Category: alerts

Cyber Security Monitor Alerts News Notifications. We monitor and send notifications on the latest Cyber Security alerts, blogs, news on data breaches and emerging cyber threats.

alerts

Open Redirect Flaw Snags Amex, Snapchat User Data

Post author By admin
Post date August 5, 2022

Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims.

alerts

AA22-216A: 2021 Top Malware Strains

Post author By admin
Post date August 4, 2022

Original release date: August 4, 2022

Summary

Immediate Actions You Can Take Now to Protect Against Malware:

• Patch all systems and prioritize patching known exploited vulnerabilities.
• Enforce multifactor authentication (MFA).
• Secure Remote Desktop Protocol (RDP) and other risky services.
• Make offline backups of your data.
• Provide end-user awareness and training about social engineering and phishing.

This joint Cybersecurity Advisory (CSA) was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC). This advisory provides details on the top malware strains observed in 2021. Malware, short for “malicious software,” can compromise a system by performing an unauthorized function or process. Malicious cyber actors often use malware to covertly compromise and then gain access to a computer or mobile device. Some examples of malware include viruses, worms, Trojans, ransomware, spyware, and rootkits.[1]

In 2021, the top malware strains included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware. Most of the top malware strains have been in use for more than five years with their respective code bases evolving into multiple variations. The most prolific malware users are cyber criminals, who use malware to deliver ransomware or facilitate theft of personal and financial information.

CISA and ACSC encourage organizations to apply the recommendations in the Mitigations sections of this joint CSA. These mitigations include applying timely patches to systems, implementing user training, securing Remote Desktop Protocol (RDP), patching all systems especially for known exploited vulnerabilities, making offline backups of data, and enforcing multifactor authentication (MFA).

Download the PDF version of this report: pdf, 489 kb

Technical Details

Key Findings

The top malware strains of 2021 are: Agent Tesla, AZORult, Formbook, Ursnif, LokiBot, MOUSEISLAND, NanoCore, Qakbot, Remcos, TrickBot and GootLoader.

Malicious cyber actors have used Agent Tesla, AZORult, Formbook, LokiBot, NanoCore, Remcos, and TrickBot for at least five years.
Malicious cyber actors have used Qakbot and Ursnif for more than a decade.

Updates made by malware developers, and reuse of code from these malware strains, contribute to the malware’s longevity and evolution into multiple variations. Malicious actors’ use of known malware strains offers organizations opportunities to better prepare, identify, and mitigate attacks from these known malware strains.
The most prolific malware users of the top malware strains are cyber criminals, who use malware to deliver ransomware or facilitate theft of personal and financial information.

Qakbot and TrickBot are used to form botnets and are developed and operated by Eurasian cyber criminals known for using or brokering botnet-enabled access to facilitate highly lucrative ransomware attacks. Eurasian cyber criminals enjoy permissive operating environments in Russia and other former Soviet republics.
According to U.S. government reporting, TrickBot malware often enables initial access for Conti ransomware, which was used in nearly 450 global ransomware attacks in the first half of 2021. As of 2020, malicious cyber actors have purchased access to systems compromised by TrickBot malware on multiple occasions to conduct cybercrime operations.
In 2021, cyber criminals conducted mass phishing campaigns with Formbook, Agent Tesla, and Remcos malware that incorporated COVID-19 pandemic themes to steal personal data and credentials from businesses and individuals.

In the criminal malware industry, including malware as a service (MaaS), developers create malware that malware distributors often broker to malware end-users.[2] Developers of these top 2021 malware strains continue to support, improve, and distribute their malware over several years. Malware developers benefit from lucrative cyber operations with low risk of negative consequences. Many malware developers often operate from locations with few legal prohibitions against malware development and deployment. Some developers even market their malware products as legitimate cyber security tools. For example, the developers of Remcos and Agent Tesla have marketed the software as legitimate tools for remote management and penetration testing. Malicious cyber actors can purchase Remcos and Agent Tesla online for low cost and have been observed using both tools for malicious purposes.

Top Malware

`Agent Tesla`

Overview: Agent Tesla is capable of stealing data from mail clients, web browsers, and File Transfer Protocol (FTP) servers. This malware can also capture screenshots, videos, and Windows clipboard data. Agent Tesla is available online for purchase under the guise of being a legitimate tool for managing your personal computer. Its developers continue to add new functionality, including obfuscation capabilities and targeting additional applications for credential stealing.[3][4]
Active Since: 2014
Malware Type: RAT
Delivery Method: Often delivered as a malicious attachment in phishing emails.
Resources: See the MITRE ATT&CK page on Agent Tesla.

`AZORult`

Overview: AZORult is used to steal information from compromised systems. It has been sold on underground hacker forums for stealing browser data, user credentials, and cryptocurrency information. AZORult’s developers are constantly updating its capabilities.[5][6]
Active Since: 2016
Malware Type: Trojan
Delivery Method: Phishing, infected websites, exploit kits (automated toolkits exploiting known software vulnerabilities), or via dropper malware that downloads and installs AZORult.
Resources: See the MITRE ATT&CK page on AZORult and the Department of Health and Human Services (HHS)’s AZORult brief.

`FormBook`

Overview: FormBook is an information stealer advertised in hacking forums. ForrmBook is capable of key logging and capturing browser or email client passwords, but its developers continue to update the malware to exploit the latest Common Vulnerabilities and Exposures (CVS)[7], such as CVE-2021-40444 Microsoft MSHTML Remote Code Execution Vulnerability.[8][9]
Active Since: At least 2016
Malware Type: Trojan
Delivery Method: Usually delivered as an attachment in phishing emails.
Resources: See Department of Health and Human Services (HHS)’s Sector Note on Formbook Malware Phishing Campaigns.

`Ursnif`

Overview: Ursnif is a banking Trojan that steals financial information. Also known as Gozi, Ursnif has evolved over the years to include a persistence mechanism, methods to avoid sandboxes and virtual machines, and search capability for disk encryption software to attempt key extraction for unencrypting files.[10][11][12] Based on information from trusted third parties, Ursnif infrastructure is still active as of July 2022.
Active Since: 2007
Malware Type: Trojan
Delivery Method: Usually delivered as a malicious attachment to phishing emails.
Resources: See the MITRE ATT&CK page on Ursnif.

`LokiBot`

Overview: LokiBot is a Trojan malware for stealing sensitive information, including user credentials, cryptocurrency wallets, and other credentials. A 2020 LokiBot variant was disguised as a launcher for the Fortnite multiplayer video game.[13][14]
Active Since: 2015
Malware Type: Trojan
Delivery Method: Usually delivered as a malicious email attachment.
Resources: See CISA’s LokiBot Malware alert and the MITRE ATT&CK page on LokiBot.

`MOUSEISLAND`

Overview: MOUSEISLAND is usually found within the embedded macros of a Microsoft Word document and can download other payloads. MOUSEISLAND may be the initial phase of a ransomware attack.[15]
Active Since: At least 2019
Malware Type: Macro downloader
Delivery Method: Usually distributed as an email attachment.
Resources: See Mandiant’s blog discussing MOUSEISLAND.

`NanoCore`

Overview: NanoCore is used for stealing victims’ information, including passwords and emails. NanoCore could also allow malicious users to activate computers’ webcams to spy on victims. Malware developers continue to develop additional capabilities as plug-ins available for purchase or as a malware kit or shared amongst malicious cyber actors.[16][17][18]
Active Since: 2013
Malware Type: RAT
Delivery Method: Has been delivered in an email as an ISO disk image within malicious ZIP files; also found in malicious PDF documents hosted on cloud storage services.
Resources: See the MITRE ATT&CK page on NanoCore and the HHS Sector Note: Remote Access Trojan Nanocore Poses Risk to HPH Sector.

`Qakbot`

Overview: originally observed as a banking Trojan, Qakbot has evolved in its capabilities to include performing reconnaissance, moving laterally, gathering and exfiltrating data, and delivering payloads. Also known as QBot or Pinksliplot, Qakbot is modular in nature enabling malicious cyber actors to configure it to their needs. Qakbot can also be used to form botnets.[19][20]
Active Since: 2007
Malware Type: Trojan
Delivery Method: May be delivered via email as malicious attachments, hyperlinks, or embedded images.
Resources: See the MITRE ATT&CK page on Qakbot and the Department of Health and Human Services (HHS) Qbot/Qakbot Malware brief.

`Remcos`

Overview: Remcos is marketed as a legitimate software tool for remote management and penetration testing. Remcos, short for Remote Control and Surveillance, was leveraged by malicious cyber actors conducting mass phishing campaigns during the COVID-19 pandemic to steal personal data and credentials. Remcos installs a backdoor onto a target system. Malicious cyber actors then use the Remcos backdoor to issue commands and gain administrator privileges while bypassing antivirus products, maintaining persistence, and running as legitimate processes by injecting itself into Windows processes.[21][22]
Active Since: 2016
Malware Type: RAT
Delivery Method: Usually delivered in phishing emails as a malicious attachment.
Resources: See the MITRE ATT&CK page on Remcos.

`TrickBot`

Overview: TrickBot malware is often used to form botnets or enabling initial access for the Conti ransomware or Ryuk banking trojan. TrickBot is developed and operated by a sophisticated group of malicious cyber actors and has evolved into a highly modular, multi-stage malware. In 2020, cyber criminals used TrickBot to target the Healthcare and Public Health (HPH) Sector and then launch ransomware attacks, exfiltrate data, or disrupt healthcare services. Based on information from trusted third parties, TrickBot’s infrastructure is still active in July 2022.[23][24][25][26]
Active Since: 2016
Malware Type: Trojan
Delivery Method: Usually delivered via email as a hyperlink.
Resources: See the MITRE ATT&CK page on Trickbot and the Joint CSA on TrickBot Malware.

`GootLoader`

Overview: GootLoader is a malware loader historically associated with the GootKit malware. As its developers updated its capabilities, GootLoader has evolved from a loader downloading a malicious payload into a multi-payload malware platform. As a loader malware, GootLoader is usually the first-stage of a system compromise. By leveraging search engine poisoning, GootLoader’s developers may compromise or create websites that rank highly in search engine results, such as Google search results.[27]
Active Since: At least 2020
Malware Type: Loader
Delivery Method: Malicious files available for download on compromised websites that rank high as search engine results
Resources: See New Jersey’s Cybersecurity & Communications Integration Cell (NJCCIC) page on GootLooader and BlackBerry’s Blog on GootLoader.

Mitigations

Below are the steps that CISA and ACSC recommend organizations take to improve their cybersecurity posture based on known adversary tactics, techniques, and procedures (TTPs). CISA and ACSC urge critical infrastructure organizations to prepare for and mitigate potential cyber threats immediately by (1) updating software, (2) enforcing MFA, (3) securing and monitoring RDP and other potentially risky services, (4) making offline backups of your data, and (5) providing end-user awareness and training.

Update software, including operating systems, applications, and firmware, on IT network assets. Prioritize patching known exploited vulnerabilities and critical and high vulnerabilities that allow for remote code execution or denial-of-service on internet-facing equipment.
- Consider using a centralized patch management system.
- Consider signing up for CISA’s cyber hygiene services, including vulnerability scanning, to help reduce exposure to threats. CISA’s vulnerability scanning service evaluates external network presence by executing continuous scans of public, static IP addresses for accessible services and vulnerabilities.

Enforce MFA to the greatest extent possible and require accounts with password logins, including service accounts, to have strong passwords. Do not allow passwords to be used across multiple accounts or stored on a system to which an adversary may have access. Additionally, ACSC has issued guidance on implementing multifactor authentication for hardening authentication systems.
If you use RDP and/or other potentially risky services, secure and monitor them closely. RDP exploitation is one of the top initial infection vectors for ransomware, and risky services, including RDP, can allow unauthorized access to your session using an on-path attacker.
- Limit access to resources over internal networks, especially by restricting RDP and using virtual desktop infrastructure. After assessing risks, if RDP is deemed operationally necessary, restrict the originating sources, and require MFA to mitigate credential theft and reuse. If RDP must be available externally, use a virtual private network (VPN) or other means to authenticate and secure the connection before allowing RDP to connect to internal devices. Monitor remote access/RDP logs, enforce account lockouts after a specified number of attempts to block brute force attempts, log RDP login attempts, and disable unused remote access/RDP ports.
- Ensure devices are properly configured and that security features are enabled. Disable ports and protocols that are not being used for a business purpose (e.g., RDP Transmission Control Protocol Port 3389).

Maintain offline (i.e., physically disconnected) backups of data. Backup procedures should be conducted on a frequent, regular basis (at a minimum every 90 days). Regularly test backup procedures and ensure that backups are isolated from network connections that could enable the spread of malware.
- Ensure the backup keys are kept offline as well, to prevent them being encrypted in a ransomware incident.
- Ensure all backup data is encrypted, immutable (i.e., cannot be altered or deleted), and covers the entire organization’s data infrastructure with a particular focus on key data assets.

Provide end-user awareness and training to help prevent successful targeted social engineering and spearphishing campaigns. Phishing is one of the top infection vectors for ransomware.
- Ensure that employees are aware of potential cyber threats and delivery methods.
- Ensure that employees are aware of what to do and whom to contact when they receive a suspected phishing email or suspect a cyber incident.

As part of a longer-term effort, implement network segmentation to separate network segments based on role and functionality. Network segmentation can help prevent the spread of ransomware and threat actor lateral movement by controlling traffic flows between—and access to—various subnetworks. The ACSC has observed ransomware and data theft incidents in which Australian divisions of multinational companies were impacted by ransomware incidents affecting assets maintained and hosted by offshore divisions outside their control.

RESOURCES

For alerts on malicious and criminal cyber activity, see the FBI Internet Crime Complaint Center webpage.
For more information and resources on protecting against and responding to ransomware, refer to StopRansomware.gov, a centralized, U.S. Government webpage providing ransomware resources and alerts.
The ACSC recommends organizations implement eight essential mitigation strategies from the ACSC’s Strategies to Mitigate Cyber Security Incidents as a cybersecurity baseline. These strategies, known as the “Essential Eight,” make it much harder for adversaries to compromise systems.
Refer to the ACSC’s practical guides on how to protect yourself against ransomware attacks and what to do if you are held at ransom at cyber.gov.au.

DISCLAIMER

The information in this report is being provided “as is” for informational purposes only. CISA and ACSC do not endorse any commercial product or service, including any subjects of analysis. Any reference to specific commercial products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favoring.

APPENDIX: SNORT SIGNATURES FOR THE TOP 2021 MALWARE

Malware	Snort Detection Signature
Agent Tesla	alert any any -> any any (msg:”HTTP GET request /aw/aw.exe”; flow:established,to_server; sid:1; rev:1; content:”GET”; http_method; content:”/aw/aw.exe”; http_uri; reference:url, https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work; metadata:service http;)
AZORult	alert tcp any any -> any any (msg:”HTTP Server Content Data contains ‘llehS\|2e\|tpircSW'”; sid:1; rev:1; flow:established,from_server; file_data; content:”llehS\|2e\|tpircSW”; nocase; fast_pattern:only; pcre:”/GCM(?:x20\|%20)W-O/i”; reference:url,maxkersten.nl/binary-analysis-course/malware-analysis/azorult-loader-stages/; metadata:service http;)
AZORult	alert tcp any any -> any any (msg:”HTTP POST Client Body contains ‘J/\|fb\|’ and ‘/\|fb\|'”; sid:1; rev:1; flow:established,to_server; content:”POST”; http_method; content:”.php”; http_uri; content:”J/\|fb\|”; http_client_body; fast_pattern; content:”/\|fb\|”; http_client_body; depth:11; content:!”Referer\|3a 20\|”; http_header; metadata:service http;)
FormBook	alert tcp any any -> any any (msg:”HTTP URI POST contains ‘&sql=1’ at the end”; sid:1; rev:1; flow:established,to_server; content:”&sql=1″; http_uri; fast_pattern:only; content:”POST”; http_method; pcre:”/(?(DEFINE)(?’b64std'[a-zA-Z0-9+/=]+?))(?(DEFINE)(?’b64url'[a-zA-Z0-9_-]+?))^/[a-z0-9]{3,4}/?(?P>b64url){3,8}=(?P>b64std){40,90}&(?P>b64url){2,6}=(?P>b64url){4,11}&sql=1$/iU”; reference:url,www.malware-traffic-analysis.net/2018/02/16/index.html; metadata:service http;)
alert tcp any any -> any any (msg:”HTTP URI GET/POST contains ‘/list/hx28/config.php?id='”; sid:1; rev:1; flow:established,to_server; content:”/list/hx28/config.php?id=”; http_uri; fast_pattern:only; content:”Connection\|3a 20\|close\|0d 0a\|”; http_header; reference:url,www.fireeye.com/blog/threat-research/2017/10/formbook-malware-distribution-campaigns.html; metadata:service http;)
Ursnif	alert tcp any any -> any any (msg:”HTTP POST Data contains .bin filename, long URI contains ‘/images/'”; sid:1; rev:1; flow:established,to_server; urilen:>60,norm; content:”/images/”; http_uri; depth:8; content:”POST”; nocase; http_method; content:”Content-Disposition\|3a 20\|form-data\|3b 20\|name=\|22\|upload_file\|22 3b 20\|filename=\|22\|”; http_client_body; content:”\|2e\|bin\|22 0d 0a\|”; http_client_body; distance:1; within:32; fast_pattern; reference:url,www.broadanalysis.com/2016/03/23/angler-ek-sends-data-stealing-payload/; metadata:service http;)
alert tcp any any -> any any (msg:”HTTP URI GET/POST contains ‘/images/’ plus random sub directories and an Image File (Ursnif)”; sid:1; rev:1; flow:established,to_server; content:”/images/”; http_uri; fast_pattern:only; content:!”Host: www.urlquery.net”; http_header; pcre:”//images(/(?=[a-z0-9_]{0,22}[A-Z][a-z0-9_]{0,22}[A-Z])(?=[A-Z0-9_]{0,22}[a-z])[A-Za-z0-9_]{1,24}){5,20}/[a-zA-Z0-9_]+.(?:gif\|jpeg\|jpg\|bmp)$/U”; metadata:service http)
LokiBot	alert tcp any any -> any any (msg:”HTTP Client Header contains ‘User-Agent\|3a 20\|Mozilla/4.08 (Charon\|3b\| Inferno)'”; sid:1; rev:1; flow:established,to_server; content:”User-Agent\|3a 20\|Mozilla/4.08 (Charon\|3b\| Inferno)\|0d 0a\|”; http_header; fast_pattern:only; metadata:service http; )
LokiBot	alert tcp any any -> any any (msg:”HTTP URI POST contains ‘/*/fre.php’ post-infection”; sid:1; rev:1; flow:established,to_server; content:”/fre.php”; http_uri; fast_pattern:only; urilen:<50,norm; content:”POST”; nocase; http_method; pcre:”//(?:alien\|lokyd\|donep\|jemp\|lokey\|new2\|loki\|Charles\|sev7n\|dbwork\|scroll/NW\|wrk\|job\|fived?\|donemy\|animationdkc\|love\|Masky\|vd\|lifetn\|Ben)/fre.php$/iU”; metadata:service http;)
LokiBot	alert tcp any any -> any any (msg:”HTTP URI POST contains ‘/w.php/'”; sid:1; rev:1; flow:established,to_server; content:”/w.php/”; http_uri; fast_pattern:only; content:”POST”; nocase; http_method; pcre:”//w+/w.php/[a-z]{13}$/iU”; metadata:service http;)
MOUSEISLAND	alert tcp any any -> any any (msg:”HTTP URI GET contains ‘/assets/<8-80 hex>/<4-16 alnum>?<3-6 alnum>='”; sid:9206287; rev:1; flow:established,to_server; content:”/assets/”; http_uri; fast_pattern:only; content:”HTTP/1.1\|0d 0a\|”; depth:256; content:!”\|0d 0a\|Cookie:”; content:!”\|0d 0a\|Referer:”; pcre:”//assets/[a-fA-F0-9/]{8,80}/[a-zA-Z0-9]{4,16}?[a-z0-9]{3,6}=/U”; metadata:service http;)
NanoCore	alert tcp any any -> any 25 (msg:”SMTP Attachment Filename ‘Packinglist-Invoice101.pps'”; sid:1; rev:1; flow:established,to_server,only_stream; content:”Content-Disposition\|3a 20\|attachment\|3b\|”; content:”Packinglist-Invoice101.pps”; nocase; distance:0; fast_pattern; pcre:”/Content-Dispositionx3ax20attachmentx3b[x20trn]+?(?:file)?name=x22?Packinglist-Invoice101.ppsx22*?/im”; reference:cve,2014-4114; reference:msb,MS14-060; reference:url,researchcenter.paloaltonetworks.com/2015/06/keybase-keylogger-malware-family-exposed/; reference:url,www.fidelissecurity.com/sites/default/files/FTA_1017_Phishing_in_Plain_Sight-Body-FINAL.pdf; reference:url,www.fidelissecurity.com/sites/default/files/FTA_1017_Phishing_in_Plain_Sight-Appendix-FINAL.pdf;)
NanoCore	alert tcp any any -> any any (msg:”HTTP Client Header contains ‘Host\|3a 20\|frankief hopto me’ (GenericKD/Kazy/NanoCore/Recam)”; sid:1; rev:1; flow:established,to_server; content:”Host\|3a 20\|frankief\|2e\|hopto\|2e\|me\|0d 0a\|”; http_header; fast_pattern:only; metadata:service http;)
NanoCore	alert tcp any any -> any any (msg:”HTTP GET URI contains ‘FAD00979338′”; sid:1; rev:1; flow:established,to_server; content:”GET”; http_method; content:”getPluginName.php?PluginID=FAD00979338″; fast_pattern; http_uri; metadata:service http;)
Qakbot	alert tcp any any -> any any (msg:”HTTP URI GET /t?v=2&c= (Qakbot)”; sid:1; rev:1; flow:established,to_server; content:”/t?v=2&c=”; http_uri; depth:9; fast_pattern; reference:url,www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_qakbot_in_detail.pdf;)
Qakbot	alert tcp any any -> any 21 (msg:”Possible FTP data exfiltration”; sid:1; rev:1; flow:to_server,established; content:”STOR si_”; content:”.cb”; within:50; reference:url,attack.mitre.org/techniques/T1020; reference:url,www.virustotal.com/en/file/3104ff71bf880bc40d096eca7d1ccc3f762ea6cc89743c6fef744fd76d441d1b/analysis/; metadata:service ftp-ctrlchan;)
Qakbot	alert tcp any any -> any any (msg:”Malicious executable download attempt”; sid:1; rev:1; flow:to_client,established; file_type:MSEXE; file_data; content:”\|52 DB 91 CB FE 67 30 9A 8E 72 28 4F 1C A9 81 A1 AA BE AC 8D D9 AB E4 15 EF EA C6 73 89 9F CF 2E\|”; fast_pattern:only; reference:url,virustotal.com/#/file/ad815edc045c779628db3a3397c559ca08f012216dfac4873f11044b2aa1537b/detection; metadata:service http;)
Qakbot	alert tcp any any -> any any (msg:”HTTP POST URI contains ‘odin/si.php?get&'”; sid:1; rev:1; flow:to_server,established; content:”/odin/si.php?get&”; fast_pattern:only; http_uri; content:”news_slist”; http_uri; content:”comp=”; http_uri; reference:url,www.virustotal.com/en/file/478132b5c80bd41b8c11e5ed591fdf05d52e316d40f7c4abf4bfd25db2463dff/analysis/1464186685/; metadata:service http;)
Qakbot	alert tcp any any -> any any (msg:”HTTP URI contains ‘/random750x750.jpg?x='”; sid:1; rev:1; flow:to_server,established; content:”/random750x750.jpg?x=”; fast_pattern:only; http_uri; content:”&y=”; http_uri; content:”Accept\|3a 20\|application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, /\|0d 0a\|”; http_header; content:”Cache-Control\|3a 20\|no-cache\|0d 0a\|”; http_header; content:!”Accept-“; http_header; content:!”Referer”; http_header; reference:url,www.virustotal.com/en/file/1826dba769dad9898acd95d6bd026a0b55d0a093a267b481695494f3ab547088/analysis/1461598351/; metadata:service http;)
Qakbot	alert tcp any any -> any any (msg:”HTTP URI contains ‘/datacollectionservice.php3′”; sid:1; rev:1; flow:to_server,established; content:”/datacollectionservice.php3″; fast_pattern:only; http_uri; metadata:service http;)
Qakbot	alert tcp any any -> any any (msg:”HTTP header contains ‘Accept\|3a 20\|application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, /\|0d 0a\|'”; sid:1; rev:1; flow:to_server,established; urilen:30<>35,norm; content:”btst=”; http_header; content:”snkz=”; http_header; content:”Accept\|3a 20\|application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, /\|0d 0a\|”; fast_pattern:only; http_header; content:”Cache-Control\|3a 20\|no-cache\|0d 0a\|”; http_header; content:!”Connection”; http_header; content:!”Referer”; http_header; reference:url,www.virustotal.com/en/file/1826dba769dad9898acd95d6bd026a0b55d0a093a267b481695494f3ab547088/analysis/1461598351/; metadata:service http;)
Qakbot	alert tcp any any -> any 21 (msg:”Possible ps_dump FTP exfil”; sid:1; rev:1; flow:to_server,established; content:”ps_dump”; fast_pattern:only; pcre:”/ps_dump_[^_]+_[a-z]{5}d{4}x2Ekcb/smi”; reference:url,www.threatexpert.com/report.aspx?md5=8171d3223f89a495f98c4e3a65537b8f; metadata:service ftp;)
Qakbot	alert tcp any any -> any 21 (msg:”Possible seclog FTP exfil”; sid:1; rev:1; flow:to_server,established; content:”seclog”; fast_pattern:only; pcre:”/seclog_[a-z]{5}d{4}_d{10}x2Ekcb/smi”; reference:url,www.threatexpert.com/report.aspx?md5=8171d3223f89a495f98c4e3a65537b8f; metadata:service ftp;)
Qakbot	alert tcp any any -> any any (msg:”HTTP URI contains ‘/cgi-bin/jl/jloader.pl'”; sid:1; rev:1; flow:to_server,established; content:”/cgi-bin/jl/jloader.pl”; fast_pattern:only; http_uri; reference:url,www.threatexpert.com/report.aspx?md5=8171d3223f89a495f98c4e3a65537b8f; metadata:service http;)
Qakbot	alert tcp any any -> any any (msg:”HTTP URI contains ‘/cgi-bin/clientinfo3.pl'”; sid:1; rev:1; flow:to_server,established; content:”/cgi-bin/clientinfo3.pl”; fast_pattern:only; http_uri; reference:url,www.threatexpert.com/report.aspx?md5=8171d3223f89a495f98c4e3a65537b8f; metadata:service http;)
Qakbot	alert tcp any any -> any any (msg:”HTTP URI contains ‘/u/updates.cb'”; sid:1; rev:1; flow:to_server,established; content:”/u/updates.cb”; fast_pattern:only; http_uri; pcre:”/^Hostx3A[^rn]+((upd+)\|(adserv))/Hmi”; reference:url,www.threatexpert.com/report.aspx?md5=8171d3223f89a495f98c4e3a65537b8f; metadata:service http;)
Qakbot	alert tcp any any -> any any (msg:”HTTP response content contains ‘\|47 65 74 46 69 6C 65 46 72 6F 6D 52 65 73 6F 75 72 63 65 73 28 29 3A 20 4C 6F 61 64 52 65 73 6F 75 72 63 65 28 29 20 66 61 69 6C 65 64\|'”; sid:1; rev:1; flow:to_client,established; file_data; content:”\|47 65 74 46 69 6C 65 46 72 6F 6D 52 65 73 6F 75 72 63 65 73 28 29 3A 20 4C 6F 61 64 52 65 73 6F 75 72 63 65 28 29 20 66 61 69 6C 65 64\|”; fast_pattern:only; content:”\|47 65 74 46 69 6C 65 46 72 6F 6D 52 65 73 6F 75 72 63 65 73 28 29 3A 20 43 72 65 61 74 65 46 69 6C 65 28 29 20 66 61 69 6C 65 64\|”; content:”\|52 75 6E 45 78 65 46 72 6F 6D 52 65 73 28 29 20 73 74 61 72 74 65 64\|”; content:”\|73 7A 46 69 6C 65 50 61 74 68 3D\|”; content:”\|5C 25 75 2E 65 78 65\|”; reference:url,www.virustotal.com/en/file/23e72e8b5e7856e811a326d1841bd2ac27ac02fa909d0a951b0b8c9d1d6aa61c/analysis; metadata:service ftp-data,service http;)
Qakbot	alert tcp any any -> any any (msg:”HTTP POST URI contains ‘v=3&c='”; sid:1; rev:1; flow:to_server,established; content:”/t”; http_uri; content:”POST”; http_method; content:”v=3&c=”; depth:6; http_client_body; content:”==”; within:2; distance:66; http_client_body; reference:url,www.virustotal.com/en/file/3104ff71bf880bc40d096eca7d1ccc3f762ea6cc89743c6fef744fd76d441d1b/analysis/; metadata:service http;)
Qakbot	alert tcp any any -> any any (msg:”HTTP URI GET contains ‘/<alpha>/595265.jpg'”; sid:1; rev:1; flow:established,to_server; content:”/595265.jpg”; http_uri; fast_pattern:only; content:”GET”; nocase; http_method; pcre:”/^/[a-z]{5,15}/595265.jpg$/U”; reference:url,www.virustotal.com/gui/file/3104ff71bf880bc40d096eca7d1ccc3f762ea6cc89743c6fef744fd76d441d1b/detection; metadata:service http;)
Remcos	alert tcp any any -> any any (msg:”Non-Std TCP Client Traffic contains ‘\|1b 84 d5 b0 5d f4 c4 93 c5 30 c2\|’ (Checkin #23)”; sid:1; rev:1; flow:established,to_server; dsize:<700; content:”\|1b 84 d5 b0 5d f4 c4 93 c5 30 c2\|”; depth:11; fast_pattern; content:”\|da b1\|”; distance:2; within:2; reference:url,blog.trendmicro.com/trendlabs-security-intelligence/analysis-new-remcos-rat-arrives-via-phishing-email/; reference:url,isc.sans.edu/forums/diary/Malspam+using+passwordprotected+Word+docs+to+push+Remcos+RAT/25292/; reference:url,www.malware-traffic-analysis.net/2019/09/03/index.html; reference:url,www.malware-traffic-analysis.net/2017/10/27/index.html;)
TrickBot	alert tcp any any -> any any (msg:”HTTP Client Header contains ‘host\|3a 20\|tpsci.com'”; sid:1; rev:1; flow:established,to_server; content:”host\|3a 20\|tpsci.com”; http_header; fast_pattern:only; metadata:service http;)
TrickBot	alert tcp any any -> any any (msg:”HTTP Client Header contains ‘User-Agent\|3a 20\|*Loader'”; sid:1; rev:1; flow:established,to_server; content:”User-Agent\|3a 20\|”; http_header; content:”Loader\|0d 0a\|”; nocase; http_header; distance:0; within:24; fast_pattern; metadata:service http;)
TrickBot	alert udp any any <> any 53 (msg:”DNS Query/Response onixcellent com (UDP)”; sid:1; rev:1; content:”\|0B\|onixcellent\|03\|com\|00\|”; fast_pattern:only; reference:url,medium.com/stage-2-security/anchor-dns-malware-family-goes-cross-platform-d807ba13ca30; priority:1; metadata:service dns;)
TrickBot	alert tcp any any -> any any (msg:”SSL/TLS Server X.509 Cert Field contains ‘C=XX, L=Default City, O=Default Company Ltd'”; sid:1; rev:2; flow:established,from_server; ssl_state:server_hello; content:”\|31 0b 30 09 06 03 55 04 06 13 02\|XX”; nocase; content:”\|31 15 30 13 06 03 55 04 07 13 0c\|Default City”; nocase; content:”\|31 1c 30 1a 06 03 55 04 0a 13 13\|Default Company Ltd”; nocase; content:!”\|31 0c 30 0a 06 03 55 04 03\|”; reference:url,www.virustotal.com/gui/file/e9600404ecc42cf86d38deedef94068db39b7a0fd06b3b8fb2d8a3c7002b650e/detection; metadata:service ssl;)
TrickBot	alert tcp any any -> any any (msg:”SSL/TLS Server X.509 Cert Field contains ‘C=AU, ST=Some-State, O=Internet Widgits Pty Ltd'”; sid:1; rev:1; flow:established,from_server; ssl_state:server_hello; content:”\|31 0b 30 09 06 03 55 04 06 13 02\|AU”; content:”\|31 13 30 11 06 03 55 04 08 13 0a\|Some-State”; distance:0; content:”\|31 21 30 1f 06 03 55 04 0a 13 18\|Internet Widgits Pty Ltd”; distance:0; fast_pattern; content:”\|06 03 55 1d 13 01 01 ff 04 05 30 03 01 01 ff\|”; reference:url,www.virustotal.com/gui/file/e9600404ecc42cf86d38deedef94068db39b7a0fd06b3b8fb2d8a3c7002b650e/detection; metadata:service ssl;)
TrickBot	alert tcp any any -> any any (msg:”HTTP Client Header contains ‘boundary=Arasfjasu7′”; sid:1; rev:1; flow:established,to_server; content:”boundary=Arasfjasu7\|0d 0a\|”; http_header; content:”name=\|22\|proclist\|22\|”; http_header; content:!”Referer”; content:!”Accept”; content:”POST”; http_method; metadata:service http;)
TrickBot	alert tcp any any -> any any (msg:”HTTP Client Header contains ‘User-Agent\|3a 20\|WinHTTP loader/1.'”; sid:1; rev:1; flow:established,to_server; content:”User-Agent\|3a 20\|WinHTTP loader/1.”; http_header; fast_pattern:only; content:”.png\|20\|HTTP/1.”; pcre:”/^Hostx3ax20(?:d{1,3}.){3}d{1,3}(?:x3ad{2,5})?$/mH”; content:!”Accept”; http_header; content:!”Referer\|3a 20\|”; http_header; metadata:service http;)
TrickBot	alert tcp any any -> any any (msg:”HTTP Server Header contains ‘Server\|3a 20\|Cowboy'”; sid:1; rev:1; flow:established,from_server; content:”200″; http_stat_code; content:”Server\|3a 20\|Cowboy\|0d 0a\|”; http_header; fast_pattern; content:”content-length\|3a 20\|3\|0d 0a\|”; http_header; file_data; content:”/1/”; depth:3; isdataat:!1,relative; metadata:service http;)
TrickBot	alert tcp any any -> any any (msg:”HTTP URI POST contains C2 Exfil”; sid:1; rev:1; flow:established,to_server; content:”Content-Type\|3a 20\|multipart/form-data\|3b 20\|boundary=——Boundary”; http_header; fast_pattern; content:”User-Agent\|3a 20\|”; http_header; distance:0; content:”Content-Length\|3a 20\|”; http_header; distance:0; content:”POST”; http_method; pcre:”/^/[a-z]{3}d{3}/.+?.[A-F0-9]{32}/d{1,3}//U”; pcre:”/^Hostx3ax20(?:d{1,3}.){3}d{1,3}$/mH”; content:!”Referer\|3a\|”; http_header; metadata:service http;)
TrickBot	alert tcp any any -> any any (msg:”HTTP URI GET/POST contains ‘/56evcxv'”; sid:1; rev:1; flow:established,to_server; content:”/56evcxv”; http_uri; fast_pattern:only; metadata:service http;)
TrickBot	alert icmp any any -> any any (msg:”ICMP traffic conatins ‘hanc'”; sid:1; rev:1; itype:8; icode:0; dsize:22; content:”hanc”; depth:4; fast_pattern; pcre:”/hanc[0-9a-f]{16}../i”; reference:url,labs.sentinelone.com/anchor-project-for-trickbot-adds-icmp/;)
TrickBot	alert tcp any any -> any any (msg:”HTTP Client Header contains POST with ‘host\|3a 20\|*.onion.link’ and ‘data='”; sid:1; rev:1; flow:established,to_server; content:”POST”; nocase; http_method; content:”host\|3a 20\|”; http_header; content:”.onion.link”; nocase; http_header; distance:0; within:47; fast_pattern; file_data; content:”data=”; distance:0; within:5; metadata:service http;)
TrickBot	alert tcp any 80 -> any any (msg:”Non-Std TCP Client Traffic contains PowerView Script Download String”; sid:1; rev:1; flow:established,from_server; content:”PowerView.ps1″; content:”PSReflect/master/PSReflect.psm1″; fast_pattern:only; content:”function New-InMemoryModule”; metadata:service else-ports;)
TrickBot	alert tcp any any -> any 445 (msg:”Non-Std TCP Client SMB Traffic contains ‘44783m8uh77g818_nkubyhu5vfxxbh878xo6hlttkppzf28tsdu5kwppk_11c1jl'”; sid:1; rev:1; flow:established,to_server; content:”44783m8uh77g818_nkubyhu5vfxxbh878xo6hlttkppzf28tsdu5kwppk_11c1jl”; fast_pattern:only; metadata:service netbios-ssn,service and-ports;)
TrickBot	alert tcp any any -> any [80,443,8082] (msg:”Non-Std TCP Client Traffic contains ‘–aksgja8s8d8a8s97′”; sid:1; rev:1; flow:established,to_server; content:”–aksgja8s8d8a8s97″; fast_pattern:only; content:”name=\|22\|proclist\|22\|”; metadata:service else-ports;)
TrickBot	alert tcp any any -> any any (msg:”HTTP Client Header contains ‘User-Agent\|3a 20\|WinHTTP loader/1.0′”; sid:1; rev:1; flow:established,to_server; content:”User-Agent\|3a 20\|WinHTTP loader/1.0\|0d 0a\|”; http_header; fast_pattern:only; pcre:”//t(?:oler\|able).png/U”; metadata:service http;)
TrickBot	alert tcp any any -> any [443,8082] (msg:”Non-Std TCP Client Traffic contains ‘_W<digits>.'”; sid:1; rev:1; flow:established,to_server; content:”_W”; fast_pattern:only; pcre:”/_Wd{6,8}./”; metadata:service else-ports;)
TrickBot	alert tcp any [443,447] -> any any (msg:”SSL/TLS Server X.509 Cert Field contains ‘example.com’ (Hex)”; sid:1; rev:1; flow:established,from_server; ssl_state:server_hello; content:”\|0b\|example.com”; fast_pattern:only; content:”Global Security”; content:”IT Department”; pcre:”/(?:x09x00xc0xb9x3bx93x72xa3xf6xd2\|x00xe2x08xffxfbx7bx53x76x3d)/”; metadata:service ssl,service and-ports;)
TrickBot	alert tcp any any -> any any+F57 (msg:”HTTP URI GET contains ‘/anchor'”; sid:1; rev:1; flow:established,to_server; content:”/anchor”; http_uri; fast_pattern:only; content:”GET”; nocase; http_method; pcre:”/^/anchor_?.{3}/[w_-]+.[A-F0-9]+/?$/U”; metadata:service http;)
TrickBot	alert udp any any <> any 53 (msg:”DNS Query/Response kostunivo com (UDP)”; sid:1; rev:1; content:”\|09\|kostunivo\|03\|com\|00\|”; fast_pattern:only; reference:url,medium.com/stage-2-security/anchor-dns-malware-family-goes-cross-platform-d807ba13ca30; metadata:service dns;)
TrickBot	alert udp any any <> any 53 (msg:”DNS Query/Response chishir com (UDP)”; sid:1; rev:1; content:”\|07\|chishir\|03\|com\|00\|”; fast_pattern:only; reference:url,medium.com/stage-2-security/anchor-dns-malware-family-goes-cross-platform-d807ba13ca30; metadata:service dns;)
TrickBot	alert udp any any <> any 53 (msg:”DNS Query/Response mangoclone com (UDP)”; sid:1; rev:1; content:”\|0A\|mangoclone\|03\|com\|00\|”; fast_pattern:only; reference:url,medium.com/stage-2-security/anchor-dns-malware-family-goes-cross-platform-d807ba13ca30; metadata:service dns;)
GootLoader	No signature available.

Malware

Snort Detection Signature

Agent Tesla

alert any any -> any any (msg:”HTTP GET request /aw/aw.exe”; flow:established,to_server; sid:1; rev:1; content:”GET”; http_method; content:”/aw/aw.exe”; http_uri; reference:url, https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work; metadata:service http;)

AZORult

alert tcp any any -> any any (msg:”HTTP Server Content Data contains ‘llehS|2e|tpircSW'”; sid:1; rev:1; flow:established,from_server; file_data; content:”llehS|2e|tpircSW”; nocase; fast_pattern:only; pcre:”/GCM(?:x20|%20)*W-O*/i”; reference:url,maxkersten.nl/binary-analysis-course/malware-analysis/azorult-loader-stages/; metadata:service http;)

AZORult

alert tcp any any -> any any (msg:”HTTP POST Client Body contains ‘J/|fb|’ and ‘/|fb|'”; sid:1; rev:1; flow:established,to_server; content:”POST”; http_method; content:”.php”; http_uri; content:”J/|fb|”; http_client_body; fast_pattern; content:”/|fb|”; http_client_body; depth:11; content:!”Referer|3a 20|”; http_header; metadata:service http;)

FormBook

alert tcp any any -> any any (msg:”HTTP URI POST contains ‘&sql=1’ at the end”; sid:1; rev:1; flow:established,to_server; content:”&sql=1″; http_uri; fast_pattern:only; content:”POST”; http_method; pcre:”/(?(DEFINE)(?’b64std'[a-zA-Z0-9+/=]+?))(?(DEFINE)(?’b64url'[a-zA-Z0-9_-]+?))^/[a-z0-9]{3,4}/?(?P>b64url){3,8}=(?P>b64std){40,90}&(?P>b64url){2,6}=(?P>b64url){4,11}&sql=1$/iU”; reference:url,www.malware-traffic-analysis.net/2018/02/16/index.html; metadata:service http;)

alert tcp any any -> any any (msg:”HTTP URI GET/POST contains ‘/list/hx28/config.php?id='”; sid:1; rev:1; flow:established,to_server; content:”/list/hx28/config.php?id=”; http_uri; fast_pattern:only; content:”Connection|3a 20|close|0d 0a|”; http_header; reference:url,www.fireeye.com/blog/threat-research/2017/10/formbook-malware-distribution-campaigns.html; metadata:service http;)

Ursnif

alert tcp any any -> any any (msg:”HTTP POST Data contains .bin filename, long URI contains ‘/images/'”; sid:1; rev:1; flow:established,to_server; urilen:>60,norm; content:”/images/”; http_uri; depth:8; content:”POST”; nocase; http_method; content:”Content-Disposition|3a 20|form-data|3b 20|name=|22|upload_file|22 3b 20|filename=|22|”; http_client_body; content:”|2e|bin|22 0d 0a|”; http_client_body; distance:1; within:32; fast_pattern; reference:url,www.broadanalysis.com/2016/03/23/angler-ek-sends-data-stealing-payload/; metadata:service http;)

alert tcp any any -> any any (msg:”HTTP URI GET/POST contains ‘/images/’ plus random sub directories and an Image File (Ursnif)”; sid:1; rev:1; flow:established,to_server; content:”/images/”; http_uri; fast_pattern:only; content:!”Host: www.urlquery.net”; http_header; pcre:”//images(/(?=[a-z0-9_]{0,22}[A-Z][a-z0-9_]{0,22}[A-Z])(?=[A-Z0-9_]{0,22}[a-z])[A-Za-z0-9_]{1,24}){5,20}/[a-zA-Z0-9_]+.(?:gif|jpeg|jpg|bmp)$/U”; metadata:service http)

LokiBot

alert tcp any any -> any any (msg:”HTTP Client Header contains ‘User-Agent|3a 20|Mozilla/4.08 (Charon|3b| Inferno)'”; sid:1; rev:1; flow:established,to_server; content:”User-Agent|3a 20|Mozilla/4.08 (Charon|3b| Inferno)|0d 0a|”; http_header; fast_pattern:only; metadata:service http; )

LokiBot

alert tcp any any -> any any (msg:”HTTP URI POST contains ‘/*/fre.php’ post-infection”; sid:1; rev:1; flow:established,to_server; content:”/fre.php”; http_uri; fast_pattern:only; urilen:<50,norm; content:”POST”; nocase; http_method; pcre:”//(?:alien|lokyd|donep|jemp|lokey|new2|loki|Charles|sev7n|dbwork|scroll/NW|wrk|job|fived?|donemy|animationdkc|love|Masky|vd|lifetn|Ben)/fre.php$/iU”; metadata:service http;)

LokiBot

alert tcp any any -> any any (msg:”HTTP URI POST contains ‘/w.php/'”; sid:1; rev:1; flow:established,to_server; content:”/w.php/”; http_uri; fast_pattern:only; content:”POST”; nocase; http_method; pcre:”//w+/w.php/[a-z]{13}$/iU”; metadata:service http;)

MOUSEISLAND

alert tcp any any -> any any (msg:”HTTP URI GET contains ‘/assets/<8-80 hex>/<4-16 alnum>?<3-6 alnum>='”; sid:9206287; rev:1; flow:established,to_server; content:”/assets/”; http_uri; fast_pattern:only; content:”HTTP/1.1|0d 0a|”; depth:256; content:!”|0d 0a|Cookie:”; content:!”|0d 0a|Referer:”; pcre:”//assets/[a-fA-F0-9/]{8,80}/[a-zA-Z0-9]{4,16}?[a-z0-9]{3,6}=/U”; metadata:service http;)

NanoCore

alert tcp any any -> any 25 (msg:”SMTP Attachment Filename ‘Packinglist-Invoice101.pps'”; sid:1; rev:1; flow:established,to_server,only_stream; content:”Content-Disposition|3a 20|attachment|3b|”; content:”Packinglist-Invoice101.pps”; nocase; distance:0; fast_pattern; pcre:”/Content-Dispositionx3ax20attachmentx3b[x20trn]+?(?:file)*?name=x22*?Packinglist-Invoice101.ppsx22*?/im”; reference:cve,2014-4114; reference:msb,MS14-060; reference:url,researchcenter.paloaltonetworks.com/2015/06/keybase-keylogger-malware-family-exposed/; reference:url,www.fidelissecurity.com/sites/default/files/FTA_1017_Phishing_in_Plain_Sight-Body-FINAL.pdf; reference:url,www.fidelissecurity.com/sites/default/files/FTA_1017_Phishing_in_Plain_Sight-Appendix-FINAL.pdf;)

NanoCore

alert tcp any any -> any any (msg:”HTTP Client Header contains ‘Host|3a 20|frankief hopto me’ (GenericKD/Kazy/NanoCore/Recam)”; sid:1; rev:1; flow:established,to_server; content:”Host|3a 20|frankief|2e|hopto|2e|me|0d 0a|”; http_header; fast_pattern:only; metadata:service http;)

NanoCore

alert tcp any any -> any any (msg:”HTTP GET URI contains ‘FAD00979338′”; sid:1; rev:1; flow:established,to_server; content:”GET”; http_method; content:”getPluginName.php?PluginID=FAD00979338″; fast_pattern; http_uri; metadata:service http;)

Qakbot

alert tcp any any -> any any (msg:”HTTP URI GET /t?v=2&c= (Qakbot)”; sid:1; rev:1; flow:established,to_server; content:”/t?v=2&c=”; http_uri; depth:9; fast_pattern; reference:url,www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_qakbot_in_detail.pdf;)

Qakbot

alert tcp any any -> any 21 (msg:”Possible FTP data exfiltration”; sid:1; rev:1; flow:to_server,established; content:”STOR si_”; content:”.cb”; within:50; reference:url,attack.mitre.org/techniques/T1020; reference:url,www.virustotal.com/en/file/3104ff71bf880bc40d096eca7d1ccc3f762ea6cc89743c6fef744fd76d441d1b/analysis/; metadata:service ftp-ctrlchan;)

Qakbot

alert tcp any any -> any any (msg:”Malicious executable download attempt”; sid:1; rev:1; flow:to_client,established; file_type:MSEXE; file_data; content:”|52 DB 91 CB FE 67 30 9A 8E 72 28 4F 1C A9 81 A1 AA BE AC 8D D9 AB E4 15 EF EA C6 73 89 9F CF 2E|”; fast_pattern:only; reference:url,virustotal.com/#/file/ad815edc045c779628db3a3397c559ca08f012216dfac4873f11044b2aa1537b/detection; metadata:service http;)

Qakbot

alert tcp any any -> any any (msg:”HTTP POST URI contains ‘odin/si.php?get&'”; sid:1; rev:1; flow:to_server,established; content:”/odin/si.php?get&”; fast_pattern:only; http_uri; content:”news_slist”; http_uri; content:”comp=”; http_uri; reference:url,www.virustotal.com/en/file/478132b5c80bd41b8c11e5ed591fdf05d52e316d40f7c4abf4bfd25db2463dff/analysis/1464186685/; metadata:service http;)

Qakbot

alert tcp any any -> any any (msg:”HTTP URI contains ‘/random750x750.jpg?x='”; sid:1; rev:1; flow:to_server,established; content:”/random750x750.jpg?x=”; fast_pattern:only; http_uri; content:”&y=”; http_uri; content:”Accept|3a 20|application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */*|0d 0a|”; http_header; content:”Cache-Control|3a 20|no-cache|0d 0a|”; http_header; content:!”Accept-“; http_header; content:!”Referer”; http_header; reference:url,www.virustotal.com/en/file/1826dba769dad9898acd95d6bd026a0b55d0a093a267b481695494f3ab547088/analysis/1461598351/; metadata:service http;)

Qakbot

alert tcp any any -> any any (msg:”HTTP URI contains ‘/datacollectionservice.php3′”; sid:1; rev:1; flow:to_server,established; content:”/datacollectionservice.php3″; fast_pattern:only; http_uri; metadata:service http;)

Qakbot

alert tcp any any -> any any (msg:”HTTP header contains ‘Accept|3a 20|application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */*|0d 0a|'”; sid:1; rev:1; flow:to_server,established; urilen:30<>35,norm; content:”btst=”; http_header; content:”snkz=”; http_header; content:”Accept|3a 20|application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */*|0d 0a|”; fast_pattern:only; http_header; content:”Cache-Control|3a 20|no-cache|0d 0a|”; http_header; content:!”Connection”; http_header; content:!”Referer”; http_header; reference:url,www.virustotal.com/en/file/1826dba769dad9898acd95d6bd026a0b55d0a093a267b481695494f3ab547088/analysis/1461598351/; metadata:service http;)

Qakbot

alert tcp any any -> any 21 (msg:”Possible ps_dump FTP exfil”; sid:1; rev:1; flow:to_server,established; content:”ps_dump”; fast_pattern:only; pcre:”/ps_dump_[^_]+_[a-z]{5}d{4}x2Ekcb/smi”; reference:url,www.threatexpert.com/report.aspx?md5=8171d3223f89a495f98c4e3a65537b8f; metadata:service ftp;)

Qakbot

alert tcp any any -> any 21 (msg:”Possible seclog FTP exfil”; sid:1; rev:1; flow:to_server,established; content:”seclog”; fast_pattern:only; pcre:”/seclog_[a-z]{5}d{4}_d{10}x2Ekcb/smi”; reference:url,www.threatexpert.com/report.aspx?md5=8171d3223f89a495f98c4e3a65537b8f; metadata:service ftp;)

Qakbot

alert tcp any any -> any any (msg:”HTTP URI contains ‘/cgi-bin/jl/jloader.pl'”; sid:1; rev:1; flow:to_server,established; content:”/cgi-bin/jl/jloader.pl”; fast_pattern:only; http_uri; reference:url,www.threatexpert.com/report.aspx?md5=8171d3223f89a495f98c4e3a65537b8f; metadata:service http;)

Qakbot

alert tcp any any -> any any (msg:”HTTP URI contains ‘/cgi-bin/clientinfo3.pl'”; sid:1; rev:1; flow:to_server,established; content:”/cgi-bin/clientinfo3.pl”; fast_pattern:only; http_uri; reference:url,www.threatexpert.com/report.aspx?md5=8171d3223f89a495f98c4e3a65537b8f; metadata:service http;)

Qakbot

alert tcp any any -> any any (msg:”HTTP URI contains ‘/u/updates.cb'”; sid:1; rev:1; flow:to_server,established; content:”/u/updates.cb”; fast_pattern:only; http_uri; pcre:”/^Hostx3A[^rn]+((upd+)|(adserv))/Hmi”; reference:url,www.threatexpert.com/report.aspx?md5=8171d3223f89a495f98c4e3a65537b8f; metadata:service http;)

Qakbot

alert tcp any any -> any any (msg:”HTTP response content contains ‘|47 65 74 46 69 6C 65 46 72 6F 6D 52 65 73 6F 75 72 63 65 73 28 29 3A 20 4C 6F 61 64 52 65 73 6F 75 72 63 65 28 29 20 66 61 69 6C 65 64|'”; sid:1; rev:1; flow:to_client,established; file_data; content:”|47 65 74 46 69 6C 65 46 72 6F 6D 52 65 73 6F 75 72 63 65 73 28 29 3A 20 4C 6F 61 64 52 65 73 6F 75 72 63 65 28 29 20 66 61 69 6C 65 64|”; fast_pattern:only; content:”|47 65 74 46 69 6C 65 46 72 6F 6D 52 65 73 6F 75 72 63 65 73 28 29 3A 20 43 72 65 61 74 65 46 69 6C 65 28 29 20 66 61 69 6C 65 64|”; content:”|52 75 6E 45 78 65 46 72 6F 6D 52 65 73 28 29 20 73 74 61 72 74 65 64|”; content:”|73 7A 46 69 6C 65 50 61 74 68 3D|”; content:”|5C 25 75 2E 65 78 65|”; reference:url,www.virustotal.com/en/file/23e72e8b5e7856e811a326d1841bd2ac27ac02fa909d0a951b0b8c9d1d6aa61c/analysis; metadata:service ftp-data,service http;)

Qakbot

alert tcp any any -> any any (msg:”HTTP POST URI contains ‘v=3&c='”; sid:1; rev:1; flow:to_server,established; content:”/t”; http_uri; content:”POST”; http_method; content:”v=3&c=”; depth:6; http_client_body; content:”==”; within:2; distance:66; http_client_body; reference:url,www.virustotal.com/en/file/3104ff71bf880bc40d096eca7d1ccc3f762ea6cc89743c6fef744fd76d441d1b/analysis/; metadata:service http;)

Qakbot

alert tcp any any -> any any (msg:”HTTP URI GET contains ‘/<alpha>/595265.jpg'”; sid:1; rev:1; flow:established,to_server; content:”/595265.jpg”; http_uri; fast_pattern:only; content:”GET”; nocase; http_method; pcre:”/^/[a-z]{5,15}/595265.jpg$/U”; reference:url,www.virustotal.com/gui/file/3104ff71bf880bc40d096eca7d1ccc3f762ea6cc89743c6fef744fd76d441d1b/detection; metadata:service http;)

Remcos

alert tcp any any -> any any (msg:”Non-Std TCP Client Traffic contains ‘|1b 84 d5 b0 5d f4 c4 93 c5 30 c2|’ (Checkin #23)”; sid:1; rev:1; flow:established,to_server; dsize:<700; content:”|1b 84 d5 b0 5d f4 c4 93 c5 30 c2|”; depth:11; fast_pattern; content:”|da b1|”; distance:2; within:2; reference:url,blog.trendmicro.com/trendlabs-security-intelligence/analysis-new-remcos-rat-arrives-via-phishing-email/; reference:url,isc.sans.edu/forums/diary/Malspam+using+passwordprotected+Word+docs+to+push+Remcos+RAT/25292/; reference:url,www.malware-traffic-analysis.net/2019/09/03/index.html; reference:url,www.malware-traffic-analysis.net/2017/10/27/index.html;)

TrickBot

alert tcp any any -> any any (msg:”HTTP Client Header contains ‘host|3a 20|tpsci.com'”; sid:1; rev:1; flow:established,to_server; content:”host|3a 20|tpsci.com”; http_header; fast_pattern:only; metadata:service http;)

TrickBot

alert tcp any any -> any any (msg:”HTTP Client Header contains ‘User-Agent|3a 20|*Loader'”; sid:1; rev:1; flow:established,to_server; content:”User-Agent|3a 20|”; http_header; content:”Loader|0d 0a|”; nocase; http_header; distance:0; within:24; fast_pattern; metadata:service http;)

TrickBot

alert udp any any <> any 53 (msg:”DNS Query/Response onixcellent com (UDP)”; sid:1; rev:1; content:”|0B|onixcellent|03|com|00|”; fast_pattern:only; reference:url,medium.com/stage-2-security/anchor-dns-malware-family-goes-cross-platform-d807ba13ca30; priority:1; metadata:service dns;)

TrickBot

alert tcp any any -> any any (msg:”SSL/TLS Server X.509 Cert Field contains ‘C=XX, L=Default City, O=Default Company Ltd'”; sid:1; rev:2; flow:established,from_server; ssl_state:server_hello; content:”|31 0b 30 09 06 03 55 04 06 13 02|XX”; nocase; content:”|31 15 30 13 06 03 55 04 07 13 0c|Default City”; nocase; content:”|31 1c 30 1a 06 03 55 04 0a 13 13|Default Company Ltd”; nocase; content:!”|31 0c 30 0a 06 03 55 04 03|”; reference:url,www.virustotal.com/gui/file/e9600404ecc42cf86d38deedef94068db39b7a0fd06b3b8fb2d8a3c7002b650e/detection; metadata:service ssl;)

TrickBot

alert tcp any any -> any any (msg:”SSL/TLS Server X.509 Cert Field contains ‘C=AU, ST=Some-State, O=Internet Widgits Pty Ltd'”; sid:1; rev:1; flow:established,from_server; ssl_state:server_hello; content:”|31 0b 30 09 06 03 55 04 06 13 02|AU”; content:”|31 13 30 11 06 03 55 04 08 13 0a|Some-State”; distance:0; content:”|31 21 30 1f 06 03 55 04 0a 13 18|Internet Widgits Pty Ltd”; distance:0; fast_pattern; content:”|06 03 55 1d 13 01 01 ff 04 05 30 03 01 01 ff|”; reference:url,www.virustotal.com/gui/file/e9600404ecc42cf86d38deedef94068db39b7a0fd06b3b8fb2d8a3c7002b650e/detection; metadata:service ssl;)

TrickBot

alert tcp any any -> any any (msg:”HTTP Client Header contains ‘boundary=Arasfjasu7′”; sid:1; rev:1; flow:established,to_server; content:”boundary=Arasfjasu7|0d 0a|”; http_header; content:”name=|22|proclist|22|”; http_header; content:!”Referer”; content:!”Accept”; content:”POST”; http_method; metadata:service http;)

TrickBot

alert tcp any any -> any any (msg:”HTTP Client Header contains ‘User-Agent|3a 20|WinHTTP loader/1.'”; sid:1; rev:1; flow:established,to_server; content:”User-Agent|3a 20|WinHTTP loader/1.”; http_header; fast_pattern:only; content:”.png|20|HTTP/1.”; pcre:”/^Hostx3ax20(?:d{1,3}.){3}d{1,3}(?:x3ad{2,5})?$/mH”; content:!”Accept”; http_header; content:!”Referer|3a 20|”; http_header; metadata:service http;)

TrickBot

alert tcp any any -> any any (msg:”HTTP Server Header contains ‘Server|3a 20|Cowboy'”; sid:1; rev:1; flow:established,from_server; content:”200″; http_stat_code; content:”Server|3a 20|Cowboy|0d 0a|”; http_header; fast_pattern; content:”content-length|3a 20|3|0d 0a|”; http_header; file_data; content:”/1/”; depth:3; isdataat:!1,relative; metadata:service http;)

TrickBot

alert tcp any any -> any any (msg:”HTTP URI POST contains C2 Exfil”; sid:1; rev:1; flow:established,to_server; content:”Content-Type|3a 20|multipart/form-data|3b 20|boundary=——Boundary”; http_header; fast_pattern; content:”User-Agent|3a 20|”; http_header; distance:0; content:”Content-Length|3a 20|”; http_header; distance:0; content:”POST”; http_method; pcre:”/^/[a-z]{3}d{3}/.+?.[A-F0-9]{32}/d{1,3}//U”; pcre:”/^Hostx3ax20(?:d{1,3}.){3}d{1,3}$/mH”; content:!”Referer|3a|”; http_header; metadata:service http;)

TrickBot

alert tcp any any -> any any (msg:”HTTP URI GET/POST contains ‘/56evcxv'”; sid:1; rev:1; flow:established,to_server; content:”/56evcxv”; http_uri; fast_pattern:only; metadata:service http;)

TrickBot

alert icmp any any -> any any (msg:”ICMP traffic conatins ‘hanc'”; sid:1; rev:1; itype:8; icode:0; dsize:22; content:”hanc”; depth:4; fast_pattern; pcre:”/hanc[0-9a-f]{16}../i”; reference:url,labs.sentinelone.com/anchor-project-for-trickbot-adds-icmp/;)

TrickBot

alert tcp any any -> any any (msg:”HTTP Client Header contains POST with ‘host|3a 20|*.onion.link’ and ‘data='”; sid:1; rev:1; flow:established,to_server; content:”POST”; nocase; http_method; content:”host|3a 20|”; http_header; content:”.onion.link”; nocase; http_header; distance:0; within:47; fast_pattern; file_data; content:”data=”; distance:0; within:5; metadata:service http;)

TrickBot

alert tcp any 80 -> any any (msg:”Non-Std TCP Client Traffic contains PowerView Script Download String”; sid:1; rev:1; flow:established,from_server; content:”PowerView.ps1″; content:”PSReflect/master/PSReflect.psm1″; fast_pattern:only; content:”function New-InMemoryModule”; metadata:service else-ports;)

TrickBot

alert tcp any any -> any 445 (msg:”Non-Std TCP Client SMB Traffic contains ‘44783m8uh77g818_nkubyhu5vfxxbh878xo6hlttkppzf28tsdu5kwppk_11c1jl'”; sid:1; rev:1; flow:established,to_server; content:”44783m8uh77g818_nkubyhu5vfxxbh878xo6hlttkppzf28tsdu5kwppk_11c1jl”; fast_pattern:only; metadata:service netbios-ssn,service and-ports;)

TrickBot

alert tcp any any -> any [80,443,8082] (msg:”Non-Std TCP Client Traffic contains ‘–aksgja8s8d8a8s97′”; sid:1; rev:1; flow:established,to_server; content:”–aksgja8s8d8a8s97″; fast_pattern:only; content:”name=|22|proclist|22|”; metadata:service else-ports;)

TrickBot

TrickBot

alert tcp any any -> any [443,8082] (msg:”Non-Std TCP Client Traffic contains ‘_W<digits>.'”; sid:1; rev:1; flow:established,to_server; content:”_W”; fast_pattern:only; pcre:”/_Wd{6,8}./”; metadata:service else-ports;)

TrickBot

alert tcp any [443,447] -> any any (msg:”SSL/TLS Server X.509 Cert Field contains ‘example.com’ (Hex)”; sid:1; rev:1; flow:established,from_server; ssl_state:server_hello; content:”|0b|example.com”; fast_pattern:only; content:”Global Security”; content:”IT Department”; pcre:”/(?:x09x00xc0xb9x3bx93x72xa3xf6xd2|x00xe2x08xffxfbx7bx53x76x3d)/”; metadata:service ssl,service and-ports;)

TrickBot

alert tcp any any -> any any+F57 (msg:”HTTP URI GET contains ‘/anchor'”; sid:1; rev:1; flow:established,to_server; content:”/anchor”; http_uri; fast_pattern:only; content:”GET”; nocase; http_method; pcre:”/^/anchor_?.{3}/[w_-]+.[A-F0-9]+/?$/U”; metadata:service http;)

TrickBot

alert udp any any <> any 53 (msg:”DNS Query/Response kostunivo com (UDP)”; sid:1; rev:1; content:”|09|kostunivo|03|com|00|”; fast_pattern:only; reference:url,medium.com/stage-2-security/anchor-dns-malware-family-goes-cross-platform-d807ba13ca30; metadata:service dns;)

TrickBot

alert udp any any <> any 53 (msg:”DNS Query/Response chishir com (UDP)”; sid:1; rev:1; content:”|07|chishir|03|com|00|”; fast_pattern:only; reference:url,medium.com/stage-2-security/anchor-dns-malware-family-goes-cross-platform-d807ba13ca30; metadata:service dns;)

TrickBot

alert udp any any <> any 53 (msg:”DNS Query/Response mangoclone com (UDP)”; sid:1; rev:1; content:”|0A|mangoclone|03|com|00|”; fast_pattern:only; reference:url,medium.com/stage-2-security/anchor-dns-malware-family-goes-cross-platform-d807ba13ca30; metadata:service dns;)

GootLoader

No signature available.

References

Revisions

August 4, 2022: Initial Version

This product is provided subject to this Notification and this Privacy & Use policy.

alerts

VMWare Urges Users to Patch Critical Authentication Bypass Bug

Post author By admin
Post date August 3, 2022

Vulnerability—for which a proof-of-concept is forthcoming—is one of a string of flaws the company fixed that could lead to an attack chain.

alerts

VMware Releases Security Updates

Post author By admin
Post date August 3, 2022

Original release date: August 3, 2022

VMware has released security updates to address multiple vulnerabilities in VMware’s Workspace ONE Access, Access Connector, Identity Manager, Identity Manager Connector, and vRealize Automation. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review VMware Security Advisory VMSA-2022-0021 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

alerts

Universities Put Email Users at Cyber Risk

Post author By admin
Post date August 2, 2022

DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protections to prevent domain spoofing and lack protections to block fraudulent emails.

alerts

Vulnerability Summary for the Week of July 25, 2022

Post author By admin
Post date August 2, 2022

Original release date: August 1, 2022 | Last revised: August 2, 2022

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
There were no high vulnerabilities recorded this week.

Medium Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
There were no medium vulnerabilities recorded this week.

Low Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
There were no low vulnerabilities recorded this week.

Severity Not Yet Assigned

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
@ianwalter/merge — @ianwalter/merge	All versions of package @ianwalter/merge are vulnerable to Prototype Pollution via the main (merge) function. Maintainer suggests using @generates/merger instead.	2022-07-25	not yet calculated	CVE-2021-23397 CONFIRM
adobe — acrobat_reader	Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 20.005.30334 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-27	not yet calculated	CVE-2022-35669 MISC
adobe — acrobat_reader	Adobe Acrobat Reader version 22.001.20085 (and earlier), 20.005.30314 (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-27	not yet calculated	CVE-2022-35672 MISC
advantech — iview	The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized attacker to disclose information	2022-07-22	not yet calculated	CVE-2022-2137 MISC
advantech — iview	The affected product is vulnerable to directory traversal, which may allow an attacker to access unauthorized files and execute arbitrary code.	2022-07-22	not yet calculated	CVE-2022-2139 MISC
advantech — iview	The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition.	2022-07-22	not yet calculated	CVE-2022-2138 MISC
advantech — iview	The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information.	2022-07-22	not yet calculated	CVE-2022-2136 MISC
advantech — iview	The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose information.	2022-07-22	not yet calculated	CVE-2022-2142 MISC
advantech — iview	The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information.	2022-07-22	not yet calculated	CVE-2022-2135 MISC
advantech — iview	The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code.	2022-07-22	not yet calculated	CVE-2022-2143 MISC
amazon — amazon_workspaces	When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM (Man in the Middle) between a zero client and AWS session provisioner in the network. This issue is only applicable when connecting to an Amazon Workspace from a PCoIP Zero Client.	2022-07-28	not yet calculated	CVE-2022-1805 MISC
anvsoft — pdfmate_pdf_converter_pro	A vulnerability has been found in Anvsoft PDFMate PDF Converter Pro 1.7.5.0 and classified as critical. The manipulation leads to memory corruption. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-24	not yet calculated	CVE-2017-20144 MISC MISC
apache — calcite_avatica_jdbc_driver	Apache Calcite Avatica JDBC driver creates HTTP client instances based on class names provided via `httpclient_impl` connection property; however, the driver does not verify if the class implements the expected interface before instantiating it, which can lead to code execution loaded via arbitrary classes and in rare cases remote code execution. To exploit the vulnerability: 1) the attacker needs to have privileges to control JDBC connection parameters; 2) and there should be a vulnerable class (constructor with URL parameter and ability to execute code) in the classpath. From Apache Calcite Avatica 1.22.0 onwards, it will be verified that the class implements the expected interface before invoking its constructor.	2022-07-28	not yet calculated	CVE-2022-36364 MISC MLIST
apache — mxnet	A regular expression used in Apache MXNet (incubating) is vulnerable to a potential denial-of-service by excessive resource consumption. The bug could be exploited when loading a model in Apache MXNet that has a specially crafted operator name that would cause the regular expression evaluation to use excessive resources to attempt a match. This issue affects Apache MXNet versions prior to 1.9.1.	2022-07-24	not yet calculated	CVE-2022-24294 MISC MLIST
artica — pandora_fms	In Pandora FMS v7.0NG.761 and below, in the file manager section, the dirname parameter is vulnerable to a Stored Cross Site-Scripting. This vulnerability can be exploited by an attacker with administrator privileges logged in the system.	2022-07-25	not yet calculated	CVE-2022-2032 CONFIRM CONFIRM
artica — pandora_fms	In Pandora FMS v7.0NG.761 and below, in the agent creation section, the alias parameter is vulnerable to a Stored Cross Site-Scripting. This vulnerability can be exploited by an attacker with administrator privileges logged in the system.	2022-07-25	not yet calculated	CVE-2022-2059 MISC
artica — pandora_fms	Pandora FMS v7.0NG.760 and below allows a relative path traversal in File Manager where a privileged user could upload a .php file outside the intended images directory which is restricted to execute the .php file. The impact could lead to a Remote Code Execution with running application privilege.	2022-07-26	not yet calculated	CVE-2022-1648 CONFIRM CONFIRM
atlantis — atlantis	The package github.com/runatlantis/atlantis/server/controllers/events before 0.19.7 are vulnerable to Timing Attack in the webhook event validator code, which does not use a constant-time comparison function to validate the webhook secret. It can allow an attacker to recover this secret as an attacker and then forge webhook events.	2022-07-29	not yet calculated	CVE-2022-24912 CONFIRM CONFIRM CONFIRM
atlassian — confluence_server_and_data_center	The Livesearch macro in Confluence Server and Data Center before version 7.4.5, from version 7.5.0 before 7.6.3, and from version 7.7.0 before version 7.7.4 allows remote attackers with permission to edit a page or blog to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the page excerpt functionality.	2022-07-26	not yet calculated	CVE-2020-36290 MISC
atlassian — jira	Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability in the CSV importing feature of JSM Insight. When running in an environment like Amazon EC2, this flaw may be used to access to a metadata resource that provides access credentials and other potentially confidential information. The affected versions are before version 4.13.20, from version 4.14.0 before 4.20.8, and from version 4.21.0 before 4.22.2.	2022-07-26	not yet calculated	CVE-2021-43959 N/A
atos_unify — openscape	An issue was discovered in Atos Unify OpenScape SBC 9 and 10 before 10R2.2.1, Atos Unify OpenScape Branch 9 and 10 before version 10R2.1.1, and Atos Unify OpenScape BCF 10 before 10R9.12.1. A remote code execution vulnerability may allow an unauthenticated attacker (with network access to the admin interface) to disrupt system availability or potentially compromise the confidentiality and integrity of the system.	2022-07-25	not yet calculated	CVE-2022-36444 MISC
autodesk — autocad_2023	Parsing a maliciously crafted PRT file can force Autodesk AutoCAD 2023 to read beyond allocated boundaries. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.	2022-07-29	not yet calculated	CVE-2022-33881 MISC
autodesk — autodesk_design_review	A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.	2022-07-29	not yet calculated	CVE-2022-27864 MISC
autodesk — autodesk_design_review	A maliciously crafted TIFF file when consumed through DesignReview.exe application can be forced to read beyond allocated boundaries when parsing the TIFF file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.	2022-07-29	not yet calculated	CVE-2022-27866 MISC
autodesk — autodesk_design_review	A maliciously crafted TGA or PCX file may be used to write beyond the allocated buffer through DesignReview.exe application while parsing TGA and PCX files. This vulnerability may be exploited to execute arbitrary code.	2022-07-29	not yet calculated	CVE-2022-27865 MISC
autodesk — autodesk_fusion_360_document_parser	An attacker can force the victim’s device to perform arbitrary HTTP requests in WAN through a malicious SVG file being parsed by Autodesk Fusion 360’s document parser. The vulnerability exists in the application’s ‘Insert SVG’ procedure. An attacker can also leverage this vulnerability to obtain victim’s public IP and possibly other sensitive information.	2022-07-29	not yet calculated	CVE-2022-27873 MISC
automattic — automattic/mongoose	Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6.	2022-07-28	not yet calculated	CVE-2022-2564 CONFIRM MISC
aveva — platform_common_services_portal	AVEVA Software Platform Common Services (PCS) Portal versions 4.5.2, 4.5.1, 4.5.0, and 4.4.6 are vulnerable to DLL hijacking through an uncontrolled search path element, which may allow an attacker control to one or more locations in the search path.	2022-07-27	not yet calculated	CVE-2021-38410 CONFIRM CONFIRM
bently_nevada — bently_nevada_2700_series_of_condition_monitoring_equipment	The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented, hardcoded credentials. An attacker capable of connecting to this interface can thus trivially take over its functionality.	2022-07-26	not yet calculated	CVE-2022-29953 MISC MISC
bently_nevada — condition_monitoring_equipment	Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols (60005/TCP, 60007/TCP) for communications between the monitoring controller and System 1 and/or Bently Nevada Monitor Configuration (BNMC) software. These protocols provide configuration management and historical data related functionality. Neither protocol has any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality.	2022-07-26	not yet calculated	CVE-2022-29952 MISC MISC
caddyserver — caddy	An out-of-bounds read in the rewrite function at /modules/caddyhttp/rewrite/rewrite.go in Caddy v2.5.1 allows attackers to cause a Denial of Service (DoS) via a crafted URI.	2022-07-22	not yet calculated	CVE-2022-34037 MISC
ceph — ceph	A flaw was found in Openstack manilla owning a Ceph File system “share”, which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the “volumes” plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2.	2022-07-25	not yet calculated	CVE-2022-0670 MISC FEDORA
cesanta — mjs	An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in json_parse_array() in mjs.c.	2022-07-26	not yet calculated	CVE-2021-33438 MISC MISC
cesanta — mjs	An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_commit() in mjs.c.	2022-07-26	not yet calculated	CVE-2021-33440 MISC MISC
cesanta — mjs	An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_part_get_by_offset() in mjs.c.	2022-07-26	not yet calculated	CVE-2021-33449 MISC MISC
cesanta — mjs	An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is Integer overflow in gc_compact_strings() in mjs.c.	2022-07-26	not yet calculated	CVE-2021-33439 MISC MISC
cesanta — mjs	An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_print() in mjs.c.	2022-07-26	not yet calculated	CVE-2021-33447 MISC MISC
cesanta — mjs	An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_next() in mjs.c.	2022-07-26	not yet calculated	CVE-2021-33446 MISC MISC
cesanta — mjs	An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in getprop_builtin_foreign() in mjs.c.	2022-07-26	not yet calculated	CVE-2021-33444 MISC MISC
cesanta — mjs	An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_string_char_code_at() in mjs.c.	2022-07-26	not yet calculated	CVE-2021-33445 MISC MISC
cesanta — mjs	An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in json_printf() in mjs.c.	2022-07-26	not yet calculated	CVE-2021-33442 MISC MISC
cesanta — mjs	An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in exec_expr() in mjs.c.	2022-07-26	not yet calculated	CVE-2021-33441 MISC MISC
cesanta — mjs	An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There are memory leaks in frozen_cb() in mjs.c.	2022-07-26	not yet calculated	CVE-2021-33437 MISC MISC
cesanta — mjs	An issue was discovered in mjs(mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow at 0x7fffe9049390.	2022-07-26	not yet calculated	CVE-2021-33448 MISC MISC
cesanta — mjs	An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in mjs_execute() in mjs.c.	2022-07-26	not yet calculated	CVE-2021-33443 MISC MISC
chia_network — cat1_standard	An inflation issue was discovered in Chia Network CAT1 Standard 1.0.0. Previously minted tokens minted on the Chia blockchain using the CAT1 standard can be inflated to an arbitrary extent by any holder of any amount of the token. The total amount of the token can be increased as high as the malicious actor pleases. This is true for every CAT1 on the Chia blockchain regardless of issuance rules. This attack is auditable on chain, so maliciously altered coins can potentially be marked by off-chain observers as malicious.	2022-07-29	not yet calculated	CVE-2022-36447 MISC MISC
cisco — iot_control_center	A vulnerability in the web-based management interface of Cisco IoT Control Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.	2022-07-22	not yet calculated	CVE-2022-20916 CISCO
cisco — multiple_cisco_small_business_routers	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20903 CISCO
cisco — multiple_cisco_small_business_routers	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20892 CISCO
cisco — multiple_cisco_small_business_routers	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20899 CISCO
cisco — multiple_cisco_small_business_routers	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20896 CISCO
cisco — multiple_cisco_small_business_routers	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20894 CISCO
cisco — multiple_cisco_small_business_routers	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20912 CISCO
cisco — multiple_cisco_small_business_routers	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20911 CISCO
cisco — multiple_cisco_small_business_routers	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20910 CISCO
cisco — multiple_cisco_small_business_routers	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20897 CISCO
cisco — multiple_cisco_small_business_routers	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20893 CISCO
cisco — multiple_cisco_small_business_routers	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20904 CISCO
cisco — multiple_cisco_small_business_routers	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20900 CISCO
cisco — multiple_cisco_small_business_routers	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20898 CISCO
cisco — multiple_cisco_small_business_routers	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20901 CISCO
cisco — multiple_cisco_small_business_routers	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20895 CISCO
cisco — multiple_cisco_small_business_routers	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20902 CISCO
cisco — nexus_dashboard	Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device.	2022-07-22	not yet calculated	CVE-2022-20909 CISCO
cisco — nexus_dashboard	Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device.	2022-07-22	not yet calculated	CVE-2022-20907 CISCO
cisco — nexus_dashboard	A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to insufficient input validation in the web-based management interface of Cisco Nexus Dashboard. An attacker with Administrator credentials could exploit this vulnerability by uploading a crafted file. A successful exploit could allow the attacker to overwrite arbitrary files on an affected device.	2022-07-22	not yet calculated	CVE-2022-20913 CISCO
cisco — nexus_dashboard	Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device.	2022-07-22	not yet calculated	CVE-2022-20906 CISCO
cisco — nexus_dashboard	Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device.	2022-07-22	not yet calculated	CVE-2022-20908 CISCO
citrix — multiple_products	Unauthenticated redirection to a malicious website	2022-07-28	not yet calculated	CVE-2022-27509 MISC
cloudflare — warp	By using warp-cli subcommands (disable-ethernet, disable-wifi), it was possible for a user without admin privileges to bypass configured Zero Trust security policies (e.g. Secure Web Gateway policies) and features such as ‘Lock WARP switch’.	2022-07-26	not yet calculated	CVE-2022-2225 MISC
clusterlabs — booth	The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster.	2022-07-28	not yet calculated	CVE-2022-2553 MISC DEBIAN
communilink — clink_office	CommuniLink Internet Limited CLink Office v2.0 was discovered to contain multiple SQL injection vulnerabilities via the username and password parameters.	2022-07-25	not yet calculated	CVE-2022-29709 MISC MISC MISC
conf_cfg_ini — conf_cfg_ini	This affects the package conf-cfg-ini before 1.2.2. If an attacker submits a malicious INI file to an application that parses it with decode, they will pollute the prototype on the application. This can be exploited further depending on the context.	2022-07-25	not yet calculated	CVE-2020-28441 CONFIRM CONFIRM
convert-svg-core_project — convert-svg-core	The package convert-svg-core before 0.6.2 are vulnerable to Remote Code Injection via sending an SVG file containing the payload.	2022-07-22	not yet calculated	CVE-2022-25759 CONFIRM CONFIRM CONFIRM CONFIRM
cuppa_cms — cuppa_cms	Cuppa CMS v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the component /templates/default/html/windows/right.php.	2022-07-27	not yet calculated	CVE-2022-34121 MISC MISC
dataease — dataease	Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId.	2022-07-22	not yet calculated	CVE-2022-34115 MISC
dataease — dataease	An access control issue in the component /api/plugin/uninstall Dataease v1.11.1 allows attackers to arbitrarily uninstall the plugin, a right normally reserved for the administrator.	2022-07-22	not yet calculated	CVE-2022-34112 MISC
dataease — dataease	Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId.	2022-07-22	not yet calculated	CVE-2022-34114 MISC
dataease — dataease	An issue in the component /api/plugin/upload of Dataease v1.11.1 allows attackers to execute arbitrary code via a crafted plugin.	2022-07-22	not yet calculated	CVE-2022-34113 MISC
dedecms — dedecms	DedeCMS v5.7.95 was discovered to contain a remote code execution (RCE) vulnerability via the component mytag_ main.php.	2022-07-29	not yet calculated	CVE-2022-34531 MISC
deferred-exec_project — deferred-exec	This affects all versions of package deferred-exec. The injection point is located in line 42 in lib/deferred-exec.js	2022-07-25	not yet calculated	CVE-2020-28438 CONFIRM
django-rest-framework — django_rest_framework	Django REST framework (aka django-rest-framework) before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping.	2022-07-23	not yet calculated	CVE-2018-25045 MISC MISC MISC
dlink_global — dsl-3782	D-Link DSL-3782 v1.03 and below was discovered to contain a command injection vulnerability via the function byte_4C0160.	2022-07-29	not yet calculated	CVE-2022-34527 MISC MISC
dlink_global — dsl-3782	D-Link DSL-3782 v1.03 and below was discovered to contain a stack overflow via the function getAttrValue.	2022-07-29	not yet calculated	CVE-2022-34528 MISC MISC
dogtag_pki — dogtag_pki	Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.	2022-07-29	not yet calculated	CVE-2022-2414 MISC
dptech — dptech_vpn	DPTech VPN v8.1.28.0 was discovered to contain an arbitrary file read vulnerability.	2022-07-28	not yet calculated	CVE-2022-34593 MISC
emarketdesign — request_a_quote	The Request a Quote WordPress plugin through 2.3.7 does not sanitise and escape some of its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.	2022-07-25	not yet calculated	CVE-2022-2239 MISC
emarketdesign — request_a_quote	The Request a Quote WordPress plugin through 2.3.7 does not validate uploaded CSV files, allowing unauthenticated users to attach a malicious CSV file to a quote, which could lead to a CSV injection once an admin download and open it	2022-07-25	not yet calculated	CVE-2022-2240 MISC
emerson — emerson_deltav_distributed_control_system	The Emerson DeltaV Distributed Control System (DCS) through 2022-04-29 mishandles authentication. It utilizes several proprietary protocols for a wide variety of functionality. These protocols include Firmware upgrade (18508/TCP, 18518/TCP); Plug-and-Play (18510/UDP); Hawk services (18507/UDP); Management (18519/TCP); Cold restart (18512/UDP); SIS communications (12345/TCP); and Wireless Gateway Protocol (18515/UDP). None of these protocols have any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality.	2022-07-26	not yet calculated	CVE-2022-29957 MISC MISC
emerson — emerson_openbsi	Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for the ControlWave and Bristol Babcock line of RTUs. DES with hardcoded cryptographic keys is used for protection of certain system credentials, engineering files, and sensitive utilities.	2022-07-26	not yet calculated	CVE-2022-29960 MISC MISC
emerson – emerson_deltav_distributed_control_system_controllers_and_io_cards	The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. FTP has hardcoded credentials (but may often be disabled in production). This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350.	2022-07-26	not yet calculated	CVE-2022-29962 MISC MISC
emerson – emerson_deltav_distributed_control_system_controllers_and_io_cards	The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. WIOC SSH provides access to a shell as root, DeltaV, or backup via hardcoded credentials. NOTE: this is different from CVE-2014-2350.	2022-07-26	not yet calculated	CVE-2022-29964 MISC MISC
emerson – emerson_deltav_distributed_control_system_controllers_and_io_cards	The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. TELNET on port 18550 provides access to a root shell via hardcoded credentials. This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350.	2022-07-26	not yet calculated	CVE-2022-29963 MISC MISC
emerson – emerson_deltav_distributed_control_system_controllers_and_io_cards	The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. Access to privileged operations on the maintenance port TELNET interface (23/TCP) on M-series and SIS (CSLS/LSNB/LSNG) nodes is controlled by means of utility passwords. These passwords are generated using a deterministic, insecure algorithm using a single seed value composed of a day/hour/minute timestamp with less than 16 bits of entropy. The seed value is fed through a lookup table and a series of permutation operations resulting in three different four-character passwords corresponding to different privilege levels. An attacker can easily reconstruct these passwords and thus gain access to privileged maintenance operations. NOTE: this is different from CVE-2014-2350.	2022-07-26	not yet calculated	CVE-2022-29965 MISC MISC
eziod_project — eziod	The eziod package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party.	2022-07-22	not yet calculated	CVE-2022-34982 MISC MISC MISC
f-secure — elements_endpoint_protection	A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aepack.dll component can crash the scanning engine.	2022-07-22	not yet calculated	CVE-2022-28879 MISC MISC
f-secure — elements_endpoint_protection	A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed APK file it is possible that can crash the scanning engine.	2022-07-22	not yet calculated	CVE-2022-28878 MISC MISC
fava_project — fava	The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim.	2022-07-25	not yet calculated	CVE-2022-2514 CONFIRM MISC
fava_project — fava	Cross-site Scripting (XSS) – Reflected in GitHub repository beancount/fava prior to 1.22.2.	2022-07-25	not yet calculated	CVE-2022-2523 CONFIRM MISC
feehi_cms — advertising_management_module	An arbitrary file upload vulnerability in the Advertising Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary code via a crafted PHP file.	2022-07-27	not yet calculated	CVE-2022-34971 MISC
ffmpeg-sdk_project — ffmpeg-sdk	This affects all versions of package ffmpeg-sdk. The injection point is located in line 9 in index.js.	2022-07-25	not yet calculated	CVE-2020-28435 CONFIRM
filewave — filewave	An authentication bypass vulnerability exists in FileWave before 14.6.3 and 14.7.x before 14.7.2. Exploitation could allow an unauthenticated actor to gain access to the system with the highest authority possible and gain full control over the FileWave platform.	2022-07-25	not yet calculated	CVE-2022-34907 MISC MISC
filewave — filewave	A hard-coded cryptographic key is used in FileWave before 14.6.3 and 14.7.x before 14.7.2. Exploitation could allow an unauthenticated actor to decrypt sensitive information saved in FileWave, and even send crafted requests.	2022-07-25	not yet calculated	CVE-2022-34906 MISC MISC
fossil — xss_payload	Fossil 2.18 on Windows allows attackers to cause a denial of service (daemon crash) via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware.	2022-07-28	not yet calculated	CVE-2022-34009 MISC MISC
framework_team_softwares — tiff_split	A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file.	2022-07-29	not yet calculated	CVE-2022-34526 MISC
freehi — feehi_cms	A stored cross-site scripting (XSS) vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username field.	2022-07-28	not yet calculated	CVE-2022-34140 MISC MISC
fruits_bazar — fruits_bazar	Fruits Bazar v1.0 was discovered to contain a SQL injection vulnerability via the recover_email parameter at user_password_recover.php.	2022-07-26	not yet calculated	CVE-2022-34989 MISC
garage_management_system — garage_management_system	A vulnerability, which was classified as critical, has been found in SourceCodester Garage Management System 1.0. This issue affects some unknown processing of the file /php_action/createUser.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.	2022-07-29	not yet calculated	CVE-2022-2578 MISC MISC
garage_management_system — garage_management_system	A vulnerability, which was classified as problematic, was found in SourceCodester Garage Management System 1.0. Affected is an unknown function of the file /php_action/createUser.php. The manipulation of the argument userName with the input lala<img src=”https://us-cert.cisa.gov” onerror=alert(1)> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.	2022-07-29	not yet calculated	CVE-2022-2579 MISC MISC
garage_management_system — garage_management_system	A vulnerability classified as critical was found in SourceCodester Garage Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument id with the input -2’%20UNION%20select%2011,user(),333,444–+ leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.	2022-07-29	not yet calculated	CVE-2022-2577 MISC MISC
git_archive — git_archive	All versions of package git-archive are vulnerable to Command Injection via the exports function.	2022-07-25	not yet calculated	CVE-2020-28422 CONFIRM
gitlab — gitlab	An issue has been discovered in GitLab affecting all versions starting from 15.0 before 15.0.1. Missing validation of input used in quick actions allowed an attacker to exploit XSS by injecting HTML in contact details.	2022-07-28	not yet calculated	CVE-2022-1948 MISC CONFIRM MISC
gnome — gnome_gdkpixbuf	GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit systems.	2022-07-24	not yet calculated	CVE-2021-46829 MISC MISC MISC MISC MISC MLIST MISC
goanywhere — goanywhere_mft	A path traversal vulnerability exists within GoAnywhere MFT before 6.8.3 that utilize self-registration for the GoAnywhere Web Client. This vulnerability could potentially allow an external user who self-registers with a specific username and/or profile information to gain access to files at a higher directory level than intended.	2022-07-27	not yet calculated	CVE-2021-46830 MISC MISC
google — android	EllieGrid Android Application version 3.4.1 is vulnerable to Code Injection. The application appears to evaluate user input as code (remote).	2022-07-30	not yet calculated	CVE-2022-30083 MISC
google — chrome	Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1500 MISC MISC
google — chrome	Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1499 MISC MISC
google — chrome	Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1498 MISC MISC
google — chrome	Inappropriate implementation in Input in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to spoof the contents of cross-origin websites via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1497 MISC MISC
google — chrome	Use after free in File Manager in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction.	2022-07-26	not yet calculated	CVE-2022-1496 MISC MISC
google — chrome	Incorrect security UI in Downloads in Google Chrome on Android prior to 101.0.4951.41 allowed a remote attacker to spoof the APK downloads dialog via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1495 MISC MISC
google — chrome	Use after free in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction.	2022-07-26	not yet calculated	CVE-2022-1493 MISC MISC
google — chrome	Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1492 MISC MISC
google — chrome	Use after free in ANGLE in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1479 MISC MISC
google — chrome	Use after free in Portals in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.	2022-07-23	not yet calculated	CVE-2022-1125 MISC MISC
google — chrome	Inappropriate implementation in Web Contents in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1637 MISC MISC
google — chrome	Use after free in QR Code Generator in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.	2022-07-23	not yet calculated	CVE-2022-1127 MISC MISC
google — chrome	Use after free in Browser UI in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who had convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific user interactions.	2022-07-26	not yet calculated	CVE-2022-1634 MISC MISC
google — chrome	Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1129 MISC MISC
google — chrome	Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1364 MISC MISC
google — chrome	Use after free in Browser Switcher in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1490 MISC MISC
google — chrome	Inappropriate implementation in iframe in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1501 MISC MISC
google — chrome	Use after free in Sharesheet in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions.	2022-07-26	not yet calculated	CVE-2022-1633 MISC MISC
google — chrome	Out of bounds memory access in UI Shelf in Google Chrome on Chrome OS, Lacros prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific user interactions.	2022-07-26	not yet calculated	CVE-2022-1489 MISC MISC
google — chrome	Use after free in ANGLE in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1639 MISC MISC
google — chrome	Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1096 MISC MISC
google — chrome	Use after free in Sharing in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1640 MISC MISC
google — chrome	Use after free in Web UI Diagnostics in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interaction.	2022-07-26	not yet calculated	CVE-2022-1641 MISC MISC
google — chrome	Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2008 MISC MISC
google — chrome	Use after free in Bookmarks in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction.	2022-07-26	not yet calculated	CVE-2022-1491 MISC MISC
google — chrome	Use after free in Cast UI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1131 MISC MISC
google — chrome	Use after free in Performance APIs in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1636 MISC MISC
google — chrome	Inappropriate implementation in Extensions API in Google Chrome prior to 101.0.4951.41 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.	2022-07-26	not yet calculated	CVE-2022-1488 MISC MISC
google — chrome	Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-22	not yet calculated	CVE-2022-0978 MISC MISC
google — chrome	Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions.	2022-07-22	not yet calculated	CVE-2022-0980 MISC MISC
google — chrome	Use after free in Permission Prompts in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions.	2022-07-26	not yet calculated	CVE-2022-1635 MISC MISC
google — chrome	Heap buffer overflow in V8 Internationalization in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1638 MISC MISC
google — chrome	Insufficient data validation in Trusted Types in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass trusted types policy via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1494 MISC MISC
google — chrome	Use after free in Vulkan in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1477 MISC MISC
google — chrome	Use after free in regular expressions in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-25	not yet calculated	CVE-2022-1310 MISC MISC
google — chrome	Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.	2022-07-25	not yet calculated	CVE-2022-1309 MISC MISC
google — chrome	Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools.	2022-07-23	not yet calculated	CVE-2022-1142 MISC MISC
google — chrome	Use after free in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools.	2022-07-23	not yet calculated	CVE-2022-1144 MISC MISC
google — chrome	Use after free in WebRTC Perf in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1133 MISC MISC
google — chrome	Type confusion in V8 in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1134 MISC MISC
google — chrome	Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.	2022-07-25	not yet calculated	CVE-2022-1312 MISC MISC
google — chrome	Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user gesture.	2022-07-23	not yet calculated	CVE-2022-1141 MISC MISC
google — chrome	Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools.	2022-07-23	not yet calculated	CVE-2022-1143 MISC MISC
google — chrome	Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1137 MISC MISC
google — chrome	Inappropriate implementation in Resource Timing in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1146 MISC MISC
google — chrome	Use after free in Shopping Cart in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via standard feature user interaction.	2022-07-23	not yet calculated	CVE-2022-1135 MISC MISC
google — chrome	Use after free in Tab Strip in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific set of user gestures.	2022-07-23	not yet calculated	CVE-2022-1136 MISC MISC
google — chrome	Type confusion in V8 in Google Chrome prior to 100.0.4896.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-25	not yet calculated	CVE-2022-1232 MISC MISC
google — chrome	Use after free in SwiftShader in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1478 MISC MISC
google — chrome	Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1139 MISC MISC
google — chrome	Use after free in Sharing in Google Chrome on Mac prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1481 MISC MISC
google — chrome	Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device.	2022-07-23	not yet calculated	CVE-2022-1132 MISC MISC
google — chrome	Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1138 MISC MISC
google — chrome	Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interaction and profile destruction.	2022-07-23	not yet calculated	CVE-2022-1145 MISC MISC
google — chrome	Use after free in Ozone in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via running a Wayland test.	2022-07-26	not yet calculated	CVE-2022-1487 MISC MISC
google — chrome	Inappropriate implementation in WebGL in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1482 MISC MISC
google — chrome	Insufficient validation of trust input in WebOTP in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to send arbitrary intents from any app via a malicious app.	2022-07-23	not yet calculated	CVE-2022-1130 MISC MISC
google — chrome	Heap buffer overflow in WebGPU in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1483 MISC MISC
google — chrome	Heap buffer overflow in Web UI Settings in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1484 MISC MISC
google — chrome	Type confusion in V8 in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-25	not yet calculated	CVE-2022-1314 MISC MISC
google — chrome	Type confusion in V8 in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1486 MISC MISC
google — chrome	Use after free in File System API in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-26	not yet calculated	CVE-2022-1485 MISC MISC
google — chrome	Use after free in BFCache in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-25	not yet calculated	CVE-2022-1308 MISC MISC
google — chrome	Inappropriate implementation in full screen in Google Chrome on Android prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.	2022-07-25	not yet calculated	CVE-2022-1307 MISC MISC
google — chrome	Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.	2022-07-25	not yet calculated	CVE-2022-1306 MISC MISC
google — chrome	Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-25	not yet calculated	CVE-2022-1305 MISC MISC
google — chrome	Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1128 MISC MISC
google — chrome	Use after free in tab groups in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-25	not yet calculated	CVE-2022-1313 MISC MISC
google — chrome	Use after free in shell in Google Chrome on ChromeOS prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-25	not yet calculated	CVE-2022-1311 MISC MISC
google — chrome	Use after free in Safe Browsing in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.	2022-07-22	not yet calculated	CVE-2022-0979 MISC MISC
google — chrome	Use after free in Service Worker API in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2480 MISC MISC
google — chrome	Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2479 MISC MISC
google — chrome	Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2164 MISC MISC FEDORA
google — chrome	Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2011 MISC MISC
google — chrome	Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2294 MISC MISC FEDORA MLIST FEDORA
google — chrome	Insufficient validation of untrusted input in Data Transfer in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass same origin policy via a crafted clipboard content.	2022-07-27	not yet calculated	CVE-2022-1867 MISC MISC
google — chrome	Inappropriate implementation in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page.	2022-07-27	not yet calculated	CVE-2022-1868 MISC MISC
google — chrome	Heap buffer overflow in WebGL in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2415 MISC MISC
google — chrome	Use after free in Guest View in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2477 MISC MISC
google — chrome	Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user’s local files via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2160 MISC MISC FEDORA
google — chrome	Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions.	2022-07-28	not yet calculated	CVE-2022-2296 MISC MISC FEDORA
google — chrome	Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2295 MISC MISC FEDORA
google — chrome	Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.	2022-07-28	not yet calculated	CVE-2022-2165 MISC MISC FEDORA
google — chrome	Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53 allowed a remote attacker to bypass file system access via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2162 MISC MISC FEDORA
google — chrome	Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction.	2022-07-28	not yet calculated	CVE-2022-2163 MISC MISC FEDORA
google — chrome	Use after free in PDF in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2478 MISC MISC
google — chrome	Use after free in Views in Google Chrome prior to 103.0.5060.134 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via UI interaction.	2022-07-28	not yet calculated	CVE-2022-2481 MISC MISC
google — chrome	Use after free in WebApp Provider in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who convinced the user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.	2022-07-28	not yet calculated	CVE-2022-2161 MISC MISC FEDORA
google — chrome	Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2158 MISC MISC FEDORA
google — chrome	Use after free in Interest groups in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2157 MISC MISC FEDORA
google — chrome	Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2007 MISC MISC
google — chrome	Use after free in WebGPU in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2399 MISC MISC
google — chrome	Use after free in Core in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2156 MISC MISC FEDORA
google — chrome	Type Confusion in V8 in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-27	not yet calculated	CVE-2022-1869 MISC MISC
google — chrome	Use after free in Tab Groups in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.	2022-07-27	not yet calculated	CVE-2022-1863 MISC MISC
google — chrome	Out of bounds read in DevTools in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform an out of bounds memory read via specific user interaction.	2022-07-27	not yet calculated	CVE-2022-1858 MISC MISC
google — chrome	Use after free in Sharing in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific user interaction.	2022-07-27	not yet calculated	CVE-2022-1861 MISC MISC
google — chrome	Use after free in UI Foundations in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user interactions.	2022-07-27	not yet calculated	CVE-2022-1860 MISC MISC
google — chrome	Use after free in Performance Manager in Google Chrome prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.	2022-07-27	not yet calculated	CVE-2022-1859 MISC MISC
google — chrome	Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-2010 MISC MISC
google — chrome	Use after free in App Service in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.	2022-07-27	not yet calculated	CVE-2022-1870 MISC MISC
google — chrome	Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page.	2022-07-27	not yet calculated	CVE-2022-1857 MISC MISC
google — chrome	Use after free in User Education in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension or specific user interaction.	2022-07-27	not yet calculated	CVE-2022-1856 MISC MISC
google — chrome	Use after free in Messaging in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-27	not yet calculated	CVE-2022-1855 MISC MISC
google — chrome	Use after free in ANGLE in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-27	not yet calculated	CVE-2022-1854 MISC MISC
google — chrome	Use after free in Indexed DB in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.	2022-07-27	not yet calculated	CVE-2022-1853 MISC MISC
google — chrome	Inappropriate implementation in Extensions in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass profile restrictions via a crafted HTML page.	2022-07-27	not yet calculated	CVE-2022-1862 MISC MISC
google — chrome	Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page.	2022-07-27	not yet calculated	CVE-2022-1872 MISC MISC
google — chrome	Use after free in Bookmarks in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.	2022-07-27	not yet calculated	CVE-2022-1865 MISC MISC
google — chrome	Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions.	2022-07-27	not yet calculated	CVE-2022-1866 MISC MISC
google — chrome	Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.	2022-07-27	not yet calculated	CVE-2022-1864 MISC MISC
google — chrome	Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	2022-07-27	not yet calculated	CVE-2022-1873 MISC MISC
google — chrome	Use after free in Codecs in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-28	not yet calculated	CVE-2022-1919 MISC MISC
google — chrome	Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page.	2022-07-27	not yet calculated	CVE-2022-1874 MISC MISC
google — chrome	Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass file system policy via a crafted HTML page.	2022-07-27	not yet calculated	CVE-2022-1871 MISC MISC
google — chrome	Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	2022-07-27	not yet calculated	CVE-2022-1875 MISC MISC
google — chrome	Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.	2022-07-27	not yet calculated	CVE-2022-1876 MISC MISC
google — google_play_services_sdk_play-services-basement	Incorrect signature trust exists within Google Play services SDK play-services-basement. A debug version of Google Play services is trusted by the SDK for devices that are non-GMS. We recommend upgrading the SDK past the 2022-05-03 release.	2022-07-29	not yet calculated	CVE-2022-1799 MISC
google-cloudstorage-commands_project — google-cloudstorage-commands	This affects all versions of package google-cloudstorage-commands.	2022-07-25	not yet calculated	CVE-2020-28436 CONFIRM CONFIRM
gpac — gpsa/gpac	NULL Pointer Dereference in GitHub repository gpac/gpac prior to v2.1.0-DEV.	2022-07-27	not yet calculated	CVE-2022-2549 MISC CONFIRM
grapesjs — grapesjs	The package grapesjs before 0.19.5 are vulnerable to Cross-site Scripting (XSS) due to an improper sanitization of the class name in Selector Manager.	2022-07-25	not yet calculated	CVE-2022-21802 MISC MISC MISC MISC MISC
hallowelt — bluespice	Cross-site Scripting (XSS) vulnerability in “Extension:ExtendedSearch” of Hallo Welt! GmbH BlueSpice allows attacker to inject arbitrary HTML (XSS) on page “Special:SearchCenter”, using the search term in the URL.	2022-07-22	not yet calculated	CVE-2022-2510 CONFIRM
hallowelt — bluespice	Cross-site Scripting (XSS) vulnerability in the “commonuserinterface” component of BlueSpice allows an attacker to inject arbitrary HTML into a page using the title parameter of the call URL.	2022-07-22	not yet calculated	CVE-2022-2511 CONFIRM
hashicorp — vault/vault_enterprise	HashiCorp Vault and Vault Enterprise through 2022-07-17 have Incorrect Access Control.	2022-07-26	not yet calculated	CVE-2022-36129 MISC MISC
hcl_commerce — remote_store_server	HCL Commerce’s Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website.	2022-07-30	not yet calculated	CVE-2021-27785 MISC
hestiacp – hestiacp/hestiacp	OS Command Injection in GitHub repository hestiacp/hestiacp prior to 1.6.5.	2022-07-27	not yet calculated	CVE-2022-2550 MISC CONFIRM
hiby — hiby_r3_pro	Hiby R3 PRO firmware v1.5 to v1.7 was discovered to contain a file upload vulnerability via the file upload feature.	2022-07-29	not yet calculated	CVE-2022-34496 MISC MISC
hitachi_energy — hitachi_energy_msm	A vulnerability exists in the http web interface where the web interface does not validate data in an HTTP header. This causes a possible HTTP response splitting, which if exploited could lead an attacker to channel down harmful code into the user’s web browser, such as to steal the session cookies. Thus, an attacker who successfully makes an MSM user who has already established a session to MSM web interface clicks a forged link to the MSM web interface, e.g., the link is sent per E-Mail, could trick the user into downloading malicious software onto his computer. This issue affects: Hitachi Energy MSM V2.2 and prior versions.	2022-07-25	not yet calculated	CVE-2021-40336 CONFIRM
hitachi_energy — hitachi_energy_msm	A vulnerability exists in the HTTP web interface where the web interface does not sufficiently verify if a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. This cause a Cross Site Request Forgery (CSRF), which if exploited could lead an attacker to gain unauthorized access to the web application and perform an unwanted operation on it without the knowledge of the legitimate user. An attacker, who successfully makes an MSM user who has already established a session to MSM web interface clicks a forged link to the MSM web interface, e.g., link is sent per E-Mail, could perform harmful command on MSM through its web server interface. This issue affects: Hitachi Energy MSM V2.2 and prior versions.	2022-07-25	not yet calculated	CVE-2021-40335 CONFIRM
homepage_product_organizer_for_woocommerce_project — homepage_product_organizer_for_woocommerce	Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co’s Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress.	2022-07-22	not yet calculated	CVE-2022-30998 CONFIRM CONFIRM
honeywell — honeywell_experion_pks_safety_manager	Honeywell Experion PKS Safety Manager (SM and FSC) through 2022-05-06 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0053, there is a Honeywell Experion PKS Safety Manager insufficient logic security controls issue. The affected components are characterized as: Honeywell FSC runtime (FSC-CPU, QPP), Honeywell Safety Builder. The potential impact is: Remote Code Execution, Denial of Service. The Honeywell Experion PKS Safety Manager family of safety controllers utilize the unauthenticated Safety Builder protocol (FSCT-2022-0051) for engineering purposes, including downloading projects and control logic to the controller. Control logic is downloaded to the controller on a block-by-block basis. The logic that is downloaded consists of FLD code compiled to native machine code for the CPU module (which applies to both the Safety Manager and FSC families). Since this logic does not seem to be cryptographically authenticated, it allows an attacker capable of triggering a logic download to execute arbitrary machine code on the controller’s CPU module in the context of the runtime. While the researchers could not verify this in detail, the researchers believe that the microprocessor underpinning the FSC and Safety Manager CPU modules is incapable of offering memory protection or privilege separation capabilities which would give an attacker full control of the CPU module. There is no authentication on control logic downloaded to the controller. Memory protection and privilege separation capabilities for the runtime are possibly lacking. The researchers confirmed the issues in question on Safety Manager R145.1 and R152.2 but suspect the issue affects all FSC and SM controllers and associated Safety Builder versions regardless of software or firmware revision. An attacker who can communicate with a Safety Manager controller via the Safety Builder protocol can execute arbitrary code without restrictions on the CPU module, allowing for covert manipulation of control operations and implanting capabilities similar to the TRITON malware (MITRE ATT&CK software ID S1009). A mitigating factor with regards to some, but not all, of the above functionality is that these require the Safety Manager physical keyswitch to be in the right position.	2022-07-28	not yet calculated	CVE-2022-30315 MISC MISC
honeywell — honeywell_experion_pks_safety_manager	Honeywell Experion PKS Safety Manager through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0051, there is a Honeywell Experion PKS Safety Manager multiple proprietary protocols with unauthenticated functionality issue. The affected components are characterized as: Honeywell Experion TCP (51000/TCP), Safety Builder (51010/TCP). The potential impact is: Manipulate controller state, Manipulate controller configuration, Manipulate controller logic, Manipulate controller files, Manipulate IO. The Honeywell Experion PKS Distributed Control System (DCS) Safety Manager utilizes several proprietary protocols for a wide variety of functionality, including process data acquisition, controller steering and configuration management. These protocols include: Experion TCP (51000/TCP) and Safety Builder (51010/TCP). None of these protocols have any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality. There is no authentication functionality on the protocols in question. An attacker capable of invoking the protocols’ functionalities could achieve a wide range of adverse impacts, including (but not limited to), the following: for Experion TCP (51000/TCP): Issue IO manipulation commands, Issue file read/write commands; and for Safety Builder (51010/TCP): Issue controller start/stop commands, Issue logic download/upload commands, Issue file read commands, Issue system time change commands. A mitigating factor with regards to some, but not all, of the above functionality is that these require the Safety Manager physical keyswitch to be in the right position.	2022-07-28	not yet calculated	CVE-2022-30313 MISC MISC
honeywell — honeywell_experion_pks_safety_manager	Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The potential impact is: Firmware manipulation. The Honeywell Experion PKS Safety Manager utilizes the DCOM-232/485 communication FTA serial interface and Enea POLO bootloader for firmware management purposes. An engineering workstation running the Safety Builder software communicates via serial or serial-over-ethernet link with the DCOM-232/485 interface. Firmware images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks. Firmware images are unsigned. An attacker with access to the serial interface (either through physical access, a compromised EWS or an exposed serial-to-ethernet gateway) can utilize hardcoded credentials (see FSCT-2022-0052) for the POLO bootloader to control the boot process and push malicious firmware images to the controller allowing for firmware manipulation, remote code execution and denial of service impacts. A mitigating factor is that in order for a firmware update to be initiated, the Safety Manager has to be rebooted which is typically done by means of physical controls on the Safety Manager itself. As such, an attacker would have to either lay dormant until a legitimate reboot occurs or possibly attempt to force a reboot through a secondary vulnerability.	2022-07-28	not yet calculated	CVE-2022-30316 MISC MISC
honeywell — honeywell_experion_pks_safety_manager	Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The Honeywell Experion PKS Safety Manager utilizes the DCOM-232/485 serial interface for firmware management purposes. When booting, the Safety Manager exposes the Enea POLO bootloader via this interface. Access to the boot configuration is controlled by means of credentials hardcoded in the Safety Manager firmware. The credentials for the bootloader are hardcoded in the firmware. An attacker with access to the serial interface (either through physical access, a compromised EWS or an exposed serial-to-ethernet gateway) can utilize these credentials to control the boot process and manipulate the unauthenticated firmware image (see FSCT-2022-0054).	2022-07-28	not yet calculated	CVE-2022-30314 MISC MISC
honeywell — saia_burgess_controls_pcd	Saia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm. According to FSCT-2022-0063, there is a Saia Burgess Controls (SBC) PCD S-Bus weak credential hashing scheme issue. The affected components are characterized as: S-Bus (5050/UDP) authentication. The potential impact is: Authentication bypass. The Saia Burgess Controls (SBC) PCD controllers utilize the S-Bus protocol (5050/UDP) for a variety of engineering purposes. It is possible to configure a password in order to restrict access to sensitive engineering functionality. Authentication is done by using the S-Bus ‘write byte’ message to a specific address and supplying a hashed version of the password. The hashing algorithm used is based on CRC-16 and as such not cryptographically secure. An insecure hashing algorithm is used. An attacker capable of passively observing traffic can intercept the hashed credentials and trivially find collisions allowing for authentication without having to bruteforce a keyspace defined by the actual strength of the password. This allows the attacker access to sensitive engineering functionality such as uploading/downloading control logic and manipulating controller configuration.	2022-07-28	not yet calculated	CVE-2022-30320 MISC MISC
honeywell — saia_burgess_controls_pcd	Saia Burgess Controls (SBC) PCD through 2022-05-06 allows Authentication bypass. According to FSCT-2022-0062, there is a Saia Burgess Controls (SBC) PCD S-Bus authentication bypass issue. The affected components are characterized as: S-Bus (5050/UDP) authentication. The potential impact is: Authentication bypass. The Saia Burgess Controls (SBC) PCD controllers utilize the S-Bus protocol (5050/UDP) for a variety of engineering purposes. It is possible to configure a password in order to restrict access to sensitive engineering functionality. Authentication functions on the basis of a MAC/IP whitelist with inactivity timeout to which an authenticated client’s MAC/IP is stored. UDP traffic can be spoofed to bypass the whitelist-based access control. Since UDP is stateless, an attacker capable of passively observing traffic can spoof arbitrary messages using the MAC/IP of an authenticated client. This allows the attacker access to sensitive engineering functionality such as uploading/downloading control logic and manipulating controller configuration.	2022-07-28	not yet calculated	CVE-2022-30319 MISC MISC
horde_groupware — horde_groupware_webmail_edition	Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects.	2022-07-28	not yet calculated	CVE-2022-30287 MISC MISC
ibm — ibm_robotic_process_automation	IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user with access to the local host (client machine) to obtain a login access token. IBM X-Force ID: 223019.	2022-07-26	not yet calculated	CVE-2022-22412 CONFIRM XF
ibm — powervm_vios	IBM PowerVM VIOS 3.1 could allow a remote attacker to tamper with system configuration or cause a denial of service. IBM X-Force ID: 230956.	2022-07-29	not yet calculated	CVE-2022-35643 CONFIRM XF
ibm — qradar_siem	IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege escalation if this could be combined with other unknown vulnerabilities then privilege escalation could be performed. IBM X-Force ID: 216111.	2022-07-28	not yet calculated	CVE-2021-39088 CONFIRM XF
ibm — security_verify_information_queue	IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 230812.	2022-07-25	not yet calculated	CVE-2022-35285 CONFIRM XF
ibm — security_verify_information_queue	IBM Security Verify Information Queue 10.0.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 230817.	2022-07-25	not yet calculated	CVE-2022-35287 XF CONFIRM
ibm — security_verify_information_queue	IBM Security Verify Information Queue 10.0.2 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 230811.	2022-07-25	not yet calculated	CVE-2022-35284 CONFIRM XF
ibm — security_verify_information_queue	IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 230814.	2022-07-26	not yet calculated	CVE-2022-35286 CONFIRM XF
ibm — security_verify_information_queue	IBM Security Verify Information Queue 10.0.2 could allow a user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 230818.	2022-07-25	not yet calculated	CVE-2022-35288 XF CONFIRM
ibm — sterling_partner_engagement_manager	IBM Sterling Partner Engagement Manager 6.1, 6.2, and Cloud 22.2 do not limit the length of a connection which could cause the server to become unresponsive. IBM X-Force ID: 230932.	2022-07-26	not yet calculated	CVE-2022-35639 CONFIRM XF
inavitas — inavitas_solar_log	Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.	2022-07-29	not yet calculated	CVE-2022-1277 CONFIRM
inductive_automation — inductive_automation_ignition	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ZIP files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17115.	2022-07-25	not yet calculated	CVE-2022-35872 MISC MISC
inductive_automation — inductive_automation_ignition	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within com.inductiveautomation.metro.impl. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17265.	2022-07-25	not yet calculated	CVE-2022-35870 MISC MISC
inductive_automation — inductive_automation_ignition	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of ZIP files. Crafted data in a ZIP file can cause the application to execute arbitrary Python scripts. The user interface fails to provide sufficient indication of the hazard. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-16949.	2022-07-25	not yet calculated	CVE-2022-35873 MISC MISC
inductive_automation — inductive_automation_ignition	This vulnerability allows remote attackers to bypass authentication on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). Authentication is not required to exploit this vulnerability. The specific flaw exists within com.inductiveautomation.ignition.gateway.web.pages. The issue results from the lack of proper authentication prior to access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-17211.	2022-07-25	not yet calculated	CVE-2022-35869 MISC MISC
inductive_automation — inductive_automation_ignition	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). Authentication is not required to exploit this vulnerability. The specific flaw exists within the authenticateAdSso method. The issue results from the lack of authentication prior to allowing the execution of python code. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17206.	2022-07-25	not yet calculated	CVE-2022-35871 MISC MISC
inmailx — inmailx_outlook	InMailX Outlook Plugin < 3.22.0101 is vulnerable to Cross Site Scripting (XSS). InMailX Connection names are not sanitzed in the Outlook tab, which allows a local user or network administrator to execute HTML / Javascript in the Outlook of users.	2022-07-26	not yet calculated	CVE-2022-27105 MISC MISC
inoutscripts — blockchain_altexchanger	Inout Blockchain AltExchanger v1.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/js.	2022-07-26	not yet calculated	CVE-2022-34988 MISC
ion_parser — ion_parser	This affects all versions of package ion-parser. If an attacker submits a malicious INI file to an application that parses it with parse , they will pollute the prototype on the application. This can be exploited further depending on the context.	2022-07-25	not yet calculated	CVE-2020-28462 CONFIRM
itech — movie_portal_script	A vulnerability classified as critical was found in Itech Movie Portal Script 7.36. This vulnerability affects unknown code of the file /artist-display.php. The manipulation of the argument act leads to sql injection (Union). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.	2022-07-22	not yet calculated	CVE-2017-20142 N/A N/A
itech — movie_portal_script	A vulnerability, which was classified as critical, has been found in Itech Movie Portal Script 7.36. This issue affects some unknown processing of the file /film-rating.php. The manipulation of the argument v leads to sql injection (Error). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.	2022-07-22	not yet calculated	CVE-2017-20143 N/A N/A
itech — movie_portal_script	A vulnerability classified as critical has been found in Itech Movie Portal Script 7.36. This affects an unknown part of the file /movie.php. The manipulation of the argument f leads to sql injection (Union). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.	2022-07-22	not yet calculated	CVE-2017-20141 N/A N/A
itech — movie_portal_script	A vulnerability was found in Itech Movie Portal Script 7.36. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /show_news.php. The manipulation of the argument id with the input AND (SELECT 1222 FROM(SELECT COUNT(),CONCAT(0x71786b7a71,(SELECT (ELT(1222=1222,1))),0x717a627871,FLOOR(RAND(0)2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) leads to sql injection (Error). The attack can be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-22	not yet calculated	CVE-2017-20139 N/A N/A
itech — movie_portal_script	A vulnerability was found in Itech Movie Portal Script 7.36. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /movie.php. The manipulation of the argument f with the input <img src=i onerror=prompt(1)> leads to basic cross site scripting (Reflected). The attack may be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-22	not yet calculated	CVE-2017-20140 N/A N/A
itsourcecode — advance_management_system	Advanced School Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the address parameter at ip/school/index.php.	2022-07-28	not yet calculated	CVE-2022-34580 MISC
itsourcecode — barangay_management_system	Barangay Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the module editing function at /pages/activity/activity.php.	2022-07-27	not yet calculated	CVE-2022-34120 MISC
itsourcecode — advanced_school_management_system	Advanced School Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component ip/school/moudel/update_subject.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit Subject text field.	2022-07-27	not yet calculated	CVE-2022-34594 MISC
itsourcecode — barangay_management_system	Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /pages/permit/permit.php.	2022-07-28	not yet calculated	CVE-2022-34557 MISC
izrip — izrip	An issue was discovered in lrzip version 0.641. There are memory leaks in fill_buffer() in stream.c.	2022-07-26	not yet calculated	CVE-2021-33451 MISC MISC
izrip — izrip	An issue was discovered in lrzip version 0.641. There is a use-after-free in ucompthread() in stream.c:1538.	2022-07-26	not yet calculated	CVE-2021-33453 MISC MISC
jenkins — buckminster	Jenkins Buckminster Plugin 1.1.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.	2022-07-27	not yet calculated	CVE-2022-36918 CONFIRM MLIST
jenkins — clif_performance_testing	An arbitrary file write vulnerability in Jenkins CLIF Performance Testing Plugin 64.vc0d66de1dfb_f and earlier allows attackers with Overall/Read permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content.	2022-07-27	not yet calculated	CVE-2022-36894 CONFIRM MLIST
jenkins — compuware_ispw_operations	Jenkins Compuware ISPW Operations Plugin 1.0.8 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties.	2022-07-27	not yet calculated	CVE-2022-36899 CONFIRM MLIST
jenkins — compuware_ispw_operations	A missing permission check in Jenkins Compuware ISPW Operations Plugin 1.0.8 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins.	2022-07-27	not yet calculated	CVE-2022-36898 CONFIRM MLIST
jenkins — compuware_source_code_download	A missing permission check in Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin 2.0.12 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins.	2022-07-27	not yet calculated	CVE-2022-36896 CONFIRM MLIST
jenkins — compuware_topaz_utilities	A missing permission check in Jenkins Compuware Topaz Utilities Plugin 1.0.8 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins.	2022-07-27	not yet calculated	CVE-2022-36895 CONFIRM MLIST
jenkins — compuware_xpediter_code_coverage	A missing permission check in Jenkins Compuware Xpediter Code Coverage Plugin 1.0.7 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins.	2022-07-27	not yet calculated	CVE-2022-36897 CONFIRM MLIST
jenkins — coverity	A cross-site request forgery (CSRF) vulnerability in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.	2022-07-27	not yet calculated	CVE-2022-36920 CONFIRM MLIST
jenkins — coverity	A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.	2022-07-27	not yet calculated	CVE-2022-36919 CONFIRM MLIST
jenkins — coverity	A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.	2022-07-27	not yet calculated	CVE-2022-36921 CONFIRM MLIST
jenkins — deployer_framework	Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier does not restrict the application path of the applications when configuring a deployment, allowing attackers with Item/Configure permission to upload arbitrary files from the Jenkins controller file system to the selected service.	2022-07-27	not yet calculated	CVE-2022-36889 CONFIRM MLIST
jenkins — deployer_framework	A missing permission check in Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier allows attackers with Item/Read permission but without Deploy Now/Deploy permission to read deployment logs.	2022-07-27	not yet calculated	CVE-2022-36891 CONFIRM MLIST
jenkins — deployer_framework	Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier does not restrict the name of files in methods implementing form validation, allowing attackers with Item/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.	2022-07-27	not yet calculated	CVE-2022-36890 CONFIRM MLIST
jenkins — external_monitor_job_type	A cross-site request forgery (CSRF) vulnerability in Jenkins External Monitor Job Type Plugin 191.v363d0d1efdf8 and earlier allows attackers to create runs of an external job.	2022-07-27	not yet calculated	CVE-2022-36886 CONFIRM MLIST
jenkins — git	The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository.	2022-07-27	not yet calculated	CVE-2022-36884 CONFIRM MLIST
jenkins — git	A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.	2022-07-27	not yet calculated	CVE-2022-36883 CONFIRM MLIST
jenkins — git	A cross-site request forgery (CSRF) vulnerability in Jenkins Git Plugin 4.11.3 and earlier allows attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.	2022-07-27	not yet calculated	CVE-2022-36882 CONFIRM MLIST
jenkins — git_client	Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks.	2022-07-27	not yet calculated	CVE-2022-36881 CONFIRM MLIST
jenkins — github	Jenkins GitHub Plugin 1.34.4 and earlier uses a non-constant time comparison function when checking whether the provided and computed webhook signatures are equal, allowing attackers to use statistical methods to obtain a valid webhook signature.	2022-07-27	not yet calculated	CVE-2022-36885 CONFIRM MLIST
jenkins — google_cloud_backup	A missing permission check in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers with Overall/Read permission to request a manual backup.	2022-07-27	not yet calculated	CVE-2022-36917 CONFIRM MLIST
jenkins — google_cloud_backup	A cross-site request forgery (CSRF) vulnerability in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers to request a manual backup.	2022-07-27	not yet calculated	CVE-2022-36916 CONFIRM MLIST
jenkins — job_configuration_history	A cross-site request forgery (CSRF) vulnerability in Jenkins Job Configuration History Plugin 1155.v28a_46a_cc06a_5 and earlier allows attackers to delete entries from job, agent, and system configuration history, or restore older versions of job, agent, and system configurations.	2022-07-27	not yet calculated	CVE-2022-36887 CONFIRM MLIST
jenkins — lucene_search	Jenkins Lucene-Search Plugin 370.v62a5f618cd3a and earlier does not escape the search query parameter displayed on the ‘search’ result page, resulting in a reflected cross-site scripting (XSS) vulnerability.	2022-07-27	not yet calculated	CVE-2022-36922 CONFIRM MLIST
jenkins — openshift_deployer	A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system to an attacker-specified URL.	2022-07-27	not yet calculated	CVE-2022-36909 CONFIRM MLIST
jenkins — rhnpush-plugin	Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace contents.	2022-07-27	not yet calculated	CVE-2022-36892 CONFIRM MLIST
jenkins –android_signing	Jenkins Android Signing Plugin 2.2.5 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace contents.	2022-07-27	not yet calculated	CVE-2022-36915 CONFIRM MLIST
jenkins –compuware_zadviser_api	Jenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties.	2022-07-27	not yet calculated	CVE-2022-36900 CONFIRM MLIST
jenkins –files_found_trigger	Jenkins Files Found Trigger Plugin 1.5 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.	2022-07-27	not yet calculated	CVE-2022-36914 CONFIRM MLIST
jenkins –http_request	Jenkins HTTP Request Plugin 1.15 and earlier stores HTTP Request passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.	2022-07-27	not yet calculated	CVE-2022-36901 CONFIRM MLIST
jenkins –lucene_search	Jenkins Lucene-Search Plugin 370.v62a5f618cd3a and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to reindex the database and to obtain information about jobs otherwise inaccessible to them.	2022-07-27	not yet calculated	CVE-2022-36910 CONFIRM MLIST
jenkins –maven_metadata	Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.2 and earlier does not perform URL validation for the Repository Base URL of List maven artifact versions parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.	2022-07-27	not yet calculated	CVE-2022-36905 CONFIRM MLIST
jenkins –openshift_deployer	A cross-site request forgery (CSRF) vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password.	2022-07-27	not yet calculated	CVE-2022-36906 CONFIRM MLIST
jenkins –openshift_deployer	A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password.	2022-07-27	not yet calculated	CVE-2022-36907 CONFIRM MLIST
jenkins –openshift_deployer	A cross-site request forgery (CSRF) vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system to an attacker-specified URL.	2022-07-27	not yet calculated	CVE-2022-36908 CONFIRM MLIST
jenkins –openstack_heat	Jenkins Openstack Heat Plugin 1.5 and earlier does not perform permission checks in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.	2022-07-27	not yet calculated	CVE-2022-36913 CONFIRM MLIST
jenkins –openstack_heat	A cross-site request forgery (CSRF) vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL.	2022-07-27	not yet calculated	CVE-2022-36911 CONFIRM MLIST
jenkins –openstack_heat	A missing permission check in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.	2022-07-27	not yet calculated	CVE-2022-36912 CONFIRM MLIST
jenkins –repository_connector	Jenkins Repository Connector Plugin 2.2.0 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.	2022-07-27	not yet calculated	CVE-2022-36904 CONFIRM MLIST
jenkins –repository_connector	A missing permission check in Jenkins Repository Connector Plugin 2.2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.	2022-07-27	not yet calculated	CVE-2022-36903 CONFIRM MLIST
jenkins — dynamic_extended_choice	Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape several fields of Moded Extended Choice parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.	2022-07-27	not yet calculated	CVE-2022-36902 CONFIRM MLIST
jenkins — hashicorp_vault	A missing permission check in Jenkins HashiCorp Vault Plugin 354.vdb_858fd6b_f48 and earlier allows attackers with Overall/Read permission to obtain credentials stored in Vault with attacker-specified path and keys.	2022-07-27	not yet calculated	CVE-2022-36888 CONFIRM MLIST
jenkins — rpmsign-plugin	Jenkins rpmsign-plugin Plugin 0.5.0 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace contents.	2022-07-27	not yet calculated	CVE-2022-36893 CONFIRM MLIST
jetbrains — intellij_idea	In JetBrains IntelliJ IDEA before 2022.2 email address validation in the “Git User Name Is Not Defined” dialog was missed	2022-07-28	not yet calculated	CVE-2022-37010 MISC
johnsoncontrols — metasys_open_application_server	Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.2 and enumerate users.	2022-07-22	not yet calculated	CVE-2021-36200 CONFIRM CERT
joplin — joplin	Joplin v2.8.8 allows attackers to execute arbitrary commands via a crafted payload injected into the Node titles.	2022-07-25	not yet calculated	CVE-2022-35131 MISC MISC MISC
js_ini — js_ini	This affects the package js-ini before 1.3.0. If an attacker submits a malicious INI file to an application that parses it with parse , they will pollute the prototype on the application. This can be exploited further depending on the context.	2022-07-25	not yet calculated	CVE-2020-28461 CONFIRM CONFIRM
jtekt — jtekt_toyopuc_plc	JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP protocol (configurable on ports 1024-65534 on either TCP or UDP) for a wide variety of engineering purposes such as starting and stopping the PLC, downloading and uploading projects, and changing configuration settings. This protocol does not have any authentication features, allowing any attacker capable of communicating with the port in question to invoke (a subset of) desired functionality.	2022-07-26	not yet calculated	CVE-2022-29951 MISC MISC
jtekt — jtekt_toyopuc_plc	JTEKT TOYOPUC PLCs through 2022-04-29 do not ensure data integrity. They utilize the unauthenticated CMPLink/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. Control logic is downloaded to the PLC on a block-by-block basis with a given memory address and a blob of machine code. The logic that is downloaded to the PLC is not cryptographically authenticated, allowing an attacker to execute arbitrary machine code on the PLC’s CPU module in the context of the runtime. In the case of the PC10G-CPU, and likely for other CPU modules of the TOYOPUC family, a processor without MPU or MMU is used and this no memory protection or privilege-separation capabilities are available, giving an attacker full control over the CPU.	2022-07-26	not yet calculated	CVE-2022-29958 MISC MISC
kippo-graph — kippo-graph	In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in xss_clean() in class/KippoInput.class.php.	2022-07-28	not yet calculated	CVE-2016-2138 MISC MISC
kippo-graph — kippo-graph	In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in $file_link in class/KippoInput.class.php.	2022-07-28	not yet calculated	CVE-2016-2139 MISC MISC
libxml — libxml	Possible cross-site scripting vulnerability in libxml after commit 960f0e2.	2022-07-28	not yet calculated	CVE-2016-3709 MISC
linux — linux_kernel	The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.	2022-07-29	not yet calculated	CVE-2022-36123 MISC MISC MISC CONFIRM CONFIRM
linux — linux_kernel	A memory leak flaw was found in the Linux kernel in acrn_dev_ioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. This flaw allows a local privileged attacker to leak unauthorized kernel information, causing a denial of service.	2022-07-26	not yet calculated	CVE-2022-1651 MISC
linux — linux_kernel	nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.	2022-07-27	not yet calculated	CVE-2022-36946 MISC
linux — linux_kernel	An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.	2022-07-27	not yet calculated	CVE-2022-36879 MISC MISC
linux — linux_kernel	io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859	2022-07-22	not yet calculated	CVE-2022-2327 CONFIRM CONFIRM
linux — linux_kernel	A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.	2022-07-26	not yet calculated	CVE-2022-1671 MISC
mageni — student_management_syetem	A stored cross-site scripting (XSS) vulnerability in /nav_bar_action.php of Student Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat box.	2022-07-28	not yet calculated	CVE-2021-33371 MISC
markdown_it_decorate — markdown_it_decorate	This affects all versions of package markdown-it-decorate. An attacker can add an event handler or use javascript:xxx for the link.	2022-07-25	not yet calculated	CVE-2020-28459 CONFIRM
markdown_it_toc — markdown_it_toc	This affects all versions of package markdown-it-toc. The title of the generated toc and the contents of the header are not escaped.	2022-07-25	not yet calculated	CVE-2020-28455 CONFIRM
mcafee — mcafee_agent	A DLL hijacking vulnerability in the MA Smart Installer for Windows prior to 5.7.7, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL into the folder from where the Smart installer is being executed.	2022-07-27	not yet calculated	CVE-2022-2313 CONFIRM
microweber — microweber	Cross-site Scripting (XSS) – Reflected in GitHub repository microweber/microweber prior to 1.2.21.	2022-07-22	not yet calculated	CVE-2022-2470 CONFIRM MISC
microweber — microweber	Cross-site Scripting (XSS) – Stored in GitHub repository microweber/microweber prior to 1.2.21.	2022-07-22	not yet calculated	CVE-2022-2495 CONFIRM MISC
midori-global — better_pdf_exporter	The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page.	2022-07-22	not yet calculated	CVE-2022-36131 MISC MISC
mistune — mistune	In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic backtracking.	2022-07-25	not yet calculated	CVE-2022-34749 MISC MISC
moodle — moodle	A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user’s browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks.	2022-07-25	not yet calculated	CVE-2022-35651 MISC MISC MISC FEDORA FEDORA
moodle — moodle	A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user’s browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks. This vulnerability does not impact authenticated users.	2022-07-25	not yet calculated	CVE-2022-35653 MISC MISC MISC FEDORA FEDORA
moodle — moodle	The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. This insufficient path checks results in arbitrary file read risk. This vulnerability allows a remote attacker to perform directory traversal attacks. The capability to access this feature is only available to teachers, managers and admins by default.	2022-07-25	not yet calculated	CVE-2022-35650 MISC MISC MISC FEDORA FEDORA
moodle — moodle	An open redirect issue was found in Moodle due to improper sanitization of user-supplied data in mobile auto-login feature. A remote attacker can create a link that leads to a trusted website, however, when clicked, it redirects the victims to arbitrary URL/domain. Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.	2022-07-25	not yet calculated	CVE-2022-35652 MISC MISC MISC FEDORA FEDORA
moodle — moodle	The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.	2022-07-25	not yet calculated	CVE-2022-35649 MISC MISC MISC FEDORA FEDORA
motorola — moscad_and_ace_rtu	The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MDLC) networks (potentially over a variety of serial, RF and/or Ethernet links) and TCP/IP networks. Communication with RTUs behind the gateway is done by means of the proprietary IPGW protocol (5001/TCP). This protocol does not have any authentication features, allowing any attacker capable of communicating with the port in question to invoke (a subset of) desired functionality.	2022-07-26	not yet calculated	CVE-2022-30276 MISC MISC
motorola — motorola_ace1000_rtu	The Motorola ACE1000 RTU through 2022-05-02 mishandles firmware integrity. It utilizes either the STS software suite or ACE1000 Easy Configurator for performing firmware updates. In case of the Easy Configurator, firmware updates are performed through access to the Web UI where file system, kernel, package, bundle, or application images can be installed. Firmware updates for the Front End Processor (FEP) module are performed via access to the SSH interface (22/TCP), where a .hex file image is transferred and a bootloader script invoked. File system, kernel, package, and bundle updates are supplied as RPM (RPM Package Manager) files while FEP updates are supplied as S-rec files. In all cases, firmware images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks.	2022-07-26	not yet calculated	CVE-2022-30272 MISC MISC
motorola — motorola_ace1000_rtu	The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption mode, traffic is encrypted via the Tiny Encryption Algorithm (TEA) block-cipher in ECB mode. This mode of operation does not offer message integrity and offers reduced confidentiality above the block level, as demonstrated by an ECB Penguin attack against any block ciphers.	2022-07-26	not yet calculated	CVE-2022-30273 MISC MISC MISC
motorola — motorola_ace1000_rtu	The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations that are part of engineering software functionality. Access to this interface is controlled by 5 preconfigured accounts (root, abuilder, acelogin, cappl, ace), all of which come with default credentials. Although the ACE1000 documentation mentions the root, abuilder and acelogin accounts and instructs users to change the default credentials, the cappl and ace accounts remain undocumented and thus are unlikely to have their credentials changed.	2022-07-26	not yet calculated	CVE-2022-30270 MISC MISC
motorola — motorola_ace1000_rtu	Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom application installation via either STS software, the C toolkit, or the ACE1000 Easy Configurator. In the case of the Easy Configurator, application images (as PLX/DAT/APP/CRC files) are uploaded via the Web UI. In case of the C toolkit, they are transferred and installed using SFTP/SSH. In each case, application images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks.	2022-07-26	not yet calculated	CVE-2022-30269 MISC MISC
motorola — motorola_ace1000_rtu	The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with an XRT LAN-to-radio gateway by means of an embedded client. Credentials for accessing this gateway are stored after being encrypted with the Tiny Encryption Algorithm (TEA) in ECB mode using a hardcoded key. Similarly, the ACE1000 RTU can route MDLC traffic over Extended Command and Management Protocol (XCMP) and Network Layer (XNL) networks via the MDLC driver. Authentication to the XNL port is protected by TEA in ECB mode using a hardcoded key.	2022-07-26	not yet calculated	CVE-2022-30274 MISC MISC
motorola — motorola_ace1000_rtu	The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts (such as /etc/init.d/sshd_service) only generate a new key if no private-key file exists. Thus, this hardcoded key is likely to be used by default.	2022-07-26	not yet calculated	CVE-2022-30271 MISC MISC
motorola — motorola_moscad_toolbox_software	The Motorola MOSCAD Toolbox software through 2022-05-02 relies on a cleartext password. It utilizes an MDLC driver to communicate with MOSCAD/ACE RTUs for engineering purposes. Access to these communications is protected by a password stored in cleartext in the wmdlcdrv.ini driver configuration file. In addition, this password is used for access control to MOSCAD/STS projects protected with the Legacy Password feature. In this case, an insecure CRC of the password is present in the project file: this CRC is validated against the password in the driver configuration file.	2022-07-26	not yet calculated	CVE-2022-30275 MISC MISC
multisafepay — multisafepay_for_woocommerce	Unauthenticated Arbitrary File Read vulnerability in MultiSafepay plugin for WooCommerce plugin <= 4.13.1 at WordPress.	2022-07-22	not yet calculated	CVE-2022-33901 CONFIRM CONFIRM
nasm — nasm	An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_malloc() in nasmlib/alloc.c.	2022-07-26	not yet calculated	CVE-2021-33452 MISC MISC
nasm — nasm	An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_calloc() in nasmlib/alloc.c.	2022-07-26	not yet calculated	CVE-2021-33450 MISC MISC
nodepdf — nodepdf	Input passed to the Pdf() function is shell escaped and passed to child_process.exec() during PDF rendering. However, the shell escape does not properly encode all special characters, namely, semicolon and curly braces. This can be abused to achieve command execution. This problem affects nodepdf 1.3.0.	2022-07-28	not yet calculated	CVE-2016-4991 MISC
npm_help — npm_help	This affects all versions of package npm-help. The injection point is located in line 13 in index.js file in export.latestVersion() function.	2022-07-25	not yet calculated	CVE-2020-28445 CONFIRM
ntesseract_project — ntesseract	The package ntesseract before 0.2.9 are vulnerable to Command Injection via lib/tesseract.js.	2022-07-25	not yet calculated	CVE-2020-28446 CONFIRM CONFIRM
obsidian — obsidian	Obsidian 0.14.x and 0.15.x before 0.15.5 allows obsidian://hook-get-address remote code execution because window.open is used without checking the URL.	2022-07-25	not yet calculated	CVE-2022-36450 MISC
odoo — open_source_point_of_sale	Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page.	2022-07-28	not yet calculated	CVE-2022-34578 MISC
omron — plcs	In Omron CS series, CJ series, and CP series PLCs through 2022-05-18, the password for access to the Web UI is stored in memory area D1449…D1452 and can be read out using the Omron FINS protocol without any further authentication.	2022-07-26	not yet calculated	CVE-2022-31205 MISC MISC
omron — plcs	Omron CS series, CJ series, and CP series PLCs through 2022-05-18 use cleartext passwords. They feature a UM Protection setting that allows users or system integrators to configure a password in order to restrict sensitive engineering operations (such as project/logic uploads and downloads). This password is set using the OMRON FINS command Program Area Protect and unset using the command Program Area Protect Clear, both of which are transmitted in cleartext.	2022-07-26	not yet calculated	CVE-2022-31204 MISC MISC
omron — plcs	The Omron SYSMAC Cx product family PLCs (CS series, CJ series, and CP series) through 2022-05-18 lack cryptographic authentication. They utilize the Omron FINS (9600/TCP) protocol for engineering purposes, including downloading projects and control logic to the PLC. This protocol has authentication flaws as reported in FSCT-2022-0057. Control logic is downloaded to PLC volatile memory using the FINS Program Area Read and Program Area Write commands or to non-volatile memory using other commands from where it can be loaded into volatile memory for execution. The logic that is loaded into and executed from the user program area exists in compiled object code form. Upon execution, these object codes are first passed to a dedicated ASIC that determines whether the object code is to be executed by the ASIC or the microprocessor. In the former case, the object code is interpreted by the ASIC whereas in the latter case the object code is passed to the microprocessor for object code interpretation by a ROM interpreter. In the abnormal case where the object code cannot be handled by either, an abnormal condition is triggered and the PLC is halted. The logic that is downloaded to the PLC does not seem to be cryptographically authenticated, thus allowing an attacker to manipulate transmitted object code to the PLC and either execute arbitrary object code commands on the ASIC or on the microprocessor interpreter.	2022-07-26	not yet calculated	CVE-2022-31207 MISC MISC
omron — plcs	The Omron SYSMAC Nx product family PLCs (NJ series, NY series, NX series, and PMAC series) through 2022-005-18 lack cryptographic authentication. These PLCs are programmed using the SYMAC Studio engineering software (which compiles IEC 61131-3 conformant POU code to native machine code for execution by the PLC’s runtime). The resulting machine code is executed by a runtime, typically controlled by a real-time operating system. The logic that is downloaded to the PLC does not seem to be cryptographically authenticated, allowing an attacker to manipulate transmitted object code to the PLC and execute arbitrary machine code on the processor of the PLC’s CPU module in the context of the runtime. In the case of at least the NJ series, an RTOS and hardware combination is used that would potentially allow for memory protection and privilege separation and thus limit the impact of code execution. However, it was not confirmed whether these sufficiently segment the runtime from the rest of the RTOS.	2022-07-26	not yet calculated	CVE-2022-31206 MISC MISC
online_fire_reporting_system — online_fire_reporting_system	A cross-site scripting (XSS) vulnerability in /index.php/?p=report of Online Fire Reporting System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the “Contac #” text field.	2022-07-27	not yet calculated	CVE-2022-34611 MISC MISC MISC
online_fire_reporting_system_project — online_fire_reporting_system_1.0	Online Fire Reporting System 1.0 is vulnerable to SQL Injection via the date parameter.	2022-07-26	not yet calculated	CVE-2022-31879 MISC
open_xchange — oc_app_suite	OX App Suite through 7.10.6 allows XSS by forcing block-wise read.	2022-07-27	not yet calculated	CVE-2022-23099 CONFIRM MISC
open_xchange — ox_app_suite	OX App Suite through 7.10.6 allows OS Command Injection via a serialized Java class to the Documentconverter API.	2022-07-27	not yet calculated	CVE-2022-24405 CONFIRM MISC
open_xchange — ox_app_suite	OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable, and this can lead to injection into internal Documentconverter API calls.	2022-07-27	not yet calculated	CVE-2022-24406 CONFIRM MISC
open_xchange — ox_app_suite	OX App Suite through 7.10.6 allows XSS via appHandler in a deep link in an e-mail message.	2022-07-27	not yet calculated	CVE-2022-23101 CONFIRM MISC
open_xchange — ox_app_suite	OX App Suite through 7.10.6 allows OS Command Injection via Documentconverter (e.g., through an email attachment).	2022-07-27	not yet calculated	CVE-2022-23100 CONFIRM MISC
openemr — openemr	Data Access from Outside Expected Data Manager Component in GitHub repository openemr/openemr prior to 7.0.0.	2022-07-22	not yet calculated	CVE-2022-2493 MISC CONFIRM
openemr — openemr	Cross-site Scripting (XSS) – Stored in GitHub repository openemr/openemr prior to 7.0.0.	2022-07-22	not yet calculated	CVE-2022-2494 CONFIRM MISC
openkm — openkm_community_edition	OpenKM Community Edition in its 6.3.10 version and before was using XMLReader parser in XMLTextExtractor.java file without the required security flags, allowing an attacker to perform a XML external entity injection attack.	2022-07-25	not yet calculated	CVE-2022-2131 CONFIRM
openteknik — open_source_social_network	OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the News Feed module.	2022-07-25	not yet calculated	CVE-2022-34963 MISC MISC MISC MISC MISC
openteknik — open_source_social_network	OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the SitePages module.	2022-07-25	not yet calculated	CVE-2022-34964 MISC MISC MISC MISC
openteknik — open_source_social_network	OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Users Timeline module.	2022-07-25	not yet calculated	CVE-2022-34961 MISC MISC MISC MISC MISC
openteknik — open_source_social_network	OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an arbitrary file upload vulnerability via the component /ossn/administrator/com_installer. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.	2022-07-25	not yet calculated	CVE-2022-34965 MISC MISC MISC MISC
openteknik — open_source_social_network	OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an HTML injection vulnerability via the location parameter at http://ip_address/:port/ossn/home.	2022-07-25	not yet calculated	CVE-2022-34966 MISC MISC MISC MISC
openteknik — open_source_social_network	OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Group Timeline module.	2022-07-25	not yet calculated	CVE-2022-34962 MISC MISC MISC MISC MISC
orange_station — orange_station	Orange Station 1.0 was discovered to contain a SQL injection vulnerability via the username parameter.	2022-07-26	not yet calculated	CVE-2022-36161 MISC
oretnom23– online_railway_reservation_system	The QQ application 8.7.1 for Android and iOS does not enforce the permission requirements (e.g., android.permission.ACCESS_FINE_LOCATION) for determining the device’s physical location. An attacker can use qq.createMapContext to create a MapContext object, use MapContext.moveToLocation to move the center of the map to the device’s location, and use MapContext.getCenterLocation to get the latitude and longitude of the current map center.	2022-07-26	not yet calculated	CVE-2021-33057 MISC MISC
otp-generator — otp-generator	The package otp-generator before 3.0.0 are vulnerable to Insecure Randomness due to insecure generation of random one-time passwords, which may allow a brute-force attack.	2022-07-25	not yet calculated	CVE-2021-23451 CONFIRM CONFIRM CONFIRM
ovarro — tbox	An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system.	2022-07-28	not yet calculated	CVE-2021-22642 CONFIRM
ovarro — tbox	An attacker can decrypt the Ovarro TBox login password by communication capture and brute force attacks.	2022-07-28	not yet calculated	CVE-2021-22640 CONFIRM
ovarro — tbox_twinsoft	An attacker may use TWinSoft and a malicious source project file (TPG) to extract files on machine executing Ovarro TWinSoft, which could lead to code execution.	2022-07-28	not yet calculated	CVE-2021-22650 CONFIRM
ovarro — tbox_twinsoft	Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key.	2022-07-28	not yet calculated	CVE-2021-22644 CONFIRM
ovarro — tbox_twinsoft	The “ipk” package containing the configuration created by TWinSoft can be uploaded, extracted, and executed in Ovarro TBox, allowing malicious code execution.	2022-07-28	not yet calculated	CVE-2021-22646 CONFIRM
ovarro– tbox	Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete the configuration file.	2022-07-28	not yet calculated	CVE-2021-22648 CONFIRM
patlite — nh-fb_series_devices	On Patlite NH-FB series devices through 1.46, remote attackers can cause a denial of service by omitting the query string.	2022-07-27	not yet calculated	CVE-2022-35911 MISC MISC MISC
pegasystems – pega_infinity	Password authentication bypass vulnerability for local accounts can be used to bypass local authentication checks.	2022-07-25	not yet calculated	CVE-2022-24083 MISC
php_group — php_versions	In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as finfo_buffer, due to incorrect patch applied to the third party code from libmagic, incorrect function may be used to free allocated memory, which may lead to heap corruption.	2022-07-28	not yet calculated	CVE-2022-31627 MISC
pico_project — picoc	PicoC v3.2.2 was discovered to contain a NULL pointer dereference at variable.c.	2022-07-28	not yet calculated	CVE-2022-34556 MISC MISC
plugins-market — wp_visitor_statistics	Multiple Unauthenticated SQL Injection (SQLi) vulnerabilities in Osamaesh WP Visitor Statistics plugin <= 5.7 at WordPress.	2022-07-25	not yet calculated	CVE-2022-33965 CONFIRM CONFIRM
png2webp — png2webp	png2webp v1.0.4 was discovered to contain an out-of-bounds write via the function w2p. This vulnerability is exploitable via a crafted png file.	2022-07-28	not yet calculated	CVE-2022-36752 MISC MISC
prestashop — prestashop	PrestaShop 1.6.0.10 through 1.7.x before 1.7.8.7 allows remote attackers to execute arbitrary code, aka a “previously unknown vulnerability chain” related to SQL injection and MySQL Smarty cache storage injection, as exploited in the wild in July 2022.	2022-07-22	not yet calculated	CVE-2022-36408 MISC
properties_reader — properties_reader	This affects the package properties-reader before 2.2.0.	2022-07-25	not yet calculated	CVE-2020-28471 CONFIRM CONFIRM CONFIRM
pycrowdtangle_project — pycrowdtangle	The PyCrowdTangle package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party.	2022-07-22	not yet calculated	CVE-2022-34981 MISC MISC MISC
pypi — pypi	The bin-collection package in PyPI before v0.1 included a code execution backdoor inserted by a third party.	2022-07-22	not yet calculated	CVE-2022-34501 MISC MISC MISC
pypi — pypi	The bin-collect package in PyPI before v0.1 included a code execution backdoor inserted by a third party.	2022-07-22	not yet calculated	CVE-2022-34500 MISC MISC MISC
pypi_project –wmagent_and_global_workqueue	WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package.	2022-07-28	not yet calculated	CVE-2022-34558 MISC
qpdf_project — qpdf	QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.	2022-07-22	not yet calculated	CVE-2022-34503 MISC
qr_code_generator — qr_code_generator	A vulnerability in the component process.php of QR Code Generator v5.2.7 allows attackers to perform directory traversal.	2022-07-25	not yet calculated	CVE-2022-24992 MISC MISC MISC
radare — radare2	Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary file.	2022-07-22	not yet calculated	CVE-2022-34502 MISC
radare — radare2	Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service (DOS) via a crafted binary file.	2022-07-22	not yet calculated	CVE-2022-34520 MISC
rainloop — rainloop_email_viewer	The Email Viewer in RainLoop through 1.6.0 allows XSS via a crafted email message.	2022-07-28	not yet calculated	CVE-2022-29360 MISC MISC
rapid — velociraptor	Due to a bug in the handling of the communication between the client and server, it was possible for one client, already registered with their own client ID, to send messages to the server claiming to come from another client ID. This issue was resolved in Velociraptor 0.6.5-2.	2022-07-29	not yet calculated	CVE-2022-35629 CONFIRM
rapid — velociraptor	A cross-site scripting (XSS) issue in generating a collection report made it possible for malicious clients to inject JavaScript code into the static HTML file. This issue was resolved in Velociraptor 0.6.5-2.	2022-07-29	not yet calculated	CVE-2022-35630 CONFIRM
rapid — velociraptor_client	On MacOS and Linux, it may be possible to perform a symlink attack by replacing this predictable file name with a symlink to another file and have the Velociraptor client overwrite the other file. This issue was resolved in Velociraptor 0.6.5-2.	2022-07-29	not yet calculated	CVE-2022-35631 CONFIRM
rapid — velociraptor_gui	The Velociraptor GUI contains an editor suggestion feature that can display the description field of a VQL function, plugin or artifact. This field was not properly sanitized and can lead to cross-site scripting (XSS). This issue was resolved in Velociraptor 0.6.5-2.	2022-07-29	not yet calculated	CVE-2022-35632 CONFIRM
realtek — rtl819x-sdk	Realtek rtl819x-SDK before v3.6.1 allows command injection over the web interface.	2022-07-28	not yet calculated	CVE-2022-29558 MISC MISC
redhat — openstack	An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and integrity.	2022-07-22	not yet calculated	CVE-2022-1655 MISC
revmakx — infinitewp_client	A vulnerability was found in InfiniteWP Client Plugin 1.5.1.3/1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to injection. The attack can be launched remotely. Upgrading to version 1.6.1.1 is able to address this issue. It is recommended to upgrade the affected component.	2022-07-23	not yet calculated	CVE-2016-15004 MISC MISC MISC
rizin — rizin	Rizin v0.4.0 and below was discovered to contain an integer overflow via the function get_long_object(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary.	2022-07-27	not yet calculated	CVE-2022-34612 MISC MISC
rockwell_automation — multiple_products	The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage its control flow during execution, creating an infinite loop. This may allow an attacker to send specially crafted CIP packet requests to a controller, which may cause denial-of-service conditions in communications with other products.	2022-07-27	not yet calculated	CVE-2020-6998 CONFIRM CONFIRM
sap_successfactors — sap_successfactors_attachment_api	Due to misconfigured application endpoints, SAP SuccessFactors attachment APIs allow attackers with user privileges to perform activities with admin privileges over the network. These APIs were consumed in the SF Mobile application for Time Off, Time Sheet, EC Workflow, and Benefits. On successful exploitation, the attacker can read/write attachments. Thus, compromising the confidentiality and integrity of the application	2022-07-27	not yet calculated	CVE-2022-35291 MISC MISC
scu-captcha_project — scu-captcha	The scu-captcha package in PyPI v0.0.1 to v0.0.4 included a code execution backdoor inserted by a third party.	2022-07-22	not yet calculated	CVE-2022-34983 MISC MISC MISC
sdl — sdl	SDL v1.2 was discovered to contain a use-after-free via the XFree function at /src/video/x11/SDL_x11yuv.c.	2022-07-28	not yet calculated	CVE-2022-34568 MISC
set-deep-prop — set-deep-prop	All versions of package set-deep-prop are vulnerable to Prototype Pollution via the main functionality.	2022-07-25	not yet calculated	CVE-2021-23373 CONFIRM
simplenetwork — simplenetwork_tcp_server	SimpleNetwork TCP Server commit 29bc615f0d9910eb2f59aa8dff1f54f0e3af4496 was discovered to contain a double free vulnerability which is exploited via crafted TCP packets.	2022-07-28	not yet calculated	CVE-2022-36234 MISC
sims_software — sims	Sims v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /uploadServlet. This vulnerability allows attackers to escalate privileges and execute arbitrary commands via a crafted file.	2022-07-27	not yet calculated	CVE-2022-34549 MISC MISC
sims_software — sims	Sims v1.0 was discovered to allow path traversal when downloading attachments.	2022-07-27	not yet calculated	CVE-2022-34551 MISC MISC
skyhigh — skyhigh_swg	An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x prior to 9.2.23, 8.x prior to 8.2.28, and controlled release 11.x prior to 11.2.1 allows a remote attacker to bypass authentication into the administration User Interface. This is possible because of SWG incorrectly whitelisting authentication bypass methods and using a weak crypto password. This can lead to the attacker logging into the SWG admin interface, without valid credentials, as the super user with complete control over the SWG.	2022-07-27	not yet calculated	CVE-2022-2310 CONFIRM
slack_morphism_project — slack_morphism	Slack Morphism is an async client library for Rust. Prior to 0.41.0, it was possible for Slack OAuth client information to leak in application debug logs. Stricter and more secure debug formatting was introduced in v0.41.0 for OAuth secret types to reduce the possibility of printing sensitive information in application logs. As a workaround, do not print/output requests and responses for OAuth and client configurations in logs.	2022-07-22	not yet calculated	CVE-2022-31162 CONFIRM MISC
snyk — node-import	This affects all versions of package node-import. The “params” argument of module function can be controlled by users without any sanitization.b. This is then provided to the “eval” function located in line 79 in the index file “index.js”.	2022-07-25	not yet calculated	CVE-2020-7678 CONFIRM CONFIRM
snyk — snyk-broker	This affects the package snyk-broker before 4.73.0. It allows arbitrary file reads for users with access to Snyk’s internal network via directory traversal.	2022-07-25	not yet calculated	CVE-2020-7649 CONFIRM CONFIRM CONFIRM
sonar_wrapper — sonar_wrapper	This affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js.	2022-07-25	not yet calculated	CVE-2020-28443 CONFIRM
sonicwall — sonicwall_hosted_email_security	Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. This vulnerability impacts 10.0.17.7319 and earlier versions	2022-07-29	not yet calculated	CVE-2022-2324 CONFIRM
sonicwall — sonicwall_switch	Improper neutralization of special elements used in a user input allows an authenticated malicious user to perform remote code execution in the host system. This vulnerability impacts SonicWall Switch 1.1.1.0-2s and earlier versions	2022-07-29	not yet calculated	CVE-2022-2323 CONFIRM
sonicwall – sonicwall_gms	Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and earlier versions.	2022-07-29	not yet calculated	CVE-2022-22280 CONFIRM
squirrel — sqclass.cp	sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to Code Execution. If a victim executes an attacker-controlled squirrel script, it is possible for the attacker to break out of the squirrel script sandbox even if all dangerous functionality such as File System functions has been disabled. An attacker might abuse this bug to target (for example) Cloud services that allow customization via SquirrelScripts, or distribute malware through video games that embed a Squirrel Engine.	2022-07-28	not yet calculated	CVE-2021-41556 MISC MISC MISC
student_information_management_system_project — student_information_management_system	Sims v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /addNotifyServlet. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the notifyInfo parameter.	2022-07-27	not yet calculated	CVE-2022-34550 MISC MISC
supsystic — social_share_buttons	Multiple Broken Access Control vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress.	2022-07-22	not yet calculated	CVE-2022-27235 CONFIRM CONFIRM
supsystic — social_share_buttons	Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress.	2022-07-22	not yet calculated	CVE-2022-33960 CONFIRM CONFIRM
sygnoos — popup_builder	Cross-Site Request Forgery (CSRF) vulnerability in Sygnoos Popup Builder plugin <= 4.1.11 at WordPress allows an attacker to update plugin settings.	2022-07-22	not yet calculated	CVE-2022-29495 CONFIRM CONFIRM
synology — synology_audio_station	Buffer copy without checking size of input (‘Classic Buffer Overflow’) vulnerability in cgi component in Synology Audio Station before 6.5.4-3367 allows remote attackers to execute arbitrary commands via unspecified vectors.	2022-07-28	not yet calculated	CVE-2022-27612 CONFIRM
synology — synology_audio_station	Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in webapi component in Synology Audio Station before 6.5.4-3367 allows remote authenticated users to delete arbitrary files via unspecified vectors.	2022-07-28	not yet calculated	CVE-2022-27611 CONFIRM
synology — synology_calendar	Cross-Site Request Forgery (CSRF) vulnerability in webapi component in Synology Calendar before 2.3.4-0631 allows remote authenticated users to hijack the authentication of administrators via unspecified vectors.	2022-07-26	not yet calculated	CVE-2022-22686 CONFIRM
synology — synology_carddav_server	Improper neutralization of special elements used in an SQL command (‘SQL Injection’) vulnerability in webapi component in Synology CardDAV Server before 6.0.10-0153 allows remote authenticated users to inject SQL commands via unspecified vectors.	2022-07-28	not yet calculated	CVE-2022-27613 CONFIRM
synology — synology_diskstation_manager	Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6.2.3-25423 allows remote authenticated users to delete arbitrary files via unspecified vectors.	2022-07-27	not yet calculated	CVE-2022-27610 CONFIRM
synology — synology_diskstation_manager	Improper neutralization of special elements used in an OS command (‘OS Command Injection’) vulnerability in task management component in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows remote authenticated users to execute arbitrary commands via unspecified vectors.	2022-07-28	not yet calculated	CVE-2022-22684 CONFIRM
synology — synology_media_server	Buffer copy without checking size of input (‘Classic Buffer Overflow’) vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary code via unspecified vectors.	2022-07-28	not yet calculated	CVE-2022-22683 CONFIRM
synology — synology_webdav_server	Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in webapi component in Synology WebDAV Server before 2.4.0-0062 allows remote authenticated users to delete arbitrary files via unspecified vectors.	2022-07-28	not yet calculated	CVE-2022-22685 CONFIRM
synology – synology_dns_server	Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in cgi component in Synology DNS Server before 2.2.2-5027 allows remote authenticated users to delete arbitrary files via unspecified vectors.	2022-07-28	not yet calculated	CVE-2022-27615 CONFIRM
synology – synology_media_server	Exposure of sensitive information to an unauthorized actor vulnerability in web server in Synology Media Server before 1.8.1-2876 allows remote attackers to obtain sensitive information via unspecified vectors.	2022-07-28	not yet calculated	CVE-2022-27614 CONFIRM
techvill — paymoney	Paymoney v3.3 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities via the first_name and last_name parameters.	2022-07-26	not yet calculated	CVE-2022-34991 MISC
tecrail — responsive_filemanger	A vulnerability was found in Tecrail Responsive Filemanger up to 9.10.x and classified as critical. The manipulation leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 9.11.0 is able to address this issue. It is recommended to upgrade the affected component.	2022-07-25	not yet calculated	CVE-2017-20145 MISC MISC
testimonials_project — testimonials	Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Chinmoy Paul’s Testimonials plugin <= 3.0.1 at WordPress.	2022-07-22	not yet calculated	CVE-2022-33191 CONFIRM CONFIRM
the_document_foundation — libreoffice	LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which weakens the security of the encryption making them vulnerable if an attacker has access to the user’s configuration data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1.	2022-07-25	not yet calculated	CVE-2022-26306 MISC
the_document_foundation — libreoffice	An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only matching the serial number and issuer string of the used certificate with that of a trusted certificate. This is not sufficient to verify that the macro was actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a serial number and an issuer string identical to a trusted certificate which LibreOffice would present as belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1.	2022-07-25	not yet calculated	CVE-2022-26305 MISC
the_document_foundation — libreoffice	LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making the stored passwords vulerable to a brute force attack if an attacker has access to the users stored config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.3.	2022-07-25	not yet calculated	CVE-2022-26307 MISC
the_eclipse_foundation – eclipse_californium	In Eclipse Californium version 2.0.0 to 2.7.2 and 3.0.0-3.5.0 a DTLS resumption handshake falls back to a DTLS full handshake on a parameter mismatch without using a HelloVerifyRequest. Especially, if used with certificate based cipher suites, that results in message amplification (DDoS other peers) and high CPU load (DoS own peer). The misbehavior occurs only with DTLS_VERIFY_PEERS_ON_RESUMPTION_THRESHOLD values larger than 0.	2022-07-29	not yet calculated	CVE-2022-2576 CONFIRM
thenify — thenify	This affects the package thenify before 3.3.1. The name argument provided to the package can be controlled by users without any sanitization, and this is provided to the eval function without any sanitization.	2022-07-25	not yet calculated	CVE-2020-7677 CONFIRM CONFIRM CONFIRM CONFIRM
tipsandtricks-hq — wp_video_lightbox	The WP Video Lightbox WordPress plugin before 1.9.5 does not escape the $_SERVER[‘REQUEST_URI’] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers	2022-07-25	not yet calculated	CVE-2022-2189 MISC
tortall — yasm	An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in find_cc() in modules/preprocs/nasm/nasm-pp.c.	2022-07-26	not yet calculated	CVE-2021-33458 MISC MISC
tovyblox — tovy	Tovy is a a staff management system for Roblox groups. A vulnerability in versions prior to 0.7.51 allows users to log in as other users, including privileged users such as the other of the instance. The problem has been patched in version 0.7.51.	2022-07-22	not yet calculated	CVE-2022-31164 MISC CONFIRM
tplink — tl-r473g	TP-LINK TL-R473G 2.0.1 Build 220529 Rel.65574n was discovered to contain a remote code execution vulnerability which is exploited via a crafted packet.	2022-07-28	not yet calculated	CVE-2022-34555 MISC
trend_micro — trend_micro_apex_one	A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local attacker to escalate privileges on affected installations. The resolution for this issue has been deployed automatically via ActiveUpdate to customers in an updated Spyware pattern. Customers who are up-to-date on detection patterns are not required to take any additional steps to mitigate this issue.	2022-07-30	not yet calculated	CVE-2022-36336 MISC MISC
trend_micro — trend_micro_security	Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine.	2022-07-30	not yet calculated	CVE-2022-35234 MISC MISC
trend_micro_inc — vpn_proxy_pro	Trend Micro VPN Proxy Pro version 5.2.1026 and below contains a vulnerability involving some overly permissive folders in a key directory which could allow a local attacker to obtain privilege escalation on an affected system.	2022-07-30	not yet calculated	CVE-2022-33158 MISC MISC
twinkle_toes_software — booked	Open redirect vulnerability in Booked versions prior to 3.3 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.	2022-07-26	not yet calculated	CVE-2022-30706 MISC MISC
untangle — untangle	untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts XML external entity references. By exploiting this vulnerability, a remote unauthenticated attacker may read the contents of local files.	2022-07-26	not yet calculated	CVE-2022-31471 MISC MISC MISC
untangle — untangle	untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts recursive entity references in DTDs. By exploiting this vulnerability, a remote unauthenticated attacker may cause a denial-of-service (DoS) condition on the server where the product is running.	2022-07-26	not yet calculated	CVE-2022-33977 MISC MISC MISC
veritas — netbackup	An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path on a NetBackup Primary server.	2022-07-28	not yet calculated	CVE-2022-36991 MISC
veritas — netbackup	An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server.	2022-07-28	not yet calculated	CVE-2022-36990 MISC
veritas — netbackup	An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily create directories on a NetBackup Primary server.	2022-07-28	not yet calculated	CVE-2022-36995 MISC
veritas — netbackup	An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges.	2022-07-28	not yet calculated	CVE-2022-36985 MISC
veritas — netbackup	An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server.	2022-07-28	not yet calculated	CVE-2022-36987 MISC
veritas — netbackup	An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.	2022-07-28	not yet calculated	CVE-2022-36999 MISC
veritas — netbackup	An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server.	2022-07-28	not yet calculated	CVE-2022-36988 MISC
veritas — netbackup	An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server.	2022-07-28	not yet calculated	CVE-2022-36989 MISC
veritas — netbackup	An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with access to a NetBackup Client could remotely gather information about any host known to a NetBackup Primary server.	2022-07-28	not yet calculated	CVE-2022-36996 MISC
veritas — netbackup	An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server.	2022-07-28	not yet calculated	CVE-2022-36984 MISC
veritas — netbackup	In Veritas NetBackup, the NetBackup Client allows arbitrary command execution from any remote host that has access to a valid host-id NetBackup certificate/private key from the same domain. The affects 9.0.x through 9.0.0.1 and 9.1.x through 9.1.0.1.	2022-07-27	not yet calculated	CVE-2022-36956 MISC
veritas — netbackup	An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server (in specific notify conditions).	2022-07-28	not yet calculated	CVE-2022-36992 MISC
veritas — netbackup	An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.	2022-07-28	not yet calculated	CVE-2022-37000 MISC
veritas — netbackup	An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server.	2022-07-28	not yet calculated	CVE-2022-36986 MISC
veritas — netbackup	An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger impacts that include arbitrary file read, Server-Side Request Forgery (SSRF), and denial of service.	2022-07-28	not yet calculated	CVE-2022-36997 MISC
veritas — netbackup	In JetBrains IntelliJ IDEA before 2022.2 local code execution via a Vagrant executable was possible	2022-07-28	not yet calculated	CVE-2022-37009 MISC
veritas — netbackup	An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily read files from a NetBackup Primary server.	2022-07-28	not yet calculated	CVE-2022-36994 MISC
veritas — netbackup	An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server.	2022-07-28	not yet calculated	CVE-2022-36993 MISC
veritas — netbackup	In Veritas NetBackup, an attacker with unprivileged local access to a NetBackup Client may send specific commands to escalate their privileges. This affects 8.0 through 8.1.2, 8.2, 8.3 through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1.	2022-07-27	not yet calculated	CVE-2022-36955 MISC
veritas — netbackup	An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a stack-based buffer overflow on the NetBackup Primary server, resulting in a denial of service.	2022-07-28	not yet calculated	CVE-2022-36998 MISC
veritas — netbackup_opscenter	In Veritas NetBackup OpsCenter, an unauthenticated remote attacker may be able to perform remote command execution through a Java classloader manipulation. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10.	2022-07-27	not yet calculated	CVE-2022-36950 MISC
veritas — netbackup_opscenter	In Veritas NetBackup OpsCenter, under specific conditions, an authenticated remote attacker may be able to create or modify OpsCenter user accounts. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10.	2022-07-27	not yet calculated	CVE-2022-36954 MISC
veritas — netbackup_opscenter	In Veritas NetBackup OpsCenter, a DOM XSS attack can occur. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10.	2022-07-27	not yet calculated	CVE-2022-36948 MISC
veritas — netbackup_opscenter	In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10.	2022-07-27	not yet calculated	CVE-2022-36952 MISC
veritas — netbackup_opscenter	In Veritas NetBackup OpsCenter, an attacker with local access to a NetBackup OpsCenter server could potentially escalate their privileges. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10.	2022-07-27	not yet calculated	CVE-2022-36949 MISC
veritas — netbackup_opscenter	In Veritas NetBackup OpsCenter, certain endpoints could allow an unauthenticated remote attacker to gain sensitive information. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10.	2022-07-27	not yet calculated	CVE-2022-36953 MISC
veritas — netbackup_opscenter	In Veritas NetBackup OpsCenter, an unauthenticated remote attacker may compromise the host by exploiting an incorrectly patched vulnerability. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10.	2022-07-27	not yet calculated	CVE-2022-36951 MISC
vim — vim	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0060.	2022-07-25	not yet calculated	CVE-2022-2522 MISC CONFIRM
visam — visam_vbase	VISAM VBASE version 11.6.0.6 is vulnerable to improper access control via the web-remote endpoint, which may allow an unauthenticated user viewing access to folders and files in the directory listing.	2022-07-27	not yet calculated	CVE-2021-38417 CONFIRM
visam – visam_vbase	VISAM VBASE version 11.6.0.6 does not neutralize or incorrectly neutralizes user-controllable input before the data is placed in output used as a public-facing webpage.	2022-07-27	not yet calculated	CVE-2021-42535 CONFIRM
visam – visam_vbase	VISAM VBASE version 11.6.0.6 processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.	2022-07-27	not yet calculated	CVE-2021-42537 CONFIRM
w-dalil_project — w-dalil	The W-DALIL WordPress plugin through 2.0 does not sanitise and escape some of its fields, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)	2022-07-25	not yet calculated	CVE-2022-2340 MISC MISC
warehouse_management_system_project – warehouse_management_system_1.0	Warehouse Management System v1.0 was discovered to contain a SQL injection vulnerability via the cari parameter.	2022-07-26	not yet calculated	CVE-2022-34067 MISC
wasm3_labs — wasm3	WASM3 v0.5.0 was discovered to contain a segmentation fault via the component Compile_Memory_CopyFill.	2022-07-27	not yet calculated	CVE-2022-34529 MISC
wavlink — wavlink_firmware	WAVLINK WN579 X3 M79X3.V5030.191012/M79X3.V5030.191012 contains an information leak which allows attackers to obtain the key information via accessing the messages.txt page.	2022-07-25	not yet calculated	CVE-2022-34570 MISC MISC
wavlink — wavlink_firmware	A vulnerability in adm.cgi of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request.	2022-07-25	not yet calculated	CVE-2022-34577 MISC MISC
wavlink — wavlink_firmware	A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request.	2022-07-25	not yet calculated	CVE-2022-34576 MISC
wavlink — wifi_repeater	An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the system key information and execute arbitrary commands via accessing the page syslog.shtml.	2022-07-25	not yet calculated	CVE-2022-34571 MISC MISC
wavlink — wifi_repeater	An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the key information of the device via accessing Tftpd32.ini.	2022-07-25	not yet calculated	CVE-2022-34574 MISC MISC
wavlink — wifi_repeater	An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to arbitrarily configure device settings via accessing the page mb_wifibasic.shtml.	2022-07-25	not yet calculated	CVE-2022-34573 MISC MISC
wavlink — wifi_repeater	An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the telnet password via accessing the page tftp.txt.	2022-07-25	not yet calculated	CVE-2022-34572 MISC MISC
wavlink — wifi_repeater	An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the key information of the device via accessing fctest.shtml.	2022-07-25	not yet calculated	CVE-2022-34575 MISC MISC
webmin — webmin	The Read Mail module in Webmin 1.995 and Usermin through 1.850 allows XSS via a crafted HTML e-mail message.	2022-07-27	not yet calculated	CVE-2022-36880 MISC
webmin — webmin	software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command.	2022-07-25	not yet calculated	CVE-2022-36446 MISC MISC
wechat — wechat	In the WeChat application 8.0.10 for Android and iOS, a mini program can obtain sensitive information from a user’s address book via wx.searchContacts.	2022-07-26	not yet calculated	CVE-2021-40180 MISC MISC MISC
western_digital — sweet_b_library	When computing a shared secret or point multiplication on the NIST P-256 curve that results in an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The resulting output may cause an error when used in other operations. This may be leveraged by an attacker to cause an error scenario or incorrect choice of session key in applications which use the library, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components.	2022-07-29	not yet calculated	CVE-2022-23003 MISC
western_digital — sweet_b_library	When compressing or decompressing elliptic curve points using the Sweet B library, an incorrect choice of sign bit is used. An attacker with user level privileges and no other user’s assistance can exploit this vulnerability with only knowledge of the public key and the library. The resulting output may cause an error when used in other operations; for instance, verification of a valid signature under a decompressed public key may fail. This may be leveraged by an attacker to cause an error scenario in applications which use the library, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components.	2022-07-29	not yet calculated	CVE-2022-23001 MISC
western_digital — sweet_b_library	When compressing or decompressing a point on the NIST P-256 elliptic curve with an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The resulting output will cause an error when used in other operations. This may be leveraged by an attacker to cause an error scenario in applications which use the library, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components.	2022-07-29	not yet calculated	CVE-2022-23002 MISC
western_digital — sweet_b_library	When computing a shared secret or point multiplication on the NIST P-256 curve using a public key with an X coordinate of zero, an error is returned from the library, and an invalid unreduced value is written to the output buffer. This may be leveraged by an attacker to cause an error scenario, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components.	2022-07-29	not yet calculated	CVE-2022-23004 MISC
western_digital – western_digital_my_cloud	The Western Digital My Cloud Web App [https://os5.mycloud.com/] uses a weak SSLContext when attempting to configure port forwarding rules. This was enabled to maintain compatibility with old or outdated home routers. By using an “SSL” context instead of “TLS” or specifying stronger validation, deprecated or insecure protocols are permitted. As a result, a local user with no privileges can exploit this vulnerability and jeopardize the integrity, confidentiality and authenticity of information transmitted. The scope of impact cannot extend to other components and no user input is required to exploit this vulnerability.	2022-07-25	not yet calculated	CVE-2022-23000 MISC
western_digital – western_digital_my_cloud	Western Digital My Cloud devices are vulnerable to a cross side scripting vulnerability that can allow a malicious user with elevated privileges access to drives being backed up to construct and inject JavaScript payloads into an authenticated user’s browser. As a result, it may be possible to gain control over the authenticated session, steal data, modify settings, or redirect the user to malicious websites. The scope of impact can extend to other components.	2022-07-25	not yet calculated	CVE-2022-22999 MISC
wikifaces_project — wikifaces	The wikifaces package in PyPI v1.0 included a code execution backdoor inserted by a third party.	2022-07-22	not yet calculated	CVE-2022-34509 MISC MISC MISC
wordpress — wordpress	The Popup Anything WordPress plugin before 2.1.7 does not sanitise and escape a parameter before outputting it back in a frontend page, leading to a Reflected Cross-Site Scripting	2022-07-25	not yet calculated	CVE-2022-2115 MISC
wordpress — wordpress	The Unyson WordPress plugin before 2.7.27 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting	2022-07-25	not yet calculated	CVE-2022-2219 MISC
wordpress — wordpress	Authentication Bypass vulnerability in CodexShaper’s WP OAuth2 Server plugin <= 1.0.1 at WordPress.	2022-07-22	not yet calculated	CVE-2022-34839 CONFIRM CONFIRM
wordpress — wordpress	The Simple Page Transition WordPress plugin through 1.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)	2022-07-25	not yet calculated	CVE-2022-2341 MISC MISC
wordpress — wordpress	Authenticated (contributor or higher user role) Cross-Site Scripting (XSS) vulnerability in Nico Amarilla’s BxSlider WP plugin <= 2.0.0 at WordPress.	2022-07-27	not yet calculated	CVE-2022-33943 CONFIRM CONFIRM
wordpress — wordpress	The Allow SVG Files WordPress plugin through 1.1 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads	2022-07-25	not yet calculated	CVE-2022-2299 MISC
wordpress — wordpress	Authenticated WordPress Options Change vulnerability in Biplob Adhikari’s Flipbox plugin <= 2.6.0 at WordPress.	2022-07-25	not yet calculated	CVE-2022-33969 CONFIRM CONFIRM
wordpress — wordpress	The Name Directory WordPress plugin before 1.25.4 does not have CSRF check when importing names, and is also lacking sanitisation as well as escaping in some of the imported data, which could allow attackers to make a logged in admin import arbitrary names with XSS payloads in them.	2022-07-25	not yet calculated	CVE-2022-2071 MISC
wordpress — wordpress	The Professional Social Sharing Buttons, Icons & Related Posts WordPress plugin before 9.7.6 does not have proper authorisation check in one of the AJAX action, available to unauthenticated (in v < 9.7.5) and author+ (in v9.7.5) users, allowing them to call it and retrieve various information such as the list of active plugins, various version like PHP, cURL, WP etc.	2022-07-25	not yet calculated	CVE-2022-0594 MISC
wordpress — wordpress	The Exports and Reports WordPress plugin before 0.9.2 does not sanitize and validate data when generating the CSV to export, which could lead to a CSV injection, by the use of Microsoft Excel DDE function, or to leak data via maliciously injected hyperlinks.	2022-07-25	not yet calculated	CVE-2022-1539 MISC
wordpress — wordpress	The SP Project & Document Manager WordPress plugin through 4.57 uses an easily guessable path to store user files, bad actors could use that to access other users’ sensitive files.	2022-07-25	not yet calculated	CVE-2022-1551 MISC
wordpress — wordpress	The Header Footer Code Manager WordPress plugin before 1.1.24 does not escape generated URLs before outputting them back in attributes in an admin page, leading to a Reflected Cross-Site Scripting.	2022-07-25	not yet calculated	CVE-2022-0899 MISC
wordpress — wordpress	The Name Directory WordPress plugin before 1.25.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting. Furthermore, as the payload is also saved into the database after the request, it leads to a Stored XSS as well	2022-07-25	not yet calculated	CVE-2022-2072 MISC
wordpress — wordpress	Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in GS Plugins GS Testimonial Slider plugin <= 1.9.1 at WordPress.	2022-07-28	not yet calculated	CVE-2022-35882 CONFIRM CONFIRM
wordpress — wordpress	Authenticated (high role user) WordPress Options Change vulnerability in Biplob Adhikari’s Tabs plugin <= 3.6.0 at WordPress.	2022-07-25	not yet calculated	CVE-2022-36375 CONFIRM CONFIRM
wordpress — wordpress	Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in PluginlySpeaking Floating Div plugin <= 3.0 at WordPress.	2022-07-29	not yet calculated	CVE-2022-36378 CONFIRM CONFIRM
wordpress — wordpress	WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files is prone to multiple vulnerabilities, including open proxy and security bypass vulnerabilities because it fails to properly verify user-supplied input. An attacker may leverage these issues to hide attacks directed at a target site from behind vulnerable website or to perform otherwise restricted actions and subsequently download files with the extension mp3, mp4a, wav and ogg from anywhere the web server application has read access to the system. WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files version 1.7.6 is vulnerable; prior versions may also be affected.	2022-07-28	not yet calculated	CVE-2016-0796 MISC MISC
wordpress — wordpress	The Gutenberg plugin through 13.7.3 for WordPress allows stored XSS by the Contributor role via an SVG document to the “Insert from URL” feature. NOTE: the XSS payload does not execute in the context of the WordPress instance’s domain; however, analogous attempts by low-privileged users to reference SVG documents are blocked by some similar products, and this behavioral difference might have security relevance to some WordPress site administrators.	2022-07-30	not yet calculated	CVE-2022-33994 MISC
wordpress — wordpress	Authenticated WordPress Options Change vulnerability in Biplob018 Shortcode Addons plugin <= 3.1.2 at WordPress.	2022-07-27	not yet calculated	CVE-2022-33970 CONFIRM CONFIRM
wpwax — team	Multiple Authenticated (contributor or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress.	2022-07-22	not yet calculated	CVE-2022-34853 CONFIRM CONFIRM
wpwax — team	Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress.	2022-07-22	not yet calculated	CVE-2022-34650 CONFIRM CONFIRM
xen — tlp_flush	insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / value between old and new code positions. The now wrong use of the variable did lead to a wrong TLB flush condition, omitting flushes where such are necessary.	2022-07-26	not yet calculated	CVE-2022-33745 MISC CONFIRM MLIST MLIST FEDORA
xiaomi — smarthome	information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.	2022-07-22	not yet calculated	CVE-2020-14114 MISC
xiaomi — sound	Information leakage vulnerability exists in the Mi Sound APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.	2022-07-22	not yet calculated	CVE-2020-14126 MISC
xopen — xopen	This affects all versions of package xopen. The injection point is located in line 14 in index.js in the exported function xopen(filepath)	2022-07-25	not yet calculated	CVE-2020-28447 CONFIRM
yasm — yasm	An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expand_mmacro() in modules/preprocs/nasm/nasm-pp.c.	2022-07-26	not yet calculated	CVE-2021-33465 MISC MISC
yasm — yasm	An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in nasm_parser_directive() in modules/parsers/nasm/nasm-parse.c.	2022-07-26	not yet calculated	CVE-2021-33459 MISC MISC
yasm — yasm	An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasm_expr__copy_except() in libyasm/expr.c.	2022-07-26	not yet calculated	CVE-2021-33463 MISC MISC
yasm — yasm	An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expand_mmac_params() in modules/preprocs/nasm/nasm-pp.c.	2022-07-26	not yet calculated	CVE-2021-33457 MISC MISC
yasm — yasm	An issue was discovered in yasm version 1.3.0. There is a heap-buffer-overflow in inc_fopen() in modules/preprocs/nasm/nasm-pp.c.	2022-07-26	not yet calculated	CVE-2021-33464 MISC MISC
yasm — yasm	An issue was discovered in yasm version 1.3.0. There is a use-after-free in yasm_intnum_destroy() in libyasm/intnum.c.	2022-07-26	not yet calculated	CVE-2021-33461 MISC MISC
yasm — yasm	An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in do_directive() in modules/preprocs/nasm/nasm-pp.c.	2022-07-26	not yet calculated	CVE-2021-33455 MISC MISC
yasm — yasm	An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasm_expr_get_intnum() in libyasm/expr.c.	2022-07-26	not yet calculated	CVE-2021-33454 MISC MISC
yasm — yasm	An issue was discovered in yasm version 1.3.0. There is a use-after-free in expr_traverse_nodes_post() in libyasm/expr.c.	2022-07-26	not yet calculated	CVE-2021-33462 MISC MISC
yasm — yasm	An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expand_smacro() in modules/preprocs/nasm/nasm-pp.c.	2022-07-26	not yet calculated	CVE-2021-33466 MISC MISC
yasm — yasm	An issue was discovered in yasm version 1.3.0. There is a use-after-free in pp_getline() in modules/preprocs/nasm/nasm-pp.c.	2022-07-26	not yet calculated	CVE-2021-33467 MISC MISC
yasm — yasm	An issue was discovered in yasm version 1.3.0. There is a use-after-free in error() in modules/preprocs/nasm/nasm-pp.c.	2022-07-26	not yet calculated	CVE-2021-33468 MISC MISC
yasm — yasm	An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in if_condition() in modules/preprocs/nasm/nasm-pp.c.	2022-07-26	not yet calculated	CVE-2021-33460 MISC MISC
yasm — yasm	An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in hash() in modules/preprocs/nasm/nasm-pp.c.	2022-07-26	not yet calculated	CVE-2021-33456 MISC MISC
zephyr — zephyr	In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning.	2022-07-26	not yet calculated	CVE-2022-1041 MISC
zephyr — zephyr	In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning.	2022-07-26	not yet calculated	CVE-2022-1042 MISC
zoho — manageengine_supportcenter_plus	In Zoho ManageEngine SupportCenter Plus before 11023, V3 API requests are vulnerable to authentication bypass. (An API request may, in effect, be executed with the credentials of a user who authenticated in the past.)	2022-07-26	not yet calculated	CVE-2022-36412 MISC
zulip — zulip	Zulip is an open source team chat tool. Due to an incorrect authorization check in Zulip Server 5.4 and earlier, a member of an organization could craft an API call that grants organization administrator privileges to one of their bots. The vulnerability is fixed in Zulip Server 5.5. Members who donâ€™t own any bots, and lack permission to create them, canâ€™t exploit the vulnerability. As a workaround for the vulnerability, an organization administrator can restrict the `Who can create bots` permission to administrators only, and change the ownership of existing bots.	2022-07-22	not yet calculated	CVE-2022-31168 MISC MISC CONFIRM
zulip — zulip	In zulip before 1.3.12, deactivated users could access messages if SSO was enabled.	2022-07-28	not yet calculated	CVE-2016-4427 MISC
zulip — zulip	In zulip before 1.3.12, bot API keys were accessible to other users in the same realm.	2022-07-28	not yet calculated	CVE-2016-4426 MISC

This product is provided subject to this Notification and this Privacy & Use policy.

alerts

Malicious Npm Packages Tapped Again to Target Discord Users

Post author By admin
Post date July 29, 2022

Recent LofyLife campaign steals tokens and infects client files to monitor various user actions, such as log-ins, password changes and payment methods.

alerts

CISA Releases Log4Shell-Related MAR

Post author By admin
Post date July 28, 2022

Original release date: July 28, 2022

From May through June 2022, CISA responded to an organization that was compromised by an exploitation of an unpatched and unmitigated Log4Shell vulnerability in a VMware Horizon server. CISA analyzed five malware samples obtained from the organization’s network and released a Malware Analysis Report of the findings.

Users and administrators are encouraged to review MAR 10386789-1.v1 for more information. For more information on Log4Shell, see:

This product is provided subject to this Notification and this Privacy & Use policy.

alerts

Vulnerability Summary for the Week of July 18, 2022

Post author By admin
Post date July 26, 2022

Original release date: July 26, 2022

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
infiray — iray-a8z3_firmware	An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The firmware contains a potential buffer overflow by calling strcpy() without checking the string length beforehand.	2022-07-17	10	CVE-2022-31209 MISC
infiray — iray-a8z3_firmware	An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET by default.	2022-07-17	10	CVE-2022-31211 MISC
infiray — iray-a8z3_firmware	An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The webserver contains an endpoint that can execute arbitrary commands by manipulating the cmd_string URL parameter.	2022-07-17	9	CVE-2022-31208 MISC MISC
infiray — iray-a8z3_firmware	An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject/set_param.cgi contains hardcoded credentials to the web application. Because these accounts cannot be deactivated or have their passwords changed, they are considered to be backdoor accounts.	2022-07-17	7.5	CVE-2022-31210 MISC
itechscripts — auction_script	A vulnerability was found in Itech Auction Script 6.49. It has been classified as critical. This affects an unknown part of the file /mcategory.php. The manipulation of the argument mcid with the input 4′ AND 1734=1734 AND ‘Ggks’=’Ggks leads to sql injection (Blind). It is possible to initiate the attack remotely.	2022-07-16	7.5	CVE-2017-20138 MISC

Medium Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
collect_and_deliver_interface_for_woocommerce_project — collect_and_deliver_interface_for_woocommerce	The CDI WordPress plugin before 5.1.9 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting	2022-07-17	4.3	CVE-2022-1933 MISC
contact_form_7_captcha_project — contact_form_7_captcha	The Contact Form 7 Captcha WordPress plugin before 0.1.2 does not escape the $_SERVER[‘REQUEST_URI’] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers	2022-07-17	4.3	CVE-2022-2187 MISC
flycart — discount_rules_for_woocommerce	The Discount Rules for WooCommerce WordPress plugin before 2.4.2 does not escape a parameter before outputting it back in an attribute of the plugin’s discount rule page, leading to Reflected Cross-Site Scripting	2022-07-17	4.3	CVE-2022-2090 MISC
import_csv_files_project — import_csv_files	The Import CSV Files WordPress plugin through 1.0 does not sanitise and escaped imported data before outputting them back in a page, and is lacking CSRF check when performing such action as well, resulting in a Reflected Cross-Site Scripting	2022-07-17	4.3	CVE-2022-2146 MISC
insights_from_google_pagespeed_project — insights_from_google_pagespeed	The Insights from Google PageSpeed WordPress plugin before 4.0.7 does not verify for CSRF before doing various actions such as deleting Custom URLs, which could allow attackers to make a logged in admin perform such actions via CSRF attacks	2022-07-17	6.8	CVE-2022-1672 MISC
itechscripts — b2b_script	A vulnerability was found in Itech B2B Script 4.28. It has been rated as critical. This issue affects some unknown processing of the file /catcompany.php. The manipulation of the argument token with the input 704667c6a1e7ce56d3d6fa748ab6d9af3fd7′ AND 6539=6539 AND ‘Fakj’=’Fakj leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.	2022-07-16	5	CVE-2017-20137 MISC MISC
itechscripts — classifieds_script	A vulnerability classified as critical has been found in Itech Classifieds Script 7.27. Affected is an unknown function of the file /subpage.php. The manipulation of the argument scat with the input =51′ AND 4941=4941 AND ‘hoCP’=’hoCP leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.	2022-07-16	5	CVE-2017-20136 MISC MISC
jquery_validation_for_contact_form_7_project — jquery_validation_for_contact_form_7	The Jquery Validation For Contact Form 7 WordPress plugin before 5.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change Blog options like default_role, users_can_register via a CSRF attack	2022-07-17	4.3	CVE-2022-2144 MISC
microweber — microweber	An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini.	2022-07-15	6.5	CVE-2021-36461 MISC
miniorange — oauth_single_sign_on	The OAuth Single Sign On WordPress plugin before 6.22.6 doesn’t validate that OAuth access token requests are legitimate, which allows attackers to log onto the site with the only knowledge of a user’s email address.	2022-07-17	5	CVE-2022-2133 MISC
opener_project — opener	EIPStackGroup OpENer v2.3.0 was discovered to contain a stack overflow via /bin/posix/src/ports/POSIX/OpENer+0x56073d.	2022-07-15	6.8	CVE-2022-32434 MISC MISC
pexip — pexip_infinity	Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join.	2022-07-17	6.4	CVE-2022-26656 MISC
pexip — pexip_infinity	Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.	2022-07-17	5.8	CVE-2022-27933 MISC
pexip — pexip_infinity	Pexip Infinity 27.x before 27.2 has Improper Access Control. An attacker can sometimes join a conference (call join) if it has a lock but not a PIN.	2022-07-17	5	CVE-2022-25357 MISC
pexip — pexip_infinity	Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP.	2022-07-17	5	CVE-2022-26654 MISC
pexip — pexip_infinity	Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.	2022-07-17	5	CVE-2022-27928 MISC
pexip — pexip_infinity	Pexip Infinity 27.x before 27.3 has Improper Input Validation. The client API allows remote attackers to trigger a software abort via a gateway call into Teams.	2022-07-17	5	CVE-2022-26655 MISC
pexip — pexip_infinity	Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.	2022-07-17	5	CVE-2022-26657 MISC
pexip — pexip_infinity	Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323.	2022-07-17	5	CVE-2022-27936 MISC
pexip — pexip_infinity	Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP.	2022-07-17	5	CVE-2022-27929 MISC
pexip — pexip_infinity	Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP.	2022-07-17	5	CVE-2022-27934 MISC
pexip — pexip_infinity	Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.	2022-07-17	5	CVE-2022-27931 MISC
pexip — pexip_infinity	Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264.	2022-07-17	5	CVE-2022-27937 MISC
pexip — pexip_infinity	Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed.	2022-07-17	4.3	CVE-2022-27930 MISC
pexip — pexip_infinity	Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.	2022-07-17	4.3	CVE-2022-27932 MISC
pexip — pexip_infinity	Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth.	2022-07-17	5	CVE-2022-27935 MISC
pyenv_project — pyenv	pyenv 1.2.24 through 2.3.2 allows local users to gain privileges via a .python-version file in the current working directory. An attacker can craft a Python version string in .python-version to execute shims under their control. (Shims are executables that pass a command along to a specific version of pyenv. The version string is used to construct the path to the command, and there is no validation of whether the version specified is a valid version. Thus, relative path traversal can occur.)	2022-07-17	4.6	CVE-2022-35861 MISC
sigmaplugin — advanced_database_cleaner	The Advanced Database Cleaner WordPress plugin before 3.1.1 does not escape numerous generated URLs before outputting them back in href attributes of admin dashboard pages, leading to Reflected Cross-Site Scripting	2022-07-17	4.3	CVE-2022-2173 MISC
wpchill — download_monitor	The Download Monitor WordPress plugin before 4.5.91 does not ensure that files to be downloaded are inside the blog folders, and not sensitive, allowing high privilege users such as admin to download the wp-config.php or /etc/passwd even in an hardened environment or multisite setup.	2022-07-17	4	CVE-2022-2222 MISC
wpdownloadmanager — download_manager	The Download Manager WordPress plugin before 3.2.44 does not escape a generated URL before outputting it back in an attribute of the history dashboard, leading to Reflected Cross-Site Scripting	2022-07-17	4.3	CVE-2022-2168 MISC
wpusermanager — wp_user_manager	The WP User Manager WordPress plugin before 2.6.3 does not ensure that the user ID to reset the password of is related to the reset key given. As a result, any authenticated user can reset the password (to an arbitrary value) of any user knowing only their ID, and gain access to their account.	2022-07-17	6	CVE-2021-24655 MISC

Low Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
bracketspace — simple_post_notes	The Simple Post Notes WordPress plugin before 1.7.6 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.	2022-07-17	3.5	CVE-2022-2186 MISC
dwbooster — loading_page_with_loading_screen	The Loading Page with Loading Screen WordPress plugin before 1.0.83 does not escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.	2022-07-17	3.5	CVE-2022-2169 MISC
emarketdesign — best_contact_management_software	The Best Contact Management Software WordPress plugin through 3.7.3 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.	2022-07-17	3.5	CVE-2022-2151 MISC
linkedin_company_updates_project — linkedin_company_updates	The LinkedIn Company Updates WordPress plugin through 1.5.3 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.	2022-07-17	3.5	CVE-2022-2148 MISC
multi_restaurant_table_reservation_system_project — multi_restaurant_table_reservation_system	Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Restaurant Name field to /dashboard/profile.php.	2022-07-15	3.5	CVE-2020-35261 MISC MISC MISC MISC
multi_restaurant_table_reservation_system_project — multi_restaurant_table_reservation_system	Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Table Name field to /dashboard/table-list.php.	2022-07-15	3.5	CVE-2020-36550 MISC MISC MISC MISC
multi_restaurant_table_reservation_system_project — multi_restaurant_table_reservation_system	Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Item Name field to /dashboard/menu-list.php.	2022-07-15	3.5	CVE-2020-36551 MISC MISC MISC MISC
multi_restaurant_table_reservation_system_project — multi_restaurant_table_reservation_system	Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Made field to /dashboard/menu-list.php.	2022-07-15	3.5	CVE-2020-36552 MISC MISC MISC MISC
multi_restaurant_table_reservation_system_project — multi_restaurant_table_reservation_system	Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Area(food_type) field to /dashboard/menu-list.php.	2022-07-15	3.5	CVE-2020-36553 MISC MISC MISC MISC
supsystic — data_tables_generator	The Data Tables Generator by Supsystic WordPress plugin before 1.10.20 does not sanitise and escape some of its Table settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)	2022-07-17	3.5	CVE-2022-2114 MISC
tipsandtricks-hq — accept_stripe	The Accept Stripe Payments WordPress plugin before 2.0.64 does not sanitize and escape some of its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.	2022-07-17	3.5	CVE-2022-2194 MISC
tooltulips — 404s	The 404s WordPress plugin before 3.5.1 does not sanitise and escape its fields, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.	2022-07-17	3.5	CVE-2022-2118 MISC
very_simple_breadcrumb_project — very_simple_breadcrumb	The Very Simple Breadcrumb WordPress plugin through 1.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.	2022-07-17	3.5	CVE-2022-2149 MISC
woocommerce — woocommerce	The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles	2022-07-17	3.5	CVE-2022-2099 MISC
wpzinc — page_generator	The Page Generator WordPress plugin before 1.6.5 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.	2022-07-17	3.5	CVE-2022-2100 MISC

Severity Not Yet Assigned

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Resource Using Incompatible Type (‘Type Confusion’) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34221 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file..	2022-07-15	not yet calculated	CVE-2022-34237 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34234 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34233 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34232 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34230 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34229 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34228 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34223 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34222 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34239 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34216 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34225 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34226 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34220 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34219 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34217 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34215 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34236 MISC
adobe — character_animator	Adobe Character Animator version 4.4.7 (and earlier) and 22.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34241 MISC
adobe — character_animator	Adobe Character Animator version 4.4.7 (and earlier) and 22.4 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34242 MISC
adobe — incopy	Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34252 MISC
adobe — incopy	Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34251 MISC
adobe — incopy	Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34250 MISC
adobe — incopy	Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34249 MISC
adobe — indesign	Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34248 MISC
adobe — indesign	Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34246 MISC
adobe — indesign	Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34245 MISC
adobe — indesign	Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34247 MISC
adobe — photoshop	Adobe Photoshop versions 22.5.7 (and earlier) and 23.3.2 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34244 MISC
adobe — photoshop	Adobe Photoshop versions 22.5.7 (and earlier) and 23.3.2 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34243 MISC
adobe — robohelp	Adobe RoboHelp versions 2020.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-07-15	not yet calculated	CVE-2022-23201 MISC
advantech — iview	The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized attacker to disclose information	2022-07-22	not yet calculated	CVE-2022-2137 MISC
advantech — iview	The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose information.	2022-07-22	not yet calculated	CVE-2022-2142 MISC
advantech — iview	The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code.	2022-07-22	not yet calculated	CVE-2022-2143 MISC
advantech — iview	The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information.	2022-07-22	not yet calculated	CVE-2022-2136 MISC
advantech — iview	The affected product is vulnerable to directory traversal, which may allow an attacker to access unauthorized files and execute arbitrary code.	2022-07-22	not yet calculated	CVE-2022-2139 MISC
advantech — iview	The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition.	2022-07-22	not yet calculated	CVE-2022-2138 MISC
advantech — iview	The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information.	2022-07-22	not yet calculated	CVE-2022-2135 MISC
allnet — adsl/vdsl_router	Web page which “wizardpwd.asp” ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at “admin” allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user’s identity and can be accessed publicly.	2022-07-21	not yet calculated	CVE-2022-34767 MISC
amazon — amazon_linux_2	The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service (application crash), a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be passed as an argument to the memset() function within TIFFFetchStripThing() in tif_dirread.c. This will cause TIFFFetchStripThing() to segfault after use of an uninitialized resource.	2022-07-19	not yet calculated	CVE-2022-34266 MISC MISC
amazon — aws-sdk-java	The AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the `downloadDirectory` method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK control the `destinationDirectory` argument, but S3 object keys are determined by the application that uploaded the objects. The `downloadDirectory` method allows the caller to pass a filesystem object in the object key but contained an issue in the validation logic for the key name. A knowledgeable actor could bypass the validation logic by including a UNIX double-dot in the bucket key. Under certain conditions, this could permit them to retrieve a directory from their S3 bucket that is one level up in the filesystem from their working directory. This issue’s scope is limited to directories whose name prefix matches the destinationDirectory. E.g. for destination directory`/tmp/foo`, the actor can cause a download to `/tmp/foo-bar`, but not `/tmp/bar`. If `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory` is used to download an untrusted buckets contents, the contents of that bucket can be written outside of the intended destination directory. Version 1.12.261 contains a patch for this issue. As a workaround, when calling `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory`, pass a `KeyFilter` that forbids `S3ObjectSummary` objects that `getKey` method return a string containing the substring `..` .	2022-07-15	not yet calculated	CVE-2022-31159 CONFIRM
anchore_enterprise — anchorectl	Anchore Enterprise anchorectl version 0.1.4 improperly stored credentials when generating a Software Bill of Materials. anchorectl will add the credentials used to access Anchore Enterprise API in the Software Bill of Materials (SBOM) generated by anchorectl. Users of anchorectl version 0.1.4 should upgrade to anchorectl version 0.1.5 to resolve this issue.	2022-07-20	not yet calculated	CVE-2022-1766 CONFIRM
angularjs — angular	All versions of package angular are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of <textarea> elements.	2022-07-15	not yet calculated	CVE-2022-25869 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM
anydesk — anydesk	AnyDesk 7.0.9 allows a local user to gain SYSTEM privileges via a symbolic link because the user can write to their own %APPDATA% folder (used for ad.trace and chat) but the product runs as SYSTEM when writing chat-room data there.	2022-07-18	not yet calculated	CVE-2022-32450 MISC MISC FULLDISC MISC
apache — cloudstack	Apache CloudStack version 4.5.0 and later has a SAML 2.0 authentication Service Provider plugin which is found to be vulnerable to XML external entity (XXE) injection. This plugin is not enabled by default and the attacker would require that this plugin be enabled to exploit the vulnerability. When the SAML 2.0 plugin is enabled in affected versions of Apache CloudStack could potentially allow the exploitation of XXE vulnerabilities. The SAML 2.0 messages constructed during the authentication flow in Apache CloudStack are XML-based and the XML data is parsed by various standard libraries that are now understood to be vulnerable to XXE injection attacks such as arbitrary file reading, possible denial of service, server-side request forgery (SSRF) on the CloudStack management server.	2022-07-18	not yet calculated	CVE-2022-35741 MISC MLIST MLIST
apache — hive	Apache Hive before 3.1.3 “CREATE” and “DROP” function operations does not check for necessary authorization of involved entities in the query. It was found that an unauthorized user can manipulate an existing UDF without having the privileges to do so. This allowed unauthorized or underprivileged users to drop and recreate UDFs pointing them to new jars that could be potentially malicious.	2022-07-16	not yet calculated	CVE-2021-34538 CONFIRM
apache — skywalking_nodejs_agent	A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can’t establish the connection.	2022-07-18	not yet calculated	CVE-2022-36127 MISC MLIST
apache — spark_ui	The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can allow someone to perform impersonation by providing an arbitrary user name. A malicious user might then be able to reach a permission check function that will ultimately build a Unix shell command based on their input, and execute it. This will result in arbitrary shell command execution as the user Spark is currently running as. This affects Apache Spark versions 3.0.3 and earlier, versions 3.1.1 to 3.1.2, and versions 3.2.0 to 3.2.1.	2022-07-18	not yet calculated	CVE-2022-33891 CONFIRM
apache — xalan_java_xslt	The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. No future releases of Apache Xalan Java to address this issue are expected. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.	2022-07-19	not yet calculated	CVE-2022-34169 MISC MISC MLIST MLIST MLIST MLIST MISC DEBIAN
arm — mbed_tls	An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information disclosure based on error responses. Affected configurations have MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled and MBEDTLS_SSL_IN_CONTENT_LEN less than a threshold that depends on the configuration: 258 bytes if using mbedtls_ssl_cookie_check, and possibly up to 571 bytes with a custom cookie check function.	2022-07-15	not yet calculated	CVE-2022-35409 MISC MISC
arox — school_erp_pro	Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1finance_master.inc.php.	2022-07-15	not yet calculated	CVE-2022-32119 MISC MISC MISC
arox — school_erp_pro	Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the dispatchcategory parameter in backoffice.inc.php.	2022-07-15	not yet calculated	CVE-2022-32118 MISC MISC
asea_brown_boveri_ltd — multiple_products	Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’), Improper Neutralization of Special Elements used in a Command (‘Command Injection’) vulnerability in flow computer and remote controller products of ABB ( RMC-100 (Standard), RMC-100-LITE, XIO, XFCG5 , XRCG5 , uFLOG5 , UDC) allows an attacker who successfully exploited this vulnerability could insert and run arbitrary code in an affected system node.	2022-07-21	not yet calculated	CVE-2022-0902 MISC
asustek — aura_ready_game_sdk	There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILES(X86)%ASUSGameSDK.exe file.	2022-07-21	not yet calculated	CVE-2022-35899 MISC MISC MISC
atlassian — jira	The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page.	2022-07-22	not yet calculated	CVE-2022-36131 MISC MISC
atlassian — multiple_products	A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security issue associated with this vulnerability: Cross-origin resource sharing (CORS) bypass. Sending a specially crafted HTTP request can invoke the Servlet Filter used to respond to CORS requests, resulting in a CORS bypass. An attacker that can trick a user into requesting a malicious URL can access the vulnerable application with the victim’s permissions. Atlassian Bamboo versions are affected before 8.0.9, from 8.1.0 before 8.1.8, and from 8.2.0 before 8.2.4. Atlassian Bitbucket versions are affected before 7.6.16, from 7.7.0 before 7.17.8, from 7.18.0 before 7.19.5, from 7.20.0 before 7.20.2, from 7.21.0 before 7.21.2, and versions 8.0.0 and 8.1.0. Atlassian Confluence versions are affected before 7.4.17, from 7.5.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and version 7.21.0. Atlassian Crowd versions are affected before 4.3.8, from 4.4.0 before 4.4.2, and version 5.0.0. Atlassian Fisheye and Crucible versions before 4.8.10 are affected. Atlassian Jira versions are affected before 8.13.22, from 8.14.0 before 8.20.10, and from 8.21.0 before 8.22.4. Atlassian Jira Service Management versions are affected before 4.13.22, from 4.14.0 before 4.20.10, and from 4.21.0 before 4.22.4.	2022-07-20	not yet calculated	CVE-2022-26137 MISC MISC MISC MISC MISC MISC MISC MISC
atlassian — multiple_products	A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by each app, and how the filters are used. This vulnerability can result in authentication bypass and cross-site scripting. Atlassian has released updates that fix the root cause of this vulnerability, but has not exhaustively enumerated all potential consequences of this vulnerability. Atlassian Bamboo versions are affected before 8.0.9, from 8.1.0 before 8.1.8, and from 8.2.0 before 8.2.4. Atlassian Bitbucket versions are affected before 7.6.16, from 7.7.0 before 7.17.8, from 7.18.0 before 7.19.5, from 7.20.0 before 7.20.2, from 7.21.0 before 7.21.2, and versions 8.0.0 and 8.1.0. Atlassian Confluence versions are affected before 7.4.17, from 7.5.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and version 7.21.0. Atlassian Crowd versions are affected before 4.3.8, from 4.4.0 before 4.4.2, and version 5.0.0. Atlassian Fisheye and Crucible versions before 4.8.10 are affected. Atlassian Jira versions are affected before 8.13.22, from 8.14.0 before 8.20.10, and from 8.21.0 before 8.22.4. Atlassian Jira Service Management versions are affected before 4.13.22, from 4.14.0 before 4.20.10, and from 4.21.0 before 4.22.4.	2022-07-20	not yet calculated	CVE-2022-26136 MISC MISC MISC MISC MISC MISC MISC MISC
atlassian — questions_for_confluence	The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. This user account is created when installing versions 2.7.34, 2.7.35, and 3.0.2 of the app.	2022-07-20	not yet calculated	CVE-2022-26138 MISC MISC
barangay_management_system_project — barangay_management_system	Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /officials/officials.php.	2022-07-19	not yet calculated	CVE-2022-34023 MISC
barangay_management_system_project — barangay_management_system	Barangay Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the resident module editing function at /bmis/pages/resident/resident.php.	2022-07-19	not yet calculated	CVE-2022-34024 MISC
barangay_management_system_project — barangay_management_system	Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /pages/household/household.php.	2022-07-20	not yet calculated	CVE-2022-34042 MISC
bentley — microstation	An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an OBJ file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of OBJ files could enable an attacker to read information in the context of the current process.	2022-07-15	not yet calculated	CVE-2022-35902 MISC
bentley — microstation	An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a 3DS file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of 3DS files could enable an attacker to read information in the context of the current process.	2022-07-15	not yet calculated	CVE-2022-35903 MISC
bentley — microstation	An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an IFC file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of IFC files could enable an attacker to read information in the context of the current process.	2022-07-15	not yet calculated	CVE-2022-35904 MISC
bentley — microstation	An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a JP2 file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of JP2 files could enable an attacker to read information in the context of the current process.	2022-07-15	not yet calculated	CVE-2022-35900 MISC
bentley — microstation	An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a J2K file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of J2K files could enable an attacker to read information in the context of the current process.	2022-07-15	not yet calculated	CVE-2022-35901 MISC
bentley — microstation	An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an FBX file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of FBX files could enable an attacker to read information in the context of the current process.	2022-07-15	not yet calculated	CVE-2022-35905 MISC
bentley — microstation	An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a DGN file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of DGN files could enable an attacker to read information in the context of the current process.	2022-07-15	not yet calculated	CVE-2022-35906 MISC
blogifier — blogifier	Blogifier v3.0 was discovered to contain an arbitrary file upload vulnerability at /api/storage/upload/PostImage. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted file.	2022-07-20	not yet calculated	CVE-2022-35569 MISC
bytecode_alliance — webassembly	Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime’s code generator, Cranelift, where functions using reference types may be incorrectly missing metadata required for runtime garbage collection. This means that if a GC happens at runtime then the GC pass will mistakenly think these functions do not have live references to GC’d values, reclaiming them and deallocating them. The function will then subsequently continue to use the values assuming they had not been GC’d, leading later to a use-after-free. This bug was introduced in the migration to the `regalloc2` register allocator that occurred in the Wasmtime 0.37.0 release on 2022-05-20. This bug has been patched and users should upgrade to Wasmtime version 0.38.2. Mitigations for this issue can be achieved by disabling the reference types proposal by passing `false` to `wasmtime::Config::wasm_reference_types` or downgrading to Wasmtime 0.36.0 or prior.	2022-07-21	not yet calculated	CVE-2022-31146 CONFIRM MISC MISC
bytecode_alliance — webassembly	Wasmtime is a standalone runtime for WebAssembly. There is a bug in Wasmtime’s code generator, Cranelift, for AArch64 targets where constant divisors can result in incorrect division results at runtime. This affects Wasmtime prior to version 0.38.2 and Cranelift prior to 0.85.2. This issue only affects the AArch64 platform. Other platforms are not affected. The translation rules for constants did not take into account whether sign or zero-extension should happen which resulted in an incorrect value being placed into a register when a division was encountered. The impact of this bug is that programs executing within the WebAssembly sandbox would not behave according to the WebAssembly specification. This means that it is hypothetically possible for execution within the sandbox to go awry and WebAssembly programs could produce unexpected results. This should not impact hosts executing WebAssembly but does affect the correctness of guest programs. This bug has been patched in Wasmtime version 0.38.2 and cranelift-codegen 0.85.2. There are no known workarounds.	2022-07-22	not yet calculated	CVE-2022-31169 CONFIRM MISC
caddy — caddy	An out-of-bounds read in the rewrite function at /modules/caddyhttp/rewrite/rewrite.go in Caddy v2.5.1 allows attackers to cause a Denial of Service (DoS) via a crafted URI.	2022-07-22	not yet calculated	CVE-2022-34037 MISC
cellinx — cellinx_nvt_-_ip_ptz_camera_firmware	Allows a remote user to read files on the camera’s OS “GetFileContent.cgi”. Reading arbitrary files on the camera’s OS as root user.	2022-07-18	not yet calculated	CVE-2022-30621 MISC
cellinx — cellinx_nvt_-_ip_ptz_camera_firmware	On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: “1” to “0” privileges by changing the following cookie values from “is_admin”, “showConfig”. Administrative Privileges which allows changing various configuration in the camera.	2022-07-18	not yet calculated	CVE-2022-30620 MISC
chcnav — p5e_gnss_firmware	The server checks the user’s cookie in a non-standard way, and a value is entered in the cookie value name of the status and its value is set to true to bypass the identification with the system using a username and password.	2022-07-18	not yet calculated	CVE-2022-30623 MISC
chcnav — p5e_gnss_firmware	Browsing the admin.html page allows the user to reset the admin password. Also appears in the JS code for the password.	2022-07-18	not yet calculated	CVE-2022-30624 MISC
chcnav — p5e_gnss_firmware	Browsing the path: http://ip/wifi_ap_pata_get.cmd, will show in the name of the existing access point on the component, and a password in clear text.	2022-07-18	not yet calculated	CVE-2022-30626 MISC
chcnav — p5e_gnss_firmware	This vulnerability affects all of the company’s products that also include the FW versions: update_i90_cv2.021_b20210104, update_i50_v1.0.55_b20200509, update_x6_v2.1.2_b202001127, update_b5_v2.0.9_b20200706. This vulnerability makes it possible to extract from the FW the existing user passwords on their operating systems and passwords.	2022-07-18	not yet calculated	CVE-2022-30627 MISC
chcnav — p5e_gnss_firmware	Directory listing is a web server function that displays the directory contents when there is no index file in a specific website directory. A directory listing provides an attacker with the complete index of all the resources located inside of the directory. The specific risks and consequences vary depending on which files are listed and accessible.	2022-07-18	not yet calculated	CVE-2022-30625 MISC
chcnav — p5e_gnss_firmware	Disclosure of information – the system allows you to view usernames and passwords without permissions, thus it will be possible to enter the system. Path access: http://api/sys_username_passwd.cmd – The server loads the request clearly by default. Disclosure of hard-coded credit information within the JS code sent to the customer within the Login.js file is a strong user (which is not documented) and also the password, which allow for super-user access. Username: chcadmin, Password: chcpassword.	2022-07-17	not yet calculated	CVE-2022-30622 MISC
chips_alliance — rocket-chip	Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain insufficient cryptography via the component /rocket/RocketCore.scala.	2022-07-18	not yet calculated	CVE-2022-34632 MISC MISC MISC
cisco — cisco_iot_control_center	A vulnerability in the web-based management interface of Cisco IoT Control Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.	2022-07-22	not yet calculated	CVE-2022-20916 CISCO
cisco — cisco_nexus_dashboard	Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device.	2022-07-22	not yet calculated	CVE-2022-20908 CISCO
cisco — cisco_nexus_dashboard	Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device.	2022-07-22	not yet calculated	CVE-2022-20906 CISCO
cisco — cisco_nexus_dashboard	Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device.	2022-07-22	not yet calculated	CVE-2022-20909 CISCO
cisco — cisco_nexus_dashboard	A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to insufficient input validation in the web-based management interface of Cisco Nexus Dashboard. An attacker with Administrator credentials could exploit this vulnerability by uploading a crafted file. A successful exploit could allow the attacker to overwrite arbitrary files on an affected device.	2022-07-22	not yet calculated	CVE-2022-20913 CISCO
cisco — cisco_nexus_dashboard	Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the Details section of this advisory.	2022-07-21	not yet calculated	CVE-2022-20858 CISCO
cisco — cisco_nexus_dashboard	Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the Details section of this advisory.	2022-07-21	not yet calculated	CVE-2022-20861 CISCO
cisco — cisco_nexus_dashboard	Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device.	2022-07-22	not yet calculated	CVE-2022-20907 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20898 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20886 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20888 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20887 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20873 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20883 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20879 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20880 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20890 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20878 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20902 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20877 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20876 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20875 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20889 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20891 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20901 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20911 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20903 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20904 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20900 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20899 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20897 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20910 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20874 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20912 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20896 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20892 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20893 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20894 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-22	not yet calculated	CVE-2022-20895 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20882 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20884 CISCO
cisco — cisco_nexus_dashboard	A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to alter communications with associated controllers or view sensitive information. This vulnerability exists because SSL server certificates are not validated when Cisco Nexus Dashboard is establishing a connection to Cisco Application Policy Infrastructure Controller (APIC), Cisco Cloud APIC, or Cisco Nexus Dashboard Fabric Controller, formerly Data Center Network Manager (DCNM) controllers. An attacker could exploit this vulnerability by using man-in-the-middle techniques to intercept the traffic between the affected device and the controllers, and then using a crafted certificate to impersonate the controllers. A successful exploit could allow the attacker to alter communications between devices or view sensitive information, including Administrator credentials for these controllers.	2022-07-21	not yet calculated	CVE-2022-20860 CISCO
cisco — cisco_nexus_dashboard	Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the Details section of this advisory.	2022-07-21	not yet calculated	CVE-2022-20857 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20885 CISCO
cisco — cisco_small_business_rv_series_router_firmware	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.	2022-07-21	not yet calculated	CVE-2022-20881 CISCO
citilog — citilog_server	The server in Citilog 8.0 allows an attacker (in a man in the middle position between the server and its smart camera Axis M1125) to see FTP credentials in a cleartext HTTP traffic. These can be used for FTP access to the server.	2022-07-21	not yet calculated	CVE-2022-28861 MISC MISC
citilog — citilog_server	An authentication downgrade in the server in Citilog 8.0 allows an attacker (in a man in the middle position between the server and its smart camera Axis M1125) to achieve HTTP access to the camera.	2022-07-21	not yet calculated	CVE-2022-28860 MISC MISC
containrrr — shoutrrr	The package github.com/containrrr/shoutrrr/pkg/util before 0.6.0 are vulnerable to Denial of Service (DoS) via the util.PartitionMessage function. Exploiting this vulnerability is possible by sending exactly 2000, 4000, or 6000 characters messages.	2022-07-15	not yet calculated	CVE-2022-25891 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM
couchbase — couchbase_server	In Couchbase Server 7.1.x before 7.1.1, an encrypted Private Key passphrase may be leaked in the logs.	2022-07-15	not yet calculated	CVE-2022-34826 MISC
couchbase — couchbase_server	An issue was discovered in Couchbase Server before 7.0.4. A private key is leaked to the log files with certain crashes.	2022-07-21	not yet calculated	CVE-2022-32556 MISC MISC MISC
cva6 — cva6	CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a treats non-standard fence instructions as illegal which can affect the function of the application.	2022-07-18	not yet calculated	CVE-2022-34639 MISC MISC
cva6 — cva6	CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted sfence.vma instructions rather create an exception.	2022-07-18	not yet calculated	CVE-2022-34633 MISC MISC
cva6 — cva6	The *tval of ecall/ebreak in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a was discovered to be incorrect.	2022-07-18	not yet calculated	CVE-2022-34640 MISC
cva6 — cva6	CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a implements an incorrect exception type when an illegal virtual address is loaded.	2022-07-18	not yet calculated	CVE-2022-34637 MISC
cva6 — cva6	CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a and RISCV-Boom commit ad64c5419151e5e886daee7084d8399713b46b4b implements the incorrect exception type when a PMA violation occurs during address translation.	2022-07-18	not yet calculated	CVE-2022-34636 MISC MISC
cva6 — cva6	The mstatus.sd field in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a does not update when the mstatus.fs field is set to Dirty.	2022-07-18	not yet calculated	CVE-2022-34635 MISC
cva6 — cva6	CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted det instructions rather create an exception.	2022-07-18	not yet calculated	CVE-2022-34634 MISC MISC
cva6 — cva6	CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a and RISCV-Boom commit ad64c5419151e5e886daee7084d8399713b46b4b implements the incorrect exception type when a PMP violation occurs during address translation.	2022-07-18	not yet calculated	CVE-2022-34641 MISC MISC MISC
dataease — dataease	Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId.	2022-07-22	not yet calculated	CVE-2022-34115 MISC
dataease — dataease	Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId.	2022-07-22	not yet calculated	CVE-2022-34114 MISC
dataease — dataease	An issue in the component /api/plugin/upload of Dataease v1.11.1 allows attackers to execute arbitrary code via a crafted plugin.	2022-07-22	not yet calculated	CVE-2022-34113 MISC
dataease — dataease	An access control issue in the component /api/plugin/uninstall Dataease v1.11.1 allows attackers to arbitrarily uninstall the plugin, a right normally reserved for the administrator.	2022-07-22	not yet calculated	CVE-2022-34112 MISC
dbus-broker — dbus-broker	An issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service’s Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied.	2022-07-17	not yet calculated	CVE-2022-31212 MISC MISC
dbus-broker — dbus-broker	An issue was discovered in dbus-broker before 31. Multiple NULL pointer dereferences can be found when supplying a malformed XML config file.	2022-07-17	not yet calculated	CVE-2022-31213 MISC MISC
dell — data_protection_central	Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contain(s) a Cross-Site Request Forgery Vulnerability. A(n) remote unauthenticated attacker could potentially exploit this vulnerability, leading to processing of unintended server operations.	2022-07-21	not yet calculated	CVE-2022-34367 MISC
dell — emc_powerstore	Dell EMC PowerStore, Versions prior to v3.0.0.0 contain a DLL Hijacking vulnerability in PSTCLI. A local attacker can potentially exploit this vulnerability to execute arbitrary code, escalate privileges, and bypass software allow list solutions, leading to system takeover or IP exposure.	2022-07-21	not yet calculated	CVE-2022-32498 MISC
dell — emc_powerstore	Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the PowerStore underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege.	2022-07-21	not yet calculated	CVE-2022-22555 MISC
dell — emc_powerstore	Dell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts Vulnerability in PowerStore Manager GUI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to password brute-forcing. Account takeover is possible if weak passwords are used by users.	2022-07-21	not yet calculated	CVE-2022-31234 MISC
dell — powerstore	Dell PowerStore, versions prior to 3.0.0.0, contains an OS Command Injection vulnerability in PowerStore T environment. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may lead to a system take over by an attacker.	2022-07-21	not yet calculated	CVE-2022-33923 MISC
denx_software_engineering — u-boot	squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service (DoS) condition or arbitrary code execution.	2022-07-20	not yet calculated	CVE-2022-33967 MISC MISC MISC MISC
digital_watchdog — dw_megapix_ip_cameras	Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/vca/license/license_tok.cgi. This vulnerability is exploitable via a crafted POST request.	2022-07-19	not yet calculated	CVE-2022-34540 MISC
digital_watchdog — dw_megapix_ip_cameras	Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/vca/bia/addacph.cgi. This vulnerability is exploitable via a crafted POST request.	2022-07-19	not yet calculated	CVE-2022-34538 MISC
digital_watchdog — dw_megapix_ip_cameras	Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a cross-site scripting (XSS) vulnerability via the component bia_oneshot.cgi.	2022-07-19	not yet calculated	CVE-2022-34537 MISC
digital_watchdog — dw_megapix_ip_cameras	Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows unauthenticated attackers to view internal paths and scripts via web files.	2022-07-19	not yet calculated	CVE-2022-34535 MISC
digital_watchdog — dw_megapix_ip_cameras	Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/curltest.cgi. This vulnerability is exploitable via a crafted POST request.	2022-07-19	not yet calculated	CVE-2022-34539 MISC
digital_watchdog — dw_megapix_ip_cameras	Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows attackers to access the core log file and perform session hijacking via a crafted session token.	2022-07-19	not yet calculated	CVE-2022-34536 MISC
digital_watchdog — dw_spectrum_server	Digital Watchdog DW Spectrum Server 4.2.0.32842 allows attackers to access sensitive infromation via a crafted API call.	2022-07-19	not yet calculated	CVE-2022-34534 MISC
digiwin_bpm — digiwin_bpm	Digiwin BPM has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform Blind SSRF attack to discover internal network topology base on URL error response.	2022-07-20	not yet calculated	CVE-2022-32457 CONFIRM
digiwin_bpm — digiwin_bpm	Digiwin BPM’s function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify, delete database or disrupt service.	2022-07-20	not yet calculated	CVE-2022-32456 CONFIRM
digiwin_bpm — digiwin_bpm	Digiwin BPM has a XML External Entity Injection (XXE) vulnerability due to insufficient validation for user input. An unauthenticated remote attacker can perform XML injection attack to access arbitrary system files.	2022-07-20	not yet calculated	CVE-2022-32458 CONFIRM
django — django_rest_framework	Django REST framework (aka django-rest-framework) before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping.	2022-07-23	not yet calculated	CVE-2018-25045 MISC MISC MISC
dompdf_project — dompdf	External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0.	2022-07-18	not yet calculated	CVE-2022-2400 CONFIRM MISC
dotcms — dotcms	An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. Attackers can craft a multipart form request to post a file whose filename is not initially sanitized. This allows directory traversal, in which the file is saved outside of the intended storage location. If anonymous content creation is enabled, this allows an unauthenticated attacker to upload an executable file, such as a .jsp file, that can lead to remote code execution.	2022-07-17	not yet calculated	CVE-2022-26352 MISC MISC
dotnetnuke — dotnetnuke	DotNetNuke (DNN) 9.9.1 CMS is vulnerable to a Stored Cross-Site Scripting vulnerability in the user profile biography section which allows remote authenticated users to inject arbitrary code via a crafted payload.	2022-07-20	not yet calculated	CVE-2021-31858 MISC MISC
dovecot — dovecot	An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user.	2022-07-17	not yet calculated	CVE-2022-30550 CONFIRM MISC MISC
dsk_systems — dsknet	An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A PresAbs.php SQL Injection vulnerability allows unauthenticated users to taint database data and extract sensitive information via crafted HTTP requests. The type of SQL Injection is blind boolean based. (An unauthenticated attacker can discover the endpoint by abusing a Broken Access Control issue with further SQL injection attacks to gather all user’s badge numbers and PIN codes.)	2022-07-18	not yet calculated	CVE-2022-24690 MISC MISC
dsk_systems — dsknet	An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. It mishandles access control. This allows a remote attacker to access account information pages (including personal data) without being authenticated. The collected information includes the badge numbers that operate as user login names. They have a PIN code. The PIN code is 4 digits and thus can be guessed in 10000 brute force attempts.	2022-07-18	not yet calculated	CVE-2022-24689 MISC MISC
dsk_systems — dsknet	An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. The Touch settings allow unrestricted file upload (and consequently Remote Code Execution) via PDF upload with PHP content and a .php extension. The attacker must hijack or obtain privileged user access to the Parameters page in order to exploit this issue. (That can be easily achieved by exploiting the Broken Access Control with further Brute-force attack or SQL Injection.) The uploaded file is stored within the database and copied to the sync web folder if the attacker visits a certain .php?action= page.	2022-07-18	not yet calculated	CVE-2022-24688 MISC MISC
dsk_systems — dsknet	An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A SQL Injection vulnerability allows authenticated users to taint database data and extract sensitive information via crafted HTTP requests. The type of SQL Injection is blind boolean based.	2022-07-18	not yet calculated	CVE-2022-24691 MISC MISC
dsk_systems — dsknet	An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. The new menu option within the general Parameters page is vulnerable to stored XSS. The attacker can create a menu option, make it visible to every application user, and conduct session hijacking, account takeover, or malicious code delivery, with the final goal of achieving client-side code execution.	2022-07-18	not yet calculated	CVE-2022-24692 MISC MISC
eveo — urve_web_manager	A vulnerability was found in URVE Web Manager. It has been classified as critical. This affects an unknown part of the file kreator.html5/img_upload.php. The manipulation leads to unrestricted upload. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used.	2022-07-15	not yet calculated	CVE-2022-2418 N/A N/A
eveo — urve_web_manager	A vulnerability was found in URVE Web Manager. It has been declared as critical. This vulnerability affects unknown code of the file _internal/collector/upload.php. The manipulation leads to unrestricted upload. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used.	2022-07-15	not yet calculated	CVE-2022-2419 N/A N/A
eveo — urve_web_manager	A vulnerability was found in URVE Web Manager. It has been rated as critical. This issue affects some unknown processing of the file _internal/uploader.php. The manipulation leads to unrestricted upload. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used.	2022-07-15	not yet calculated	CVE-2022-2420 N/A N/A
ferdi — ferdi	A Cross-Site Request Forgery (CSRF) in Ferdi through 5.8.1 and Ferdium through 6.0.0-nightly.98 allows attackers to read files via an uploaded file such as a settings/preferences file.	2022-07-17	not yet calculated	CVE-2022-32320 MISC MISC MISC
file-type — file-type	An issue was discovered in the file-type package before 16.5.4 and 17.x before 17.1.3 for Node.js. A malformed MKV file could cause the file type detector to get caught in an infinite loop. This would make the application become unresponsive and could be used to cause a DoS attack.	2022-07-21	not yet calculated	CVE-2022-36313 CONFIRM CONFIRM MISC
filezilla_client — filezilla_client	A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:Program FilesFileZilla FTP Clientuninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.	2022-07-18	not yet calculated	CVE-2016-15003 MISC MISC MISC
filezilla_server — filezilla_server	A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50. This affects an unknown part of the component PORT Handler. The manipulation leads to unintended intermediary. It is possible to initiate the attack remotely. Upgrading to version 0.9.51 is able to address this issue. It is recommended to upgrade the affected component.	2022-07-17	not yet calculated	CVE-2015-10003 MISC MISC
fortinet — fortiap-u	A path traversal vulnerability [CWE-22] in FortiAP-U CLI 6.2.0 through 6.2.3, 6.0.0 through 6.0.4, 5.4.0 through 5.4.6 may allow an admin user to delete and access unauthorized files and data via specifically crafted CLI commands.	2022-07-19	not yet calculated	CVE-2022-30301 CONFIRM
fortinet — fortiauthenticator_agent_for_microsoft_outlook_web_access	An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiAuthenticator OWA Agent for Microsoft version 2.2 and 2.1 may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.	2022-07-18	not yet calculated	CVE-2022-22304 CONFIRM
fortinet — forticlient_for_windows	A relative path traversal vulnerability [CWE-23] in FortiClient for Windows versions 7.0.2 and prior, 6.4.6 and prior and 6.2.9 and below may allow a local unprivileged attacker to escalate their privileges to SYSTEM via the named pipe responsible for FortiESNAC service.	2022-07-18	not yet calculated	CVE-2021-41031 CONFIRM
fortinet — fortiddos_api	A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API 5.5.0 through 5.5.1, 5.4.0 through 5.4.2, 5.3.0 through 5.3.1, 5.2.0, 5.1.0 may allow an attacker who managed to retrieve the key from one device to sign JWT tokens for any device.	2022-07-19	not yet calculated	CVE-2022-29060 CONFIRM
fortinet — fortideceptor	Multiple relative path traversal vulnerabilities [CWE-23] in FortiDeceptor management interface 1.0.0 through 3.2.x, 3.3.0 through 3.3.2, 4.0.0 through 4.0.1 may allow a remote and authenticated attacker to retrieve and delete arbitrary files from the underlying filesystem via specially crafted web requests.	2022-07-19	not yet calculated	CVE-2022-30302 CONFIRM
fortinet — fortinac	An empty password in configuration file vulnerability [CWE-258] in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.3 and below may allow an authenticated attacker to access the MySQL databases via the CLI.	2022-07-18	not yet calculated	CVE-2022-26117 CONFIRM
fortinet — fortinet_fortiadc	Multiple improper neutralization of special elements used in an SQL Command (‘SQL Injection’) vulnerabilities [CWE-89] in FortiADC management interface 7.0.0 through 7.0.1, 5.0.0 through 6.2.2 may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.	2022-07-18	not yet calculated	CVE-2022-26120 CONFIRM
fortinet — fortinet_forticlientwindows	An execution with unnecessary privileges vulnerability [CWE-250] in FortiClientWindows 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.0 through 6.2.9, 6.0.0 through 6.0.10 may allow a local attacker to perform an arbitrary file write on the system.	2022-07-19	not yet calculated	CVE-2022-26113 CONFIRM
fortinet — fortinet_fortiedr	A improper neutralization of input during web page generation (‘cross-site scripting’) in Fortinet FortiEDR version 5.1.0, 5.0.0 through 5.0.3 Patch 6 and 4.0.0 allows a remote authenticated attacker to perform a reflected cross site scripting attack (XSS) by injecting malicious payload into the Management Console via various endpoints.	2022-07-19	not yet calculated	CVE-2022-29057 CONFIRM
fortinet — fortinet_fortios	An improper neutralization of input during web page generation (‘Cross-site Scripting’) [CWE-79] vulnerability in FortiOS version 7.0.5 and prior and 6.4.9 and prior may allow an unauthenticated remote attacker to perform a reflected cross site scripting (XSS) attack in the captive portal authentication replacement page.	2022-07-18	not yet calculated	CVE-2022-23438 CONFIRM
fortinet — fortitokenmobile	A improper validation of certificate with host mismatch in Fortinet FortiTokenAndroid version 5.0.3 and below, Fortinet FortiTokeniOS version 5.2.0 and below, Fortinet FortiTokenWinApp version 4.0.3 and below allows attacker to retrieve information disclosed via man-in-the-middle attacks.	2022-07-18	not yet calculated	CVE-2021-22131 CONFIRM
fortinet — multiple_products	A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments.	2022-07-18	not yet calculated	CVE-2021-44170 CONFIRM
fortinet — multiple_products	An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service.	2022-07-18	not yet calculated	CVE-2021-42755 CONFIRM
fortinet — multiple_products	A privilege chaining vulnerability [CWE-268] in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4.0 through 6.4.7, 7.0.0 through 7.0.3 may allow a local and authenticated attacker with a restricted shell to escalate their privileges to root due to incorrect permissions of some folders and executable files on the system.	2022-07-18	not yet calculated	CVE-2022-26118 CONFIRM
fortinet — multiple_products	A improper neutralization of special elements used in an os command (‘os command injection’) in Fortinet FortiManager version 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.x and 6.0.x and FortiAnalyzer version 7.0.0 through 7.0.3, version 6.4.0 through 6.4.7, 6.2.x and 6.0.x allows attacker to execute arbitrary shell code as `root` user via `diagnose system` CLI commands.	2022-07-19	not yet calculated	CVE-2022-27483 CONFIRM
foxit — pdf_editor	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16821.	2022-07-18	not yet calculated	CVE-2022-28680 MISC MISC
foxit — pdf_reader	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16805.	2022-07-18	not yet calculated	CVE-2022-28678 MISC MISC
foxit — pdf_reader	This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the deletePages method. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16825.	2022-07-18	not yet calculated	CVE-2022-28681 MISC MISC
foxit — pdf_reader	This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-17474.	2022-07-18	not yet calculated	CVE-2022-34874 MISC MISC
foxit — pdf_reader	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the deletePages method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16828.	2022-07-18	not yet calculated	CVE-2022-28683 MISC MISC
foxit — pdf_reader	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16663.	2022-07-18	not yet calculated	CVE-2022-28677 MISC MISC
foxit — pdf_reader	This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16777.	2022-07-18	not yet calculated	CVE-2022-34873 MISC MISC
foxit — pdf_reader	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16420.	2022-07-18	not yet calculated	CVE-2022-28669 MISC MISC
foxit — pdf_reader	This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of AcroForms. Crafted data in an AcroForm can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16523.	2022-07-18	not yet calculated	CVE-2022-28670 MISC MISC
foxit — pdf_reader	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16639.	2022-07-18	not yet calculated	CVE-2022-28671 MISC MISC
foxit — pdf_reader	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16640.	2022-07-18	not yet calculated	CVE-2022-28672 MISC MISC
foxit — pdf_reader	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16641.	2022-07-18	not yet calculated	CVE-2022-28673 MISC MISC
foxit — pdf_reader	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16861.	2022-07-18	not yet calculated	CVE-2022-28679 MISC MISC
foxit — pdf_reader	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16643.	2022-07-18	not yet calculated	CVE-2022-28676 MISC MISC
foxit — pdf_reader	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16642.	2022-07-18	not yet calculated	CVE-2022-28675 MISC MISC
foxit — pdf_reader	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16644.	2022-07-18	not yet calculated	CVE-2022-28674 MISC MISC
foxit — pdf_reader	This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of ADBC objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16981.	2022-07-18	not yet calculated	CVE-2022-34875 MISC MISC
foxit — pdf_reader	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16778.	2022-07-18	not yet calculated	CVE-2022-28682 MISC MISC
garage_management_system — garage_management_system	A vulnerability was found in SourceCodester Garage Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /editbrand.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.	2022-07-19	not yet calculated	CVE-2022-2468 MISC MISC
garage_management_system — garage_management_system	A vulnerability has been found in SourceCodester Garage Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument username with the input 1@a.com’ AND (SELECT 6427 FROM (SELECT(SLEEP(5)))LwLu) AND ‘hsvT’=’hsvT leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.	2022-07-19	not yet calculated	CVE-2022-2467 MISC MISC
gentics — gentics_cms	An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description and in the username.	2022-07-17	not yet calculated	CVE-2022-30982 MISC
gentics — gentics_cms	An issue was discovered in Gentics CMS before 5.43.1. By uploading a malicious ZIP file, an attacker is able to deserialize arbitrary data and hence can potentially achieve Java code execution.	2022-07-17	not yet calculated	CVE-2022-30981 MISC
gnu — gnu_sasl	GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client	2022-07-19	not yet calculated	CVE-2022-2469 CONFIRM MISC DEBIAN
golang — go	Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 – 1 bytes.	2022-07-15	not yet calculated	CVE-2022-30634 MISC MISC MISC MISC
goldshellminer — goldshellminer	Goldshell ASIC Miners v2.2.1 and below was discovered to contain a path traversal vulnerability which allows unauthenticated attackers to retrieve arbitrary files from the device.	2022-07-20	not yet calculated	CVE-2022-24659 MISC MISC
goldshellminer — goldshellminer	Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol (port 22).	2022-07-20	not yet calculated	CVE-2022-24657 MISC MISC
goldshellminer — goldshellminer	The debug interface of Goldshell ASIC Miners v2.2.1 and below was discovered to be exposed publicly on the web interface, allowing attackers to access passwords and other sensitive information in plaintext.	2022-07-20	not yet calculated	CVE-2022-24660 MISC MISC
gollum_project — gollum	Cross site scripting (XSS) in gollum 5.0 to 5.1.2 via the filename parameter to the ‘New Page’ dialog.	2022-07-15	not yet calculated	CVE-2020-35305 MISC MISC MISC MISC
google — capsule_workspace_android_app	A potential memory corruption issue was found in Capsule Workspace Android app (running on GrapheneOS). This could result in application crashing but could not be used to gather any sensitive information.	2022-07-18	not yet calculated	CVE-2022-23745 MISC
google — chrome	Use after free in Tab Strip in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific set of user gestures.	2022-07-23	not yet calculated	CVE-2022-1136 MISC MISC
google — chrome	Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions.	2022-07-22	not yet calculated	CVE-2022-0980 MISC MISC
google — chrome	Use after free in Safe Browsing in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.	2022-07-22	not yet calculated	CVE-2022-0979 MISC MISC
google — chrome	Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1129 MISC MISC
google — chrome	Insufficient validation of trust input in WebOTP in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to send arbitrary intents from any app via a malicious app.	2022-07-23	not yet calculated	CVE-2022-1130 MISC MISC
google — chrome	Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device.	2022-07-23	not yet calculated	CVE-2022-1132 MISC MISC
google — chrome	Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1137 MISC MISC
google — chrome	Type confusion in V8 in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1134 MISC MISC
google — chrome	Use after free in Browser UI in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.	2022-07-21	not yet calculated	CVE-2022-0977 MISC MISC
google — chrome	Use after free in WebRTC Perf in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1133 MISC MISC
google — chrome	Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1096 MISC MISC
google — chrome	Use after free in Shopping Cart in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via standard feature user interaction.	2022-07-23	not yet calculated	CVE-2022-1135 MISC MISC
google — chrome	Inappropriate implementation in Resource Timing in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1146 MISC MISC
google — chrome	Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools.	2022-07-23	not yet calculated	CVE-2022-1142 MISC MISC
google — chrome	Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools.	2022-07-23	not yet calculated	CVE-2022-1143 MISC MISC
google — chrome	Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user gesture.	2022-07-23	not yet calculated	CVE-2022-1141 MISC MISC
google — chrome	Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1139 MISC MISC
google — chrome	Use after free in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools.	2022-07-23	not yet calculated	CVE-2022-1144 MISC MISC
google — chrome	Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interaction and profile destruction.	2022-07-23	not yet calculated	CVE-2022-1145 MISC MISC
google — chrome	Use after free in QR Code Generator in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.	2022-07-23	not yet calculated	CVE-2022-1127 MISC MISC
google — chrome	Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-21	not yet calculated	CVE-2022-0975 MISC MISC
google — chrome	Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.	2022-07-21	not yet calculated	CVE-2022-0971 MISC MISC
google — chrome	Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1138 MISC MISC
google — chrome	Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-21	not yet calculated	CVE-2022-0976 MISC MISC
google — chrome	Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.	2022-07-21	not yet calculated	CVE-2022-0974 MISC MISC
google — chrome	Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-21	not yet calculated	CVE-2022-0973 MISC MISC
google — chrome	Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.	2022-07-21	not yet calculated	CVE-2022-0972 MISC MISC
google — h96_smart_tv_box_h96_pro_plus	An issue was discovered in H96 Smart TV Box H96 Pro Plus allows attackers to corrupt files via calls to the saveDeepColorAttr service.unk	2022-07-20	not yet calculated	CVE-2020-21405 MISC
google — multiple_products	An issue was discovered in RK Smart TV Box MAX and V88 SmartTV box that allows attackers to cause a denial of service via the switchNextDisplayInterface service.	2022-07-20	not yet calculated	CVE-2020-21406 MISC
google — chrome	Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1128 MISC MISC
google — chrome	Use after free in Portals in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.	2022-07-23	not yet calculated	CVE-2022-1125 MISC MISC
google — chrome	Use after free in Cast UI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-23	not yet calculated	CVE-2022-1131 MISC MISC
google — chrome	Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2022-07-22	not yet calculated	CVE-2022-0978 MISC MISC
gpac — gpac/gpac	Use After Free in GitHub repository gpac/gpac prior to 2.1-DEV.	2022-07-19	not yet calculated	CVE-2022-2453 CONFIRM MISC
gpac — gpac/gpac	Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV.	2022-07-19	not yet calculated	CVE-2022-2454 MISC CONFIRM
grafana — grafana	Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user’s external user id is not already associated with an account in Grafana, the malicious user’s email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user’s Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address.	2022-07-15	not yet calculated	CVE-2022-31107 MISC MISC CONFIRM MISC
grafana — grafana	Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.	2022-07-15	not yet calculated	CVE-2022-31097 MISC CONFIRM MISC MISC
grails — grails	In grails-databinding in Grails before 3.3.15, 4.x before 4.1.1, 5.x before 5.1.9, and 5.2.x before 5.2.1 (at least when certain Java 8 configurations are used), data binding allows a remote attacker to execute code by gaining access to the class loader.	2022-07-19	not yet calculated	CVE-2022-35912 CONFIRM CONFIRM CONFIRM MLIST
grunt — grunt-util-property	This affects all versions of package grunt-util-property. The function call could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.	2022-07-17	not yet calculated	CVE-2020-7641 MISC MISC
gstreamer — gstreamer	DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can’t be triggered, however the matroskaparse element has no size checks.	2022-07-19	not yet calculated	CVE-2022-1925 MISC
gstreamer — gstreamer	DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite.	2022-07-19	not yet calculated	CVE-2022-2122 MISC
gstreamer — gstreamer	Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite.	2022-07-19	not yet calculated	CVE-2022-1920 MISC
gstreamer — gstreamer	DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite.	2022-07-19	not yet calculated	CVE-2022-1924 MISC
gstreamer — gstreamer	DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite.	2022-07-19	not yet calculated	CVE-2022-1923 MISC
gstreamer — gstreamer	DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_matroska_decompress_data function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite.	2022-07-19	not yet calculated	CVE-2022-1922 MISC
gstreamer — gstreamer	Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite.	2022-07-19	not yet calculated	CVE-2022-1921 MISC
h3c — magic_r200	H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm.	2022-07-20	not yet calculated	CVE-2022-34599 MISC
h3c — magic_r200	H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the URL /ihomers/app.	2022-07-20	not yet calculated	CVE-2022-34610 MISC
h3c — magic_r200	H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /doping.asp.	2022-07-20	not yet calculated	CVE-2022-34609 MISC
h3c — magic_r200	H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ajaxmsg parameter at /AJAX/ajaxget.	2022-07-20	not yet calculated	CVE-2022-34608 MISC
h3c — magic_r200	H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /doping.asp.	2022-07-20	not yet calculated	CVE-2022-34607 MISC
h3c — magic_r200	H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditvsList parameter at /dotrace.asp.	2022-07-20	not yet calculated	CVE-2022-34606 MISC
h3c — magic_r200	H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /dotrace.asp.	2022-07-20	not yet calculated	CVE-2022-34605 MISC
h3c — magic_r200	H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /dotrace.asp.	2022-07-20	not yet calculated	CVE-2022-34604 MISC
h3c — magic_r200	H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm.	2022-07-20	not yet calculated	CVE-2022-34603 MISC
h3c — magic_r200	H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm.	2022-07-20	not yet calculated	CVE-2022-34602 MISC
h3c — magic_r200	H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm.	2022-07-20	not yet calculated	CVE-2022-34601 MISC
h3c — magic_r200	H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm.	2022-07-20	not yet calculated	CVE-2022-34600 MISC
hallo_welt!_gmbh — bluespice	Cross-site Scripting (XSS) vulnerability in the “commonuserinterface” component of BlueSpice allows an attacker to inject arbitrary HTML into a page using the title parameter of the call URL.	2022-07-22	not yet calculated	CVE-2022-2511 CONFIRM
hallo_welt!_gmbh — bluespice	Cross-site Scripting (XSS) vulnerability in “Extension:ExtendedSearch” of Hallo Welt! GmbH BlueSpice allows attacker to inject arbitrary HTML (XSS) on page “Special:SearchCenter”, using the search term in the URL.	2022-07-22	not yet calculated	CVE-2022-2510 CONFIRM
hcl_software — hcl_bigfix	BigFix Web Reports authorized users may perform HTML injection for the email administrative configuration page.	2022-07-19	not yet calculated	CVE-2022-27545 MISC
hcl_software — hcl_bigfix	BigFix Web Reports authorized users may see SMTP credentials in clear text.	2022-07-19	not yet calculated	CVE-2022-27544 MISC
hicos — hicos	HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for card number. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system data or terminate service.	2022-07-20	not yet calculated	CVE-2022-32960 CONFIRM
hicos — hicos	HICOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for token information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system data or terminate service.	2022-07-20	not yet calculated	CVE-2022-32961 CONFIRM
hicos — hicos	HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for OS information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system data or terminate service.	2022-07-20	not yet calculated	CVE-2022-32959 CONFIRM
hicos — hicos	HiCOS’ client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service.	2022-07-20	not yet calculated	CVE-2022-32962 CONFIRM
honeywell — alerton_ascent_control_module_firmware	Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be store on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller’s function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function.	2022-07-15	not yet calculated	CVE-2022-30244 MISC MISC MISC
honeywell — alerton_ascent_control_module_firmware	Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller configuration without the knowledge of other users, altering the controller’s function capabilities. The changed configuration is not updated in the User Interface, which creates an inconsistency between the configuration display and the actual configuration on the controller. After the configuration change, remediation requires reverting to the correct configuration, requiring either physical or remote access depending on the configuration that was altered.	2022-07-15	not yet calculated	CVE-2022-30242 MISC MISC MISC
honeywell — alterton_visual_logic_firmware	Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be stored on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller’s function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function.	2022-07-15	not yet calculated	CVE-2022-30243 MISC MISC MISC
hospital_management_system — hospital_management_system	Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in /HMS/admin.php.	2022-07-20	not yet calculated	CVE-2022-34590 MISC
htmldoc — htmldoc	HTMLDoc v1.9.12 and below was discovered to contain a heap overflow via e_node htmldoc/htmldoc/html.cxx:588.	2022-07-18	not yet calculated	CVE-2022-34035 MISC MISC MISC
htmldoc — htmldoc	HTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_header) /htmldoc/htmldoc/html.cxx:273.	2022-07-18	not yet calculated	CVE-2022-34033 MISC MISC MISC
hudson — hudson	Hudson (aka org.jvnet.hudson.main:hudson-core) before 3.3.2 allows XXE attacks.	2022-07-18	not yet calculated	CVE-2015-8031 MISC MISC MISC
hypr — hypr_server	Forced Browsing vulnerability in HYPR Server version 6.10 to 6.15.1 allows remote attackers with a valid one-time recovery token to elevate privileges via path tampering in the Magic Link page. This issue affects: HYPR Server versions later than 6.10; version 6.15.1 and prior versions.	2022-07-19	not yet calculated	CVE-2022-2192 MISC
hypr — hypr_server	Insecure Direct Object Reference vulnerability in HYPR Server before version 6.14.1 allows remote authenticated attackers to add a FIDO2 authenticator to arbitrary accounts via parameter tampering in the Device Manager page. This issue affects: HYPR Server versions prior to 6.14.1.	2022-07-19	not yet calculated	CVE-2022-2193 MISC
hypr — hypr_windows_wfa	This issue affects: HYPR Windows WFA versions prior to 7.2; Unsafe Deserialization vulnerability in HYPR Workforce Access (WFA) before version 7.2 may allow local authenticated attackers to elevate privileges via a malicious serialized payload.	2022-07-19	not yet calculated	CVE-2022-1984 MISC
ibm — ibm-qradar-siem	IBM QRadar SIEM 7.3, 7.4, and 7.5 could disclose highly sensitive information to a privileged user. IBM X-Force ID: 210893.	2022-07-20	not yet calculated	CVE-2021-38936 XF CONFIRM
ibm — ibm_engineering_requirements_quality_assistant_on-premises	IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 203310.	2022-07-18	not yet calculated	CVE-2021-29788 CONFIRM XF
ibm — ibm_engineering_requirements_quality_assistant_on-premises	IBM Engineering Requirements Quality Assistant On-Premises (All versions) could allow an authenticated user to obtain sensitive information due to improper client side validation. IBM X-Force ID: 203738.	2022-07-18	not yet calculated	CVE-2021-29799 XF CONFIRM
ibm — ibm_engineering_requirements_quality_assistant_on-premises	IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force Id: 208310.	2022-07-18	not yet calculated	CVE-2021-38868 XF CONFIRM
ibm — ibm_engineering_requirements_quality_assistant_on-premises	IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 203440.	2022-07-18	not yet calculated	CVE-2021-29790 CONFIRM XF
ibm — ibm_qradar_siem	IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information from the TLS key file due to incorrect file permissions. IBM X-Force ID: 223597.	2022-07-20	not yet calculated	CVE-2022-22424 CONFIRM XF
ibm — ibm_qradar_siem	IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter-host communications. IBM X-Force ID: 202015.	2022-07-20	not yet calculated	CVE-2021-29755 CONFIRM XF
ibm — multiple_products	IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 223127.	2022-07-19	not yet calculated	CVE-2022-22417 XF CONFIRM
ibm — multiple_products	IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 223126.	2022-07-19	not yet calculated	CVE-2022-22416 XF CONFIRM
ibm — multiple_products	IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability and could result in in granting permission to unauthorized resources. IBM X-Force ID: 220782.	2022-07-19	not yet calculated	CVE-2022-22360 CONFIRM XF
ibm — multiple_products	IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 220652.	2022-07-19	not yet calculated	CVE-2022-22359 XF CONFIRM
ibm — multiple_products	IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 220651.	2022-07-19	not yet calculated	CVE-2022-22358 CONFIRM XF
ibm — powervm_hypervisor	An attacker that gains service access to the FSP (POWER9 only) or gains admin authority to a partition can compromise partition firmware.	2022-07-18	not yet calculated	CVE-2022-22445 XF CONFIRM
ics-cert — rockwell_automation_micrologix_1100/1400	The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks.	2022-07-20	not yet calculated	CVE-2022-2179 CONFIRM CONFIRM
inductive_automation — ignition	An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and integrity.	2022-07-22	not yet calculated	CVE-2022-1655 MISC
inductive_automation — ignition	The affected product may allow an attacker with access to the Ignition web configuration to run arbitrary code.	2022-07-20	not yet calculated	CVE-2022-1264 MISC
inductiveautomation — ignition	An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. The ScriptInvoke function allows remote attackers to execute arbitrary code by supplying a Python script.	2022-07-16	not yet calculated	CVE-2022-36126 MISC MISC MISC
inductiveautomation — ignition	An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. Designer and Vision Client Session IDs are mishandled. An attacker can determine which session IDs were generated in the past and then hijack sessions assigned to these IDs via Randy.	2022-07-15	not yet calculated	CVE-2022-35890 MISC MISC
infinitewp_client_plugin — infinitewp_client_plugin	A vulnerability was found in InfiniteWP Client Plugin 1.5.1.3/1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to injection. The attack can be launched remotely. Upgrading to version 1.6.1.1 is able to address this issue. It is recommended to upgrade the affected component.	2022-07-23	not yet calculated	CVE-2016-15004 MISC MISC MISC
irfanview — irfanview	IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000002cba.	2022-07-18	not yet calculated	CVE-2020-23563 MISC MISC
irfanview — irfanview	IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000005722.	2022-07-18	not yet calculated	CVE-2020-23561 MISC MISC
irfanview — irfanview	IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000aefe.	2022-07-18	not yet calculated	CVE-2020-23562 MISC MISC
itechscripts — dating_script	A vulnerability classified as critical was found in Itech Dating Script 3.26. Affected by this vulnerability is an unknown functionality of the file /see_more_details.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-16	not yet calculated	CVE-2017-20135 MISC MISC
itechscripts — freelancer_script	A vulnerability, which was classified as critical, has been found in Itech Freelancer Script 5.13. Affected by this issue is some unknown functionality of the file /category.php. The manipulation of the argument sk leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-16	not yet calculated	CVE-2017-20134 MISC MISC
itechscripts — job_portal_script	A vulnerability, which was classified as critical, was found in Itech Job Portal Script 9.13. This affects an unknown part of the file /admin. The manipulation leads to improper authentication. It is possible to initiate the attack remotely.	2022-07-16	not yet calculated	CVE-2017-20133 MISC
itechscripts — movie_portal_script	A vulnerability was found in Itech Movie Portal Script 7.36. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /movie.php. The manipulation of the argument f with the input <img src=i onerror=prompt(1)> leads to basic cross site scripting (Reflected). The attack may be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-22	not yet calculated	CVE-2017-20140 N/A N/A
itechscripts — movie_portal_script	A vulnerability was found in Itech Movie Portal Script 7.36. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /show_news.php. The manipulation of the argument id with the input AND (SELECT 1222 FROM(SELECT COUNT(),CONCAT(0x71786b7a71,(SELECT (ELT(1222=1222,1))),0x717a627871,FLOOR(RAND(0)2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) leads to sql injection (Error). The attack can be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-22	not yet calculated	CVE-2017-20139 N/A N/A
itechscripts — movie_portal_script	A vulnerability classified as critical was found in Itech Movie Portal Script 7.36. This vulnerability affects unknown code of the file /artist-display.php. The manipulation of the argument act leads to sql injection (Union). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.	2022-07-22	not yet calculated	CVE-2017-20142 N/A N/A
itechscripts — movie_portal_script	A vulnerability, which was classified as critical, has been found in Itech Movie Portal Script 7.36. This issue affects some unknown processing of the file /film-rating.php. The manipulation of the argument v leads to sql injection (Error). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.	2022-07-22	not yet calculated	CVE-2017-20143 N/A N/A
itechscripts — movie_portal_script	A vulnerability classified as critical has been found in Itech Movie Portal Script 7.36. This affects an unknown part of the file /movie.php. The manipulation of the argument f leads to sql injection (Union). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.	2022-07-22	not yet calculated	CVE-2017-20141 N/A N/A
itechscripts — multi_vendor_script	A vulnerability was found in Itech Multi Vendor Script 6.49 and classified as critical. This issue affects some unknown processing of the file /multi-vendor-shopping-script/product-list.php. The manipulation of the argument pl leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.	2022-07-16	not yet calculated	CVE-2017-20132 MISC MISC
itechscripts — news_portal_script	A vulnerability was found in Itech News Portal 6.28. It has been classified as critical. Affected is an unknown function of the file /news-portal-script/information.php. The manipulation of the argument inf leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.	2022-07-16	not yet calculated	CVE-2017-20131 MISC MISC
itechscripts — real_estate_script	A vulnerability was found in Itech Real Estate Script 3.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /real-estate-script/search_property.php. The manipulation of the argument property_for leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-16	not yet calculated	CVE-2017-20130 MISC MISC
itsourcecode — advanced_school_management_system	itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via the grade parameter at /school/view/student_grade_wise.php.	2022-07-20	not yet calculated	CVE-2022-34586 MISC
itsourcecode — advanced_school_management_system	itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via the grade parameter at /school/view/timetable_insert_form.php.	2022-07-20	not yet calculated	CVE-2022-34588 MISC
jetbrains — teamcity	In JetBrains TeamCity before 2022.04.2 build parameter injection was possible	2022-07-20	not yet calculated	CVE-2022-36322 MISC
jetbrains — teamcity	In JetBrains TeamCity before 2022.04.2 the private SSH key could be written to the build log in some cases	2022-07-20	not yet calculated	CVE-2022-36321 MISC
johnson_controls — api_for_metasys_ads/adx/oas	Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.2 and enumerate users.	2022-07-22	not yet calculated	CVE-2021-36200 CONFIRM CERT
jquery — jquery	jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. Calling `.checkboxradio( “refresh” )` on such a widget and the initial HTML contained encoded HTML entities will make them erroneously get decoded. This can lead to potentially executing JavaScript code. The bug has been patched in jQuery UI 1.13.2. To remediate the issue, someone who can change the initial HTML can wrap all the non-input contents of the `label` in a `span`.	2022-07-20	not yet calculated	CVE-2022-31160 CONFIRM MISC MISC
juniper_networks — junos_os	A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS). Continued gathering of AF interface statistics will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on MX Series: 20.1 versions later than 20.1R1; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R2.	2022-07-20	not yet calculated	CVE-2022-22207 CONFIRM
juniper_networks — junos_os	An Improper Release of Memory Before Removing Last Reference vulnerability in the Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Juniper Networks Junos OS allows unauthenticated network-based attacker to cause a partial Denial of Service (DoS). On all MX and SRX platforms, if the SIP ALG is enabled, receipt of a specific SIP packet will create a stale SIP entry. Sustained receipt of such packets will cause the SIP call table to eventually fill up and cause a DoS for all SIP traffic. The SIP call usage can be monitored by “show security alg sip calls”. To be affected the SIP ALG needs to be enabled, either implicitly / by default or by way of configuration. Please verify on SRX with: user@host> show security alg status \| match sip SIP : Enabled Please verify on MX whether the following is configured: [ services … rule <rule-name> (term <term-name>) from/match application/application-set <name> ] where either a. name = junos-sip or an application or application-set refers to SIP: b. [ applications application <name> application-protocol sip ] or c. [ applications application-set <name> application junos-sip ] This issue affects Juniper Networks Junos OS on SRX Series and MX Series: 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3-S2; 21.2 versions prior to 21.2R2-S2; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1. Juniper SIRT is not aware of any malicious exploitation of this vulnerability.	2022-07-20	not yet calculated	CVE-2022-22204 CONFIRM
juniper_networks — junos_os	An Improper Handling of Exceptional Conditions vulnerability on specific PTX Series devices, including the PTX1000, PTX3000 (NextGen), PTX5000, PTX10002-60C, PTX10008, and PTX10016 Series, in Juniper Networks Junos OS allows an unauthenticated MPLS-based attacker to cause a Denial of Service (DoS) by triggering the dcpfe process to crash and FPC to restart. On affected PTX Series devices, processing specific MPLS packets received on an interface with multiple units configured may cause FPC to restart unexpectedly. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects PTX Series devices utilizing specific FPCs found on PTX1000, PTX3000 (NextGen), PTX5000, PTX10002-60C, PTX10008, and PTX10016 Series devices, only if multiple units are configured on the ingress interface, and at least one unit has ‘family mpls’ not configured. See the configuration sample below for more information. No other platforms are affected by this vulnerability. This issue affects: Juniper Networks Junos OS on PTX Series: All versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S6; 19.4 versions prior to 19.4R3-S8; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S2; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R2.	2022-07-20	not yet calculated	CVE-2022-22202 CONFIRM
juniper_networks — junos_os	A Buffer Overflow vulnerability in the PFE of Juniper Networks Junos OS on SRX series allows an unauthenticated network based attacker to cause a Denial of Service (DoS). The PFE will crash when specific traffic is scanned by Enhanced Web Filtering safe-search feature of UTM (Unified Threat management). Continued receipt of this specific traffic will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS: 20.2 versions prior to 20.2R3-S4 on SRX Series; 20.3 versions prior to 20.3R3-S3 on SRX Series; 20.4 versions prior to 20.4R3-S3 on SRX Series; 21.1 versions prior to 21.1R3-S1 on SRX Series; 21.2 versions prior to 21.2R2-S2, 21.2R3 on SRX Series; 21.3 versions prior to 21.3R2 on SRX Series; 21.4 versions prior to 21.4R2 on SRX Series. This issue does not affect Juniper Networks Junos OS versions prior to 20.2R1.	2022-07-20	not yet calculated	CVE-2022-22206 CONFIRM
juniper_networks — junos_os	A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a Denial of Service (DoS). On all Junos platforms, the Kernel Routing Table (KRT) queue can get stuck due to a memory leak triggered by interface flaps or route churn leading to RIB and PFEs getting out of sync. The memory leak causes RTNEXTHOP/route and next-hop memory pressure issue and the KRT queue will eventually get stuck with the error- ‘ENOMEM — Cannot allocate memory’. The out-of-sync state between RIB and FIB can be seen with the “show route” and “show route forwarding-table” command. This issue will lead to failures for adding new routes. The KRT queue status can be checked using the CLI command “show krt queue”: user@host > show krt state High-priority add queue: 1 queued ADD nhtype Router index 0 (31212) error ‘ENOMEM — Cannot allocate memory’ kqp ‘0x8ad5e40’ The following messages will be observed in /var/log/messages, which indicate high memory for routes/nexthops: host rpd[16279]: RPD_RT_HWM_NOTICE: New RIB highwatermark for routes: 266 [2022-03-04 05:06:07] host rpd[16279]: RPD_KRT_Q_RETRIES: nexthop ADD: Cannot allocate memory host rpd[16279]: RPD_KRT_Q_RETRIES: nexthop ADD: Cannot allocate memory host kernel: rts_veto_net_delayed_unref_limit: Route/nexthop memory is severe pressure. User Application to perform recovery actions. O p 8 err 12, rtsm_id 0:-1, msg type 10, veto simulation: 0. host kernel: rts_veto_net_delayed_unref_limit: Memory usage of M_RTNEXTHOP type = (806321208) Max size possible for M_RTNEXTHOP type = (689432176) Current delayed unref = (0), Max delayed unref on this platform = (120000) Current delayed weight unref = (0) Max delayed weight unref on this platform = (400000) curproc = rpd. This issue affects: Juniper Networks Junos OS 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2-S1, 21.3R3; 21.4 versions prior to 21.4R1-S2, 21.4R2; This issue does not affect Juniper Networks Junos OS versions prior to 21.2R1.	2022-07-20	not yet calculated	CVE-2022-22209 CONFIRM
juniper_networks — junos_os	A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX5000 Series and MX Series allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). On QFX5K Series and MX Series, when the PFE receives a specific VxLAN packet the Layer 2 Address Learning Manager (L2ALM) process will crash leading to an FPC reboot. Continued receipt of this specific packet will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on QFX5000 Series, MX Series: 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.2 versions prior to 21.2R2-S1. This issue does not affect Juniper Networks Junos OS: All versions prior to 20.3R1; 21.1 version 21.1R1 and later versions.	2022-07-20	not yet calculated	CVE-2022-22210 CONFIRM
juniper_networks — junos_os	A Missing Release of Memory after Effective Lifetime vulnerability in the Application Quality of Experience (appqoe) subsystem of the PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated network based attacker to cause a Denial of Service (DoS). Upon receiving specific traffic a memory leak will occur. Sustained processing of such specific traffic will eventually lead to an out of memory condition that prevents all services from continuing to function, and requires a manual restart to recover. A device is only vulnerable when advance(d) policy based routing (APBR) is configured and AppQoE (sla rule) is not configured for these APBR rules. This issue affects Juniper Networks Junos OS on SRX Series: 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2-S1, 21.2R3; 21.3 versions prior to 21.3R1-S2, 21.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.3R1.	2022-07-20	not yet calculated	CVE-2022-22205 CONFIRM
juniper_networks — junos_os	An Incorrect Comparison vulnerability in PFE of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS). On QFX5000 Series, and EX4600 and EX4650 platforms, the fxpc process will crash followed by the FPC reboot upon receipt of a specific hostbound packet. Continued receipt of these specific packets will create a sustained Denial of Service (DoS) condition. This issue only affects Juniper Networks Junos OS 19.4 version 19.4R3-S4.	2022-07-20	not yet calculated	CVE-2022-22203 CONFIRM
juniper_networks — junos_os_evolved	An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows unauthenticated network based attacker to cause a Denial of Service (DoS). On all Junos Evolved platforms hostbound protocols will be impacted by a high rate of specific hostbound traffic from ports on a PFE. Continued receipt of this amount of traffic will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS Evolved: 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 21.2R1.	2022-07-20	not yet calculated	CVE-2022-22212 CONFIRM
juniper_networks — junos_os	An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the PFE of Juniper Networks Junos OS on PTX Series and QFX10k Series allows an adjacent unauthenticated attacker to gain access to sensitive information. PTX1000 and PTX10000 Series, and QFX10000 Series and PTX5000 Series devices sometimes do not reliably pad Ethernet packets, and thus some packets can contain fragments of system memory or data from previous packets. This issue is also known as ‘Etherleak’ and often detected as CVE-2003-0001. This issue affects: Juniper Networks Junos OS on PTX1000 and PTX10000 Series: All versions prior to 18.4R3-S11; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R2-S5, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2. Juniper Networks Junos OS on QFX10000 Series and PTX5000 Series: All versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R2-S6, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2.	2022-07-20	not yet calculated	CVE-2022-22216 CONFIRM
juniper_networks — junos_os	An Improper Neutralization of Special Elements vulnerability in the download manager of Juniper Networks Junos OS on SRX Series and EX Series allows a locally authenticated attacker with low privileges to take full control over the device. One aspect of this vulnerability is that the attacker needs to be able to execute any of the “request …” or “show system download …” commands. This issue affects Juniper Networks Junos OS on SRX Series and EX Series: All versions prior to 19.2R1-S9, 19.2R3-S5; 19.3 versions prior to 19.3R3-S6; 19.4 versions prior to 19.4R3-S8; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2, 20.4R3-S3; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R2-S2, 21.2R3; 21.3 versions prior to 21.3R2, 21.3R3; 21.4 versions prior to 21.4R1-S1, 21.4R2.	2022-07-20	not yet calculated	CVE-2022-22221 CONFIRM
juniper_networks — junos_os	An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS). The issue is caused by malformed MLD packets looping on a multi-homed Ethernet Segment Identifier (ESI) when VXLAN is configured. These MLD packets received on a multi-homed ESI are sent to the peer, and then incorrectly forwarded out the same ESI, violating the split horizon rule. This issue only affects QFX10K Series switches, including the QFX10002, QFX10008, and QFX10016. Other products and platforms are unaffected by this vulnerability. This issue affects Juniper Networks Junos OS on QFX10K Series: All versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R1-S9, 19.2R3-S5; 19.3 versions prior to 19.3R3-S6; 19.4 versions prior to 19.4R2-S7, 19.4R3-S8; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2-S1, 21.2R3; 21.3 versions prior to 21.3R2.	2022-07-20	not yet calculated	CVE-2022-22217 CONFIRM
juniper_networks — multiple_products	A Missing Release of File Descriptor or Handle after Effective Lifetime vulnerability in plugable authentication module (PAM) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). It is possible that after the termination of a gRPC connection the respective/var/run/<pid>.env file is not getting deleted which if occurring repeatedly can cause inode exhaustion. Inode exhaustion can present itself in two different ways: 1. The following log message can be observed: host kernel: pid <pid> (<process>), uid <uid> inumber <number> on /.mount/var: out of inodes which by itself is a clear indication. 2. The following log message can be observed: host <process>[<pid>]: … : No space left on device which is not deterministic and just a representation of a write error which could have several reasons. So the following check needs to be done: user@host> show system storage no-forwarding Filesystem Size Used Avail Capacity Mounted on /dev/ada1p1 475M 300M 137M 69% /.mount/var which indicates that the write error is not actually due to a lack of disk space. If either 1. or 2. has been confirmed, then the output of: user@host> file list /var/run/*.env \| count need to be checked and if it indicates a high (>10000) number of files the system has been affected by this issue. This issue affects: Juniper Networks Junos OS All versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S6, 19.4R3-S7; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-EVO; 21.1 versions prior to 21.1R3-S1-EVO; 21.2 versions prior to 21.2R1-S1-EVO, 21.2R2-EVO.	2022-07-20	not yet calculated	CVE-2022-22215 CONFIRM
juniper_networks — multiple_products	A vulnerability in Handling of Undefined Values in the routing protocol daemon (RPD) process of Juniper Networks Junos OS and Junos OS Evolved may allow an unauthenticated network-based attacker to crash the RPD process by sending a specific BGP update while the system is under heavy load, leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Malicious exploitation of this issue requires a very specific combination of load, timing, and configuration of the vulnerable system which is beyond the direct control of the attacker. Internal reproduction has only been possible through artificially created load and specially instrumented source code. Systems are only vulnerable to this issue if BGP multipath is enabled. Routers not configured for BGP multipath are not vulnerable to this issue. This issue affects: Juniper Networks Junos OS: 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R2-S2, 21.2R3; 21.3 versions prior to 21.3R2, 21.3R3; 21.4 versions prior to 21.4R1-S1, 21.4R2. Juniper Networks Junos OS Evolved: 21.1 versions prior to 21.1R3-S1-EVO; 21.2 version 21.2R1-EVO and later versions; 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R1-S1-EVO, 21.4R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 21.1. Juniper Networks Junos OS Evolved versions prior to 21.1-EVO.	2022-07-20	not yet calculated	CVE-2022-22213 CONFIRM
juniper_networks — multiple_products	An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent attacker to cause a PFE crash and thereby a Denial of Service (DoS). An FPC will crash and reboot after receiving a specific transit IPv6 packet over MPLS. Continued receipt of this packet will create a sustained Denial of Service (DoS) condition. This issue does not affect systems configured for IPv4 only. This issue affects: Juniper Networks Junos OS All versions prior to 12.3R12-S21; 15.1 versions prior to 15.1R7-S10; 17.3 versions prior to 17.3R3-S12; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S7, 19.3R3-S4; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-S1-EVO, 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO.	2022-07-20	not yet calculated	CVE-2022-22214 CONFIRM
kentico — kentico	In Kentico before 13.0.66, attackers can achieve Denial of Service via a crafted request to the GetResource handler.	2022-07-18	not yet calculated	CVE-2022-32387 MISC
lemonldap-ng — lemonldap-ng	In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used.	2022-07-18	not yet calculated	CVE-2020-16093 MISC MISC
lemonldap-ng — lemonldap-ng	An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. When using the RESTServer plug-in to operate a REST password validation service (for another LemonLDAP::NG instance, for example) and using the Kerberos authentication method combined with another method with the Combination authentication plug-in, any password will be recognized as valid for an existing user.	2022-07-18	not yet calculated	CVE-2021-40874 MISC
library_management_system — library_management_system	A vulnerability has been found in SourceCodester Library Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file lab.php. The manipulation of the argument Section with the input 1′ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x71716b7171,0x546e4444736b7743575a666d4873746a6450616261527a67627944426946507245664143694c6a4c,0x7162706b71),NULL,NULL,NULL,NULL# leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.	2022-07-20	not yet calculated	CVE-2022-2491 MISC MISC
library_management_system — library_management_system	A vulnerability was found in SourceCodester Library Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /index.php. The manipulation of the argument RollNo with the input admin’ AND (SELECT 2625 FROM (SELECT(SLEEP(5)))MdIL) AND ‘KXmq’=’KXmq&Password=1231312312 leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.	2022-07-20	not yet calculated	CVE-2022-2492 MISC MISC
libtirpc — libtirpc	In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.	2022-07-20	not yet calculated	CVE-2021-46828 MISC
lin-cms-spring-boot — lin-cms-spring-boot	An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the application.	2022-07-21	not yet calculated	CVE-2022-32430 MISC MISC
linux — linux-kernel	io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859	2022-07-22	not yet calculated	CVE-2022-2327 CONFIRM CONFIRM
linux — linux_kernel	When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.	2022-07-18	not yet calculated	CVE-2021-33655 MISC MLIST
linux — linux_kernel	A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault.	2022-07-21	not yet calculated	CVE-2020-36558 MISC MISC
linux — linux_kernel	A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.	2022-07-21	not yet calculated	CVE-2020-36557 MISC MISC
linux — linux_kernel	When setting font with malicious data by ioctl cmd PIO_FONT, kernel will write memory out of bounds.	2022-07-18	not yet calculated	CVE-2021-33656 MISC MISC MLIST
micodus — micodus_mv720_gps_tracker	SMS-based GPS commands can be executed by MiCODUS MV720 GPS tracker without authentication.	2022-07-20	not yet calculated	CVE-2022-2141 CONFIRM
micodus — micodus_mv720_gps_tracker_api_server	The MiCODUS MV720 GPS tracker API server has an authentication mechanism that allows devices to use a hard-coded master password. This may allow an attacker to send SMS commands directly to the GPS tracker as if they were coming from the GPS owner’s mobile number.	2022-07-20	not yet calculated	CVE-2022-2107 CONFIRM
micodus — micodus_mv720_gps_tracker_web_server	The main MiCODUS MV720 GPS tracker web server has an authenticated insecure direct object references vulnerability on endpoint and POST parameter “Device ID,” which accepts arbitrary device IDs.	2022-07-20	not yet calculated	CVE-2022-33944 CONFIRM
micodus — micodus_mv720_gps_tracker_web_server	The main MiCODUS MV720 GPS tracker web server has a reflected cross-site scripting vulnerability that could allow an attacker to gain control by tricking a user into making a request.	2022-07-20	not yet calculated	CVE-2022-2199 CONFIRM
micodus — micodus_mv720_gps_tracker_web_server	The main MiCODUS MV720 GPS tracker web server has an authenticated insecure direct object reference vulnerability on endpoint and parameter device IDs, which accept arbitrary device IDs without further verification.	2022-07-20	not yet calculated	CVE-2022-34150 CONFIRM
microweber — microweber/microweber	Cross-site Scripting (XSS) – Stored in GitHub repository microweber/microweber prior to 1.2.21.	2022-07-22	not yet calculated	CVE-2022-2495 CONFIRM MISC
microweber — microweber/microweber	Cross-site Scripting (XSS) – Reflected in GitHub repository microweber/microweber prior to 1.2.21.	2022-07-22	not yet calculated	CVE-2022-2470 CONFIRM MISC
mitsubishi_electric — iconics_genesis64	Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes.	2022-07-20	not yet calculated	CVE-2022-33320 MISC MISC
mitsubishi_electric — iconics_genesis64	Inclusion of Functionality from Untrusted Control Sphere vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious script codes.	2022-07-20	not yet calculated	CVE-2022-33317 MISC MISC
mitsubishi_electric — iconics_genesis64	Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in ICONICS GENESIS64 versions 10.97 to 10.97.1 allows a remote unauthenticated attacker to access to arbitrary files in the GENESIS64 server and disclose information stored in the files by embedding a malicious URL parameter in the URL of the monitoring screen delivered to the GENESIS64 mobile monitoring application and accessing the monitoring screen.	2022-07-20	not yet calculated	CVE-2022-29834 MISC MISC
mitsubishi_electric — iconics_genesis64	Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious XAML codes.	2022-07-20	not yet calculated	CVE-2022-33316 MISC MISC
mitsubishi_electric — iconics_genesis64	Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows a remote unauthenticated attacker to execute an arbitrary malicious code by sending specially crafted packets to the GENESIS64 server.	2022-07-20	not yet calculated	CVE-2022-33318 MISC MISC
mitsubishi_electric — iconics_genesis64	Out-of-bounds Read vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows a remote unauthenticated attacker to disclose information on memory or cause a Denial of Service (DoS) condition by sending specially crafted packets to the GENESIS64 server.	2022-07-20	not yet calculated	CVE-2022-33319 MISC MISC
mitsubishi_electric — iconics_genesis64	Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious XAML codes.	2022-07-20	not yet calculated	CVE-2022-33315 MISC MISC
monitoringsoft — softguard_web	The export function in SoftGuard Web (SGW) before 5.1.5 allows directory traversal to read an arbitrary local file via export or man.tcl.	2022-07-17	not yet calculated	CVE-2022-31202 MISC
monitoringsoft — softguard_web	SoftGuard Web (SGW) before 5.1.5 allows HTML injection.	2022-07-17	not yet calculated	CVE-2022-31201 MISC
montala resourcespace	In Montala ResourceSpace through 9.8 before r19636, csv_export_results_metadata.php allows attackers to export collection metadata via a non-NULL k value.	2022-07-17	not yet calculated	CVE-2022-31260 MISC MISC
nexans — ftto_gigaswitch	libnx_apl.so on Nexans FTTO GigaSwitch before 6.02N and 7.x before 7.02 implements a Backdoor Account for SSH logins on port 50200 or 50201.	2022-07-17	not yet calculated	CVE-2022-32985 MISC MISC
nginx — njs	Nginx NJS v0.7.4 was discovered to contain a segmentation violation via njs_value_property at njs_value.c.	2022-07-18	not yet calculated	CVE-2022-34027 MISC
nginx — njs	Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h.	2022-07-18	not yet calculated	CVE-2022-34029 MISC
nginx — njs	Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_value_to_number at src/njs_value_conversion.h.	2022-07-18	not yet calculated	CVE-2022-34031 MISC
nginx — njs	Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_djb_hash at src/njs_djb_hash.c.	2022-07-18	not yet calculated	CVE-2022-34030 MISC
nginx — njs	Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_utf8_next at src/njs_utf8.h.	2022-07-18	not yet calculated	CVE-2022-34028 MISC
nginx — njs	Nginx NJS v0.7.5 was discovered to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.c.	2022-07-18	not yet calculated	CVE-2022-34032 MISC
node.js — node.js	Authorization headers are cleared on cross-origin redirect. However, cookie headers which are sensitive headers and are official headers found in the spec, remain uncleared. There are active users using cookie headers in undici. This may lead to accidental leakage of cookie to a 3rd-party site or a malicious attacker who can control the redirection target (ie. an open redirector) to leak the cookie to the 3rd party site. This was patched in v5.7.1. By default, this vulnerability is not exploitable. Do not enable redirections, i.e. `maxRedirections: 0` (the default).	2022-07-21	not yet calculated	CVE-2022-31151 CONFIRM MISC MISC
node.js — node.js	undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate `rn` is a workaround for this issue.	2022-07-19	not yet calculated	CVE-2022-31150 CONFIRM MISC MISC
octobot — octobot	WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled.	2022-07-16	not yet calculated	CVE-2021-36711 MISC MISC MISC MISC MISC MISC
octopus — deploy	In affected versions of Octopus Deploy, there is no logging of changes to artifacts within Octopus Deploy.	2022-07-19	not yet calculated	CVE-2022-30532 MISC
octopus — server	In affected versions of Octopus Server an Insecure Direct Object Reference vulnerability exists where it is possible for a user to download Project Exports from a Project they do not have permissions to access. This vulnerability only impacts projects within the same Space.	2022-07-15	not yet calculated	CVE-2022-1881 MISC
octopus — server	In affected versions of Octopus Server the help sidebar can be customized to include a Cross-Site Scripting payload in the support link.	2022-07-15	not yet calculated	CVE-2022-29890 MISC
oda — open_design_alliance_drawings_sdk	An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. An Out-of-Bounds Read vulnerability exists when reading DWG files in a recovery mode. An attacker can leverage this vulnerability to execute code in the context of the current process.	2022-07-17	not yet calculated	CVE-2022-28808 MISC
oda — open_design_alliance_drawings_sdk	An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. An Out-of-Bounds Read vulnerability exists when reading a DWG file with an invalid vertex number in a recovery mode. An attacker can leverage this vulnerability to execute code in the context of the current process.	2022-07-17	not yet calculated	CVE-2022-28809 MISC
oda — open_design_alliance_drawings_sdk	An issue was discovered in Open Design Alliance Drawings SDK before 2023.2. An Out-of-Bounds Read vulnerability exists when rendering a .dwg file after it’s opened in the recovery mode. An attacker can leverage this vulnerability to execute code in the context of the current process.	2022-07-17	not yet calculated	CVE-2022-28807 MISC
openemr — openemr/openemr	Data Access from Outside Expected Data Manager Component in GitHub repository openemr/openemr prior to 7.0.0.	2022-07-22	not yet calculated	CVE-2022-2493 MISC CONFIRM
openemr — openemr/openemr	Cross-site Scripting (XSS) – Stored in GitHub repository openemr/openemr prior to 7.0.0.	2022-07-22	not yet calculated	CVE-2022-2494 CONFIRM MISC
openzeppelin — openzeppelin-contracts	OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Version 0.2.0 is vulnerable to an error that renders account contracts unusable on live networks. This issue affects all accounts (vanilla and ethereum flavors) in the v0.2.0 release of OpenZeppelin Contracts for Cairo, which are not whitelisted on StarkNet mainnet. Only goerli deployments of v0.2.0 accounts are affected. This faulty behavior is not observed in StarkNet’s testing framework. This bug has been patched in v0.2.1.	2022-07-15	not yet calculated	CVE-2022-31153 MISC MISC MISC CONFIRM MISC MISC
openzeppelin — openzeppelin-contracts	OpenZeppelin Contracts is a library for smart contract development. Versions 4.1.0 until 4.7.1 are vulnerable to the SignatureChecker reverting. `SignatureChecker.isValidSignatureNow` is not expected to revert. However, an incorrect assumption about Solidity 0.8’s `abi.decode` allows some cases to revert, given a target contract that doesn’t implement EIP-1271 as expected. The contracts that may be affected are those that use `SignatureChecker` to check the validity of a signature and handle invalid signatures in a way other than reverting. The issue was patched in version 4.7.1.	2022-07-22	not yet calculated	CVE-2022-31172 CONFIRM MISC
openzeppelin — openzeppelin-contracts	OpenZeppelin Contracts is a library for smart contract development. Versions 4.0.0 until 4.7.1 are vulnerable to ERC165Checker reverting instead of returning `false`. `ERC165Checker.supportsInterface` is designed to always successfully return a boolean, and under no circumstance revert. However, an incorrect assumption about Solidity 0.8’s `abi.decode` allows some cases to revert, given a target contract that doesn’t implement EIP-165 as expected, specifically if it returns a value other than 0 or 1. The contracts that may be affected are those that use `ERC165Checker` to check for support for an interface and then handle the lack of support in a way other than reverting. The issue was patched in version 4.7.1.	2022-07-22	not yet calculated	CVE-2022-31170 CONFIRM MISC
oracle — bi_publisher	Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle BI Publisher accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).	2022-07-19	not yet calculated	CVE-2022-21523 MISC
oracle — communications_billing_and_revenue_management	Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Billing Care). Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. Successful attacks of this vulnerability can result in takeover of Oracle Communications Billing and Revenue Management. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).	2022-07-19	not yet calculated	CVE-2022-21429 MISC
oracle — database	Vulnerability in the Oracle Database – Enterprise Edition RDBMS Security component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having DBA role privilege with network access via Oracle Net to compromise Oracle Database – Enterprise Edition RDBMS Security. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Database – Enterprise Edition RDBMS Security. CVSS 3.1 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L).	2022-07-19	not yet calculated	CVE-2022-21432 MISC
oracle — enterprise_manager_base_platform	Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Manager Install). Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data as well as unauthorized read access to a subset of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).	2022-07-19	not yet calculated	CVE-2022-21516 MISC
oracle — enterprise_manager_base_platform	Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Policy Framework). Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in takeover of Enterprise Manager Base Platform. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).	2022-07-19	not yet calculated	CVE-2022-21536 MISC
oracle — essbase	Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.3. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Essbase executes to compromise Oracle Essbase. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Essbase accessible data as well as unauthorized access to critical data or complete access to all Oracle Essbase accessible data. CVSS 3.1 Base Score 5.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N).	2022-07-19	not yet calculated	CVE-2022-21508 MISC
oracle — flexcube_universal_banking	Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized access to critical data or complete access to all Oracle FLEXCUBE Universal Banking accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Universal Banking. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L).	2022-07-19	not yet calculated	CVE-2022-21428 MISC
oracle — health_sciences_data_management_workbench	Vulnerability in the Oracle Health Sciences Data Management Workbench product of Oracle Health Sciences Applications (component: User Interface). Supported versions that are affected are 2.4.8.7 and 2.5.2.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Health Sciences Data Management Workbench. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Health Sciences Data Management Workbench accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).	2022-07-19	not yet calculated	CVE-2022-21518 MISC
oracle — jd_edwards_enterpriseone_orchestrator	Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards (component: E1 IOT Orchestrator). Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Orchestrator. Successful attacks of this vulnerability can result in unauthorized read access to a subset of JD Edwards EnterpriseOne Orchestrator accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).	2022-07-19	not yet calculated	CVE-2022-21532 MISC
oracle — jd_edwards_enterpriseone_tools	Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime). Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. While the vulnerability is in JD Edwards EnterpriseOne Tools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of JD Edwards EnterpriseOne Tools accessible data as well as unauthorized read access to a subset of JD Edwards EnterpriseOne Tools accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 7.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L).	2022-07-19	not yet calculated	CVE-2022-21542 MISC
oracle — jre	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).	2022-07-19	not yet calculated	CVE-2022-21540 MISC DEBIAN
oracle — jre	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).	2022-07-19	not yet calculated	CVE-2022-21541 MISC DEBIAN
oracle — mysql_cluster	Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Cluster. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21519 MISC
oracle — mysql_server	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).	2022-07-19	not yet calculated	CVE-2022-21528 MISC
oracle — mysql_server	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21526 MISC
oracle — mysql_server	Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21517 MISC
oracle — mysql_server	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21530 MISC
oracle — mysql_server	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21534 MISC
oracle — mysql_server	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21529 MISC
oracle — mysql_server	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21525 MISC
oracle — mysql_server	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).	2022-07-19	not yet calculated	CVE-2022-21527 MISC
oracle — mysql_server	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).	2022-07-19	not yet calculated	CVE-2022-21509 MISC
oracle — mysql_server	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21531 MISC
oracle — mysql_server	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21522 MISC
oracle — mysql_server	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PAM Auth Plugin). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data. CVSS 3.1 Base Score 4.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N).	2022-07-19	not yet calculated	CVE-2022-21455 MISC
oracle — mysql_server	Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21537 MISC
oracle — mysql_server	Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 5.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L).	2022-07-19	not yet calculated	CVE-2022-21539 MISC
oracle — mysql_server	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 5.7.38 and prior and 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21515 MISC
oracle — mysql_server	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L).	2022-07-19	not yet calculated	CVE-2022-21538 MISC
oracle — mysql_shell	Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: General/Core Client). Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Shell. CVSS 3.1 Base Score 2.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).	2022-07-19	not yet calculated	CVE-2022-21535 MISC
oracle — oracle_commerce	Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Commerce Platform executes to compromise Oracle Commerce Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Commerce Platform accessible data. CVSS 3.1 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).	2022-07-19	not yet calculated	CVE-2022-21559 MISC
oracle — oracle_communications_applications	Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager). Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Communications Billing and Revenue Management. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).	2022-07-19	not yet calculated	CVE-2022-21574 MISC
oracle — oracle_communications_applications	Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Billing Care). Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Communications Billing and Revenue Management, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Communications Billing and Revenue Management accessible data as well as unauthorized read access to a subset of Oracle Communications Billing and Revenue Management accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).	2022-07-19	not yet calculated	CVE-2022-21572 MISC
oracle — oracle_communications_applications	Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Billing Care). Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Communications Billing and Revenue Management. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21573 MISC
oracle — oracle_construction_and_engineering	Vulnerability in the Oracle Crystal Ball product of Oracle Construction and Engineering (component: Installation). Supported versions that are affected are 11.1.2.0.000-11.1.2.4.900. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Crystal Ball executes to compromise Oracle Crystal Ball. While the vulnerability is in Oracle Crystal Ball, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle Crystal Ball. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H).	2022-07-19	not yet calculated	CVE-2022-21558 MISC MISC
oracle — oracle_database_server	Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java VM accessible data. CVSS 3.1 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N).	2022-07-19	not yet calculated	CVE-2022-21565 MISC
oracle — oracle_database_server	Vulnerability in the Oracle Database – Enterprise Edition Recovery component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows high privileged attacker having EXECUTE ON DBMS_IR.EXECUTESQLSCRIPT privilege with network access via Oracle Net to compromise Oracle Database – Enterprise Edition Recovery. Successful attacks of this vulnerability can result in takeover of Oracle Database – Enterprise Edition Recovery. Note: None of the supported versions are affected. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).	2022-07-19	not yet calculated	CVE-2022-21511 MISC
oracle — oracle_database_server	Vulnerability in the Oracle Database – Enterprise Edition Sharding component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Oracle Database – Enterprise Edition Sharding executes to compromise Oracle Database – Enterprise Edition Sharding. While the vulnerability is in Oracle Database – Enterprise Edition Sharding, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle Database – Enterprise Edition Sharding. Note: None of the supported versions are affected. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).	2022-07-19	not yet calculated	CVE-2022-21510 MISC
oracle — oracle_e-business_suite	Vulnerability in the Oracle iRecruitment product of Oracle E-Business Suite (component: Candidate Self Service Registration). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iRecruitment. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle iRecruitment accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).	2022-07-19	not yet calculated	CVE-2022-21545 MISC
oracle — oracle_e-business_suite	Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Worklist). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Workflow. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Workflow accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).	2022-07-19	not yet calculated	CVE-2022-21567 MISC
oracle — oracle_e-business_suite	Vulnerability in the Oracle iReceivables product of Oracle E-Business Suite (component: Access Request). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iReceivables. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iReceivables accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).	2022-07-19	not yet calculated	CVE-2022-21568 MISC
oracle — oracle_e-business_suite	Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Diagnostics). Supported versions that are affected are 12.2.9-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Applications Framework accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).	2022-07-19	not yet calculated	CVE-2022-21566 MISC
oracle — oracle_financial_services_applications	Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized access to critical data or complete access to all Oracle FLEXCUBE Universal Banking accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N).	2022-07-19	not yet calculated	CVE-2022-21577 MISC
oracle — oracle_financial_services_applications	Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized access to critical data or complete access to all Oracle FLEXCUBE Universal Banking accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N).	2022-07-19	not yet calculated	CVE-2022-21579 MISC
oracle — oracle_financial_services_applications	Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle FLEXCUBE Universal Banking. CVSS 3.1 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H).	2022-07-19	not yet calculated	CVE-2022-21544 MISC
oracle — oracle_financial_services_applications	Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Banking Trade Finance. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L).	2022-07-19	not yet calculated	CVE-2022-21585 MISC
oracle — oracle_financial_services_applications	Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N).	2022-07-19	not yet calculated	CVE-2022-21584 MISC
oracle — oracle_financial_services_applications	Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.3, 12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized update, insert or delete access to some of Oracle FLEXCUBE Universal Banking accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Universal Banking. CVSS 3.1 Base Score 6.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L).	2022-07-19	not yet calculated	CVE-2022-21576 MISC
oracle — oracle_financial_services_applications	Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized access to critical data or complete access to all Oracle FLEXCUBE Universal Banking accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Universal Banking. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L).	2022-07-19	not yet calculated	CVE-2022-21578 MISC
oracle — oracle_financial_services_applications	Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 2.9.0.0.0, 2.9.0.1.0, 3.0.0.0.0-3.2.0.0.0 and 4.0.0.0.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Revenue Management and Billing. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Financial Services Revenue Management and Billing accessible data as well as unauthorized update, insert or delete access to some of Oracle Financial Services Revenue Management and Billing accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Financial Services Revenue Management and Billing. CVSS 3.1 Base Score 5.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L).	2022-07-19	not yet calculated	CVE-2022-21580 MISC
oracle — oracle_financial_services_applications	Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized read access to a subset of Oracle Banking Trade Finance accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Banking Trade Finance. CVSS 3.1 Base Score 5.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:L).	2022-07-19	not yet calculated	CVE-2022-21581 MISC
oracle — oracle_financial_services_applications	Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N).	2022-07-19	not yet calculated	CVE-2022-21586 MISC
oracle — oracle_financial_services_applications	Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Banking Trade Finance. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L).	2022-07-19	not yet calculated	CVE-2022-21582 MISC
oracle — oracle_financial_services_applications	Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data as well as unauthorized update, insert or delete access to some of Oracle Banking Trade Finance accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Banking Trade Finance. CVSS 3.1 Base Score 6.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L).	2022-07-19	not yet calculated	CVE-2022-21583 MISC
oracle — oracle_fusion_middleware	Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).	2022-07-19	not yet calculated	CVE-2022-21564 MISC
oracle — oracle_fusion_middleware	Vulnerability in the Oracle SOA Suite product of Oracle Fusion Middleware (component: Fabric Layer). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SOA Suite. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle SOA Suite accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).	2022-07-19	not yet calculated	CVE-2022-21562 MISC
oracle — oracle_fusion_middleware	Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle WebLogic Server executes to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebLogic Server accessible data as well as unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 5.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N).	2022-07-19	not yet calculated	CVE-2022-21557 MISC
oracle — oracle_fusion_middleware	Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).	2022-07-19	not yet calculated	CVE-2022-21560 MISC
oracle — oracle_fusion_middleware	Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 3.7.1.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle Coherence. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Coherence. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21570 MISC
oracle — oracle_fusion_middleware	Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. CVSS 3.1 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L).	2022-07-19	not yet calculated	CVE-2022-21548 MISC
oracle — oracle_fusion_middleware	Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Search). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. While the vulnerability is in Oracle WebCenter Content, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebCenter Content accessible data as well as unauthorized read access to a subset of Oracle WebCenter Content accessible data. CVSS 3.1 Base Score 7.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N).	2022-07-19	not yet calculated	CVE-2022-21552 MISC
oracle — oracle_fusion_middleware	Vulnerability in the Oracle WebCenter Sites Support Tools product of Oracle Fusion Middleware (component: User Interface). The supported version that is affected is Prior to 4.4.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebCenter Sites Support Tools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Sites Support Tools accessible data as well as unauthorized update, insert or delete access to some of Oracle WebCenter Sites Support Tools accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebCenter Sites Support Tools. CVSS 3.1 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L).	2022-07-19	not yet calculated	CVE-2022-21575 MISC
oracle — oracle_goldengate	Vulnerability in Oracle GoldenGate (component: Oracle GoldenGate). The supported version that is affected is 21c: prior to 21.7.0.0.0; 19c: prior to 19.1.0.0.220719. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle GoldenGate. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle GoldenGate. CVSS 3.1 Base Score 6.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).	2022-07-19	not yet calculated	CVE-2022-21551 MISC
oracle — oracle_java_se	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle GraalVM Enterprise Edition: 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).	2022-07-19	not yet calculated	CVE-2022-21549 MISC
oracle — oracle_jd_edwards	Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime). Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all JD Edwards EnterpriseOne Tools accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).	2022-07-19	not yet calculated	CVE-2022-21561 MISC
oracle — oracle_mysql	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21553 MISC
oracle — oracle_mysql	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).	2022-07-19	not yet calculated	CVE-2022-21556 MISC
oracle — oracle_mysql	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Federated). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21547 MISC
oracle — oracle_mysql	Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.36 and prior, 7.5.26 and prior, 7.6.22 and prior and and 8.0.29 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).	2022-07-19	not yet calculated	CVE-2022-21550 MISC
oracle — oracle_mysql	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21569 MISC
oracle — oracle_systems	Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ZFS Storage Appliance Kit executes to compromise Oracle ZFS Storage Appliance Kit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle ZFS Storage Appliance Kit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle ZFS Storage Appliance Kit. CVSS 3.1 Base Score 3.4 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L).	2022-07-19	not yet calculated	CVE-2022-21563 MISC
oracle — oracle_virtualization	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.36. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).	2022-07-19	not yet calculated	CVE-2022-21571 MISC
oracle — oracle_virtualization	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.36. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21554 MISC
oracle — peoplesoft_enterprise_peopletools	Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Fluid Core). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).	2022-07-19	not yet calculated	CVE-2022-21520 MISC
oracle — peoplesoft_enterprise_peopletools	Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: XML Publisher). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).	2022-07-19	not yet calculated	CVE-2022-21521 MISC
oracle — peoplesoft_enterprise_peopletools	Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Integration Broker). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where PeopleSoft Enterprise PeopleTools executes to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 4.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).	2022-07-19	not yet calculated	CVE-2022-21512 MISC
oracle — peoplesoft_enterprise_peopletools	Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Mgmt). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).	2022-07-19	not yet calculated	CVE-2022-21543 MISC
oracle — solaris	Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 4.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21439 MISC
oracle — solaris	Vulnerability in the Oracle Solaris product of Oracle Systems (component: SMB Server). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21533 MISC
oracle — solaris	Vulnerability in the Oracle Solaris product of Oracle Systems (component: Remote Administration Daemon). The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).	2022-07-19	not yet calculated	CVE-2022-21514 MISC
oracle — solaris	Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with network access via SMB to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris as well as unauthorized update, insert or delete access to some of Oracle Solaris accessible data and unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.1 Base Score 7.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H).	2022-07-19	not yet calculated	CVE-2022-21524 MISC
oracle — zfs_storage_appliance_kit	Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ZFS Storage Appliance Kit executes to compromise Oracle ZFS Storage Appliance Kit. While the vulnerability is in Oracle ZFS Storage Appliance Kit, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle ZFS Storage Appliance Kit. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).	2022-07-19	not yet calculated	CVE-2022-21513 MISC
oracle — oracle_mysql	Vulnerability in the MySQL Shell for VS Code product of Oracle MySQL (component: Shell: GUI). Supported versions that are affected are 1.1.8 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Shell for VS Code executes to compromise MySQL Shell for VS Code. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Shell for VS Code, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Shell for VS Code accessible data as well as unauthorized read access to a subset of MySQL Shell for VS Code accessible data. CVSS 3.1 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N).	2022-07-19	not yet calculated	CVE-2022-21555 MISC
packback — lti_1.3_tool_library	LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the function used to generate random nonces was not sufficiently cryptographically complex. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds.	2022-07-15	not yet calculated	CVE-2022-31157 CONFIRM
packback — lti_1.3_tool_library	LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the Nonce Claim Value was not being validated against the nonce value sent in the Authentication Request. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds.	2022-07-15	not yet calculated	CVE-2022-31158 CONFIRM
parallels — access	This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Parallels service. By creating a symbolic link, an attacker can abuse the service to execute a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16134.	2022-07-18	not yet calculated	CVE-2022-34899 MISC MISC
parallels — access	This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.3 (39313) Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Dispatcher service. The service loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-15213.	2022-07-18	not yet calculated	CVE-2022-34900 MISC MISC
parallels — access	This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Parallels Service. The service executes files from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16137.	2022-07-18	not yet calculated	CVE-2022-34901 MISC MISC
parallels — access	This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Desktop Control Agent service. The service loads Qt plugins from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-15787.	2022-07-18	not yet calculated	CVE-2022-34902 MISC MISC
parallels — parallels_desktop	This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.0 (49183). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Parallels Service. By creating a symbolic link, an attacker can abuse the service to execute a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-13932.	2022-07-15	not yet calculated	CVE-2021-34986 N/A N/A
parallels — parallels_desktop	This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.1 (49187). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the HDAudio virtual device. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-14969.	2022-07-15	not yet calculated	CVE-2021-34987 N/A N/A
parallels — parallels_desktop	This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 17.1.1 (51537). An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Parallels Tools component. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-16653.	2022-07-18	not yet calculated	CVE-2022-34890 MISC MISC
parallels — parallels_desktop	This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the update machanism. The product sets incorrect permissions on sensitive files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16395.	2022-07-18	not yet calculated	CVE-2022-34891 MISC MISC
parallels — parallels_desktop	This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the update machanism. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16396.	2022-07-18	not yet calculated	CVE-2022-34892 MISC MISC
parallels — parallels_desktop	This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 17.1.1 (51537). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the ACPI virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-16554.	2022-07-18	not yet calculated	CVE-2022-34889 MISC MISC
pegasystems — pega_infinity	If an on-premise installation of the Pega Platform is configured with the port for the JMX interface exposed to the Internet and port filtering is not properly configured, then it may be possible to upload serialized payloads to attack the underlying system. This does not affect systems running on PegaCloud due to its design and architecture.	2022-07-19	not yet calculated	CVE-2022-24082 MISC
pexip — pexip_infinity	Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719.	2022-07-17	not yet calculated	CVE-2022-32263 MISC
pexip — pexip_infinity_27	Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption and termination because of registrar resource mishandling.	2022-07-17	not yet calculated	CVE-2022-29286 MISC
poly — eagleeye_director_ii_firmware	An issue was discovered in Poly EagleEye Director II before 2.2.2.1. os.system command injection can be achieved by an admin.	2022-07-17	not yet calculated	CVE-2022-26482 MISC MISC MISC
poly — eagleeye_director_ii_firmware	An issue was discovered in Poly EagleEye Director II before 2.2.2.1. Existence of a certain file (which can be created via an rsync backdoor) causes all API calls to execute as admin without authentication.	2022-07-17	not yet calculated	CVE-2022-26479 MISC MISC MISC
poly — studio_x30_firmware	An issue was discovered in Poly Studio before 3.7.0. Command Injection can occur via the CN field of a Create Certificate Signing Request (CSR) action.	2022-07-17	not yet calculated	CVE-2022-26481 MISC MISC
prestashop — prestashop	PrestaShop 1.6.0.10 through 1.7.x before 1.7.8.2 allows remote attackers to execute arbitrary code, aka a “previously unknown vulnerability chain” related to SQL injection, as exploited in the wild in July 2022.	2022-07-22	not yet calculated	CVE-2022-36408 MISC
puppet — bolt	Puppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting in them potentially being logged when run programmatically, such as via Puppet Enterprise.	2022-07-19	not yet calculated	CVE-2022-2394 MISC
pypi — pypi	The eziod package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party.	2022-07-22	not yet calculated	CVE-2022-34982 MISC MISC MISC
pypi — pypi	The scu-captcha package in PyPI v0.0.1 to v0.0.4 included a code execution backdoor inserted by a third party.	2022-07-22	not yet calculated	CVE-2022-34983 MISC MISC MISC
pypi — pypi	The PyCrowdTangle package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party.	2022-07-22	not yet calculated	CVE-2022-34981 MISC MISC MISC
pypi — pypi	The bin-collect package in PyPI before v0.1 included a code execution backdoor inserted by a third party.	2022-07-22	not yet calculated	CVE-2022-34500 MISC MISC MISC
pypi — pypi	The bin-collection package in PyPI before v0.1 included a code execution backdoor inserted by a third party.	2022-07-22	not yet calculated	CVE-2022-34501 MISC MISC MISC
pypi — pypi	The wikifaces package in PyPI v1.0 included a code execution backdoor inserted by a third party.	2022-07-22	not yet calculated	CVE-2022-34509 MISC MISC MISC
qpdf — qpdf	QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.	2022-07-22	not yet calculated	CVE-2022-34503 MISC
qvis — qvis_nvr_dvr	In QVIS NVR DVR before 2021-12-13, an attacker can escalate privileges from a qvisdvr user to the root user by abusing a Sudo misconfiguration.	2022-07-18	not yet calculated	CVE-2021-44954 MISC MISC
qvis — qvis_nvr_dvr	QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization.	2022-07-18	not yet calculated	CVE-2021-41419 MISC MISC MISC
radare — radare	Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary file.	2022-07-22	not yet calculated	CVE-2022-34502 MISC
radare — radare	Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service (DOS) via a crafted binary file.	2022-07-22	not yet calculated	CVE-2022-34520 MISC
redis — redis	Redis is an in-memory database that persists on disk. A specially crafted `XAUTOCLAIM` command on a stream key in a specific state may result with heap overflow, and potentially remote code execution. This problem affects versions on the 7.x branch prior to 7.0.4. The patch is released in version 7.0.4.	2022-07-19	not yet calculated	CVE-2022-31144 MISC CONFIRM
reolink — e1_zoom_firmware	The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/ directory that is mapped to a publicly accessible path. In this way an attacker can download the entire NGINX/FastCGI configurations by querying the /conf/nginx.conf or /conf/fastcgi.conf URI.	2022-07-17	not yet calculated	CVE-2021-40150 MISC
reolink — reolink_e1_zoom_camera	The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root web server directory. In this way an attacker can download the entire key via the /self.key URI.	2022-07-17	not yet calculated	CVE-2021-40149 MISC MISC MISC
risc-v — risc-v_isa_sim	The component mcontrol.action in RISCV ISA Sim commit ac466a21df442c59962589ba296c702631e041b5 contains the incorrect mask which can cause a Denial of Service (DoS).	2022-07-18	not yet calculated	CVE-2022-34642 MISC
risc-v — risc-v_isa_sim	RISCV ISA Sim commit ac466a21df442c59962589ba296c702631e041b5 implements the incorrect exception priotrity when accessing memory.	2022-07-18	not yet calculated	CVE-2022-34643 MISC
roblox — roblox	Tovy is a a staff management system for Roblox groups. A vulnerability in versions prior to 0.7.51 allows users to log in as other users, including privileged users such as the other of the instance. The problem has been patched in version 0.7.51.	2022-07-22	not yet calculated	CVE-2022-31164 MISC CONFIRM
roxy-wi — roxy-wi	Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for this issue.	2022-07-15	not yet calculated	CVE-2022-31161 CONFIRM MISC
ruby — ruby	TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, as well as those prior to 1.2.10 when used with the Ruby data source tzinfo-data, are vulnerable to relative path traversal. With the Ruby data source, time zones are defined in Ruby files. There is one file per time zone. Time zone files are loaded with `require` on demand. In the affected versions, `TZInfo::Timezone.get` fails to validate time zone identifiers correctly, allowing a new line character within the identifier. With Ruby version 1.9.3 and later, `TZInfo::Timezone.get` can be made to load unintended files with `require`, executing them within the Ruby process. Versions 0.3.61 and 1.2.10 include fixes to correctly validate time zone identifiers. Versions 2.0.0 and later are not vulnerable. Version 0.3.61 can still load arbitrary files from the Ruby load path if their name follows the rules for a valid time zone identifier and the file has a prefix of `tzinfo/definition` within a directory in the load path. Applications should ensure that untrusted files are not placed in a directory on the load path. As a workaround, the time zone identifier can be validated before passing to `TZInfo::Timezone.get` by ensuring it matches the regular expression `A[A-Za-z0-9+-_]+(?:/[A-Za-z0-9+-_]+)*z`.	2022-07-22	not yet calculated	CVE-2022-31163 MISC CONFIRM MISC MISC
rust — rust	Slack Morphism is an async client library for Rust. Prior to 0.41.0, it was possible for Slack OAuth client information to leak in application debug logs. Stricter and more secure debug formatting was introduced in v0.41.0 for OAuth secret types to reduce the possibility of printing sensitive information in application logs. As a workaround, do not print/output requests and responses for OAuth and client configurations in logs.	2022-07-22	not yet calculated	CVE-2022-31162 CONFIRM MISC
scooter — beyond_compare	A DLL hijacking vulnerability exists in the uninstaller in Scooter Beyond Compare 1.8a through 4.4.2 before 4.4.3 when installed via the EXE installer. The uninstaller attempts to load DLLs out of a Windows Temp folder. If a standard user places malicious DLLs in the C:WindowsTemp folder, and then the uninstaller is run as SYSTEM, the DLLs will execute with elevated privileges.	2022-07-23	not yet calculated	CVE-2022-36415 MISC
scooter — beyond_compare	There is an elevation of privilege breakout vulnerability in the Windows EXE installer in Scooter Beyond Compare 4.2.0 through 4.4.2 before 4.4.3. Affected versions allow a logged-in user to run applications with elevated privileges via the Clipboard Compare tray app after installation.	2022-07-23	not yet calculated	CVE-2022-36414 MISC
shanghai_feixun_data_communication_technology_co — ltd_router_fir302b_a2	Shanghai Feixun Data Communication Technology Co., Ltd router fir302b A2 was discovered to contain a remote command execution (RCE) vulnerability via the Ping function.	2022-07-19	not yet calculated	CVE-2022-27373 MISC
sick — flexi_soft_designer	A deserialization vulnerability in a .NET framework class used and not properly checked by Flexi Soft Designer in all versions up to and including 1.9.4 SP1 allows an attacker to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary code with the privileges of the current user when opened or imported by the Flexi Soft Designer. This compromises confidentiality integrity and availability. For the attack to succeed a user must manually open a malicious project file.	2022-07-19	not yet calculated	CVE-2022-27579 MISC
sick — safety_designer	A deserialization vulnerability in a .NET framework class used and not properly checked by Safety Designer all versions up to and including 1.11.0 allows an attacker to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary code with the privileges of the current user when opened or imported by the Safety Designer. This compromises confidentiality integrity and availability. For the attack to succeed a user must manually open a malicious project file.	2022-07-19	not yet calculated	CVE-2022-27580 MISC
sick_sensor_intelligence — sick_ftmg	Unauthenticated users can access sensitive web URLs through GET request, which should be restricted to maintenance users only. A malicious attacker could use this sensitive information’s to launch further attacks on the system.	2022-07-19	not yet calculated	CVE-2021-32504 MISC
simple_e-learning_system — simple_e-learning_system	A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1’\|\|(SELECT 0x6770715a WHERE 8795=8795 AND (SELECT 8342 FROM(SELECT COUNT(),CONCAT(0x7171786b71,(SELECT (ELT(8342=8342,1))),0x717a7a7671,FLOOR(RAND(0)2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a))\|\|’ leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.	2022-07-20	not yet calculated	CVE-2022-2489 MISC MISC
simple_e-learning_system — simple_e-learning_system	A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument classCode with the input 1’\|\|(SELECT 0x74666264 WHERE 5610=5610 AND (SELECT 7504 FROM(SELECT COUNT(),CONCAT(0x7171627a71,(SELECT (ELT(7504=7504,1))),0x71717a7071,FLOOR(RAND(0)2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a))\|\|’ leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.	2022-07-20	not yet calculated	CVE-2022-2490 MISC MISC
snyk — convert-svg-core	The package convert-svg-core before 0.6.2 are vulnerable to Remote Code Injection via sending an SVG file containing the payload.	2022-07-22	not yet calculated	CVE-2022-25759 CONFIRM CONFIRM CONFIRM CONFIRM
squid — squid	In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.	2022-07-17	not yet calculated	CVE-2021-46784 MISC CONFIRM MISC MISC MISC
supersmart — supersmart.me	It was possible to download all receipts without authentication. Must first access the API https://XXXX.supersmart.me/services/v4/customer/signin to get a TOKEN. Then you can then access the API that provides invoice images based on the URL https://XXXX.supersmart.me/services/v4/invoiceImg?orderId=XXXXX	2022-07-21	not yet calculated	CVE-2022-30628 MISC
suse — tumbleweed	A UNIX Symbolic Link (Symlink) Following vulnerability in keylime of openSUSE Tumbleweed allows local attackers to escalate from the keylime user to root. This issue affects: openSUSE Tumbleweed keylime versions prior to 6.4.2-1.1.	2022-07-20	not yet calculated	CVE-2022-31250 CONFIRM
teamplus_pro — teamplus_pro	A remote attacker with general user privilege can send a message to Teamplus Pro’s chat group that exceeds message size limit, to terminate other recipients’ Teamplus Pro chat process.	2022-07-20	not yet calculated	CVE-2022-32958 CONFIRM
terser — terser	The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions.	2022-07-15	not yet calculated	CVE-2022-25858 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM
tibco — tibco_data_virtualization_and_tibco_data_virtualization_for_aws_marketplace	The Column Based Security component of TIBCO Software Inc.’s TIBCO Data Virtualization and TIBCO Data Virtualization for AWS Marketplace contains an easily exploitable vulnerability that allows a low privileged attacker with network access to obtain read access to application information on the affected system. Affected releases are TIBCO Software Inc.’s TIBCO Data Virtualization: versions 8.5.2 and below and TIBCO Data Virtualization for AWS Marketplace: versions 8.5.2 and below.	2022-07-19	not yet calculated	CVE-2022-30570 CONFIRM CONFIRM
tor — tor	Tor 0.4.7.x before 0.4.7.8 allows a denial of service via the wedging of RTT estimation.	2022-07-17	not yet calculated	CVE-2022-33903 MISC MISC
unit4 — enterprise_resource_planning_software	Unit4 ERP through 7.9 allows XXE via ExecuteServerProcessAsynchronously.	2022-07-19	not yet calculated	CVE-2022-34001 MISC
unit4_teta — unit4_teta_mobile_edition	UNIT4 TETA Mobile Edition (ME) before 29.5.HF17 was discovered to contain a SQL injection vulnerability via the ProfileName parameter in the errorReporting page.	2022-07-18	not yet calculated	CVE-2022-27434 MISC MISC
vesta — vesta	Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the post function at /web/api/v1/upload/UploadHandler.php.	2022-07-19	not yet calculated	CVE-2022-34025 MISC
vesta — vesta	Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the generate_response function at /web/api/v1/upload/UploadHandler.php.	2022-07-19	not yet calculated	CVE-2022-36304 MISC
vesta — vesta	Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the handle_file_upload function at /web/api/v1/upload/UploadHandler.php.	2022-07-19	not yet calculated	CVE-2022-36303 MISC
vesta — vesta	Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the body function at /web/api/v1/upload/UploadHandler.php.	2022-07-19	not yet calculated	CVE-2022-36305 MISC
wavlink — multiple_products	A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlist_sync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used.	2022-07-20	not yet calculated	CVE-2022-2488 MISC MISC
wavlink — multiple_products	A vulnerability has been found in WAVLINK WN535K2 and WN535K3 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/nightled.cgi. The manipulation of the argument start_hour leads to os command injection. The exploit has been disclosed to the public and may be used.	2022-07-20	not yet calculated	CVE-2022-2487 MISC MISC
wavlink — multiple_products	A vulnerability, which was classified as critical, was found in WAVLINK WN535K2 and WN535K3. This affects an unknown part of the file /cgi-bin/mesh.cgi?page=upgrade. The manipulation of the argument key leads to os command injection. The exploit has been disclosed to the public and may be used.	2022-07-20	not yet calculated	CVE-2022-2486 MISC MISC
wavlink — wavlink	Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etc_ro/lighttpd/www/cgi-bin/ExportAllSettings.sh.	2022-07-20	not yet calculated	CVE-2022-34045 MISC
wavlink — wavlink	An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers to download log files and configuration data.	2022-07-20	not yet calculated	CVE-2022-34049 MISC MISC
wavlink — wavlink	An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);].	2022-07-20	not yet calculated	CVE-2022-34046 MISC
wavlink — wavlink	An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd].	2022-07-20	not yet calculated	CVE-2022-34047 MISC
wavlink — wavlink	Wavlink WN533A8 M33A8.V5030.190716 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the login_page parameter.	2022-07-20	not yet calculated	CVE-2022-34048 MISC MISC
wavpack — wavpack	A null pointer dereference bug was found in wavpack-5.4.0 The results from the ASAN log: AddressSanitizer:DEADLYSIGNAL ===================================================================84257==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x561b47a970c6 bp 0x7fff13952fb0 sp 0x7fff1394fca0 T0) ==84257==The signal is caused by a WRITE memory access. ==84257==Hint: address points to the zero page. #0 0x561b47a970c5 in main cli/wvunpack.c:834 #1 0x7efc4f5c0082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) #2 0x561b47a945ed in _start (/usr/local/bin/wvunpack+0xa5ed) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV cli/wvunpack.c:834 in main ==84257==ABORTING	2022-07-19	not yet calculated	CVE-2022-2476 MISC
windows — showmypc_3606	ShowMyPC 3606 on Windows suffers from a DLL hijack vulnerability. If an attacker overwrites the file %temp%ShowMyPC-ShowMyPC3606wodVPN.dll, it will run any malicious code contained in that file. The code will run with normal user privileges unless the user specifically runs ShowMyPC as administrator.	2022-07-18	not yet calculated	CVE-2021-42923 MISC MISC
withsecure — multiple_products	A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed APK file it is possible that can crash the scanning engine.	2022-07-22	not yet calculated	CVE-2022-28878 MISC MISC
withsecure — multiple_products	This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure & WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to successful exploitation.	2022-07-21	not yet calculated	CVE-2022-28877 MISC MISC
withsecure — multiple_products	A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aepack.dll component can crash the scanning engine.	2022-07-22	not yet calculated	CVE-2022-28879 MISC MISC
wordpress — wordpress	Multiple Authenticated (contributor or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress.	2022-07-22	not yet calculated	CVE-2022-34853 CONFIRM CONFIRM
wordpress — wordpress	Authenticated Stored Cross-Site Scripting (XSS) vulnerability in Florent Maillefaud’s WP Maintenance plugin <= 6.0.7 at WordPress.	2022-07-21	not yet calculated	CVE-2022-30536 CONFIRM CONFIRM
wordpress — wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Sygnoos Popup Builder plugin <= 4.1.0 at WordPress leading to popup status change.	2022-07-21	not yet calculated	CVE-2022-32289 CONFIRM CONFIRM
wordpress — wordpress	Authentication Bypass vulnerability in CodexShaper’s WP OAuth2 Server plugin <= 1.0.1 at WordPress.	2022-07-22	not yet calculated	CVE-2022-34839 CONFIRM CONFIRM
wordpress — wordpress	Cross-Site Request Forgery (CSRF) vulnerability in JoomUnited WP Meta SEO plugin <= 4.4.8 at WordPress allows an attacker to update the social settings.	2022-07-21	not yet calculated	CVE-2022-30337 CONFIRM CONFIRM
wordpress — wordpress	Authenticated Arbitrary File Creation via Export function vulnerability in GiveWP’s GiveWP plugin <= 2.20.2 at WordPress.	2022-07-21	not yet calculated	CVE-2022-28700 CONFIRM CONFIRM
wordpress — wordpress	The Button Widget Smartsoft plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing nonce validation on the smartsoftbutton_settings page. This makes it possible for unauthenticated attackers to update the plugins settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.	2022-07-18	not yet calculated	CVE-2022-1912 MISC MISC
wordpress — wordpress	The GiveWP plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions up to, and including, 2.20.2 via the /donor-wall REST-API endpoint which provides unauthenticated users with donor information even when the donor wall is not enabled. This functionality has been completely removed in version 2.20.2.	2022-07-18	not yet calculated	CVE-2022-2117 MISC MISC
wordpress — wordpress	Cross-Site Request Forgery (CSRF) vulnerability in WordPlus Better Messages plugin <= 1.9.9.148 at WordPress allows attackers to upload files. File attachment to messages must be activated.	2022-07-20	not yet calculated	CVE-2022-29454 CONFIRM CONFIRM
wordpress — wordpress	Broken Access Control vulnerability in YIKES Inc. Custom Product Tabs for WooCommerce plugin <= 1.7.7 at WordPress leading to &yikes-the-content-toggle option update.	2022-07-21	not yet calculated	CVE-2022-28666 CONFIRM CONFIRM
wordpress — wordpress	Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in René Hermenau’s Social Media Share Buttons plugin <= 3.8.1 at WordPress.	2022-07-20	not yet calculated	CVE-2021-36849 CONFIRM CONFIRM
wordpress — wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Sygnoos Popup Builder plugin <= 4.1.11 at WordPress allows an attacker to update plugin settings.	2022-07-22	not yet calculated	CVE-2022-29495 CONFIRM CONFIRM
wordpress — wordpress	Authenticated (admin or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in ThingsForRestaurants Quick Restaurant Reservations plugin <= 1.4.1 at WordPress.	2022-07-20	not yet calculated	CVE-2022-29923 CONFIRM CONFIRM
wordpress — wordpress	Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co’s Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress.	2022-07-22	not yet calculated	CVE-2022-30998 CONFIRM CONFIRM
wordpress — wordpress	Authenticated (custom plugin role) Arbitrary File Read via Export function vulnerability in GiveWP’s GiveWP plugin <= 2.20.2 at WordPress.	2022-07-21	not yet calculated	CVE-2022-31475 CONFIRM CONFIRM
wordpress — wordpress	Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress.	2022-07-22	not yet calculated	CVE-2022-34650 CONFIRM CONFIRM
wordpress — wordpress	Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Chinmoy Paul’s Testimonials plugin <= 3.0.1 at WordPress.	2022-07-22	not yet calculated	CVE-2022-33191 CONFIRM CONFIRM
wordpress — wordpress	Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari’s Accordions plugin <= 2.0.2 at WordPress.	2022-07-21	not yet calculated	CVE-2022-33198 CONFIRM CONFIRM
wordpress — wordpress	Unauthenticated Arbitrary File Read vulnerability in MultiSafepay plugin for WooCommerce plugin <= 4.13.1 at WordPress.	2022-07-22	not yet calculated	CVE-2022-33901 CONFIRM CONFIRM
wordpress — wordpress	Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress.	2022-07-22	not yet calculated	CVE-2022-33960 CONFIRM CONFIRM
wordpress — wordpress	The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `file[files][]` parameter in versions up to, and including, 3.2.46 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor level permissions and above to inject arbitrary web scripts on the file’s page that will execute whenever an administrator accesses the editor area for the injected file page.	2022-07-18	not yet calculated	CVE-2022-2101 MISC MISC MISC MISC
wordpress — wordpress	The plugin Wbcom Designs – BuddyPress Group Reviews for WordPress is vulnerable to unauthorized settings changes and review modification due to missing capability checks and improper nonce checks in several functions related to said actions in versions up to, and including, 2.8.3. This makes it possible for unauthenticated attackers to modify reviews and plugin settings on the affected site.	2022-07-18	not yet calculated	CVE-2022-2108 MISC MISC
wordpress — wordpress	The Free Live Chat Support plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.0.11. This is due to missing nonce protection on the livesupporti_settings() function found in the ~/livesupporti.php file. This makes it possible for unauthenticated attackers to inject malicious web scripts into the page, granted they can trick a site’s administrator into performing an action such as clicking on a link.	2022-07-18	not yet calculated	CVE-2022-2039 MISC MISC
wordpress — wordpress	Unauthenticated Arbitrary Option Update vulnerability in biplob018’s Shortcode Addons plugin <= 3.0.2 at WordPress.	2022-07-21	not yet calculated	CVE-2022-34487 CONFIRM CONFIRM
wordpress — wordpress	Multiple Broken Access Control vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress.	2022-07-22	not yet calculated	CVE-2022-27235 CONFIRM CONFIRM
wordpress — wordpress	The DX Share Selection plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.4. This is due to missing nonce protection on the dxss_admin_page() function found in the ~/dx-share-selection.php file. This makes it possible for unauthenticated attackers to inject malicious web scripts into the page, granted they can trick a site’s administrator into performing an action such as clicking on a link.	2022-07-18	not yet calculated	CVE-2022-2001 MISC MISC
wordpress — wordpress	The WordPress plugin Image Slider is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.1.121 due to failure to properly check for the existence of a nonce in the function ewic_duplicate_slider. This make it possible for unauthenticated attackers to duplicate existing posts or pages granted they can trick a site administrator into performing an action such as clicking on a link.	2022-07-18	not yet calculated	CVE-2022-2223 MISC MISC
wordpress — wordpress	The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to deserialization of untrusted input via the ‘remote_data’ parameter in versions up to, and including 3.7.9. This makes it possible for authenticated attackers with contributor privileges and above to call files using a PHAR wrapper that will deserialize the data and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. It also requires that the attacker is successful in uploading a file with the serialized payload.	2022-07-18	not yet calculated	CVE-2022-2444 MISC MISC MISC MISC MISC
wordpress — wordpress	The Feed Them Social – for Twitter feed, Youtube and more plugin for WordPress is vulnerable to deserialization of untrusted input via the ‘fts_url’ parameter in versions up to, and including 2.9.8.5. This makes it possible for unauthenticated attackers to call files using a PHAR wrapper that will deserialize the data and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. It also requires that the attacker is successful in uploading a file with the serialized payload.	2022-07-18	not yet calculated	CVE-2022-2437 MISC MISC
wordpress — wordpress	The FreeMind WP Browser plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.2. This is due to missing nonce protection on the FreemindOptions() function found in the ~/freemind-wp-browser.php file. This makes it possible for unauthenticated attackers to inject malicious web scripts into the page, granted they can trick a site’s administrator into performing an action such as clicking on a link.	2022-07-18	not yet calculated	CVE-2022-2443 MISC MISC
wordpress — wordpress	The AnyMind Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.1. This is due to missing nonce protection on the createDOMStructure() function found in the ~/anymind-widget-id.php file. This makes it possible for unauthenticated attackers to inject malicious web scripts into the page, granted they can trick a site’s administrator into performing an action such as clicking on a link.	2022-07-18	not yet calculated	CVE-2022-2435 MISC MISC
wordpress — wordpress	The WordPress plugin Gallery for Social Photo is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.0.0.27 due to failure to properly check for the existence of a nonce in the function gifeed_duplicate_feed. This make it possible for unauthenticated attackers to duplicate existing posts or pages granted they can trick a site administrator into performing an action such as clicking on a link.	2022-07-18	not yet calculated	CVE-2022-2224 MISC MISC
wpallimport — wp_all_import	The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz.php file in versions up to, and including, 3.6.7. This makes it possible for authenticated attackers, with administrator level permissions and above, to upload arbitrary files on the affected sites server which may make remote code execution possible.	2022-07-18	not yet calculated	CVE-2022-1565 MISC MISC
xiaomi — mi_sound	Information leakage vulnerability exists in the Mi Sound APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.	2022-07-22	not yet calculated	CVE-2020-14126 MISC
xiaomi — smarthome	information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.	2022-07-22	not yet calculated	CVE-2020-14114 MISC
yokogawa_rental_&_lease_corporation — passage_drive	Passage Drive versions v1.4.0 to v1.5.1.0 and Passage Drive for Box version v1.0.0 contain an insufficient data verification vulnerability for interprocess communication. By running a malicious program, an arbitrary OS command may be executed with LocalSystem privilege of the Windows system where the product is running.	2022-07-20	not yet calculated	CVE-2022-34866 MISC MISC
zoho — manageengine_password_manager_pro_and_opmanager	ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.	2022-07-18	not yet calculated	CVE-2022-35404 MISC MISC
zoho — manageengine_password_manager_pro_and_pam360	Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus before 4303 with authentication.)	2022-07-19	not yet calculated	CVE-2022-35405 MISC
zte — zxen_cg200_firmware	ZXEN CG200 has a DoS vulnerability. An attacker could construct and send a large number of HTTP GET requests in a short time, which can make the product management websites not accessible.	2022-07-18	not yet calculated	CVE-2022-23142 MISC
zte — zxmp_m721_firmware	ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information.	2022-07-15	not yet calculated	CVE-2022-23141 MISC
zulip — zulip_server	Zulip is an open source team chat tool. Due to an incorrect authorization check in Zulip Server 5.4 and earlier, a member of an organization could craft an API call that grants organization administrator privileges to one of their bots. The vulnerability is fixed in Zulip Server 5.5. Members who donâ€™t own any bots, and lack permission to create them, canâ€™t exploit the vulnerability. As a workaround for the vulnerability, an organization administrator can restrict the `Who can create bots` permission to administrators only, and change the ownership of existing bots.	2022-07-22	not yet calculated	CVE-2022-31168 MISC MISC CONFIRM
zyxel — multiple_products	A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.09 through 4.72, which could allow a local attacker to execute some OS commands with root privileges in some directories on a vulnerable device.	2022-07-19	not yet calculated	CVE-2022-30526 CONFIRM
zyxel_corporation — multiple_products	A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.11 through 4.72, that could allow an authenticated attacker to access some restricted files on a vulnerable device.	2022-07-19	not yet calculated	CVE-2022-2030 CONFIRM

This product is provided subject to this Notification and this Privacy & Use policy.

alerts

IoT Botnets Fuels DDoS Attacks – Are You Prepared?

Post author By admin
Post date July 26, 2022

The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifies DDoS attacks today. This is a dangerous warning that the possibility of a sophisticated DDoS attack and a prolonged service outage will prevent businesses from growing.

Managed Security Services

Cyber Threat Intelligence

iDNA

SiON

About Us

Leadership

Advisors

Cyber Security Assessment

SOC Cost Calculator

Request a Dark Web Report

Cyber Security Threat Alerts

What is Incident Response?

SOC 2 Compliance

Cyber Security Definitions and Terminology

Cyber Security Jobs

Blog

Podcast

Instagram

LinkedIn

Twitter

High Vulnerabilities

Medium Vulnerabilities

Low Vulnerabilities

Severity Not Yet Assigned

High Vulnerabilities

Medium Vulnerabilities

Low Vulnerabilities

Severity Not Yet Assigned

Company

Our services

Resources

Partners

Cyber news

Weekly Newsletter

Subscribe to our weekly newsletter on cyber news and best practices!