCVE-2022-30132
MISC
microsoft -- windows
 
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability.2022-06-15not yet calculatedCVE-2022-30166
MISC
microsoft-- edge
 
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability.2022-06-15not yet calculatedCVE-2022-22021
MISC
microsoft -- file_serverMicrosoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability.2022-06-15not yet calculatedCVE-2022-30154
MISC
microsoft -- office
 
Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30171, CVE-2022-30172.2022-06-15not yet calculatedCVE-2022-30159
MISC
microsoft -- office365
 
A vulnerability was found in Microsoft O365 and classified as critical. This issue affects the Conditional Access Policy which leads to improper access controls. By default the policy is not verified for every request. The attack may be initiated remotely. Exploit details have been disclosed to the public. It is recommended to change the configuration settings. NOTE: Vendor claims that pre-requisites are very high, the feature works as intended, and that configuration settings might mitigate the issue.2022-06-14not yet calculatedCVE-2022-2077
N/A
N/A
N/A
N/A
microsoft -- office365
 
** DISPUTED ** A vulnerability has been found in Microsoft O365 and classified as critical. The session cookies introduce a session expiration issue as they might be used by two clients at the same time. The attack can be initiated remotely. Exploit details have been disclosed to the public. The real-world consequences of this vulnerability are still doubted at the moment. It is recommended to change the configuration settings. NOTE: Vendor claims that pre-requisites are very high, the feature works as intended, and that configuration settings might mitigate the issue.2022-06-14not yet calculatedCVE-2022-2076
N/A
N/A
N/A
N/A
microsoft -- sharepoint
 
Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30157.2022-06-15not yet calculatedCVE-2022-30158
MISC
microsoft -- sharepoint
 
Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30158.2022-06-15not yet calculatedCVE-2022-30157
MISC
microsoft -- windowsWindows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30161.2022-06-15not yet calculatedCVE-2022-30153
MISC
microsoft -- windowsWindows Kernel Denial of Service Vulnerability.2022-06-15not yet calculatedCVE-2022-30155
MISC
microsoft -- windowsWindows Advanced Local Procedure Call Elevation of Privilege Vulnerability.2022-06-15not yet calculatedCVE-2022-30160
MISC
microsoft -- windows
 
Windows File History Remote Code Execution Vulnerability.2022-06-15not yet calculatedCVE-2022-30142
MISC
microsoft -- windows
 
Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability.2022-06-15not yet calculatedCVE-2022-30150
MISC
microsoft -- windows
 
Windows Desired State Configuration (DSC) Information Disclosure Vulnerability.2022-06-15not yet calculatedCVE-2022-30148
MISC
microsoft -- windows
 
Windows Installer Elevation of Privilege Vulnerability.2022-06-15not yet calculatedCVE-2022-30147
MISC
microsoft -- windows
 
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161.2022-06-15not yet calculatedCVE-2022-30143
MISC
microsoft -- windows
 
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161.2022-06-15not yet calculatedCVE-2022-30146
MISC
microsoft -- windows
 
Windows Encrypting File System (EFS) Remote Code Execution Vulnerability.2022-06-15not yet calculatedCVE-2022-30145
MISC
microsoft -- windows
 
Windows Network Address Translation (NAT) Denial of Service Vulnerability.2022-06-15not yet calculatedCVE-2022-30152
MISC
microsoft -- windows
 
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161.2022-06-15not yet calculatedCVE-2022-30141
MISC
microsoft -- windows
 
Windows Hyper-V Remote Code Execution Vulnerability.2022-06-15not yet calculatedCVE-2022-30163
MISC
microsoft -- windows
 
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability.2022-06-15not yet calculatedCVE-2022-30151
MISC
microsoft -- windows
 
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161.2022-06-15not yet calculatedCVE-2022-30139
MISC
microsoft -- windows
 
Windows Kerberos Elevation of Privilege Vulnerability.2022-06-15not yet calculatedCVE-2022-30165
MISC
microsoft -- windows
 
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30153, CVE-2022-30161.2022-06-15not yet calculatedCVE-2022-30149
MISC
microsoft -- windows
 
Windows Kernel Information Disclosure Vulnerability.2022-06-15not yet calculatedCVE-2022-30162
MISC
microsoft -- windows
 
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153.2022-06-15not yet calculatedCVE-2022-30161
MISC
microsoft -- windows
 
Windows iSCSI Discovery Service Remote Code Execution Vulnerability.2022-06-15not yet calculatedCVE-2022-30140
MISC
microsoft -- windows
 
Windows Network File System Remote Code Execution Vulnerability.2022-06-15not yet calculatedCVE-2022-30136
MISC
microsoft -- windows_smbv3
 
Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot.2022-06-14not yet calculatedCVE-2022-32230
CONFIRM
MISC
MISC
MISC
mini_cms -- mini_cns
 
A cross-site scripting (XSS) vulnerability exists in Mini CMS V1.11. The vulnerability exists in the article upload: post-edit.php page.2022-06-13not yet calculatedCVE-2021-41663
MISC
MISC
MISC
mint -- workbench
 
Vulnerabilities in the Mint WorkBench allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Mint WorkBench installer file allows a low-privileged user to run a "repair" operation on the product2022-06-15not yet calculatedCVE-2022-26057
MISC
mitel -- mivoice_business
 
A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice Business Express through 8.0 SP3 PR3 could allow an unauthenticated attacker (that has network access to the management interface) to conduct a buffer overflow attack due to insufficient validation of URL parameters. A successful exploit could allow arbitrary code execution.2022-06-17not yet calculatedCVE-2022-31784
MISC
MISC
mitsubishi_electric -- melsec-Q
 
Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC-Q Series Q03UDECPU all versions, Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU all versions, Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-L series L02/06/26CPU(-P) the first 5 digits of serial number "24051" and prior and Mitsubishi Electric MELSEC-L series L26CPU-(P)BT the first 5 digits of serial number "24051" and prior allows a remote unauthenticated attacker to cause a denial of service (DoS) condition in Ethernet communications by sending specially crafted packets. A system reset of the products is required for recovery.2022-06-15not yet calculatedCVE-2022-24946
MISC
MISC
modern_events_calendar -- liteCross-site scripting vulnerability in Modern Events Calendar Lite versions prior to 6.3.0 allows remote an authenticated attacker to inject an arbitrary script via unspecified vectors.2022-06-16not yet calculatedCVE-2022-30533
MISC
MISC
monstra -- monstra_cmsMonstra 3.0.4 does not filter the case of php, which leads to an unrestricted file upload vulnerability.2022-06-15not yet calculatedCVE-2021-40940
MISC
mout -- mout
 
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively is not checked, leading to exploiting this vulnerability. **Note:** This vulnerability derives from an incomplete fix of [CVE-2020-7792](https://security.snyk.io/vuln/SNYK-JS-MOUT-1014544).2022-06-17not yet calculatedCVE-2022-21213
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
naver -- cloud_explorerNaver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection.2022-06-13not yet calculatedCVE-2022-24077
CONFIRM
neorazorx -- facturascripts
 
Cross-site Scripting (XSS) - Stored in GitHub repository neorazorx/facturascripts prior to 2022.06.2022-06-13not yet calculatedCVE-2022-2065
MISC
CONFIRM
neorazorx -- facturascripts
 
Cross-site Scripting (XSS) - Reflected in GitHub repository neorazorx/facturascripts prior to 2022.06.2022-06-13not yet calculatedCVE-2022-2066
MISC
CONFIRM
netgear -- wnap320_routernetgear wnap320 router WNAP320_V2.0.3_firmware is vulnerable to Incorrect Access Control via /recreate.php, which can leak all users cookies.2022-06-17not yet calculatedCVE-2022-31876
MISC
MISC
nocodb -- ncodbCross-site Scripting (XSS) - Stored in GitHub repository nocodb/nocodb prior to 0.91.7+.2022-06-14not yet calculatedCVE-2022-2079
MISC
CONFIRM
nocodb -- nocodb
 
Insufficient Session Expiration in GitHub repository nocodb/nocodb prior to 0.91.7+.2022-06-13not yet calculatedCVE-2022-2064
MISC
CONFIRM
nocodb -- nocodb
 
Improper Privilege Management in GitHub repository nocodb/nocodb prior to 0.91.7+.2022-06-13not yet calculatedCVE-2022-2063
MISC
CONFIRM
nokia -- bharti_airtel_routers
 
Nokia "G-2425G-A" Bharti Airtel Routers Hardware version "3FE48299DEAA" Software Version "3FE49362IJHK42" is vulnerable to Cross-Site Scripting (XSS) via the admin->Maintenance>Device Management.2022-06-14not yet calculatedCVE-2022-30903
MISC
MISC
nokia -- vitalsuite_spm
 
NOKIA VitalSuite SPM 2020 is affected by SQL injection through UserName'.2022-06-16not yet calculatedCVE-2021-41487
MISC
MISC
npm -- pack
 
npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag (ie. `--workspaces`, `--workspace=<name>`). Anyone who has run `npm pack` or `npm publish` inside a workspace, as of v7.9.0 and v7.13.0 respectively, may be affected and have published files into the npm registry they did not intend to include. Users should upgrade to the latest, patched version of npm v8.11.0, run: npm i -g npm@latest . Node.js versions v16.15.1, v17.19.1, and v18.3.0 include the patched v8.11.0 version of npm.2022-06-13not yet calculatedCVE-2022-29244
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
npm -- pg-native
 
All versions of package pg-native; all versions of package libpq are vulnerable to Denial of Service (DoS) when the addons attempt to cast the second argument to an array and fail. This happens for every non-array argument passed. **Note:** pg-native is a mere binding to npm's libpq library, which in turn has the addons and bindings to the actual C libpq library. This means that problems found in pg-native may transitively impact npm's libpq.2022-06-17not yet calculatedCVE-2022-25852
CONFIRM
CONFIRM
npm -- querymen
 
All versions of package querymen are vulnerable to Prototype Pollution if the parameters of exported function handler(type, name, fn) can be controlled by users without any sanitization. Note: This vulnerability derives from an incomplete fix of [CVE-2020-7600](https://security.snyk.io/vuln/SNYK-JS-QUERYMEN-559867).2022-06-17not yet calculatedCVE-2022-25871
CONFIRM
nuitka -- nuitka
 
Command Injection in GitHub repository nuitka/nuitka prior to 0.9.2022-06-12not yet calculatedCVE-2022-2054
CONFIRM
MISC
octokit -- octokit
 
Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r--r--` (i.e. 0644). This means everyone who is not the owner (Group and Public) with access to the instance where this release had been installed could modify the world-writable files from this gem. This issue is patched in Octokit 4.25.0. Two workarounds are available. Users can use the previous version of the gem, v4.22.0. Alternatively, users can modify the file permissions manually until they are able to upgrade to the latest version.2022-06-15not yet calculatedCVE-2022-31072
MISC
CONFIRM
octokit -- octopoller
 
Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r--r--` (i.e. 0644). This means everyone who is not the owner (Group and Public) with access to the instance where this release had been installed could modify the world-writable files from this gem. This issue is patched in Octopoller 0.3.0. Two workarounds are available. Users can use the previous version of the gem, v0.1.0. Alternatively, users can modify the file permissions manually until they are able to upgrade to the latest version.2022-06-15not yet calculatedCVE-2022-31071
CONFIRM
MISC
ompl -- opml
 
Memory leaks in LazyPRM.cpp of OMPL v1.5.0 can cause unexpected behavior.2022-06-17not yet calculatedCVE-2021-41490
MISC
online_tours_and_travels_management_system -- online_tours_and_travels_management_systemOnline Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the tname parameter at /admin/operations/tax.php.2022-06-15not yet calculatedCVE-2022-32992
MISC
opc_foundation -- opc_ua_net_standard_stack
 
OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to exhaust the memory resources of a server via a crafted request that triggers Uncontrolled Resource Consumption.2022-06-16not yet calculatedCVE-2022-29866
MISC
MISC
opc_foundation -- opc_ua_net_standard_stack
 
OPC UA .NET Standard Stack allows a remote attacker to bypass the application authentication check via crafted fake credentials.2022-06-16not yet calculatedCVE-2022-29865
MISC
MISC
opc_foundation -- opc_ua_net_standard_stack
 
OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption.2022-06-16not yet calculatedCVE-2022-29864
MISC
MISC
opc_foundation -- opc_ua_net_standard_stack
 
OPC UA .NET Standard Stack 1.04.368 allows remote attacker to cause a crash via a crafted message that triggers excessive memory allocation.2022-06-16not yet calculatedCVE-2022-29863
MISC
MISC
opc_foundation -- opc_ua_net_standard_stack
 
An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message.2022-06-16not yet calculatedCVE-2022-29862
MISC
MISC
open_forms -- open_forms
 
Open Forms is an application for creating and publishing smart forms. Prior to versions 1.0.9 and 1.1.1, the cookie consent page in Open Forms contains an open redirect by injecting a `referer` querystring parameter and failing to validate the value. A malicious actor is able to redirect users to a website under their control, opening them up for phishing attacks. The redirect is initiated by the open forms backend which is a legimate page, making it less obvious to end users they are being redirected to a malicious website. Versions 1.0.9 and 1.1.1 contain patches for this issue. There are no known workarounds avaialble.2022-06-13not yet calculatedCVE-2022-31040
MISC
CONFIRM
open_forms -- open_forms
 
Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users (e.g. only PDF / Excel / ...). The input validation of uploaded files is insufficient in versions prior to 1.0.9 and 1.1.1. Users could alter or strip file extensions to bypass this validation. This results in files being uploaded to the server that are of a different file type than indicated by the file name extension. These files may be downloaded (manually or automatically) by staff and/or other applications for further processing. Malicious files can therefore find their way into internal/trusted networks. Versions 1.0.9 and 1.1.1 contain patches for this issue. As a workaround, an API gateway or intrusion detection solution in front of open-forms may be able to scan for and block malicious content before it reaches the Open Forms application.2022-06-13not yet calculatedCVE-2022-31041
CONFIRM
MISC
oracle -- cloud_infrastructure
 
Vulnerability in the Oracle Cloud Infrastructure product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to Oracle Cloud Infrastructure accessible data. All affected customers were notified of CVE-2022-21503 by Oracle. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)2022-06-17not yet calculatedCVE-2022-21503
MISC
oracle -- linux_uek
 
The code in UEK6 U3 was missing an appropiate file descriptor count to be missing. This resulted in a use count error that allowed a file descriptor to a socket to be closed and freed while it was still in use by another portion of the kernel. An attack with local access can operate on the socket, and cause a denial of service. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).2022-06-14not yet calculatedCVE-2022-21504
MISC
otrs -- otrsAttacker is able to determine if the provided username exists (and it's valid) using Request New Password feature, based on the response time.2022-06-13not yet calculatedCVE-2022-32741
CONFIRM
otrs -- otrsWhen Secure::DisableBanner system configuration has been disabled and agent shares his calendar via public URL, received ICS file contains OTRS release number.2022-06-13not yet calculatedCVE-2022-32739
CONFIRM
otrs -- otrsA reply to a forwarded email article by a 3rd party could unintensionally expose the email content to the ticket customer under certain circumstances.2022-06-13not yet calculatedCVE-2022-32740
CONFIRM
palantir -- multipass
 
The Multipass service was found to have code paths that could be abused to cause a denial of service for authentication or authorization operations. A malicious attacker could perform an application-level denial of service attack, potentially causing authentication and/or authorization operations to fail for the duration of the attack. This could lead to performance degradation or login failures for customer Palantir Foundry environments. This vulnerability is resolved in Multipass 3.647.0. This issue affects: Palantir Foundry Multipass versions prior to 3.647.0.2022-06-14not yet calculatedCVE-2022-27889
MISC
parse_community -- parse_server
 
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake certificate accessible via certain Apple domains and providing the URL to that certificate in an authData object. Versions 4.0.11 and 5.2.2 prevent this by introducing a new `rootCertificateUrl` property to the Parse Server Apple Game Center auth adapter which takes the URL to the root certificate of Apple's Game Center authentication certificate. If no value is set, the `rootCertificateUrl` property defaults to the URL of the current root certificate as of May 27, 2022. Keep in mind that the root certificate can change at any time and that it is the developer's responsibility to keep the root certificate URL up-to-date when using the Parse Server Apple Game Center auth adapter. There are no known workarounds for this issue.2022-06-17not yet calculatedCVE-2022-31083
MISC
CONFIRM
MISC
MISC
peel -- shopping_cms
 
PEEL Shopping CMS 9.4.0 is vulnerable to authenticated SQL injection in utilisateurs.php. A user that belongs to the administrator group can inject a malicious SQL query in order to affect the execution logic of the application and retrive information from the database.2022-06-15not yet calculatedCVE-2021-41672
MISC
MISC
phpcms -- phpcmsThere is a reflective cross-site scripting (XSS) vulnerability in the PHPCMS V9.6.3 management side.2022-06-15not yet calculatedCVE-2021-40910
MISC
php -- fedora
 
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.2022-06-16not yet calculatedCVE-2022-31625
MISC
FEDORA
FEDORA
php -- fedora
 
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability.2022-06-16not yet calculatedCVE-2022-31626
MISC
FEDORA
FEDORA
piwigo -- piwigoIn Piwigo 11.5.0, there exists a persistent cross-site scripting in the single mode function through /admin.php?page=batch_manager&mode=unit.2022-06-14not yet calculatedCVE-2021-40678
MISC
potplayer -- potplayer
 
An exploitable out-of-bounds write vulnerability in PotPlayer 1.7.21523 build 210729 may lead to code execution, information disclosure, and denial of service.2022-06-15not yet calculatedCVE-2021-40212
MISC
MISC
powerjob -- powerjob
 
An issue was discovered in PowerJob through 3.2.2, allows attackers to change arbitrary user passwords via the id parameter to /appinfo/save.2022-06-16not yet calculatedCVE-2020-28865
MISC
powertek_corporation -- powertek_firmware 
 
Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface (/cgi/get_param.cgi) with the tmpToken cookie set to an empty string followed by a semicolon. This bypasses an active session authorization check. This can be then used to fetch the values of protected sys.passwd and sys.su.name fields that contain the username and password in cleartext.2022-06-13not yet calculatedCVE-2022-33174
MISC
powertek_corporation -- powertek_firmware 
 
Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an insecure permissions setting on the user.token field that is accessible to everyone through the /cgi/get_param.cgi HTTP API. This leads to disclosing active session ids of currently logged-in administrators. The session id can then be reused to act as the administrator, allowing reading of the cleartext password, or reconfiguring the device.2022-06-13not yet calculatedCVE-2022-33175
MISC
proietti -- tech_srl_planet_time_enterpriseProietti Tech srl Planet Time Enterprise 4.2.0.1,4.2.0.0,4.1.0.0,4.0.0.0,3.3.1.0,3.3.0.0 is vulnerable to Remote code execution via the Viewstate parameter.2022-06-17not yet calculatedCVE-2022-30422
MISC
MISC
python -- pgadmin4
 
A vulnerability classified as problematic was found in Python 2.7.13. This vulnerability affects unknown code of the component pgAdmin4. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.2022-06-16not yet calculatedCVE-2017-20052
MISC
MISC
python-idap -- python_idap
 
python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service (ReDoS) flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.2022-06-18not yet calculatedCVE-2021-46823
MISC
MISC
qualcomm -- snapdragonImproper memory allocation during counter check DLM handling can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35096
CONFIRM
qualcomm -- snapdragonMemory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables2022-06-14not yet calculatedCVE-2021-35130
CONFIRM
qualcomm -- snapdragonPossible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35102
CONFIRM
qualcomm -- snapdragonImproper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2021-35098
CONFIRM
qualcomm -- snapdragonMemory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking2022-06-14not yet calculatedCVE-2021-35129
CONFIRM
qualcomm -- snapdragonImproper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35101
CONFIRM
qualcomm -- snapdragonPossible null pointer access due to improper validation of system information message to be processed in Snapdragon Industrial IOT, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35087
CONFIRM
qualcomm -- snapdragonPossible out of bounds read due to improper typecasting while handling page fault for global memory in Snapdragon Connectivity, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35091
CONFIRM
qualcomm -- snapdragonPossible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35090
CONFIRM
qualcomm -- snapdragonImproper validation of tag id while RRC sending tag id to MAC can lead to TOCTOU race condition in Snapdragon Connectivity, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35111
CONFIRM
qualcomm -- snapdragonImproper serialization of message queue client registration can lead to race condition allowing multiple gunyah message clients to register with same label in Snapdragon Connectivity, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35095
CONFIRM
qualcomm -- snapdragonMemory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35126
CONFIRM
qualcomm -- snapdragonBuffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT2022-06-14not yet calculatedCVE-2021-35123
CONFIRM
qualcomm -- snapdragonPossible use after free due to lack of null check of DRM file status after file structure is freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2021-30334
CONFIRM
qualcomm -- snapdragonImproper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35094
CONFIRM
qualcomm -- snapdragonLack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables2022-06-14not yet calculatedCVE-2021-30350
CONFIRM
qualcomm -- snapdragonPossible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables2022-06-14not yet calculatedCVE-2021-35078
CONFIRM
qualcomm -- snapdragonRPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35070
CONFIRM
qualcomm -- snapdragonPossible buffer over read due to improper validation of SIB type when processing a NR system Information message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35086
CONFIRM
qualcomm -- snapdragonReachable assertion due to improper validation of coreset in PDCCH configuration in SA mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-30340
CONFIRM
qualcomm -- snapdragonRPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking2022-06-14not yet calculatedCVE-2021-30346
CONFIRM
qualcomm -- snapdragonImproper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC security mode command packet has been received in Snapdragon Industrial IOT2022-06-14not yet calculatedCVE-2021-35082
CONFIRM
qualcomm -- snapdragonImproper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35079
CONFIRM
qualcomm -- snapdragonAPK can load a crafted model into the CDSP which can lead to a compromise of CDSP and other APK`s data executing there in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables2022-06-14not yet calculatedCVE-2021-35116
CONFIRM
qualcomm -- snapdragonPossible null pointer dereference due to improper validation of RRC connection reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35076
CONFIRM
qualcomm -- snapdragonPossible assertion due to improper validation of rank restriction field in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35073
CONFIRM
qualcomm -- snapdragonPossible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2021-35072
CONFIRM
qualcomm -- snapdragonDisabled SMMU from secure side while RPM is assigned a secure stream can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables2022-06-14not yet calculatedCVE-2021-35080
CONFIRM
qualcomm -- snapdragonPossible buffer overflow due to lack of buffer length check during management frame Rx handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35085
CONFIRM
qualcomm -- snapdragonImproper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking2022-06-14not yet calculatedCVE-2021-30349
CONFIRM
qualcomm -- snapdragonImproper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-30347
CONFIRM
qualcomm -- snapdragonPossible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking2022-06-14not yet calculatedCVE-2021-35071
CONFIRM
qualcomm -- snapdragon
 
Possible buffer over read due to improper calculation of string length while parsing Id3 tag in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2021-35100
CONFIRM
qualcomm -- snapdragon
 
Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music2022-06-14not yet calculatedCVE-2021-35092
CONFIRM
qualcomm -- snapdragon
 
Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music2022-06-14not yet calculatedCVE-2021-35081
CONFIRM
qualcomm -- snapdragon
 
RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking2022-06-14not yet calculatedCVE-2021-30345
CONFIRM
qualcomm -- snapdragon
 
Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables2022-06-14not yet calculatedCVE-2021-30341
CONFIRM
qualcomm -- snapdragon
 
Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music2022-06-14not yet calculatedCVE-2022-25651
CONFIRM
qualcomm -- snapdragon
 
Reading PRNG output may lead to improper key generation due to lack of buffer validation in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking2022-06-14not yet calculatedCVE-2021-30339
CONFIRM
qualcomm -- snapdragon
 
Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music2022-06-14not yet calculatedCVE-2021-30327
CONFIRM
qualcomm -- snapdragon
 
Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2021-35083
CONFIRM
qualcomm -- snapdragon
 
Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2021-30342
CONFIRM
qualcomm -- snapdragon
 
Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-30343
CONFIRM
qualcomm -- snapdragon
 
A user with user level permission can access graphics protected region due to improper access control in register configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2021-35112
CONFIRM
qualcomm -- snapdragon
 
Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35120
CONFIRM
qualcomm -- snapdragon
 
Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2021-30344
CONFIRM
qualcomm -- snapdragon
 
An out-of-bounds write can occur due to an incorrect input check in the camera driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2021-35118
CONFIRM
qualcomm -- snapdragon
 
An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35121
CONFIRM
qualcomm -- snapdragon
 
Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking2022-06-14not yet calculatedCVE-2021-35104
CONFIRM
qualcomm -- snapdragon
 
Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-06-14not yet calculatedCVE-2021-35119
CONFIRM
qualcomm -- snapdragon
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking2022-06-14not yet calculatedCVE-2021-30281
CONFIRM
qualcomm -- snapdragon
 
Possible out of bound read due to lack of length check of data length for a DIAG event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music2022-06-14not yet calculatedCVE-2021-35084
CONFIRM
qualcomm -- snapdragon_autoImproper buffer initialization on the backend driver can lead to buffer overflow in Snapdragon Auto2022-06-14not yet calculatedCVE-2021-35114
CONFIRM
qualcomm -- snapdrgaonOut of bound read in WLAN HOST due to improper length check can lead to DOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2022-22065
CONFIRM
qualcomm -- snapdrgaon
 
kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2022-22068
CONFIRM
qualcomm -- snapdrgaon
 
Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music2022-06-14not yet calculatedCVE-2022-22071
CONFIRM
qualcomm -- snapdrgaon
 
Memory corruption due to possible buffer overflow while parsing DSF header with corrupted channel count in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2022-22082
CONFIRM
qualcomm -- snapdrgaon
 
Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2022-22084
CONFIRM
qualcomm -- snapdrgaon
 
memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2022-22087
CONFIRM
qualcomm -- snapdrgaon
 
Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music2022-06-14not yet calculatedCVE-2022-22072
CONFIRM
qualcomm -- snapdrgaon
 
Possible buffer over read due to lack of size validation while unpacking frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2022-22064
CONFIRM
qualcomm -- snapdrgaon
 
Denial of service due to memory corruption while extracting ape header from clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2022-22083
CONFIRM
qualcomm -- snapdrgaon
 
Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile2022-06-14not yet calculatedCVE-2022-22090
CONFIRM
qualcomm -- snapdrgaon
 
Memory corruption in video due to double free while parsing 3gp clip with invalid meta data atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2022-22086
CONFIRM
qualcomm -- snapdrgaon
 
Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables2022-06-14not yet calculatedCVE-2022-22057
CONFIRM
qualcomm -- snapdrgaon
 
Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables2022-06-14not yet calculatedCVE-2022-22085
CONFIRM
qualcomm -- snapdrgaon
 
Memory corruption in multimedia driver due to double free while processing data from user in Snapdragon Auto2022-06-14not yet calculatedCVE-2022-22103
CONFIRM
qualcomm -- trustzone_memory_interface
 
Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Compute2022-06-14not yet calculatedCVE-2021-30338
CONFIRM
rakuten -- casa
 
Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default.2022-06-13not yet calculatedCVE-2022-26834
MISC
MISC
rakuten -- casa
 
Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connected to the Internet with the authentication information unchanged from the default settings.2022-06-13not yet calculatedCVE-2022-28704
MISC
MISC
rakuten -- casa
 
Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation.2022-06-13not yet calculatedCVE-2022-29525
MISC
MISC
redcap -- redacap
 
A Stored Cross-Site Scripting (XSS) vulnerability was discovered in Messenger/messenger_ajax.php in REDCap 12.0.11. This issue allows any authenticated user to inject arbitrary code into the messenger title (aka new_title) field when editing an existing conversation. The payload executes in the browser of any conversation participant with the sidebar shown.2022-06-15not yet calculatedCVE-2022-24004
MISC
MISC
redcap -- redacap
 
A Stored Cross-Site Scripting (XSS) vulnerability was discovered in ProjectGeneral/edit_project_settings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title (app_title) field when editing an existing project. The payload is then reflected within the title tag of the page.2022-06-15not yet calculatedCVE-2022-24127
MISC
MISC
robohelp -- server
 
RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization vulnerability which could lead to privilege escalation. An authenticated attacker could leverage this vulnerability to achieve full administrator privileges. Exploitation of this issue does not require user interaction.2022-06-16not yet calculatedCVE-2022-30670
MISC
rundeck -- rundeck
 
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. The Key Storage converter plugin mechanism was not enabled correctly in Rundeck 4.2.0 and 4.2.1, resulting in use of the encryption layer for Key Storage possibly not working. Any credentials created or overwritten using Rundeck 4.2.0 or 4.2.1 might result in them being written in plaintext to the backend storage. This affects those using any `Storage Converter` plugin. Rundeck 4.3.1 and 4.2.2 have fixed the code and upon upgrade will re-encrypt any plain text values. Version 4.3.0 does not have the vulnerability, but does not include the patch to re-encrypt plain text values if 4.2.0 or 4.2.1 were used. To prevent plaintext credentials from being stored in Rundeck 4.2.0/4.2.1, write access to key storage can be disabled via ACLs. After upgrading to 4.3.1 or later, write access can be restored.2022-06-15not yet calculatedCVE-2022-31044
CONFIRM
sap -- 3d_visual_enterprise_viewerWhen a user opens manipulated AutoCAD (.dwg, TeighaTranslator.exe) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.2022-06-14not yet calculatedCVE-2022-32235
MISC
MISC
sap -- 3d_visual_enterprise_viewerWhen a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.2022-06-14not yet calculatedCVE-2022-32239
MISC
MISC
sap -- 3d_visual_enterprise_viewerWhen a user opens manipulated Radiance Picture (.hdr, hdr.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.2022-06-14not yet calculatedCVE-2022-32242
MISC
MISC
sap -- 3d_visual_enterprise_viewerWhen a user opens manipulated Portable Document Format (.pdf, PDFView.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.2022-06-14not yet calculatedCVE-2022-32241
MISC
MISC
sap -- 3d_visual_enterprise_viewerWhen a user opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.2022-06-14not yet calculatedCVE-2022-32240
MISC
MISC
sap -- 3d_visual_enterprise_viewerWhen a user opens manipulated Windows Bitmap (.bmp, 2d.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.2022-06-14not yet calculatedCVE-2022-32236
MISC
MISC
sap -- 3d_visual_enterprise_viewerWhen a user opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.2022-06-14not yet calculatedCVE-2022-32237
MISC
MISC
sap -- 3d_visual_enterprise_viewer
 
When a user opens manipulated Encapsulated Post Script (.eps, ai.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.2022-06-14not yet calculatedCVE-2022-32238
MISC
MISC
sap -- financial_consolidation
 
SAP Financial Consolidation - version 1010,?does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.2022-06-14not yet calculatedCVE-2022-31595
MISC
MISC
sap -- netweaver
 
Depending on the configuration of the route permission table in file 'saprouttab', it is possible for an unauthenticated attacker to execute SAProuter administration commands in SAP NetWeaver and ABAP Platform - versions KERNEL 7.49, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.49, KRNL64UC 7.49, SAP_ROUTER 7.53, 7.22, from a remote client, for example stopping the SAProuter, that could highly impact systems availability.2022-06-14not yet calculatedCVE-2022-27668
MISC
MISC
sap -- netweaver
 
Due to insufficient input validation, SAP NetWeaver Development Infrastructure (Design Time Repository) - versions 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to inject script into the URL and execute code in the user’s browser. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.2022-06-14not yet calculatedCVE-2022-29618
MISC
MISC
sap -- netweaver
 
Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document accepted from an untrusted source, which allows an adversary to exploit unprotected XML parking at endpoints, and a possibility to conduct SSRF attacks that could compromise system’s Availability by causing system to crash.2022-06-13not yet calculatedCVE-2022-28217
MISC
MISC
sap -- netweaver
 
SAP NetWeaver, ABAP Platform and SAP Host Agent - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, 8.04, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, 8.04, SAPHOSTAGENT 7.22, allows an authenticated user to misuse a function of sapcontrol webfunctionality(startservice) in Kernel which enables malicious users to retrieve information. On successful exploitation, an attacker can obtain technical information like system number or physical address, which is otherwise restricted, causing a limited impact on the confidentiality of the application.2022-06-14not yet calculatedCVE-2022-29612
MISC
MISC
sap -- netweaver
 
SAP startservice - of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform and HANA Database - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, SAPHOSTAGENT 7.22, - on Unix systems, s-bit helper program sapuxuserchk, can be abused physically resulting in a privilege escalation of an attacker leading to low impact on confidentiality and integrity, but a profound impact on availability.2022-06-14not yet calculatedCVE-2022-29614
MISC
MISC
sap -- netweaver
 
SAP NetWeaver Developer Studio (NWDS) - version 7.50, is based on Eclipse, which contains the logging framework log4j in version 1.x. The application's confidentiality and integrity could have a low impact due to the vulnerabilities associated with version 1.x.2022-06-14not yet calculatedCVE-2022-29615
MISC
MISC
sap -- one_support_launchpad
 
A highly privileged user can exploit SUID-root program to escalate his privileges to root on a local Unix system.2022-06-14not yet calculatedCVE-2022-31594
MISC
MISC
sap -- one_support_launchpad
 
Due to improper authorization check, business users who are using Israeli File from SHAAM program (/ATL/VQ23 transaction), are granted more than needed authorization to perform certain transaction, which may lead to users getting access to data that would otherwise be restricted.2022-06-14not yet calculatedCVE-2022-31589
MISC
MISC
sap -- powerdesigner_proxySAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the application during application start up or reboot, potentially compromising Confidentiality, Integrity and Availability of the system.2022-06-14not yet calculatedCVE-2022-31590
MISC
MISC
scalanace -- multiple_versions
 
A vulnerability has been identified in SCALANCE XM408-4C (All versions < V6.5), SCALANCE XM408-4C (L3 int.) (All versions < V6.5), SCALANCE XM408-8C (All versions < V6.5), SCALANCE XM408-8C (L3 int.) (All versions < V6.5), SCALANCE XM416-4C (All versions < V6.5), SCALANCE XM416-4C (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 1x230V (All versions < V6.5), SCALANCE XR524-8C, 1x230V (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 24V (All versions < V6.5), SCALANCE XR524-8C, 24V (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 2x230V (All versions < V6.5), SCALANCE XR524-8C, 2x230V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 1x230V (All versions < V6.5), SCALANCE XR526-8C, 1x230V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 24V (All versions < V6.5), SCALANCE XR526-8C, 24V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 2x230V (All versions < V6.5), SCALANCE XR526-8C, 2x230V (L3 int.) (All versions < V6.5), SCALANCE XR528-6M (All versions < V6.5), SCALANCE XR528-6M (2HR2) (All versions < V6.5), SCALANCE XR528-6M (2HR2, L3 int.) (All versions < V6.5), SCALANCE XR528-6M (L3 int.) (All versions < V6.5), SCALANCE XR552-12M (All versions < V6.5), SCALANCE XR552-12M (2HR2) (All versions < V6.5), SCALANCE XR552-12M (2HR2) (All versions < V6.5), SCALANCE XR552-12M (2HR2, L3 int.) (All versions < V6.5). The OSPF protocol implementation in affected devices fails to verify the checksum and length fields in the OSPF LS Update messages. An unauthenticated remote attacker could exploit this vulnerability to cause interruptions in the network by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device.2022-06-14not yet calculatedCVE-2021-37182
MISC
shirasagi -- shirasagi
 
Cross-site scripting vulnerability in SHIRASAGI v1.0.0 to v1.14.2, and v1.15.0 allows a remote attacker to inject an arbitrary script via unspecified vectors.2022-06-14not yet calculatedCVE-2022-29485
MISC
MISC
MISC
MISC
sicam -- gridedge_essential_arm
 
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software does not apply cross-origin resource sharing (CORS) restrictions for critical operations. In case an attacker tricks a legitimate user into accessing a special resource a malicious request could be executed.2022-06-14not yet calculatedCVE-2022-30228
MISC
sicam -- gridedge_essential_arm
 
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to change data of an user, such as credentials, in case that user's id is known.2022-06-14not yet calculatedCVE-2022-30229
MISC
sicam -- gridedge_essential_arm
 
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to create a new user with administrative permissions.2022-06-14not yet calculatedCVE-2022-30230
MISC
sicam -- gridedge_essential_arm
 
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software discloses password hashes of other users upon request. This could allow an authenticated user to retrieve another users password hash.2022-06-14not yet calculatedCVE-2022-30231
MISC
siemens -- sinema_remote_connect_server
 
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An error message pop up window in the web interface of the affected application does not prevent injection of JavaScript code. This could allow attackers to perform reflected cross-site scripting (XSS) attacks.2022-06-14not yet calculatedCVE-2022-29034
MISC
FULLDISC
siemens -- spectrum_power_4
 
A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum Power 7 (All versions using Shared HIS), Spectrum Power MGMS (All versions using Shared HIS). An unauthenticated attacker could log into the component Shared HIS used in Spectrum Power systems by using an account with default credentials. A successful exploitation could allow the attacker to access the component Shared HIS with administrative privileges.2022-06-14not yet calculatedCVE-2022-26476
MISC
siemens -- teamcenter
 
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions < V13.1.0.9), Teamcenter V13.2 (All versions), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions). Java EE Server Manager HTML Adaptor in Teamcenter consists of default hardcoded credentials. Access to the application allows a user to perform a series of actions that could potentially lead to remote code execution with elevated permissions.2022-06-14not yet calculatedCVE-2022-31619
MISC
siemens -- teamcenter_active_workspace
 
A vulnerability has been identified in Teamcenter Active Workspace V5.2 (All versions < V5.2.9), Teamcenter Active Workspace V6.0 (All versions < V6.0.3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected application that could allow an attacker to execute malicious code by tricking users into accessing a malicious link.2022-06-14not yet calculatedCVE-2022-32145
MISC
siemens -- sinema_remote_connect_server
 
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP security headers in the web server configured on port 443. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks and other similar client-based attack vectors.2022-06-14not yet calculatedCVE-2022-27219
MISC
siemens -- sinema_remote_connect_server
 
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An attacker in machine-in-the-middle could obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack.2022-06-14not yet calculatedCVE-2022-27221
MISC
siemens -- sinema_remote_connect_server
 
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP security headers in the web server configured on port 6220. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks and other similar client-based attack vectors.2022-06-14not yet calculatedCVE-2022-27220
MISC
sinema -- remote_connect_serverA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains an older feature that allows to import device configurations via a specific endpoint. An attacker could use this vulnerability for information disclosure.2022-06-14not yet calculatedCVE-2022-32258
MISC
sinema -- remote_connect_serverA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). There is a missing authentication verification for a resource used to change the roles and permissions of a user. This could allow an attacker to change the permissions of any user and gain the privileges of an administrative user.2022-06-14not yet calculatedCVE-2022-32251
MISC
sinema -- remote_connect_serverA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application creates temporary user credentials for UMC (User Management Component) users. An attacker could use these temporary credentials for authentication bypass in certain scenarios.2022-06-14not yet calculatedCVE-2022-32260
MISC
sinema -- remote_connect_serverA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The system images for installation or update of the affected application contain unit test scripts with sensitive information. An attacker could gain information about testing architecture and also tamper with test configuration.2022-06-14not yet calculatedCVE-2022-32259
MISC
sinema -- remote_connect_serverA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a misconfiguration in the APT update. This could allow an attacker to add insecure packages to the application.2022-06-14not yet calculatedCVE-2022-32261
MISC
sinema -- remote_connect_serverA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to limited information.2022-06-14not yet calculatedCVE-2022-32255
MISC
sinema -- remote_connect_serverA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A customized HTTP POST request could force the application to write the status of a given user to a log file, exposing sensitive user information that could provide valuable guidance to an attacker.2022-06-14not yet calculatedCVE-2022-32254
MISC
sinema -- remote_connect_serverA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). Due to improper input validation, the OpenSSL certificate's password could be printed to a file reachable by an attacker.2022-06-14not yet calculatedCVE-2022-32253
MISC
sinema -- remote_connect_serverA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The application does not perform the integrity check of the update packages. Without validation, an admin user might be tricked to install a malicious package, granting root privileges to an attacker.2022-06-14not yet calculatedCVE-2022-32252
MISC
sinema -- remote_connect_serverWhen a user opens manipulated Scalable Vector Graphics (.svg, svg.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.2022-06-14not yet calculatedCVE-2022-32243
MISC
MISC
sinema -- remote_connect_serverA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to low privileged users accessing privileged information.2022-06-14not yet calculatedCVE-2022-32256
MISC
sinema -- remote_connect_server
 
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a file upload server that is vulnerable to command injection. An attacker could use this to achieve arbitrary code execution.2022-06-14not yet calculatedCVE-2022-32262
MISC
sourcecodester -- online_discussion_forum_siteOnline Discussion Forum Site v1.0 is vulnerable to SQL Injection via /odfs/classes/Master.php?f=delete_team.2022-06-16not yet calculatedCVE-2022-31911
MISC
sourcecodester -- online_discussion_forum_siteOnline Discussion Forum Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /odfs/classes/Master.php?f=save_category, name.2022-06-16not yet calculatedCVE-2022-31913
MISC
sourcecodester -- zoo_management_systemZoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via zms/admin/public_html/save_animal?an_id=24.2022-06-16not yet calculatedCVE-2022-31914
MISC
sourcecodester -- bank_management_system
 
A vulnerability, which was classified as critical, has been found in SourceCodester Bank Management System 1.0. Affected by this issue is login.php. The manipulation of the argument password with the input 1'and 1=2 union select 1,sleep(10),3,4,5 --+ leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.2022-06-15not yet calculatedCVE-2022-2086
N/A
N/A
sourcecodester -- bank_management_system
 
A vulnerability, which was classified as problematic, was found in SourceCodester Bank Management System 1.0. This affects the file /mnotice.php?id=2. The manipulation of the argument notice with the input <script>alert(1)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.2022-06-15not yet calculatedCVE-2022-2087
N/A
N/A
sourcecodester -- church_management_system
 
Church Management System version 1.0 is affected by a SQL anjection vulnerability through creating a user with a PHP file as an avatar image, which is accessible through the /uploads directory. This can lead to RCE on the web server by uploading a PHP webshell.2022-06-13not yet calculatedCVE-2021-41661
MISC
sourcecodester -- fast_food_ordering_systemFast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_menu.2022-06-14not yet calculatedCVE-2022-32330
MISC
sourcecodester -- fast_food_ordering_systemFast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/view_category.php?id=.2022-06-14not yet calculatedCVE-2022-32331
MISC
sourcecodester -- fast_food_ordering_systemFast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_category.2022-06-14not yet calculatedCVE-2022-32332
MISC
sourcecodester -- fast_food_ordering_systemFast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/view_menu.php?id=.2022-06-14not yet calculatedCVE-2022-32336
MISC
sourcecodester -- fast_food_ordering_systemFast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/manage_category.php?id=.2022-06-14not yet calculatedCVE-2022-32334
MISC
sourcecodester -- fast_food_ordering_systemFast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/sales/receipt.php?id=.2022-06-14not yet calculatedCVE-2022-32333
MISC
sourcecodester -- fast_food_ordering_systemFast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/manage_menu.php?id=.2022-06-14not yet calculatedCVE-2022-32335
MISC
sourcecodester -- fast_food_ordering_systemFast Food Ordering System v1.0 is vulnerable to Delete any file. via /ffos/classes/Master.php?f=delete_img.2022-06-14not yet calculatedCVE-2022-32328
MISC
sourcecodester -- hospitals_patient_records_management_systemHospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient.2022-06-14not yet calculatedCVE-2022-32344
MISC
sourcecodester -- hospitals_patient_records_management_systemHospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_room_type.2022-06-14not yet calculatedCVE-2022-32350
MISC
sourcecodester -- hospitals_patient_records_management_systemHospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/doctors/view_doctor.php?id=.2022-06-14not yet calculatedCVE-2022-32339
MISC
sourcecodester -- hospitals_patient_records_management_systemHospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/doctors/manage_doctor.php?id=.2022-06-14not yet calculatedCVE-2022-32338
MISC
sourcecodester -- hospitals_patient_records_management_systemHospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/patients/manage_patient.php?id=.2022-06-14not yet calculatedCVE-2022-32337
MISC
sourcecodester -- hospitals_patient_records_management_systemHospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/room_types/view_room_type.php?id=.2022-06-14not yet calculatedCVE-2022-32342
MISC
sourcecodester -- hospitals_patient_records_management_systemHospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via hprms/admin/room_types/manage_room_type.php?id=.2022-06-14not yet calculatedCVE-2022-32343
MISC
sourcecodester -- hospitals_patient_records_management_systemHospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient_history.2022-06-14not yet calculatedCVE-2022-32349
MISC
sourcecodester -- hospitals_patient_records_management_systemHospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/rooms/manage_room.php?id=.2022-06-14not yet calculatedCVE-2022-32345
MISC
sourcecodester -- hospitals_patient_records_management_systemHospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_room.2022-06-14not yet calculatedCVE-2022-32347
MISC
sourcecodester -- hospitals_patient_records_management_systemHospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_doctor.2022-06-14not yet calculatedCVE-2022-32348
MISC
sourcecodester -- hospitals_patient_records_management_systemHospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/?page=user/manage_user&id=.2022-06-14not yet calculatedCVE-2022-32341
MISC
sourcecodester -- hospitals_patient_records_management_systemHospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient_admission.2022-06-14not yet calculatedCVE-2022-32352
MISC
sourcecodester -- hospitals_patient_records_management_systemHospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_message.2022-06-14not yet calculatedCVE-2022-32351
MISC
sourcecodester -- hospitals_patient_records_management_systemHospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/rooms/view_room.php?id=.2022-06-14not yet calculatedCVE-2022-32346
MISC
sourcecodester -- hospitals_patient_records_management_systemHospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/?page=patients/view_patient&id=.2022-06-14not yet calculatedCVE-2022-32340
MISC
sourcecodester -- online_fire_reporting_systemOnline Fire Reporting System v1.0 is vulnerable to Cross Site Scripting (XSS) via /ofrs/classes/Master.php.2022-06-16not yet calculatedCVE-2022-31906
MISC
sourcecodester -- online_fire_reporting_systemOnline Fire Reporting System v1.0 was discovered to contain a SQL injection vulnerability via the GET parameter in /report/list.php.2022-06-14not yet calculatedCVE-2022-31415
MISC
sourcecodester -- online_tutor_portal_siteOnline Tutor Portal Site v1.0 is vulnerable to SQL Injection via /otps/classes/Master.php?f=delete_team.2022-06-16not yet calculatedCVE-2022-31912
MISC
sourcecodester -- online_tutor_portal_siteOnline Tutor Portal Site v1.0 is vulnerable to Cross Site Scripting (XSS). via /otps/classes/Master.php.2022-06-16not yet calculatedCVE-2022-31910
MISC
sourcecodester -- product_show_room_siteProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/manage_field.php?id=.2022-06-14not yet calculatedCVE-2022-32365
MISC
sourcecodester -- product_show_room_siteProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=user/manage_user&id=.2022-06-14not yet calculatedCVE-2022-32354
MISC
sourcecodester -- product_show_room_siteProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/view_category.php?id=.2022-06-14not yet calculatedCVE-2022-32363
MISC
sourcecodester -- product_show_room_siteProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/view_field.php?id=.2022-06-14not yet calculatedCVE-2022-32366
MISC
sourcecodester -- product_show_room_siteProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/manage_product&id=.2022-06-14not yet calculatedCVE-2022-32364
MISC
sourcecodester -- product_show_room_siteProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/manage_field_order.php?id=.2022-06-14not yet calculatedCVE-2022-32353
MISC
sourcecodester -- product_show_room_siteProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/view_product&id=.2022-06-14not yet calculatedCVE-2022-32355
MISC
sourcecodester -- product_show_room_siteProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=inquiries/view_inquiry&id=.2022-06-14not yet calculatedCVE-2022-32367
MISC
sourcecodester -- product_show_room_siteProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_category.2022-06-14not yet calculatedCVE-2022-32359
MISC
sourcecodester -- product_show_room_siteProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_inquiry.2022-06-14not yet calculatedCVE-2022-32358
MISC
sourcecodester -- product_show_room_siteProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/manage_category.php?id=.2022-06-14not yet calculatedCVE-2022-32362
MISC
sourcecodester -- rescue_dispatch_management_systemRescue Dispatch Management System v1.0 is vulnerable to SQL Injection via \rdms\admin?page=user\manage_user&id=.2022-06-17not yet calculatedCVE-2022-31941
MISC
sourcecodester -- south_gate_inn_online_reservation_systemThe South Gate Inn Online Reservation System v1.0 contains an SQL injection vulnerability that can be chained with a malicious PHP file upload, which is caused by improper file handling in the editImg function. This vulnerability leads to remote code execution.2022-06-13not yet calculatedCVE-2021-41662
MISC
sourcecodester -- student_registration_and_fee_payment_systemStudent Registration and Fee Payment System v1.0 is vulnerable to SQL Injection via /scms/student.php.2022-06-16not yet calculatedCVE-2022-31908
MISC
sourcecodester -- theme_park_ticketing_systemTheme Park Ticketing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edit_ticket.php.2022-06-15not yet calculatedCVE-2022-32302
MISC
sourcesodester -- directory_management_systemDirectory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php.2022-06-16not yet calculatedCVE-2022-31384
MISC
MISC
MISC
sourcesodester -- directory_management_system
 
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in view-directory.php.2022-06-16not yet calculatedCVE-2022-31383
MISC
MISC
MISC
sourcesodester -- directory_management_system
 
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter in search-dirctory.php.2022-06-16not yet calculatedCVE-2022-31382
MISC
MISC
MISC
sourcesodester -- online_discussion_forum_siteAn issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts.2022-06-16not yet calculatedCVE-2022-31295
MISC
MISC
sourcesodester -- online_discussion_forum_siteAn issue in the save_users() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts.2022-06-16not yet calculatedCVE-2022-31294
MISC
MISC
sourcesodester -- online_discussion_forum_siteOnline Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/view_post.php.2022-06-17not yet calculatedCVE-2022-31296
MISC
MISC
sourcesodester -- online_ordering_systemOnline Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/index.php?q=category&search=.2022-06-17not yet calculatedCVE-2022-31355
MISC
sourcesodester -- online_ordering_systemOnline Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/inventory/index.php?view=edit&id=.2022-06-17not yet calculatedCVE-2022-31357
MISC
sourcesodester -- online_ordering_systemOnline Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/store/index.php?view=edit&id=.2022-06-17not yet calculatedCVE-2022-31356
MISC
splunk_enterprise -- splunk_universal_forwarder
 
In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface (CLI) did not validate TLS certificates while connecting to a remote Splunk platform instance by default. Splunk peer communications configured properly with valid certificates were not vulnerable. However, connections from misconfigured nodes without valid certificates did not fail by default. After updating to version 9.0, see Configure TLS host name validation for the Splunk CLI (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation#Configure_TLS_host_name_validation_for_the_Splunk_CLI) to enable the remediation.2022-06-15not yet calculatedCVE-2022-32156
CONFIRM
CONFIRM
CONFIRM
splunk_enterprise -- dashboard
 
Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the token is used in a query in a cross-origin request. The result bypasses SPL safeguards for risky commands. See New capabilities can limit access to some custom and potentially risky commands (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/SPLsafeguards#New_capabilities_can_limit_access_to_some_custom_and_potentially_risky_commands) for more information. Note that the attack is browser-based and an attacker cannot exploit it at will.2022-06-15not yet calculatedCVE-2022-32154
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
splunk_enterprise -- splunk_enterprise_deployment_servers
 
Splunk Enterprise deployment servers in versions before 9.0 let clients deploy forwarder bundles to other deployment clients through the deployment server. An attacker that compromised a Universal Forwarder endpoint could use the vulnerability to execute arbitrary code on all other Universal Forwarder endpoints subscribed to the deployment server.2022-06-15not yet calculatedCVE-2022-32158
CONFIRM
CONFIRM
splunk_enterprise -- splunk_enterprise_deployment_servers
 
Splunk Enterprise deployment servers in versions before 9.0 allow unauthenticated downloading of forwarder bundles. Remediation requires you to update the deployment server to version 9.0 and Configure authentication for deployment servers and clients (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/ConfigDSDCAuthEnhancements#Configure_authentication_for_deployment_servers_and_clients). Once enabled, deployment servers can manage only Universal Forwarder versions 9.0 and higher. Though the vulnerability does not directly affect Universal Forwarders, remediation requires updating all Universal Forwarders that the deployment server manages to version 9.0 or higher prior to enabling the remediation.2022-06-15not yet calculatedCVE-2022-32157
CONFIRM
CONFIRM
CONFIRM
CONFIRM
splunk_enterprise -- splunk_enterprise_peersSplunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured properly with valid certificates were not vulnerable. However, an attacker with administrator credentials could add a peer without a valid certificate and connections from misconfigured nodes without valid certificates did not fail by default. For Splunk Enterprise, update to Splunk Enterprise version 9.0 and Configure TLS host name validation for Splunk-to-Splunk communications (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation) to enable the remediation.2022-06-15not yet calculatedCVE-2022-32153
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
splunk_enterprise -- splunk_enterprise_peers
 
The httplib and urllib Python libraries that Splunk shipped with Splunk Enterprise did not validate certificates using the certificate authority (CA) certificate stores by default in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203. Python 3 client libraries now verify server certificates by default and use the appropriate CA certificate stores for each library. Apps and add-ons that include their own HTTP libraries are not affected. For Splunk Enterprise, update to Splunk Enterprise version 9.0 and Configure TLS host name validation for Splunk-to-Splunk communications (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation) to enable the remediation.2022-06-15not yet calculatedCVE-2022-32151
CONFIRM
CONFIRM
CONFIRM
CONFIRM
splunk_enterprise -- splunk_enterprise_peers
 
Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured properly with valid certificates were not vulnerable. However, an attacker with administrator credentials could add a peer without a valid certificate and connections from misconfigured nodes without valid certificates did not fail by default. For Splunk Enterprise, update to Splunk Enterprise version 9.0 and Configure TLS host name validation for Splunk-to-Splunk communications (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation) to enable the remediation.2022-06-15not yet calculatedCVE-2022-32152
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
splunk_enterprise -- splunk_universal_forwarder
 
In universal forwarder versions before 9.0, management services are available remotely by default. When not required, it introduces a potential exposure, but it is not a vulnerability. If exposed, we recommend each customer assess the potential severity specific to your environment. In 9.0, the universal forwarder now binds the management port to localhost preventing remote logins by default. If management services are not required in versions before 9.0, set disableDefaultPort = true in server.conf OR allowRemoteLogin = never in server.conf OR mgmtHostPort = localhost in web.conf. See Configure universal forwarder management security (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation#Configure_universal_forwarder_management_security) for more information on disabling the remote management services.2022-06-15not yet calculatedCVE-2022-32155
CONFIRM
CONFIRM
CONFIRM
strapi -- strapi
 
Strapi v3.x.x versions and earlier contain a stored cross-site scripting vulnerability in file upload function. By exploiting this vulnerability, an arbitrary script may be executed on the web browser of the user who is logging in to the product with the administrative privilege.2022-06-13not yet calculatedCVE-2022-29894
MISC
MISC
MISC
subscription-manager -- subscription-managerSubscription-Manager v1.0 /main.js has a cross-site scripting (XSS) vulnerability in the machineDetail parameter.2022-06-15not yet calculatedCVE-2021-41415
MISC
synaptics -- fingerprint_driver
 
Improper Input Validation vulnerability in synaTEE.signed.dll of Synaptics Fingerprint Driver allows a local authorized attacker to overwrite a heap tag, with potential loss of confidentiality. This issue affects: Synaptics Synaptics Fingerprint Driver 5.1.xxx.26 versions prior to xxx=340 on x86/64; 5.2.xxxx.26 versions prior to xxxx=3541 on x86/64; 5.2.2xx.26 versions prior to xx=29 on x86/64; 5.2.3xx.26 versions prior to xx=25 on x86/64; 5.3.xxxx.26 versions prior to xxxx=3543 on x86/64; 5.5.xx.1058 versions prior to xx=44 on x86/64; 5.5.xx.1102 versions prior to xx=34 on x86/64; 5.5.xx.1116 versions prior to xx=14 on x86/64; 6.0.xx.1104 versions prior to xx=50 on x86/64; 6.0.xx.1108 versions prior to xx=31 on x86/64; 6.0.xx.1111 versions prior to xx=58 on x86/64.2022-06-16not yet calculatedCVE-2021-3675
MISC
CONFIRM
MISC
tenda -- hg9Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function.2022-06-16not yet calculatedCVE-2022-30023
MISC
MISC
MISC
textpattern -- textpatternTextpattern 4.8.7 is affected by a HTML injection vulnerability through “Content>Write>Body”.2022-06-14not yet calculatedCVE-2021-40658
MISC
thinkcmf -- thinkcmf
 
thinkcmf v5.1.7 has an unauthorized vulnerability. The attacker can modify the password of the administrator account with id 1 through the background user management group permissions. The use condition is that the background user management group authority is required.2022-06-14not yet calculatedCVE-2021-40616
MISC
thomson -- tcw710
 
A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been declared as problematic. This vulnerability affects unknown code of the file /goform/RgUrlBlock.asp. The manipulation of the argument BasicParentalNewKeyword with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.2022-06-12not yet calculatedCVE-2018-25039
MISC
MISC
thomson -- tcw710
 
A vulnerability was found in Thomson TCW710 ST5D.10.05 and classified as problematic. Affected by this issue is some unknown functionality of the file /goform/RgDdns. The manipulation of the argument DdnsHostName with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). The attack may be launched remotely. The exploit has been disclosed to the public and may be used.2022-06-12not yet calculatedCVE-2018-25037
MISC
MISC
thomson -- tcw710
 
A vulnerability has been found in Thomson TCW710 ST5D.10.05 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /goform/RgTime. The manipulation of the argument TimeServer1/TimeServer2/TimeServer3 with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). The attack can be launched remotely. The exploit has been disclosed to the public and may be used.2022-06-12not yet calculatedCVE-2018-25036
MISC
MISC
thomson -- tcw710
 
A vulnerability, which was classified as problematic, was found in Thomson TCW710 ST5D.10.05. Affected is an unknown function of the file /goform/RGFirewallEL. The manipulation of the argument EmailAddress/SmtpServerName with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.2022-06-12not yet calculatedCVE-2018-25035
MISC
MISC
thomson -- tcw710
 
A vulnerability, which was classified as problematic, has been found in Thomson TCW710 ST5D.10.05. This issue affects some unknown processing of the file /goform/wlanPrimaryNetwork. The manipulation of the argument ServiceSetIdentifier with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.2022-06-12not yet calculatedCVE-2018-25034
MISC
MISC
thomson -- tcw710
 
A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been classified as problematic. This affects an unknown part of the file /goform/RgDhcp. The manipulation of the argument PppUserName with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.2022-06-12not yet calculatedCVE-2018-25038
MISC
MISC
topsec -- topidp3000
 
An issue in TopIDP3000 Topsec Operating System tos_3.3.005.665b.15_smpidp allows attackers to perform a brute-force attack via a crafted session_id cookie.2022-06-14not yet calculatedCVE-2022-31273
MISC
tourism_management_system_version -- tourism_management_system_versionTourism Management System Version: V 3.2 is affected by: Cross Site Request Forgery (CSRF).2022-06-14not yet calculatedCVE-2022-30930
MISC
MISC
trendnet -- tew-831dr
 
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The web interface is vulnerable to CSRF. An attacker can change the pre-shared key of the Wi-Fi router if the interface's IP address is known.2022-06-16not yet calculatedCVE-2022-30327
MISC
MISC
trendnet -- tew-831dr
 
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key for the Wi-Fi networks is the same for every router except for the last four digits. The device default pre-shared key for both 2.4 GHz and 5 GHz networks can be guessed or brute-forced by an attacker within range of the Wi-Fi network.2022-06-16not yet calculatedCVE-2022-30325
MISC
MISC
trendnet -- tew-831dr
 
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands.2022-06-16not yet calculatedCVE-2022-30329
MISC
MISC
trendnet -- tew-831dr
 
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The username and password setup for the web interface does not require entering the existing password. A malicious user can change the username and password of the interface.2022-06-16not yet calculatedCVE-2022-30328
MISC
MISC
trendnet -- tew-831dr
 
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The network pre-shared key field on the web interface is vulnerable to XSS. An attacker can use a simple XSS payload to crash the basic.config page of the web interface.2022-06-16not yet calculatedCVE-2022-30326
MISC
MISC
trendnet -- ip-110wnTrendnet IP-110wn camera fw_tv-ip110wn_v2(1.2.2.68) has an xss vulnerability via the proname parameter in /admin/scheprofile.cgi2022-06-17not yet calculatedCVE-2022-31875
MISC
trendnet -- ip-110wnTrendnet IP-110wn camera fw_tv-ip110wn_v2(1.2.2.68) has an XSS vulnerability via the prefix parameter in /admin/general.cgi.2022-06-17not yet calculatedCVE-2022-31873
MISC
typo3 -- typo3TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, system internal credentials or keys (e.g. database credentials) can be logged as plaintext in exception handlers, when logging the complete exception stack trace. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 contain a fix for the problem.2022-06-14not yet calculatedCVE-2022-31047
MISC
CONFIRM
MISC
typo3 -- typo3TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, Admin Tool sessions initiated via the TYPO3 backend user interface had not been revoked even if the corresponding user account was degraded to lower permissions or disabled completely. This way, sessions in the admin tool theoretically could have been prolonged without any limit. TYPO3 versions 9.5.34 ELTS, 10.4.29, and 11.5.11 contain a fix for the problem.2022-06-14not yet calculatedCVE-2022-31050
MISC
CONFIRM
MISC
typo3 -- typo3
 
TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users.2022-06-14not yet calculatedCVE-2022-31046
MISC
CONFIRM
MISC
typo3 -- typo3
 
TYPO3 is an open source web content management system. Prior to versions 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed to exploit this vulnerability. TYPO3 versions 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11 contain a fix for the problem.2022-06-14not yet calculatedCVE-2022-31048
MISC
CONFIRM
MISC
typo3 -- typo3
 
TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, user submitted content was used without being properly encoded in HTML emails sent to users. The actually affected components were mail clients used to view those messages. TYPO3 versions 9.5.34 ELTS, 10.4.29, and 11.5.11 contain a fix for the problem.2022-06-14not yet calculatedCVE-2022-31049
MISC
MISC
CONFIRM
u5cms -- u5cmsu5cms version 8.3.5 is vulnerable to Cross Site Scripting (XSS). When a user accesses the default home page if the parameter passed in is http://127.0.0.1/? "Onmouseover=%27tzgl (96502)%27bad=", it can cause html injection.2022-06-17not yet calculatedCVE-2022-32442
MISC
u5cms -- u5cms
 
An issue was discovered in u5cms verion 8.3.5 There is a URL redirection vulnerability that can cause a user's browser to be redirected to another site via /loginsave.php.2022-06-17not yet calculatedCVE-2022-32444
MISC
utorrent -- utorrentA vulnerability was found in uTorrent. It has been rated as critical. Affected by this issue is some unknown functionality of the component JSON RPC Server. The manipulation leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.2022-06-17not yet calculatedCVE-2018-25041
MISC
MISC
MISC
MISC
utorrent -- utorrent
 
A vulnerability classified as critical has been found in uTorrent. This affects an unknown part. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component.2022-06-17not yet calculatedCVE-2018-25042
MISC
MISC
MISC
utorrent -- utorrent
 
A vulnerability classified as critical was found in uTorrent. This vulnerability affects unknown code of the component PRNG. The manipulation leads to weak authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.2022-06-17not yet calculatedCVE-2018-25043
MISC
MISC
MISC
utorrent -- utorrent
 
A vulnerability, which was classified as critical, has been found in uTorrent. This issue affects some unknown processing of the component Guest Account. The manipulation leads to privilege escalation. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.2022-06-17not yet calculatedCVE-2018-25044
MISC
MISC
MISC
utorrent -- web
 
A vulnerability was found in uTorrent Web. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component HTTP RPC Server. The manipulation leads to privilege escalation. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.2022-06-17not yet calculatedCVE-2018-25040
MISC
MISC
MISC
victor_cms -- victor_cms
 
Victor CMS 1.0 is vulnerable to SQL injection via c_id parameter of admin_edit_comment.php, p_id parameter of admin_edit_post.php, u_id parameter of admin_edit_user.php, and edit parameter of admin_update_categories.php.2022-06-16not yet calculatedCVE-2020-35597
MISC
MISC
MISC
vmware -- hcx
 
VMware HCX update addresses an information disclosure vulnerability. A malicious actor with network user access to the VMware HCX appliance may be able to gain access to sensitive information.2022-06-16not yet calculatedCVE-2022-22953
MISC
vmware -- .net_and_visual_studio.NET and Visual Studio Information Disclosure Vulnerability.2022-06-15not yet calculatedCVE-2022-30184
MISC
voipmonitor -- web_gui
 
VoIPmonitor WEB GUI up to version 24.61 is affected by SQL injection through the "api.php" file and "user" parameter.2022-06-17not yet calculatedCVE-2021-41408
MISC
MISC
wavlink -- wn579A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via a crafted POST request.2022-06-14not yet calculatedCVE-2022-31847
MISC
wavlink -- wn579A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.2022-06-14not yet calculatedCVE-2022-31845
MISC
MISC
wavlink -- wn579A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.2022-06-14not yet calculatedCVE-2022-31846
MISC
MISC
wavlink -- aerial
 
A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows attackers to obtain sensitive router information via execution of the exec cmd function.2022-06-14not yet calculatedCVE-2022-31308
MISC
wavlink -- aerial
 
An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to execute arbitrary commands via a crafted POST request.2022-06-14not yet calculatedCVE-2022-31311
MISC
wavlink -- aerial
 
A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to obtain sensitive router information via execution of the exec cmd function.2022-06-14not yet calculatedCVE-2022-31309
MISC
web_based_quiz_systems -- web_based_quiz_systemsWeb Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the eid parameter at welcome.php.2022-06-15not yet calculatedCVE-2022-32991
MISC
weblizar -- user_login_log_plugin
 
A vulnerability was found in weblizar User Login Log Plugin 2.2.1. It has been classified as problematic. Affected is an unknown function. The manipulation leads to basic cross site scripting (Stored). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.2022-06-16not yet calculatedCVE-2017-20056
MISC
MISC
MISC
webtareas -- webtareasCross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /linkedcontent/editfolder.php.2022-06-16not yet calculatedCVE-2021-36609
MISC
webtareas -- webtareas
 
Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /projects/editproject.php.2022-06-16not yet calculatedCVE-2021-36608
MISC
windows -- autopilot_device_management_and_enrollment_clientWindows Autopilot Device Management and Enrollment Client Spoofing Vulnerability.2022-06-15not yet calculatedCVE-2022-30189
MISC
wiris -- mathtype
 
Wiris Mathtype v7.28.0 was discovered to contain a path traversal vulnerability in the resourceFile parameter. This vulnerability is exploited via a crafted request to the resource handler.2022-06-16not yet calculatedCVE-2022-31372
MISC
wordpre4ss -- phil_bakers_gate_plugin
 
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in Phil Baker's Age Gate plugin <= 2.17.0 at WordPress.2022-06-15not yet calculatedCVE-2021-36901
CONFIRM
CONFIRM
wordpress -- admin_management_xtended
 
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Admin Management Xtended plugin <= 2.4.4 at WordPress.2022-06-15not yet calculatedCVE-2022-29450
CONFIRM
CONFIRM
wordpress -- api_key_for_google_maps
 
Cross-Site Request Forgery (CSRF) vulnerability in API KEY for Google Maps plugin <= 1.2.1 at WordPress leading to Google Maps API key update.2022-06-15not yet calculatedCVE-2022-29453
CONFIRM
CONFIRM
wordpress -- auto_delete_posts
 
The Auto Delete Posts WordPress plugin through 1.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and delete specific posts, categories and attachments at once.2022-06-13not yet calculatedCVE-2022-1779
MISC
wordpress -- change_uploaded_file_permissions
 
Due to missing checks the Change Uploaded File Permissions WordPress plugin through 4.0.0 is vulnerable to CSRF attacks. This can be used to change the file and folder permissions of any folder. This could be problematic when specific files like ini files are made readable for everyone due to this.2022-06-13not yet calculatedCVE-2022-1788
MISC
wordpress -- export_all_urlsAuthenticated (editor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Export All URLs plugin <= 4.1 at WordPress.2022-06-15not yet calculatedCVE-2022-29452
CONFIRM
CONFIRM
wordpress -- filr
 
The Filr WordPress plugin before 1.2.2.1 does not have authorisation check in two of its AJAX actions, allowing them to be called by any authenticated users, such as subscriber. They are are protected with a nonce, however the nonce is leaked on the dashboard. This could allow them to upload arbitrary HTML files as well as delete all files or arbitrary ones.2022-06-13not yet calculatedCVE-2022-1777
MISC
wordpress -- google_places_reviews_plugin
 
The Google Places Reviews WordPress plugin before 2.0.0 does not properly escape its Google API key setting, which is reflected on the site's administration panel. A malicious administrator could abuse this bug, in a multisite WordPress configuration, to trick super-administrators into viewing the booby-trapped payload and taking over their account.2022-06-13not yet calculatedCVE-2022-1772
MISC
wordpress -- google_tag_manager
 
The Google Tag Manager for WordPress (GTM4WP) plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the `gtm4wp-options[scroller-contentid]` parameter found in the `~/public/frontend.php` file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.15.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.2022-06-13not yet calculatedCVE-2022-1961
MISC
MISC
MISC
wordpress -- hc_custom_wp-admin
 
The HC Custom WP-Admin URL WordPress plugin through 1.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, allowing them to change the login URL2022-06-13not yet calculatedCVE-2022-1594
MISC
wordpress -- image_sliderMultiple Cross-Site Request Forgery (CSRF) vulnerabilities in Image Slider by NextCode plugin <= 1.1.2 at WordPress.2022-06-15not yet calculatedCVE-2022-29437
CONFIRM
CONFIRM
wordpress -- image_slider
 
Cross-Site Request Forgery (CSRF) vulnerability in Image Slider by NextCode plugin <= 1.1.2 at WordPress allows deleting slides.2022-06-15not yet calculatedCVE-2022-29439
CONFIRM
CONFIRM
wordpress -- image_slider
 
Authenticated (author or higher user role) Persistent Cross-Site Scripting (XSS) vulnerability in Image Slider by NextCode plugin <= 1.1.2 at WordPress.2022-06-15not yet calculatedCVE-2022-29438
CONFIRM
CONFIRM
wordpress -- jupiterxcore_pluginVulnerable versions of the Jupiter (<= 6.10.1) and JupiterX (<= 2.0.6) Themes allow logged-in users, including subscriber-level users, to perform Path Traversal and Local File inclusion. In the JupiterX theme, the jupiterx_cp_load_pane_action AJAX action present in the lib/admin/control-panel/control-panel.php file calls the load_control_panel_pane function. It is possible to use this action to include any local PHP file via the slug parameter. The Jupiter theme has a nearly identical vulnerability which can be exploited via the mka_cp_load_pane_action AJAX action present in the framework/admin/control-panel/logic/functions.php file, which calls the mka_cp_load_pane_action function.2022-06-13not yet calculatedCVE-2022-1657
MISC
wordpress -- jupiterxcore_plugin
 
Jupiter Theme <= 6.10.1 and JupiterX Core Plugin <= 2.0.7 allow any authenticated attacker, including a subscriber or customer-level attacker, to gain administrative privileges via the "abb_uninstall_template" (both) and "jupiterx_core_cp_uninstall_template" (JupiterX Core Only) AJAX actions2022-06-13not yet calculatedCVE-2022-1654
MISC
wordpress -- jupiterxcore_plugin
 
Vulnerable versions of the JupiterX Core (<= 2.0.6) plugin register an AJAX action jupiterx_conditional_manager which can be used to call any function in the includes/condition/class-condition-manager.php file by sending the desired function to call in the sub_action parameter. This can be used to view site configuration and logged-in users, modify post conditions, or perform a denial of service attack.2022-06-13not yet calculatedCVE-2022-1659
MISC
wordpress -- jupiterxcore_plugin
 
Vulnerable versions of the Jupiter Theme (<= 6.10.1) allow arbitrary plugin deletion by any authenticated user, including users with the subscriber role, via the abb_remove_plugin AJAX action registered in the framework/admin/control-panel/logic/plugin-management.php file. Using this functionality, any logged-in user can delete any installed plugin on the site.2022-06-13not yet calculatedCVE-2022-1658
MISC
wordpress -- latex
 
The LaTeX for WordPress plugin through 3.4.10 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack which could also lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping2022-06-13not yet calculatedCVE-2022-1780
MISC
wordpress -- messages_for_wordpress
 
Authenticated (subscriber or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Messages For WordPress <= 2.1.10 at WordPress.2022-06-15not yet calculatedCVE-2022-29442
CONFIRM
CONFIRM
wordpress -- mobile_browser_color_select
 
The Mobile browser color select plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the admin_update_data() function. This makes it possible for unauthenticated attackers to inject malicious web scripts via forged request granted they can trick a site administrator into performing an action such as clicking on a link.2022-06-13not yet calculatedCVE-2022-1969
MISC
MISC
wordpress -- muneebs_custom_popup_builder
 
Improper Access Control vulnerability leading to multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Muneeb's Custom Popup Builder plugin <= 1.3.1 at WordPress.2022-06-15not yet calculatedCVE-2022-28612
CONFIRM
CONFIRM
wordpress -- new_user_email_set_up
 
The New User Email Set Up WordPress plugin through 0.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack2022-06-13not yet calculatedCVE-2022-1790
MISC
wordpress -- newsletter_plugin
 
The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $_SERVER['REQUEST_URI'] before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below.2022-06-13not yet calculatedCVE-2022-1756
MISC
wordpress -- nicdark_doo_travel_management
 
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark d.o.o. Travel Management plugin <= 2.0 at WordPress.2022-06-15not yet calculatedCVE-2022-27859
CONFIRM
CONFIRM
wordpress -- one_click_plugin_updater
 
The One Click Plugin Updater WordPress plugin through 2.4.14 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable / hide the badge of the available updates and the related check.2022-06-13not yet calculatedCVE-2022-1791
MISC
wordpress -- peteraes_collaboration_e-mails_plugin
 
The Peter’s Collaboration E-mails WordPress plugin through 2.2.0 is vulnerable to CSRF due to missing nonce checks. This allows the change of its settings, which can be used to lower the required user level, change texts, the used email address and more.2022-06-13not yet calculatedCVE-2022-1761
MISC
wordpress -- photo_gallery_by_supsystic_pluginCross-Site Request Forgery (CSRF) vulnerability in Photo Gallery by Supsystic plugin <= 1.15.5 at WordPress allows changing the plugin settings.2022-06-15not yet calculatedCVE-2021-36891
CONFIRM
CONFIRM
wordpress -- posttabs
 
The postTabs WordPress plugin through 2.10.6 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, which also lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping2022-06-13not yet calculatedCVE-2022-1781
MISC
wordpress -- private_messages_for_wordpressCross-Site Request Forgery (CSRF) vulnerability in Private Messages For WordPress plugin <= 2.1.10 at WordPress allows attackers to send messages.2022-06-15not yet calculatedCVE-2022-29441
CONFIRM
CONFIRM
wordpress -- promotion_slider
 
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Promotion Slider plugin <= 3.3.4 at WordPress.2022-06-15not yet calculatedCVE-2022-29440
CONFIRM
CONFIRM
wordpress -- quick_subscribe
 
The Quick Subscribe WordPress plugin through 1.7.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and leading to Stored XSS due to the lack of sanitisation and escaping in some of them2022-06-13not yet calculatedCVE-2022-1792
MISC
wordpress -- sticky_popup_plugin
 
The Sticky Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ popup_title' parameter in versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with admin level capabilities and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This issue mostly affects sites where unfiltered_html has been disabled for administrators and on multi-site installations where unfiltered_html is disabled for administrators.2022-06-13not yet calculatedCVE-2022-1750
MISC
wordpress -- team_manager
 
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in DynamicWebLab's WordPress Team Manager plugin <= 1.6.9 at WordPress.2022-06-15not yet calculatedCVE-2022-29406
CONFIRM
CONFIRM
wordpress -- wp-chgfontsize_plugin
 
The WP-chgFontSize WordPress plugin through 1.8 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping2022-06-13not yet calculatedCVE-2022-1764
MISC
wordpress --nicdarks_hotel_booking
 
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark's Hotel Booking plugin <= 3.0 at WordPress.2022-06-15not yet calculatedCVE-2022-29443
CONFIRM
CONFIRM
wordpress-- sideblog
 
The Sideblog WordPress plugin through 6.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping2022-06-13not yet calculatedCVE-2022-1787
MISC
wordpress -- copify
 
The Copify plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.0. This is due to missing nonce validation on the CopifySettings page. This makes it possible for unauthenticated attackers to update the plugins settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.2022-06-13not yet calculatedCVE-2022-1900
MISC
wordpress -- download_manager
 
The Download Manager Plugin for WordPress is vulnerable to reflected Cross-Site Scripting in versions up to, and including 3.2.42. This is due to insufficient input sanitization and output escaping on the 'frameid' parameter found in the ~/src/Package/views/shortcode-iframe.php file.2022-06-13not yet calculatedCVE-2022-1985
MISC
MISC
MISC
wordpress -- export_any_wordpress_data_to_xml/csv
 
The Export any WordPress data to XML/CSV WordPress plugin before 1.3.5 does not sanitize the cpt POST parameter when exporting post data before using it in a database query, leading to an SQL injection vulnerability.2022-06-13not yet calculatedCVE-2022-1800
MISC
wordpress -- genki_pre-publish_reminder
 
The Genki Pre-Publish Reminder WordPress plugin through 1.4.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored XSS as well as RCE when custom code is added via the plugin settings.2022-06-13not yet calculatedCVE-2022-1758
MISC
wordpress -- hot_linked_image_cacher_plugin
 
The Hot Linked Image Cacher WordPress plugin through 1.16 is vulnerable to CSRF. This can be used to store / cache images from external domains on the server, which could lead to legal risks (due to copyright violations or licensing rules).2022-06-13not yet calculatedCVE-2022-1765
MISC
wordpress -- iq_block_country_plugin
 
The iQ Block Country WordPress plugin through 1.2.13 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers.2022-06-13not yet calculatedCVE-2022-1762
MISC
wordpress -- keep_backup_daily
 
The Keep Backup Daily plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘t’ parameter in versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.2022-06-13not yet calculatedCVE-2022-1820
MISC
MISC
wordpress -- mitsol_social_post_feed_plugin
 
The Mitsol Social Post Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.10 due to insufficient input sanitization and output escaping on the application id parameters. This makes it possible for authenticated (admin+) attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html is disabled.2022-06-13not yet calculatedCVE-2022-0209
MISC
MISC
wordpress -- ninja_forms_contact_form_plugin
 
Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label".2022-06-16not yet calculatedCVE-2021-36827
CONFIRM
CONFIRM
wordpress -- private_files
 
The Private Files WordPress plugin through 0.40 is missing CSRF check when disabling the protection, which could allow attackers to make a logged in admin perform such action via a CSRF attack and make the blog public2022-06-13not yet calculatedCVE-2022-1793
MISC
wordpress -- rb_internal_links_plugin
 
The RB Internal Links WordPress plugin through 2.0.16 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, as well as perform Stored Cross-Site Scripting attacks due to the lack of sanitisation and escaping2022-06-13not yet calculatedCVE-2022-1759
MISC
wordpress -- rsvpmaker_plugin
 
The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficient escaping and parameterization on user supplied data passed to multiple SQL queries in the ~/rsvpmaker-email.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to, and including, 9.3.2. Please note that this is separate from CVE-2022-1453 & CVE-2022-1505.2022-06-13not yet calculatedCVE-2022-1768
MISC
MISC
MISC
wordpress -- static_page_extended_plugin
 
Due to missing checks the Static Page eXtended WordPress plugin through 2.1 is vulnerable to CSRF attacks which allows changing the plugin settings, including required user levels for specific features. This could also lead to Stored Cross-Site Scripting due to the lack of escaping in some of the settings2022-06-13not yet calculatedCVE-2022-1763
MISC
wordpress -- toolbar_to_share
 
The ToolBar to Share plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0. This is due to missing nonce validation on the plugin_toolbar_comparte page. This makes it possible for unauthenticated attackers to update the plugins settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.2022-06-13not yet calculatedCVE-2022-1918
MISC
MISC
wordpress -- wp_admin_style
 
The WP Admin Style WordPress plugin through 0.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed2022-06-13not yet calculatedCVE-2022-1814
MISC
wordpress -- wp_athletics
 
The WP Athletics WordPress plugin through 1.1.7 does not sanitise and escape a parameter before outputting back in an admin page, leading to a Reflected Cross-Site Scripting2022-06-13not yet calculatedCVE-2022-1773
MISC
wordpress -- wpmk_ajax_finder_plugin
 
The WPMK Ajax Finder WordPress plugin is vulnerable to Cross-Site Request Forgery via the createplugin_atf_admin_setting_page() function found in the ~/inc/config/create-plugin-config.php file due to a missing nonce check which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.1.2022-06-13not yet calculatedCVE-2022-1749
MISC
MISC
wordpress -- zephyr_project_manager
 
The Zephyr Project Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘project’ parameter in versions up to, and including, 3.2.40 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.2022-06-13not yet calculatedCVE-2022-1822
MISC
MISC
wuzhicms -- wuzhicms
 
SQL injection vulnerabilities exist in Wuzhicms v4.1.0 which allows attackers to execute arbitrary SQL commands via the $keyValue parameter in /coreframe/app/pay/admin/index.php2022-06-16not yet calculatedCVE-2021-41654
MISC
xakuros -- xo_slider_plugin
 
Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Xakuro's XO Slider plugin <= 3.3.2 at WordPress.2022-06-15not yet calculatedCVE-2022-32280
CONFIRM
CONFIRM
xfce -- xfceXFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server.2022-06-13not yet calculatedCVE-2022-32278
MISC
DEBIAN
xiaomi -- lamp
 
Xiaomi Lamp 1 v2.0.4_0066 was discovered to be vulnerable to replay attacks. This allows attackers to to bypass the expected access restrictions and gain control of the switch and other functions via a crafted POST request.2022-06-16not yet calculatedCVE-2022-31277
MISC
xos-shop -- xos-shop_system
 
Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/categories.php2022-06-16not yet calculatedCVE-2021-46820
MISC
xos-shop -- xos-shop_system
 
Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/manufacturers.php.2022-06-16not yet calculatedCVE-2021-37764
MISC
xpedition -- designer
 
A vulnerability has been identified in Xpedition Designer (All versions < VX.2.11). The affected application assigns improper access rights to the service executable. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.2022-06-14not yet calculatedCVE-2022-31465
MISC
xyzscripts -- contact_form_manager_plugin
 
A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.2022-06-16not yet calculatedCVE-2017-20054
MISC
MISC
MISC
xyzscripts -- contact_form_manager_plugin
 
A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.2022-06-16not yet calculatedCVE-2017-20053
MISC
MISC
MISC
yandex -- browser_for_windows
 
Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process.2022-06-15not yet calculatedCVE-2022-28225
MISC
yandex -- browser_for_windows
 
Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process.2022-06-15not yet calculatedCVE-2022-28226
MISC
yandex -- browser
 
Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process.2022-06-15not yet calculatedCVE-2021-25261
MISC
yugue -- kkcmskkcms v1.3.7 was discovered to contain a SQL injection vulnerability via the cid parameter at /template/wapian/vlist.php.2022-06-15not yet calculatedCVE-2022-32101
MISC
yuque -- youdiancmsYoudianCMS v9.5.0 was discovered to contain a SQL injection vulnerability via the id parameter at /App/Lib/Action/Admin/SiteAction.class.php.2022-06-15not yet calculatedCVE-2022-32299
MISC
yuque -- youdiancmsYoudianCMS v9.5.0 was discovered to contain a SQL injection vulnerability via the MailSendID parameter at /App/Lib/Action/Admin/MailAction.class.php.2022-06-15not yet calculatedCVE-2022-32300
MISC
yuque -- youdiancmsYoudianCMS v9.5.0 was discovered to contain a SQL injection vulnerability via the IdList parameter at /App/Lib/Action/Home/ApiAction.class.php.2022-06-15not yet calculatedCVE-2022-32301
MISC
zoom -- on-premise_meeting_connector
 
Zooms On-Premise Meeting Connector MMR before version 4.8.113.20220526 fails to properly check the permissions of a Zoom meeting attendee. As a result, a threat actor in the Zooms waiting room can join the meeting without the consent of the host.2022-06-15not yet calculatedCVE-2022-28749
MISC
zoom -- opener
 
The Zoom Opener installer is downloaded by a user from the Launch meeting page, when attempting to join a meeting without having the Zoom Meeting Client installed. The Zoom Opener installer for Zoom Client for Meetings before version 5.10.3 and Zoom Rooms for Conference Room for Windows before version 5.10.3 are susceptible to a DLL injection attack. This vulnerability could be used to run arbitrary code on the victims host.2022-06-15not yet calculatedCVE-2022-22788
MISC
zzcms -- zzcmsAn issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/deluser.php (when the attacker has admin authority) via the id parameter.2022-06-17not yet calculatedCVE-2019-12357
MISC
zzcms -- zzcmsAn issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendsms.php (when the attacker has dls_print authority) via a dlid cookie.2022-06-17not yet calculatedCVE-2019-12358
MISC
zzcms -- zzcmsAn issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/ztliuyan_sendmail.php (when the attacker has admin authority) via the id parameter.2022-06-17not yet calculatedCVE-2019-12359
MISC
zzcms -- zzcmsAn issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_print.php (when the attacker has dls_print authority) via the id parameter.2022-06-17not yet calculatedCVE-2019-12355
MISC
zzcms -- zzcmsAn issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_download.php (when the attacker has dls_download authority) via the id parameter.2022-06-17not yet calculatedCVE-2019-12356
MISC
zzcms -- zzcms
 
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendmail.php (when the attacker has dls_print authority) via a dlid cookie.2022-06-17not yet calculatedCVE-2019-12352
MISC
zzcms -- zzcms
 
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/showbad.php (when the attacker has admin authority) via the id parameter.2022-06-17not yet calculatedCVE-2019-12354
MISC

Back to top

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.