Threat actors already are exploiting vulnerability, dubbed ‘Follina’ and originally identified back in April, to target organizations in Russia and Tibet, researchers said.
Category: alerts
Cyber Security Monitor Alerts News Notifications. We monitor and send notifications on the latest Cyber Security alerts, blogs, news on data breaches and emerging cyber threats.
Original release date: May 31, 2022
Microsoft has released workaround guidance to address a remote code execution (RCE) vulnerability—CVE-2022-30190, known as “Follina”—affecting the Microsoft Support Diagnostic Tool (MSDT) in Windows. A remote, unauthenticated attacker could exploit this vulnerability to take control of an affected system. Microsoft has reported active exploitation of this vulnerability in the wild.
CISA urges users and administrators to review Microsoft’s Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability and apply the necessary workaround.
This product is provided subject to this Notification and this Privacy & Use policy.
The malvertiser’s use of PowerShell could push it beyond its basic capabilities to spread ransomware, spyware or steal data from browser sessions, researchers warn.
Original release date: May 30, 2022
High Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| badminton_center_management_system_project — badminton_center_management_system | Badminton Center Management System 1.0 is vulnerable to SQL Injection via /bcms/classes/Master.php?f=delete_court_rental, id. | 2022-05-24 | 7.5 | CVE-2022-30455 MISC |
| battleye — battleye | BattlEye v0.9 contains an unquoted service path which allows attackers to escalate privileges to the system level. | 2022-05-20 | 7.2 | CVE-2022-27095 MISC |
| chatbot_application_with_a_suggestion_feature_project — chatbot_application_with_a_suggestion_feature | ChatBot Application with a Suggestion Feature 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /simple_chat_bot/admin/responses/view_response.php. | 2022-05-20 | 7.5 | CVE-2022-30518 MISC MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/pic/del. | 2022-05-26 | 7.5 | CVE-2022-29660 MISC |
| covid-19_directory_on_vaccination_system_project — covid-19_directory_on_vaccination_system | Sourcecodester Covid-19 Directory on Vaccination System1.0 is vulnerable to SQL Injection via the admin/login.php txtusername (aka Username) field. | 2022-05-20 | 7.5 | CVE-2022-28531 MISC MISC |
| covid_19_travel_pass_management_system_project — covid_19_travel_pass_management_system | Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master.php?f=update_application_status | 2022-05-24 | 7.5 | CVE-2022-30838 MISC |
| merchandise_online_store_project — merchandise_online_store | Merchandise Online Store 1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_product. | 2022-05-24 | 7.5 | CVE-2022-30454 MISC |
| minitool — partition_wizard | MiniTool Partition Wizard v12.0 contains an unquoted service path which allows attackers to escalate privileges to the system level. | 2022-05-20 | 7.2 | CVE-2022-29320 MISC |
| multi-vendor_online_groceries_management_system_project — multi-vendor_online_groceries_management_system | Multi-Vendor Online Groceries Management System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /products/view_product.php. | 2022-05-20 | 7.5 | CVE-2022-26632 MISC |
| nirweb — nirweb_support | The Nirweb support WordPress plugin before 2.8.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action (available to unauthenticated users), leading to an SQL injection | 2022-05-23 | 7.5 | CVE-2022-0781 MISC |
| online_sports_complex_booking_system_project — online_sports_complex_booking_system | Online Sports Complex Booking System v1.0 was discovered to allow attackers to take over user accounts via a crafted POST request. | 2022-05-20 | 7.5 | CVE-2022-28106 MISC |
| online_sports_complex_booking_system_project — online_sports_complex_booking_system | Online Sports Complex Booking System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /scbs/view_facility.php. | 2022-05-20 | 7.5 | CVE-2022-28105 MISC |
| pharmacy_management_system_project — pharmacy_management_system | Pharmacy Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file. | 2022-05-20 | 7.5 | CVE-2022-30887 MISC |
| privateinternetaccess — private_internet_access | Private Internet Access v3.3 contains an unquoted service path which allows attackers to escalate privileges to the system level. | 2022-05-20 | 7.2 | CVE-2022-27092 MISC |
| rengine_project — rengine | Rengine v1.0.2 was discovered to contain a remote code execution (RCE) vulnerability via the yaml configuration function. | 2022-05-20 | 7.5 | CVE-2022-28995 MISC |
| rengine_project — rengine | OS Command Injection in GitHub repository yogeshojha/rengine prior to 1.2.0. | 2022-05-22 | 7.5 | CVE-2022-1813 MISC CONFIRM |
| school_dormitory_management_system_project — school_dormitory_management_system | School Dormitory Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /dms/admin/reports/daily_collection_report.php. | 2022-05-20 | 7.5 | CVE-2022-30886 MISC |
| siemens — 7kg8500-0aa00-0aa0_firmware | A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly validate parameters of certain GET and POST requests. This could allow an unauthenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on the device. | 2022-05-20 | 7.5 | CVE-2022-29873 CONFIRM |
| simple_student_quarterly_result/grade_system_project — simple_student_quarterly_result/grade_system | Simple Student Quarterly Result/Grade System v1.0 was discovered to contain a SQL injection vulnerability via /sqgs/Actions.php. | 2022-05-20 | 7.5 | CVE-2022-26633 MISC |
| sony — playmemories_home | Sony PlayMemories Home v6.0 contains an unquoted service path which allows attackers to escalate privileges to the system level. | 2022-05-20 | 7.2 | CVE-2022-27094 MISC |
| vmware — identity_manager | VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. | 2022-05-20 | 7.5 | CVE-2022-22972 MISC |
| vmware — identity_manager | VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to ‘root’. | 2022-05-20 | 7.2 | CVE-2022-22973 MISC |
| water_billing_system_project — water_billing_system | Water-billing-management-system v1.0 is vulnerable to SQL Injection via /wbms/classes/Master.php?f=delete_client, id | 2022-05-24 | 7.5 | CVE-2022-30461 MISC |
| wp_contacts_manager_project — wp_contacts_manager | The WP Contacts Manager WordPress plugin through 2.2.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to an SQL injection vulnerability. | 2022-05-23 | 7.5 | CVE-2022-1014 MISC |
Medium Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| automotive_shop_management_system_project — automotive_shop_management_system | Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_product. | 2022-05-24 | 6.5 | CVE-2022-30463 MISC |
| avast — premium_security | Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file. | 2022-05-20 | 4.4 | CVE-2022-28965 MISC MISC |
| chatbot_app_with_suggestion_in_php/oop_project — chatbot_app_with_suggestion_in_php/oop | ChatBot App with Suggestion in PHP/OOP v1.0 is vulnerable to SQL Injection via /simple_chat_bot/classes/Master.php?f=delete_response, id. | 2022-05-24 | 6.5 | CVE-2022-30459 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan. | 2022-05-26 | 6.5 | CVE-2022-29676 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/page_del. | 2022-05-26 | 6.5 | CVE-2022-29683 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/lists/zhuan. | 2022-05-26 | 6.5 | CVE-2022-29669 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/level_del. | 2022-05-26 | 6.5 | CVE-2022-29687 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/lists/zhuan. | 2022-05-26 | 6.5 | CVE-2022-29686 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/User/level_sort. | 2022-05-26 | 6.5 | CVE-2022-29685 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/vod/admin/topic/del. | 2022-05-26 | 6.5 | CVE-2022-29682 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Links/del. | 2022-05-26 | 6.5 | CVE-2022-29681 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/zu_del. | 2022-05-26 | 6.5 | CVE-2022-29680 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/js_del. | 2022-05-26 | 6.5 | CVE-2022-29684 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/topic/save. | 2022-05-26 | 6.5 | CVE-2022-29665 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan. | 2022-05-26 | 6.5 | CVE-2022-29666 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via /admin.php/pic/admin/pic/hy. This vulnerability is exploited via restoring deleted photos. | 2022-05-26 | 6.5 | CVE-2022-29667 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/del. | 2022-05-26 | 6.5 | CVE-2022-29689 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/pl_save. | 2022-05-26 | 6.5 | CVE-2022-29664 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/hy. | 2022-05-26 | 6.5 | CVE-2022-29663 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/news/save. | 2022-05-26 | 6.5 | CVE-2022-29662 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/save. | 2022-05-26 | 6.5 | CVE-2022-29661 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/hy. | 2022-05-26 | 6.5 | CVE-2022-29688 MISC |
| chshcms — cscms_music_portal_system | CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/del. | 2022-05-26 | 6.5 | CVE-2022-29670 MISC |
| disable_right_click_for_wp_wordpress — disable_right_click_for_wp | Cross-Site Request Forgery (CSRF) vulnerability in Aftab Muni’s Disable Right Click For WP plugin <= 1.1.6 at WordPress. | 2022-05-20 | 6.8 | CVE-2022-29427 CONFIRM CONFIRM |
| donate_extra_project — donate_extra | The Donate Extra WordPress plugin through 2.02 does not sanitise and escape a parameter before outputting it back in the response, leading to a Reflected cross-Site Scripting | 2022-05-23 | 4.3 | CVE-2022-1268 MISC |
| duogeek — domain_replace | The Domain Replace WordPress plugin through 1.3.8 does not sanitise and escape a parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting | 2022-05-23 | 4.3 | CVE-2022-1218 MISC |
| e-diary_management_system_project — e-diary_management_system | Diary Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Name parameter in search-result.php. | 2022-05-23 | 4.3 | CVE-2022-29004 MISC MISC MISC |
| gnu — libredwg | A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file. | 2022-05-23 | 6.8 | CVE-2021-42586 MISC |
| gnu — libredwg | A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file. | 2022-05-23 | 6.8 | CVE-2021-42585 MISC |
| gwyn’s_imagemap_selector_project — gwyn’s_imagemap_selector | The Gwyn’s Imagemap Selector WordPress plugin through 0.3.3 does not sanitise and escape some parameters before outputting them back in attributes, leading to a Reflected Cross-Site Scripting. | 2022-05-23 | 4.3 | CVE-2022-1221 MISC |
| imgurl_project — imgurl | imgurl v2.31 was discovered to contain a Blind SQL injection vulnerability via /upload/localhost. | 2022-05-24 | 6.8 | CVE-2022-29305 MISC |
| inoutscripts — blockchain_altexchanger | Inout Blockchain AltExchanger 1.2.1 and Inout Blockchain FiatExchanger 2.2.1 allow Chart/TradingView/chart_content/master.php symbol SQL injection. | 2022-05-23 | 5 | CVE-2022-31487 MISC MISC |
| inoutscripts — blockchain_altexchanger | Inout Blockchain AltExchanger 1.2.1 allows index.php/home/about inoutio_language cookie SQL injection. | 2022-05-23 | 5 | CVE-2022-31489 MISC |
| inoutscripts — blockchain_altexchanger | Inout Blockchain AltExchanger 1.2.1 allows index.php/coins/update_marketboxslider marketcurrency SQL injection. | 2022-05-23 | 5 | CVE-2022-31488 MISC |
| jgraph — drawio | Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.8. | 2022-05-20 | 5 | CVE-2022-1784 MISC CONFIRM |
| kubiq — cpt_base | Cross-Site Request Forgery (CSRF) vulnerability in KubiQ CPT base plugin <= 5.8 at WordPress allows an attacker to delete the CPT base. | 2022-05-20 | 5.8 | CVE-2022-29431 CONFIRM CONFIRM |
| online_banquet_booking_system_project — online_banquet_booking_system | A Cross-Site Request Forgery (CSRF) in Online Banquet Booking System v1.0 allows attackers to change admin credentials via a crafted POST request. | 2022-05-20 | 6.8 | CVE-2022-28992 MISC |
| online_birth_certificate_system_project — online_birth_certificate_system | Multiple cross-site scripting (XSS) vulnerabilities in the component /obcs/user/profile.php of Online Birth Certificate System v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname or lname parameters. | 2022-05-23 | 4.3 | CVE-2022-29005 MISC MISC MISC |
| openrazer_project — openrazer | A buffer overflow in the razerkbd driver of OpenRazer v3.3.0 and below allows attackers to cause a Denial of Service (DoS) via a crafted buffer sent to the matrix_custom_frame device. | 2022-05-20 | 5 | CVE-2022-29021 MISC |
| openrazer_project — openrazer | A buffer overflow in the razeraccessory driver of OpenRazer v3.3.0 and below allows attackers to cause a Denial of Service (DoS) via a crafted buffer sent to the matrix_custom_frame device. | 2022-05-20 | 5 | CVE-2022-29022 MISC |
| openrazer_project — openrazer | A buffer overflow in the razermouse driver of OpenRazer v3.3.0 and below allows attackers to cause a Denial of Service (DoS) via a crafted buffer sent to the matrix_custom_frame device. | 2022-05-20 | 5 | CVE-2022-29023 MISC |
| oracle — e-business_suite | Vulnerability in Oracle E-Business Suite (component: Manage Proxies). The supported version that is affected is 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle E-Business Suite. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle E-Business Suite accessible data. Note: Authentication is required for successful attack, however the user may be self-registered. <br> <br>Oracle E-Business Suite 12.1 is not impacted by this vulnerability. Customers should refer to the Patch Availability Document for details. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). | 2022-05-20 | 5 | CVE-2022-21500 MISC |
| png_to_jpg_project — png_to_jpg | Cross-Site Scripting (XSS) vulnerability in KubiQ’s PNG to JPG plugin <= 4.0 at WordPress via Cross-Site Request Forgery (CSRF). Vulnerable parameter &jpg_quality. | 2022-05-20 | 4.3 | CVE-2022-29430 CONFIRM CONFIRM |
| publify_project — publify | Improper Access Control in GitHub repository publify/publify prior to 9.2.9. | 2022-05-23 | 4 | CVE-2022-1810 MISC CONFIRM |
| rescue_dispatch_management_system_project — rescue_dispatch_management_system | Rescue Dispatch Management System 1.0 is vulnerable to Incorrect Access Control via http://localhost/rdms/admin/?page=system_info. | 2022-05-23 | 6.5 | CVE-2022-30016 MISC MISC |
| room_rent_portal_site_project — room_rent_portal_site | Room-rent-portal-site v1.0 is vulnerable to SQL Injection via /rrps/classes/Master.php?f=delete_category, id. | 2022-05-24 | 6.5 | CVE-2022-30843 MISC |
| room_rent_portal_site_project — room_rent_portal_site | Room-rent-portal-site v1.0 is vulnerable to Cross Site Scripting (XSS) via /rrps/classes/Master.php?f=save_category, vehicle_name. | 2022-05-24 | 4.3 | CVE-2022-30839 MISC |
| rtx_project — rtx | Cross-site Scripting (XSS) – Reflected in GitHub repository rtxteam/rtx prior to checkpoint_2022-05-18. | 2022-05-20 | 4.3 | CVE-2022-1806 CONFIRM MISC |
| siemens — 7kg8500-0aa00-0aa0_firmware | A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not encrypt web traffic with clients but communicate in cleartext via HTTP. This could allow an unauthenticated attacker to capture the traffic and interfere with the functionality of the device. | 2022-05-20 | 5 | CVE-2022-29874 CONFIRM |
| siemens — 7kg8500-0aa00-0aa0_firmware | A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly handle the input of a GET request parameter. The provided argument is directly reflected in the web server response. This could allow an unauthenticated attacker to perform reflected XSS attacks. | 2022-05-20 | 4.3 | CVE-2022-29876 CONFIRM |
| siemens — 7kg8500-0aa00-0aa0_firmware | A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly validate parameters of POST requests. This could allow an authenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on the device. | 2022-05-20 | 6.5 | CVE-2022-29872 CONFIRM |
| siemens — teamcenter | A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem. | 2022-05-20 | 5 | CVE-2022-29801 CONFIRM |
| siemens — teamcenter_visualization | A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library contains a double free vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process. | 2022-05-20 | 6.8 | CVE-2022-29032 CONFIRM |
| siemens — teamcenter_visualization | A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | 2022-05-20 | 4.3 | CVE-2022-29031 CONFIRM |
| siemens — teamcenter_visualization | A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library is vulnerable to uninitialized pointer free while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process. | 2022-05-20 | 6.8 | CVE-2022-29033 CONFIRM |
| siemens — teamcenter_visualization | A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Tiff_Loader.dll is vulnerable to infinite loop condition while parsing specially crafted TIFF files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | 2022-05-20 | 4.3 | CVE-2022-29028 CONFIRM |
| siemens — teamcenter_visualization | A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions), Teamcenter V13.2 (All versions < V13.2.0.8), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions). The tcserver.exe binary in affected applications is vulnerable to a stack overflow condition during the parsing of user input that may lead the binary to crash. | 2022-05-20 | 5 | CVE-2022-24290 CONFIRM |
| siemens — teamcenter_visualization | A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | 2022-05-20 | 4.3 | CVE-2022-29029 CONFIRM |
| siemens — teamcenter_visualization | A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Mono_Loader.dll library is vulnerable to integer overflow condition while parsing specially crafted TG4 files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | 2022-05-20 | 4.3 | CVE-2022-29030 CONFIRM |
| simple_food_website_project — simple_food_website | Lumidek Associates Simple Food Website 1.0 is vulnerable to Cross Site Request Forgery (CSRF) which allows anyone to takeover admin/moderater account. | 2022-05-23 | 6.8 | CVE-2022-30014 MISC MISC MISC |
| trudesk_project — trudesk | Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2. | 2022-05-20 | 4 | CVE-2022-1754 MISC CONFIRM |
| trudesk_project — trudesk | Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2. | 2022-05-21 | 6 | CVE-2022-1752 CONFIRM MISC |
| trudesk_project — trudesk | Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2. | 2022-05-20 | 6.5 | CVE-2022-1770 CONFIRM MISC |
| turn_off_all_comments_project — turn_off_all_comments | The Turn off all comments WordPress plugin through 1.0 does not sanitise and escape the rows parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting | 2022-05-23 | 4.3 | CVE-2022-1192 MISC |
| wasm3_project — wasm3 | WASM3 v0.5.0 was discovered to contain a heap overflow via the component /wabt/bin/poc.wasm. | 2022-05-20 | 4.6 | CVE-2022-28990 MISC MISC |
| wow-estore — herd_effects | Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company’s Herd Effects plugin <= 5.2 at WordPress. | 2022-05-20 | 4 | CVE-2022-29448 CONFIRM CONFIRM |
| wpchill — check_&_log_email | The Check & Log Email WordPress plugin before 1.0.6 does not sanitise and escape a parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting | 2022-05-23 | 4.3 | CVE-2022-1547 MISC |
| wpwham — checkout_files_upload_for_woocommerce | Cross-Site Scripting (XSS) vulnerability in WP Wham’s Checkout Files Upload for WooCommerce plugin <= 2.1.2 at WordPress. | 2022-05-20 | 4.3 | CVE-2022-29425 CONFIRM CONFIRM |
| xmlsitemapgenerator — xml_sitemap_generator | The XML Sitemap Generator for Google WordPress plugin before 2.0.4 does not validate a parameter which can be set to an arbitrary value, thus causing XSS via error message or RCE if allow_url_include is turned on. | 2022-05-23 | 4.3 | CVE-2022-0346 MISC |
Low Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| 10web — sliderby10web | The Sliderby10Web WordPress plugin before 1.2.52 does not properly sanitize and escape some of its settings, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed | 2022-05-23 | 3.5 | CVE-2022-1320 MISC |
| automotive_shop_management_system_project — automotive_shop_management_system | Automotive Shop Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via /asms/classes/Master.php?f=save_product, name. | 2022-05-24 | 3.5 | CVE-2022-30458 MISC |
| badminton_center_management_system_project — badminton_center_management_system | Badminton Center Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via /bcms/classes/Master.php?f=save_court_rental. | 2022-05-24 | 3.5 | CVE-2022-30456 MISC |
| chatbot_app_with_suggestion_in_php/oop_project — chatbot_app_with_suggestion_in_php/oop | ChatBot App with Suggestion in PHP/OOP v1.0 is vulnerable to Cross Site Scripting (XSS) via /simple_chat_bot/classes/Master.php?f=save_response. | 2022-05-24 | 3.5 | CVE-2022-30464 MISC |
| collectiveaccess — providence | Cross-site Scripting (XSS) – Reflected in GitHub repository collectiveaccess/providence prior to 1.8. | 2022-05-23 | 3.5 | CVE-2022-1825 CONFIRM MISC |
| covid_19_travel_pass_management_system_project — covid_19_travel_pass_management_system | Covid-19 Travel Pass Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via /ctpms/classes/Users.php?f=save, firstname. | 2022-05-24 | 3.5 | CVE-2022-30842 MISC |
| curtain_project — curtain | The Curtain WordPress plugin through 1.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed | 2022-05-23 | 3.5 | CVE-2022-1558 MISC MISC |
| google — tensorflow | TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.TensorSummaryV2` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | 2.1 | CVE-2022-29193 MISC MISC MISC MISC MISC MISC CONFIRM |
| google — tensorflow | TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.Conv3DBackpropFilterV2` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code does not validate that the `filter_sizes` argument is a vector. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | 2.1 | CVE-2022-29196 MISC CONFIRM MISC MISC MISC MISC MISC |
| google — tensorflow | TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.StagePeek` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `index` is a scalar but there is no validation for this before accessing its value. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | 2.1 | CVE-2022-29195 CONFIRM MISC MISC MISC MISC MISC MISC |
| google — tensorflow | TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SparseTensorToCSRSparseMatrix` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `dense_shape` is a vector and `indices` is a matrix (as part of requirements for sparse tensors) but there is no validation for this. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | 2.1 | CVE-2022-29198 MISC CONFIRM MISC MISC MISC MISC MISC |
| google — tensorflow | TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a scalar but there is no validation for this before accessing its value. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | 2.1 | CVE-2022-29197 CONFIRM MISC MISC MISC MISC MISC MISC |
| google — tensorflow | TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.LoadAndRemapMatrix does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `initializing_values` is a vector but there is no validation for this before accessing its value. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | 2.1 | CVE-2022-29199 CONFIRM MISC MISC MISC MISC MISC MISC |
| joomunited — wp_meta_seo | The WP Meta SEO WordPress plugin before 4.4.7 does not sanitise or escape the breadcrumb separator before outputting it to the page, allowing a high privilege user such as an administrator to inject arbitrary javascript into the page even when unfiltered html is disallowed. | 2022-05-23 | 3.5 | CVE-2022-1093 MISC |
| mariadb — mariadb | MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (pthread_create returns a nonzero value) while executing the method create_worker_threads, the held lock is not released correctly, which allows local users to trigger a denial of service due to the deadlock. | 2022-05-25 | 2.1 | CVE-2022-31622 MISC MISC |
| mariadb — mariadb | MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method log_statement_ex, the held lock lock_bigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock. | 2022-05-25 | 2.1 | CVE-2022-31624 MISC MISC |
| mariadb — mariadb | MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e., going to the err label) while executing the method create_worker_threads, the held lock thd->ctrl_mutex is not released correctly, which allows local users to trigger a denial of service due to the deadlock. | 2022-05-25 | 2.1 | CVE-2022-31623 MISC MISC |
| mariadb — mariadb | MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_xbstream.cc, when an error occurs (stream_ctxt->dest_file == NULL) while executing the method xbstream_open, the held lock is not released correctly, which allows local users to trigger a denial of service due to the deadlock. | 2022-05-25 | 2.1 | CVE-2022-31621 MISC MISC |
| mc4wp — mc4wp | Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ibericode’s MC4WP plugin <= 4.8.6 at WordPress. | 2022-05-20 | 3.5 | CVE-2021-36833 CONFIRM CONFIRM |
| muneeb — wp_slider | Cross-Site Scripting (XSS) vulnerability in Muneeb’s WP Slider Plugin <= 1.4.5 at WordPress. | 2022-05-20 | 3.5 | CVE-2022-29428 CONFIRM CONFIRM |
| orangehrm — orangehrm | A stored cross-site scripting (XSS) vulnerability in the addNewPost component of OrangeHRM v4.10.1 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. | 2022-05-20 | 3.5 | CVE-2022-28985 MISC |
| oxilab — image_hover_effects_ultimate | Authenticated (admin or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in Biplob Adhikari’s Image Hover Effects Ultimate plugin <= 9.7.1 at WordPress. | 2022-05-20 | 3.5 | CVE-2022-29424 CONFIRM CONFIRM |
| rescue_dispatch_management_system_project — rescue_dispatch_management_system | Rescue Dispatch Management System 1.0 suffers from Stored XSS, leading to admin account takeover via cookie stealing. | 2022-05-23 | 3.5 | CVE-2022-30017 MISC MISC |
| simple_food_website_project — simple_food_website | In Simple Food Website 1.0, a moderation can put the Cross Site Scripting Payload in any of the fields on http://127.0.0.1:1234/food/admin/all_users.php like Full Username, etc .This causes stored xss. | 2022-05-23 | 3.5 | CVE-2022-30015 MISC MISC |
| simple_social_networking_site_project — simple_social_networking_site | Simple Social Networking Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /sns/classes/Users.php?f=save, firstname. | 2022-05-24 | 3.5 | CVE-2022-30460 MISC |
| tms-outsource — wpdatatables | Multiple Authenticated (administrator or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in TMS-Plugins wpDataTables plugin <= 2.1.27 on WordPress via &data-link-text, &data-link-url, &data, &data-shortcode, &data-star-num vulnerable parameters. | 2022-05-20 | 3.5 | CVE-2022-29432 CONFIRM CONFIRM |
| toll_tax_management_system_project — toll_tax_management_system | Toll-tax-management-system v1.0 is vulnerable to Cross Site Scripting (XSS) via /ttms/classes/Master.php?f=save_recipient, vehicle_name. | 2022-05-24 | 3.5 | CVE-2022-30837 MISC |
| water_billing_system_project — water_billing_system | Water-billing-management-system v1.0 is affected by: Cross Site Scripting (XSS) via /wbms/classes/Users.php?f=save, firstname. | 2022-05-24 | 3.5 | CVE-2022-30462 MISC |
| wpshopmart — tabs_responsive | The Tabs WordPress plugin before 2.2.8 does not sanitise and escape Tab descriptions, which could allow high privileged users with a role as low as editor to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | 2022-05-23 | 3.5 | CVE-2022-1298 MISC |
Severity Not Yet Assigned
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| apple — macos_monterey_and_masos_big_sur | An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to gain elevated privileges. | 2022-05-26 | not yet calculated | CVE-2022-26718 MISC MISC |
| cisco — common_services_platform_collector_software | Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. | 2022-05-27 | not yet calculated | CVE-2022-20670 CISCO |
| phpgurukul — zoo_managment_system | A vulnerability classified as problematic has been found in Zoo Management System 1.0. Affected is an unknown function of the file admin/manage-ticket.php. The manipulation with the input <script>alert(1)</script> leads to cross site scripting. It is possible to launch the attack remotely. | 2022-05-26 | not yet calculated | CVE-2021-4232 N/A |
| zyxel — cgi_program | A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.32 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, and VPN series firmware versions 4.32 through 5.21, that could allow an authenticated attacker to bypass the second authentication phase to connect the IPsec VPN server even though the two-factor authentication (2FA) was enabled. | 2022-05-24 | not yet calculated | CVE-2022-0910 CONFIRM |
| 74cmsse_v3.5.1–74cmsse_v3.5.1 | 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist. | 2022-05-26 | not yet calculated | CVE-2022-29721 MISC |
| 74cmsse_v3.5.1–74cmsse_v3.5.1 | 74cmsSE v3.5.1 was discovered to contain an arbitrary file read vulnerability via the component indexcontrollerDownload.php. | 2022-05-26 | not yet calculated | CVE-2022-29720 MISC |
| academy-lm –academy-lms | Academy-LMS v4.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the SEO panel. | 2022-05-25 | not yet calculated | CVE-2022-29380 MISC |
| action_pack — action_pack | An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses. | 2022-05-26 | not yet calculated | CVE-2022-22577 MISC |
| action_view_tag_helpers — action_view_tag_helpers | A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes. | 2022-05-26 | not yet calculated | CVE-2022-27777 MISC |
| aerialwei– zkeacms | A cross-site scripting (XSS) vulnerability in /navigation/create?ParentID=%23 of ZKEACMS v3.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ParentID parameter. | 2022-05-25 | not yet calculated | CVE-2022-29362 MISC |
| agg_software — web_server | The AGG Software Web Server version 4.0.40.1014 and prior is vulnerable to a path traversal attack, which may allow an attacker to read arbitrary files from the file system. | 2022-05-24 | not yet calculated | CVE-2021-32964 MISC |
| agg_software — web_server | The AGG Software Web Server version 4.0.40.1014 and prior is vulnerable to cross-site scripting, which may allow an attacker to remotely execute arbitrary code. | 2022-05-24 | not yet calculated | CVE-2021-32962 MISC |
| airfield — online | A vulnerability has been found in Airfield Online and classified as problematic. This vulnerability affects the path /backups/ of the MySQL backup handler. An attacker is able to get access to sensitive data without proper authentication. It is recommended to the change the configuration settings. | 2022-05-24 | not yet calculated | CVE-2021-4230 N/A |
| angular — angular | A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 11.0.5 and 11.1.0-next.3 is able to address this issue. The name of the patch is ba8da742e3b243e8f43d4c63aa842b44e14f2b09. It is recommended to upgrade the affected component. | 2022-05-26 | not yet calculated | CVE-2021-4231 MISC MISC MISC MISC |
| apache — archiva | In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8 | 2022-05-25 | not yet calculated | CVE-2022-29405 MISC |
| apache –maven-shared-utils | In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks. | 2022-05-23 | not yet calculated | CVE-2022-29599 MISC MISC MLIST |
| apple — ios_15.5_and_ipados15.5 | An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. A person with physical access to an iOS device may be able to access photos from the lock screen. | 2022-05-26 | not yet calculated | CVE-2022-26703 MISC |
| apple — ios_and_ipados | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26744 MISC |
| apple — itunes | A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. A local attacker may be able to elevate their privileges. | 2022-05-26 | not yet calculated | CVE-2022-26774 MISC |
| apple — itunes | A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. An application may be able to delete files for which it does not have permission. | 2022-05-26 | not yet calculated | CVE-2022-26773 MISC |
| apple — macos_big_sur | A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.6.6. A malicious application may disclose restricted memory. | 2022-05-26 | not yet calculated | CVE-2022-26745 MISC |
| apple — macos_monterey | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26750 MISC |
| apple — macos_monterey | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26742 MISC |
| apple — macos_monterey | A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. Photo location information may persist after it is removed with Preview Inspector. | 2022-05-26 | not yet calculated | CVE-2022-26725 MISC |
| apple — macos_monterey | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26749 MISC |
| apple — macos_monterey | This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. A plug-in may be able to inherit the application’s permissions and access user data. | 2022-05-26 | not yet calculated | CVE-2022-26693 MISC |
| apple — macos_monterey | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26754 MISC |
| apple — macos_monterey | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26772 MISC |
| apple — macos_monterey | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26752 MISC |
| apple — macos_monterey | This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. A plug-in may be able to inherit the application’s permissions and access user data. | 2022-05-26 | not yet calculated | CVE-2022-26694 MISC |
| apple — macos_monterey | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26753 MISC |
| apple — macos_monterey | Description: A race condition was addressed with additional validation. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to modify protected parts of the file system. | 2022-05-26 | not yet calculated | CVE-2022-26690 MISC |
| apple — macos_monterey | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.4. An attacker that has already achieved code execution in macOS Recovery may be able to escalate to kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26743 MISC |
| apple — macos_monterey | This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. An attacker may be able to cause unexpected application termination or arbitrary code execution. | 2022-05-26 | not yet calculated | CVE-2022-26708 MISC |
| apple — macos_monterey | A validation issue existed in the handling of symlinks and was addressed with improved validation of symlinks. This issue is fixed in macOS Monterey 12.4. An app may be able to gain elevated privileges. | 2022-05-26 | not yet calculated | CVE-2022-26704 MISC |
| apple — macos_monterey_and_masos_big_sur | A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution. | 2022-05-26 | not yet calculated | CVE-2022-26723 MISC MISC |
| apple — macos_monterey_and_masos_big_sur | This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to modify protected parts of the file system. | 2022-05-26 | not yet calculated | CVE-2022-26712 MISC MISC |
| apple — multiple_products | An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. An attacker may be able to cause unexpected application termination or arbitrary code execution. | 2022-05-26 | not yet calculated | CVE-2022-26775 MISC MISC |
| apple — multiple_products | A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information. | 2022-05-26 | not yet calculated | CVE-2022-22662 MISC MISC |
| apple — multiple_products | A race condition was addressed with improved locking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26701 MISC MISC MISC |
| apple — multiple_products | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.4 and iPadOS 15.4, Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A malicious application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-22672 MISC MISC MISC MISC |
| apple — multiple_products | A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 8.6, tvOS 15.5, iOS 15.5 and iPadOS 15.5. A malicious application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26771 MISC MISC MISC |
| apple — multiple_products | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26737 MISC MISC MISC |
| apple — multiple_products | This issue was addressed with improved checks. This issue is fixed in Security Update 2022-004 Catalina, watchOS 8.6, macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to capture a user’s screen. | 2022-05-26 | not yet calculated | CVE-2022-26726 MISC MISC MISC MISC |
| apple — multiple_products | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26756 MISC MISC MISC |
| apple — multiple_products | An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26770 MISC MISC MISC |
| apple — multiple_products | An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. A local user may be able to read kernel memory. | 2022-05-26 | not yet calculated | CVE-2022-22674 MISC MISC MISC |
| apple — multiple_products | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26768 MISC MISC MISC MISC |
| apple — multiple_products | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26740 MISC MISC MISC |
| apple — multiple_products | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26720 MISC MISC MISC |
| apple — multiple_products | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26736 MISC MISC MISC |
| apple — multiple_products | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26738 MISC MISC MISC |
| apple — multiple_products | This issue was addressed with improved environment sanitization. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to break out of its sandbox. | 2022-05-26 | not yet calculated | CVE-2022-26755 MISC MISC MISC |
| apple — multiple_products | This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. A malicious application may be able to modify protected parts of the file system. | 2022-05-26 | not yet calculated | CVE-2022-26727 MISC MISC |
| apple — multiple_products | A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious app may be able to bypass signature validation. | 2022-05-26 | not yet calculated | CVE-2022-26766 MISC MISC MISC MISC MISC MISC |
| apple — multiple_products | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26741 MISC |
| apple — multiple_products | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2022-05-26 | not yet calculated | CVE-2022-26748 MISC MISC MISC |
| apple — multiple_products | A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious website may be able to track users in Safari private browsing mode. | 2022-05-26 | not yet calculated | CVE-2022-26731 MISC MISC |
| apple — multiple_products | This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to access restricted files. | 2022-05-26 | not yet calculated | CVE-2022-26728 MISC MISC MISC |
| apple — multiple_products | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to gain elevated privileges. | 2022-05-26 | not yet calculated | CVE-2022-26715 MISC MISC MISC |
| apple — multiple_products | A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. | 2022-05-26 | not yet calculated | CVE-2022-26765 MISC MISC MISC MISC |
| apple — multiple_products | A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations. | 2022-05-26 | not yet calculated | CVE-2022-26764 MISC MISC MISC MISC |
| apple — multiple_products | An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | 2022-05-26 | not yet calculated | CVE-2022-26698 MISC MISC MISC |
| apple — multiple_products | A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26757 MISC MISC MISC MISC MISC MISC |
| apple — multiple_products | This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in iOS 15.4 and iPadOS 15.4, Security Update 2022-004 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.6. A malicious application may bypass Gatekeeper checks. | 2022-05-26 | not yet calculated | CVE-2022-22663 MISC MISC MISC MISC |
| apple — multiple_products | This issue was addressed by removing the vulnerable code. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences. | 2022-05-26 | not yet calculated | CVE-2022-26746 MISC MISC MISC |
| apple — multiple_products | The issue was addressed with additional permissions checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences. | 2022-05-26 | not yet calculated | CVE-2022-26767 MISC MISC |
| apple — multiple_products | A memory corruption issue was addressed with improved memory handling. This issue is fixed in Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26761 MISC MISC |
| apple — multiple_products | This issue was addressed with improved checks. This issue is fixed in iOS 15.5 and iPadOS 15.5. Processing a large input may lead to a denial of service. | 2022-05-26 | not yet calculated | CVE-2022-22673 MISC |
| apple — multiple_products | A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges. | 2022-05-26 | not yet calculated | CVE-2022-26721 MISC MISC MISC |
| apple — multiple_products | An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious application may be able to execute arbitrary code with system privileges. | 2022-05-26 | not yet calculated | CVE-2022-26763 MISC MISC MISC MISC MISC MISC |
| apple — multiple_products | This issue was addressed with improved checks. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks. | 2022-05-26 | not yet calculated | CVE-2022-22616 MISC MISC MISC |
| apple — multiple_products | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26739 MISC MISC MISC |
| apple — multiple_products | An integer overflow issue was addressed with improved input validation. This issue is fixed in tvOS 15.5, iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | 2022-05-26 | not yet calculated | CVE-2022-26711 MISC MISC MISC MISC MISC |
| apple — multiple_products | A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 8.6, tvOS 15.5, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26702 MISC MISC MISC |
| apple — multiple_products | A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges. | 2022-05-26 | not yet calculated | CVE-2022-26722 MISC MISC MISC |
| apple — multiple_products | A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges. | 2022-05-26 | not yet calculated | CVE-2022-26691 MISC MISC MISC |
| apple — multiple_products | An access issue was addressed with additional sandbox restrictions on third-party applications. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A sandboxed process may be able to circumvent sandbox restrictions. | 2022-05-26 | not yet calculated | CVE-2022-26706 MISC MISC MISC MISC MISC |
| apple — multiple_products | A memory corruption issue was addressed with improved input validation. This issue is fixed in iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6, macOS Monterey 12.4. Processing a maliciously crafted image may lead to arbitrary code execution. | 2022-05-26 | not yet calculated | CVE-2022-26751 MISC MISC MISC MISC MISC |
| apple — multiple_products | This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An attacker may be able to cause unexpected application termination or arbitrary code execution. | 2022-05-26 | not yet calculated | CVE-2022-26776 MISC MISC |
| apple — multiple_products | An issue in the handling of symlinks was addressed with improved validation. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A malicious app with root privileges may be able to modify the contents of system files. | 2022-05-26 | not yet calculated | CVE-2022-26688 MISC MISC MISC |
| apple — multiple_products | A memory corruption issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26769 MISC MISC MISC |
| apple — multiple_products | A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | 2022-05-26 | not yet calculated | CVE-2022-26714 MISC MISC MISC MISC MISC MISC |
| apple — multiple_products | An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | 2022-05-26 | not yet calculated | CVE-2022-26697 MISC MISC MISC |
| apple — multiple_products | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.3.1, iOS 15.4.1 and iPadOS 15.4.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. | 2022-05-26 | not yet calculated | CVE-2022-22675 MISC MISC MISC MISC MISC |
| apple — tvos | An authentication issue was addressed with improved state management. This issue is fixed in tvOS 15.5. A local user may be able to enable iCloud Photos without authentication. | 2022-05-26 | not yet calculated | CVE-2022-26724 MISC |
| apple — xcode | This issue was addressed with improved checks. This issue is fixed in Xcode 13.4. An app may be able to gain elevated privileges. | 2022-05-26 | not yet calculated | CVE-2022-26747 MISC |
| apple — xpc_services_api | An event handler validation issue in the XPC Services API was addressed by removing the service. This issue is fixed in macOS Monterey 12.2. An application may be able to delete files for which it does not have permission. | 2022-05-26 | not yet calculated | CVE-2022-22676 MISC |
| archer — archer_platform | Archer Platform 6.3 before 6.11 (6.11.0.0) contains an Improper Access Control Vulnerability within SSO ADFS functionality that could potentially be exploited by malicious users to compromise the affected system. 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6.9.3.4) are also fixed releases. | 2022-05-26 | not yet calculated | CVE-2022-30584 MISC MISC |
| archer — archer_platform | The REST API in Archer Platform 6.x before 6.11 (6.11.0.0) contains an Authorization Bypass Vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to view sensitive information. 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6.9.3.4) are also fixed releases. | 2022-05-26 | not yet calculated | CVE-2022-30585 MISC MISC |
| archibus — web_central | In Archibus Web Central before 26.2, multiple SQL Injection vulnerabilities occur in dwr/call/plaincall/workflow.runWorkflowRule.dwr. Through the injection of arbitrary SQL statements, a potential attacker can modify query syntax and perform unauthorized (and unexpected) operations against the remote database. This is fixed in all recent versions, such as version 26.2. | 2022-05-25 | not yet calculated | CVE-2022-28862 MISC MISC |
| arista — eos | This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to other authorized users, which could cause MACsec traffic to be decrypted or modified by other authorized users on the device. | 2022-05-26 | not yet calculated | CVE-2021-28509 MISC |
| arista — eos | This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to other authorized users, which could cause IPsec traffic to be decrypted or modified by other authorized users on the device. | 2022-05-26 | not yet calculated | CVE-2021-28508 MISC |
| aveva — intouch_access_anywhere_and_plant_scada_access_anywhere_applications | Windows OS can be configured to overlay a “language bar” on top of any application. When this OS functionality is enabled, the OS language bar UI will be viewable in the browser alongside the AVEVA InTouch Access Anywhere and Plant SCADA Access Anywhere applications. It is possible to manipulate the Windows OS language bar to launch an OS command prompt, resulting in a context-escape from application into OS. | 2022-05-23 | not yet calculated | CVE-2022-1467 MISC MISC |
| azure — rtos_usbx | Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack. Prior to version 6.1.11, he USBX DFU UPLOAD functionality may be utilized to introduce a buffer overflow resulting in overwrite of memory contents. In particular cases this may allow an attacker to bypass security features or execute arbitrary code. The implementation of `ux_device_class_dfu_control_request` function does not assure that a buffer overflow will not occur during handling of the DFU UPLOAD command. When an attacker issues the `UX_SLAVE_CLASS_DFU_COMMAND_UPLOAD` control transfer request with `wLenght` larger than the buffer size (`UX_SLAVE_REQUEST_CONTROL_MAX_LENGTH`, 256 bytes), depending on the actual implementation of `dfu -> ux_slave_class_dfu_read`, a buffer overflow may occur. In example `ux_slave_class_dfu_read` may read 4096 bytes (or more up to 65k) to a 256 byte buffer ultimately resulting in an overflow. Furthermore in case an attacker has some control over the read flash memory, this may result in execution of arbitrary code and platform compromise. A fix for this issue has been included in USBX release 6.1.11. As a workaround, align request and buffer size to assure that buffer boundaries are respected. | 2022-05-24 | not yet calculated | CVE-2022-29246 CONFIRM MISC MISC |
| azure — rtos_usbx | Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack. In versions prior to 6.1.10, an attacker can cause a buffer overflow by providing the Azure RTOS USBX host stack a HUB descriptor with `bNbPorts` set to a value greater than `UX_MAX_TT` which defaults to 8. For a `bNbPorts` value of 255, the implementation of `ux_host_class_hub_descriptor_get` function will modify the contents of `hub` -> `ux_host_class_hub_device` -> `ux_device_hub_tt` array violating the end boundary by 255 – `UX_MAX_TT` items. The USB host stack needs to validate the number of ports reported by the hub, and if the value is larger than UX_MAX_TT, USB stack needs to reject the request. This fix has been included in USBX release 6.1.10. | 2022-05-24 | not yet calculated | CVE-2022-29223 CONFIRM MISC |
| badmington_center — management_system | A vulnerability, which was classified as problematic, was found in Badminton Center Management System. This affects the userlist module at /bcms/admin/?page=user/list. The manipulation of the argument username with the input </td><img src=”https://us-cert.cisa.gov” onerror=”alert(1)”><td>1 leads to an authenticated cross site scripting. Exploit details have been disclosed to the public. | 2022-05-23 | not yet calculated | CVE-2022-1817 MISC MISC |
| beego — beego | The route lookup process in beego through 1.12.4 and 2.x through 2.0.2 allows attackers to bypass access control. When a /p1/p2/:name route is configured, attackers can access it by appending .xml in various places (e.g., p1.xml instead of p1). | 2022-05-21 | not yet calculated | CVE-2022-31259 MISC MISC MISC |
| bentley_nevada — 3500_rack_configuration | The affected Baker Hughes Bentley Nevada products (3500 System 1 6.x, Part No. 3060/00 versions 6.98 and prior, 3500 System 1, Part No. 3071/xx & 3072/xx versions 21.1 HF1 and prior, 3500 Rack Configuration, Part No. 129133-01 versions 6.4 and prior, and 3500/22M Firmware, Part No. 288055-01 versions 5.05 and prior) utilize a weak encryption algorithm for storage and transmission of sensitive data, which may allow an attacker to more easily obtain credentials used for access. | 2022-05-25 | not yet calculated | CVE-2021-32997 MISC |
| bfabiszewski_libmobi | Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. | 2022-05-27 | not yet calculated | CVE-2022-1907 CONFIRM MISC |
| bfabiszewski_libmobi | Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. | 2022-05-27 | not yet calculated | CVE-2022-1908 CONFIRM MISC |
| c-data — d702xw-x-r430 | C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command injection vulnerability via the va_cmd parameter in formlanipv6. This vulnerability allows attackers to execute arbitrary commands via a crafted HTTP request. | 2022-05-24 | not yet calculated | CVE-2022-29337 MISC |
| camptocamp — terraboard | SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0. | 2022-05-25 | not yet calculated | CVE-2022-1883 MISC CONFIRM |
| cardo_systems — scala_rider_q3 | A vulnerability classified as critical has been found in Cardo Systems Scala Rider Q3. Affected is the file /cardo/api of the Cardo-Updater. Unauthenticated remote code execution with root permissions is possible. Firewalling or disabling the service is recommended. | 2022-05-24 | not yet calculated | CVE-2014-125001 MISC MISC |
| causefx_organizr | Cross-site Scripting (XSS) – Stored in GitHub repository causefx/organizr prior to 2.1.2200. | 2022-05-27 | not yet calculated | CVE-2022-1909 MISC CONFIRM |
| chainsafe — lodestar | Lodestar is a TypeScript implementation of the Ethereum Consensus specification. Prior to version 0.36.0, there is a possible consensus split given maliciously-crafted `AttesterSlashing` or `ProposerSlashing` being included on-chain. Because the developers represent `uint64` values as native javascript `number`s, there is an issue when those variables with large (greater than 2^53) `uint64` values are included on chain. In those cases, Lodestar may view valid_`AttesterSlashing` or `ProposerSlashing` as invalid, due to rounding errors in large `number` values. This causes a consensus split, where Lodestar nodes are forked away from the main network. Similarly, Lodestar may consider invalid `ProposerSlashing` as valid, thus including in proposed blocks that will be considered invalid by the network. Version 0.36.0 contains a fix for this issue. As a workaround, use `BigInt` to represent `Slot` and `Epoch` values in `AttesterSlashing` and `ProposerSlashing` objects. `BigInt` is too slow to be used in all `Slot` and `Epoch` cases, so one may carefully use `BigInt` just where necessary for consensus. | 2022-05-24 | not yet calculated | CVE-2022-29219 CONFIRM MISC MISC |
| circutor — compact_dc-s_basic | A buffer overflow vulnerability has been detected in the firewall function of the device management web portal. The device runs a CGI binary (index.cgi) to offer a management web application. Once authenticated with valid credentials in this web portal, a potential attacker could submit any “Address” value and it would be copied to a second variable with a “strcpy” vulnerable function without checking its length. Because of this, it is possible to send a long address value to overflow the process stack, controlling the function return address. | 2022-05-24 | not yet calculated | CVE-2022-1669 MISC |
| cisco — common_services_platform_collector | Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. | 2022-05-27 | not yet calculated | CVE-2022-20668 CISCO |
| cisco — common_services_platform_collector | Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. | 2022-05-27 | not yet calculated | CVE-2022-20667 CISCO |
| cisco — common_services_platform_collector | Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. | 2022-05-27 | not yet calculated | CVE-2022-20666 CISCO |
| cisco — common_services_platform_collector_software | Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. | 2022-05-27 | not yet calculated | CVE-2022-20672 CISCO |
| cisco — common_services_platform_collector_software | Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. | 2022-05-27 | not yet calculated | CVE-2022-20673 CISCO |
| cisco — common_services_platform_collector_software | Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. | 2022-05-27 | not yet calculated | CVE-2022-20669 CISCO |
| cisco — common_services_platform_collector_software | Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. | 2022-05-27 | not yet calculated | CVE-2022-20674 CISCO |
| cisco — common_services_platform_collector_software | Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. | 2022-05-27 | not yet calculated | CVE-2022-20671 CISCO |
| cisco — expressway_series_and_telepresence | Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | 2022-05-27 | not yet calculated | CVE-2022-20807 CISCO |
| cisco — expressway_series_and_telepresence | Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | 2022-05-27 | not yet calculated | CVE-2022-20806 CISCO |
| cisco — expressway_series_and_telepresence | Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | 2022-05-26 | not yet calculated | CVE-2022-20809 CISCO |
| cisco — ios_xr | A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. This vulnerability exists because the health check RPM opens TCP port 6379 by default upon activation. An attacker could exploit this vulnerability by connecting to the Redis instance on the open port. A successful exploit could allow the attacker to write to the Redis in-memory database, write arbitrary files to the container filesystem, and retrieve information about the Redis database. Given the configuration of the sandboxed container that the Redis instance runs in, a remote attacker would be unable to execute remote code or abuse the integrity of the Cisco IOS XR Software host system. | 2022-05-26 | not yet calculated | CVE-2022-20821 CISCO |
| cisco — secure_network_analytics | A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary commands as an administrator on the underlying operating system. This vulnerability is due to insufficient user input validation by the web-based management interface of the affected software. An attacker could exploit this vulnerability by injecting arbitrary commands in the web-based management interface. A successful exploit could allow the attacker to make configuration changes on the affected device or cause certain services to restart unexpectedly. | 2022-05-27 | not yet calculated | CVE-2022-20797 CISCO |
| cisco — web_applications | A vulnerability in the web applications of Cisco UCS Director could allow an authenticated, remote attacker to conduct a cross-site scripting attack on an affected system. This vulnerability is due to unsanitized user input. An attacker could exploit this vulnerability by submitting custom JavaScript to affected web applications. A successful exploit could allow the attacker to rewrite web page content, access sensitive information stored in the applications, and alter data by submitting forms. | 2022-05-27 | not yet calculated | CVE-2022-20765 CISCO |
| cisco — enterprise_chat_and_email | A vulnerability in the web interface of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input that is processed by the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected system. A successful exploit could allow the attacker to execute arbitrary code in the context of the interface or access sensitive, browser-based information. To successfully exploit this vulnerability, an attacker would need valid agent credentials. | 2022-05-27 | not yet calculated | CVE-2022-20802 CISCO |
| citrix — gateway_plug-in | An improper privilege vulnerability has been discovered in Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows) <21.9.1.2 what could allow an attacker who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM. | 2022-05-26 | not yet calculated | CVE-2022-21827 MISC |
| claroty — secure_remote_access_site | Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions 3.0 through 3.2 allows an attacker with local command line interface access to gain the secret key, subsequently allowing them to generate valid session tokens for the web user interface (UI). With access to the web UI an attacker can access assets managed by the SRA installation and could compromise the installation. | 2022-05-23 | not yet calculated | CVE-2021-32958 MISC |
| cognex — in-sight_opc_server | Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are vulnerable to a stack-based buffer overflow, which allows an unauthorized remote attacker to execute arbitrary code with the same privileges as the server user (root). | 2022-05-23 | not yet calculated | CVE-2021-32941 MISC |
| cognex — in-sight_opc_server | The affected Cognex product, the In-Sight OPC Server versions v5.7.4 (96) and prior, deserializes untrusted data, which could allow a remote attacker access to system level permission commands and local privilege escalation. | 2022-05-23 | not yet calculated | CVE-2021-32935 MISC |
| cszcms — cszcms | CSZCMS v1.3.0 allows attackers to execute a Server-Side Request Forgery (SSRF) which can be leveraged to leak sensitive data via a local file inclusion at /admin/filemanager/connector/. | 2022-05-23 | not yet calculated | CVE-2022-28997 MISC MISC MISC MISC MISC |
| curl — curl | An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only). | 2022-05-26 | not yet calculated | CVE-2022-22576 MISC |
| cyberlink — power_director | A vulnerability in CyberLink Power Director v14 allows attackers to escalate privileges via a crafted .exe file. | 2022-05-24 | not yet calculated | CVE-2022-29333 MISC MISC MISC MISC |
| d-link — dsl-g2452dg | D-Link DSL-G2452DG HW:T1\tFW:ME_2.00 was discovered to contain insecure permissions. | 2022-05-23 | not yet calculated | CVE-2022-28932 MISC MISC MISC MISC |
| dedecms — dedecms | DedeCMS v5.7.93 was discovered to contain arbitrary file deletion vulnerability in upload.php via the delete parameter. | 2022-05-26 | not yet calculated | CVE-2022-30508 MISC |
| dell — bios | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | 2022-05-26 | not yet calculated | CVE-2022-24418 MISC |
| dell — bios | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | 2022-05-26 | not yet calculated | CVE-2022-24417 MISC |
| dell — emc_cloudlink | Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use these tokens to access CloudLink server. Tokens should not be used in request URL to avoid such attacks. | 2022-05-26 | not yet calculated | CVE-2022-24414 MISC |
| dell — emc_networker | Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port 5671 which could allow remote attackers to spoof certificates. | 2022-05-26 | not yet calculated | CVE-2022-29082 MISC |
| dell — idrac9 | Dell iDRAC9 versions 5.00.00.00 and later but prior to 5.10.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access to the VNC Console. | 2022-05-26 | not yet calculated | CVE-2022-24422 MISC |
| dell — multiple_products | Dell Unity, Dell UnityVSA, and Dell UnityXT versions prior to 5.2.0.0.5.173 contain a Reflected Cross-Site Scripting Vulnerability in Unisphere GUI. An Unauthenticated Remote Attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user’s web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. | 2022-05-26 | not yet calculated | CVE-2022-29091 MISC |
| dell — openmanage_enterprise | Dell OpenManage Enterprise Versions 3.8.3 and prior contain an improper authorization vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to bypass blocked functionalities and perform unauthorized actions. | 2022-05-26 | not yet calculated | CVE-2022-26857 MISC |
| dell — support_assist_os_recovery | Dell Support Assist OS Recovery versions before 5.5.2 contain an Authentication Bypass vulnerability. An unauthenticated attacker with physical access to the system may exploit this vulnerability by bypassing OS Recovery authentication in order to run arbitrary code on the system as Administrator. | 2022-05-26 | not yet calculated | CVE-2022-26865 MISC |
| delta_electronics — diascreen | Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to type confusion, which may allow an attacker to remotely execute arbitrary code. | 2022-05-24 | not yet calculated | CVE-2021-32965 MISC |
| delta_electronics — diascreen | Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to an out-of-bounds write condition, which may result in a system crash or allow an attacker to remotely execute arbitrary code. | 2022-05-24 | not yet calculated | CVE-2021-32969 MISC |
| dev-cpp — dev-cpp | Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers to execute arbitrary code via overwriting the binary devcpp.exe. | 2022-05-23 | not yet calculated | CVE-2022-28999 MISC |
| divvydrives — aciklama_parameter | A Stored Cross-Site Scripting (XSS) vulnerability in DivvyDrive’s “aciklama” parameter could allow anyone to gain users’ session informations. | 2022-05-23 | not yet calculated | CVE-2022-0900 CONFIRM |
| docker — desktop | Docker Desktop 4.3.0 has Incorrect Access Control. | 2022-05-25 | not yet calculated | CVE-2021-44719 MISC MISC MISC |
| dpkg — dpkg | Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs. | 2022-05-26 | not yet calculated | CVE-2022-1664 MISC MISC MISC MISC MISC MISC |
| emco — emco_software | Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network Inventory for Windows 5.8.22 and Network Software Scanner for Windows 2.0.8 and UnLock IT for Windows 6.1.1. The impact is: execute arbitrary code (remote). The component is: Updater. The attack vector is: To exploit this vulnerability, a user must trigger an update of an affected installation of EMCO Software. ¶¶ Multiple products from EMCO Software are affected by a remote code execution vulnerability during the update process. | 2022-05-23 | not yet calculated | CVE-2022-28944 MISC MISC MISC |
| epub2txt2 — epub2txt2 | epub2txt2 v2.04 was discovered to contain an integer overflow via the function bug in _parse_special_tag at sxmlc.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted XML file. | 2022-05-25 | not yet calculated | CVE-2022-29358 MISC |
| erudika — para | Business Logic Errors in GitHub repository erudika/para prior to 1.45.11. | 2022-05-24 | not yet calculated | CVE-2022-1848 MISC CONFIRM |
| f-secure– atlant | A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aemobile component can crash the scanning engine. The exploit can be triggered remotely by an attacker. | 2022-05-25 | not yet calculated | CVE-2022-28875 MISC MISC |
| f-secure– atlant | Multiple Denial-of-Service vulnerabilities was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files cause memory corruption and heap buffer overflow which eventually can crash the scanning engine. The exploit can be triggered remotely by an attacker. | 2022-05-23 | not yet calculated | CVE-2022-28874 MISC MISC |
| filegator — filegator | Path Traversal in GitHub repository filegator/filegator prior to 7.8.0. | 2022-05-24 | not yet calculated | CVE-2022-1850 CONFIRM MISC |
| filegator — filegator | Session Fixation in GitHub repository filegator/filegator prior to 7.8.0. | 2022-05-24 | not yet calculated | CVE-2022-1849 MISC CONFIRM |
| fortiguard — fortios | An improper certificate validation vulnerability [CWE-295] in FortiOS 6.0.0 through 6.0.14, 6.2.0 through 6.2.10, 6.4.0 through 6.4.8, 7.0.0 may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication between the FortiGate and some peers such as private SDNs and external cloud platforms. | 2022-05-24 | not yet calculated | CVE-2022-22306 CONFIRM |
| gibbon — v23 | Gibbon v23 does not generate a new session ID cookie after a user authenticates, making the application vulnerable to session fixation. | 2022-05-25 | not yet calculated | CVE-2022-27305 MISC MISC MISC |
| ginadmin — ginadmin | In ginadmin through 05-10-2022 the incoming path value is not filtered, resulting in directory traversal. | 2022-05-25 | not yet calculated | CVE-2022-30427 MISC |
| ginadmin — ginadmin | In ginadmin through 05-10-2022, the incoming path value is not filtered, resulting in arbitrary file reading. | 2022-05-25 | not yet calculated | CVE-2022-30428 MISC |
| gitblit — gitblit | Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext ‘attacker@example.comntrole = “#admin”‘ value. | 2022-05-21 | not yet calculated | CVE-2022-31267 MISC MISC |
| gitblit — gitblit | A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ (e.g., followed by a WEB-INF or META-INF pathname). | 2022-05-21 | not yet calculated | CVE-2022-31268 MISC |
| gjson — gjson | GJSON <= 1.9.2 allows attackers to cause a redos via crafted JSON input. | 2022-05-24 | not yet calculated | CVE-2021-42248 MISC |
| gost — gost_engine | GOST engine is a reference implementation of the Russian GOST crypto algorithms for OpenSSL. TLS clients using GOST engine when ciphersuite `TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC` is agreed and the server uses 512 bit GOST secret keys are vulnerable to buffer overflow. GOST engine version 3.0.1 contains a patch for this issue. Disabling ciphersuite `TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC` is a possible workaround. | 2022-05-24 | not yet calculated | CVE-2022-29242 MISC MISC MISC MISC CONFIRM |
| guzzle — guzzle | Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 contains a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets the cookie via the Set-Cookie header, allowing a malicious server to set cookies for unrelated domains. The cookie middleware is disabled by default, so most library consumers will not be affected by this issue. Only those who manually add the cookie middleware to the handler stack or construct the client with [‘cookies’ => true] are affected. Moreover, those who do not use the same Guzzle client to call multiple domains and have disabled redirect forwarding are not affected by this vulnerability. Guzzle versions 6.5.6 and 7.4.3 contain a patch for this issue. As a workaround, turn off the cookie middleware. | 2022-05-25 | not yet calculated | CVE-2022-29248 MISC MISC CONFIRM CONFIRM |
| h — h | An issue in H v1.0 allows attackers to bypass authentication via a session replay attack. | 2022-05-24 | not yet calculated | CVE-2022-29334 MISC |
| halibut — halibut | A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document. | 2022-05-24 | not yet calculated | CVE-2021-42612 MISC |
| halibut — halibut | A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document. | 2022-05-24 | not yet calculated | CVE-2021-42614 MISC |
| halibut — halibut | A double free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document. | 2022-05-24 | not yet calculated | CVE-2021-42613 MISC |
| hashicorp — go-getter | HashiCorp go-getter through 2.0.2 does not safely perform downloads (issue 3 of 3). | 2022-05-25 | not yet calculated | CVE-2022-30323 MISC MISC MISC |
| hashicorp — go-getter | HashiCorp go-getter through 2.0.2 does not safely perform downloads (issue 2 of 3). | 2022-05-25 | not yet calculated | CVE-2022-30322 MISC MISC MISC |
| hashicorp — go-getter | HashiCorp go-getter through 2.0.2 does not safely perform downloads (issue 1 of 3). | 2022-05-25 | not yet calculated | CVE-2022-30321 MISC MISC MISC |
| hashicorp — go-getter | HashiCorp go-getter before 2.0.2 allows Command Injection. | 2022-05-25 | not yet calculated | CVE-2022-26945 MISC MISC |
| hcl_software — bigfix_mobile/modern_client_management_version | The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment. | 2022-05-27 | not yet calculated | CVE-2021-27780 CONFIRM |
| hcl_software — bigfix_mobile/modern_client_management_version | The Master operator may be able to embed script tag in HTML with alert pop-up display cookie. | 2022-05-27 | not yet calculated | CVE-2021-27781 CONFIRM |
| hcl_software — bigfix_mobile/modern_client_management_version | User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed. | 2022-05-25 | not yet calculated | CVE-2021-27783 MISC |
| hcl_software –hcl_versionvault_express | VersionVault Express exposes sensitive information that an attacker can use to impersonate the server or eavesdrop on communications with the server. | 2022-05-25 | not yet calculated | CVE-2021-27779 MISC |
| home_clean_services_management_system –home_clean_services_management_system | A vulnerability, which was classified as problematic, has been found in Home Clean Services Management System 1.0. This issue affects register.php?link=registerand. The manipulation with the input <script>alert(1)</script> leads to cross site scripting. The attack may be initiated remotely but demands authentication. Exploit details have been disclosed to the public. | 2022-05-24 | not yet calculated | CVE-2022-1840 MISC MISC |
| home_clean_services_management_system –home_clean_services_management_system | A vulnerability classified as critical was found in Home Clean Services Management System 1.0. This vulnerability affects the file login.php. The manipulation of the argument email with the input admin%’/**/AND/**/(SELECT/**/5383/**/FROM/**/(SELECT(SLEEP(2)))JPeh)/**/AND/**/’frfq%’=’frfq leads to sql injection. The attack can be initiated remotely but it requires authentication. Exploit details have been disclosed to the public. | 2022-05-24 | not yet calculated | CVE-2022-1839 MISC MISC |
| home_clean_services_management_system –home_clean_services_management_system | A vulnerability was found in Home Clean Services Management System 1.0. It has been rated as critical. Affected by this issue is register.php?link=registerand. The manipulation with the input <?php phpinfo();?> leads to code execution. The attack may be launched remotely but demands an authentication. Exploit details have been disclosed to the public. | 2022-05-24 | not yet calculated | CVE-2022-1837 MISC MISC |
| home_clean_services_management_system –home_clean_services_management_system | A vulnerability classified as critical has been found in Home Clean Services Management System 1.0. This affects an unknown part of admin/login.php. The manipulation of the argument username with the input admin%’/**/AND/**/(SELECT/**/5383/**/FROM/**/(SELECT(SLEEP(5)))JPeh)/**/AND/**/’frfq%’=’frfq leads to sql injection. It is possible to initiate the attack remotely but it requires authentication. Exploit details have been disclosed to the public. | 2022-05-24 | not yet calculated | CVE-2022-1838 MISC MISC |
| hospital-management-system — hospital-management-system | In Hospital-Management-System v1.0, the editid parameter in the doctor.php page is vulnerable to SQL injection attacks. | 2022-05-26 | not yet calculated | CVE-2022-30516 MISC |
| ibm — aspera_faspex | IBM Aspera Faspex 4.4.1 and 5.0.0 could allow unauthorized access due to an incorrectly computed security token. IBM X-Force ID: 226951. | 2022-05-24 | not yet calculated | CVE-2022-22497 XF CONFIRM |
| ibm — elastic_storage_system | A vulnerability in the Spectrum Scale 5.1 core component and IBM Elastic Storage System 6.1 could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. IBM X-Force ID: 191600. | 2022-05-24 | not yet calculated | CVE-2020-4926 XF CONFIRM CONFIRM |
| ibm — i | IBM i 7.3, 7.4, and 7.5 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 226941. | 2022-05-24 | not yet calculated | CVE-2022-22495 XF CONFIRM |
| ibm — power_systems | The POWER systems FSP is vulnerable to unauthenticated logins through the serial port/TTY interface. This vulnerability can be more critical if the serial port is connected to a serial-over-lan device. IBM X-Force ID: 217095. | 2022-05-24 | not yet calculated | CVE-2022-22309 CONFIRM XF |
| java — javaez | JavaEZ is a library that adds new functions to make Java easier. A weakness in JavaEZ 1.6 allows force decryption of locked text by unauthorized actors. The issue is NOT critical for non-secure applications, however may be critical in a situation where the highest levels of security are required. This issue ONLY affects v1.6 and does not affect anything pre-1.6. The vulnerability has been patched in release 1.7. Currently, there is no way to fix the issue without upgrading. | 2022-05-24 | not yet calculated | CVE-2022-29249 CONFIRM MISC |
| jfinal — jfinal_cms | Jfinal cms 5.1.0 is vulnerable to SQL Injection. | 2022-05-26 | not yet calculated | CVE-2022-30500 MISC |
| jfrog — artifactory | JFrog Artifactory prior to version 7.28.0 and 6.23.38, is vulnerable to Broken Access Control, the copy functionality can be used by a low-privileged user to read and copy any artifact that exists in the Artifactory deployment due to improper permissions validation. | 2022-05-23 | not yet calculated | CVE-2021-41834 CONFIRM |
| jgraph — drawio | Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2. | 2022-05-25 | not yet calculated | CVE-2022-1815 CONFIRM MISC |
| kkfileview — kkfileview | kkFileView v4.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the url parameter at /controller/OnlinePreviewController.java. | 2022-05-25 | not yet calculated | CVE-2022-29349 MISC |
| kuka — kr_c4 | An attacker can gain full access (read/write/delete) to sensitive folders due to hard-coded credentials on KUKA KR C4 control software for versions prior to 8.7 or any product running KSS. | 2022-05-26 | not yet calculated | CVE-2021-33016 MISC |
| kuka — kr_c4 | An attacker can gain VxWorks Shell after login due to hard-coded credentials on a KUKA KR C4 control software for versions prior to 8.7 or any product running KSS. | 2022-05-26 | not yet calculated | CVE-2021-33014 MISC |
| lcds– laquis_scada_application | When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) returns error messages which may allow reflected cross-site scripting. | 2022-05-25 | not yet calculated | CVE-2021-32989 MISC |
| limesurvey — limesurvey | A cross-site scripting (XSS) vulnerability in uploadConfirm.php of LimeSurvey v5.3.9 and below allows attackers to execute arbitrary web scripts or HTML via a crafted plugin. | 2022-05-25 | not yet calculated | CVE-2022-29710 MISC |
| linglong — linglong | An access control issue in Linglong v1.0 allows attackers to access the background of the application via a crafted cookie. | 2022-05-26 | not yet calculated | CVE-2022-29633 MISC |
| linux — linux_kernel | An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients. | 2022-05-25 | not yet calculated | CVE-2022-1678 MISC CONFIRM MISC MISC |
| linux — linux_kernel | A flaw use after free in the Linux kernel pipes functionality was found in the way user do some manipulations with pipe ex. with the post_one_notification() after free_pipe_info() already called. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | 2022-05-26 | not yet calculated | CVE-2022-1882 MISC |
| logrotate — logrotate | A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist, it is created with world-readable permission, allowing an unprivileged user to lock the state file, stopping any rotation. This flaw affects logrotate versions before 3.20.0. | 2022-05-25 | not yet calculated | CVE-2022-1348 MISC MLIST MLIST MLIST |
| luxsoft — luxcal_web_calendar | In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a POST request. This allows the attacker’s session to be authenticated as any registered LuxCal user, including the site administrator. | 2022-05-24 | not yet calculated | CVE-2021-45914 MISC MISC MISC CONFIRM |
| luxsoft — luxcal_web_calendar | In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a cookie value. This allows the attacker’s session to be authenticated as any registered LuxCal user, including the site administrator. | 2022-05-24 | not yet calculated | CVE-2021-45915 MISC MISC MISC CONFIRM |
| manageengine — appmanager15 | ManageEngine AppManager15 (Build No:15510) allows an authenticated admin user to upload a DLL file to perform a DLL hijack attack inside the ‘working’ folder through the ‘Upload Files / Binaries’ functionality. | 2022-05-24 | not yet calculated | CVE-2022-23050 MISC MISC |
| mastodon — mastodon | app/models/user.rb in Mastodon before 3.5.0 allows a bypass of e-mail restrictions. | 2022-05-24 | not yet calculated | CVE-2022-31263 CONFIRM CONFIRM |
| matrikon — matrikon_opc_server | Matrikon, a subsidary of Honeywell Matrikon OPC Server (all versions) is vulnerable to a condition where a low privileged user allowed to connect to the OPC server to use the functions of the IPersisFile to execute operating system processes with system-level privileges. | 2022-05-26 | not yet calculated | CVE-2022-1261 CONFIRM |
| mindoc — mindoc | An arbitrary file upload vulnerability in Mindoc v2.1-beta.5 allows attackers to execute arbitrary commands via a crafted Zip file. | 2022-05-26 | not yet calculated | CVE-2022-29637 MISC |
| mini-xml — mini-xml | A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxml_string_getc:2611. | 2022-05-26 | not yet calculated | CVE-2021-42860 MISC |
| mini-xml — mini-xml | A memory leak issue was discovered in Mini-XML v3.2 that could cause a denial of service. | 2022-05-26 | not yet calculated | CVE-2021-42859 MISC |
| morpheus — morpheus | An XXE issue was discovered in Morpheus through 5.2.16 and 5.4.x through 5.4.4. A successful attack requires a SAML identity provider to be configured. In order to exploit the vulnerability, the attacker must know the unique SAML callback ID of the configured identity source. A remote attacker can send a request crafted with an XXE payload to invoke a malicious DTD hosted on a system that they control. This results in reading local files that the application has access to. | 2022-05-24 | not yet calculated | CVE-2022-31261 MISC MISC |
| mysiteforme — mysistefome | mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery. | 2022-05-24 | not yet calculated | CVE-2022-29309 MISC |
| nginx — njs | Nginx NJS v0.7.3 was discovered to contain a stack overflow in the function njs_default_module_loader at /src/njs/src/njs_module.c. | 2022-05-25 | not yet calculated | CVE-2022-29379 MISC MISC MISC |
| nokia — broadcast_message_center | Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user, database name, and database version information, and potentially database data. | 2022-05-25 | not yet calculated | CVE-2021-35487 MISC MISC |
| oas — oas_platform | An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this vulnerability. | 2022-05-25 | not yet calculated | CVE-2022-26833 MISC |
| oas — oas_platform | An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of an OAS user account. An attacker can send a sequence of requests to trigger this vulnerability. | 2022-05-25 | not yet calculated | CVE-2022-26303 MISC |
| oas — oas_platform | An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to a disclosure of sensitive information. An attacker can send a network request to trigger this vulnerability. | 2022-05-25 | not yet calculated | CVE-2022-27169 MISC |
| oas — oas_platform | An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of a custom Security Group. An attacker can send a sequence of requests to trigger this vulnerability. | 2022-05-25 | not yet calculated | CVE-2022-26043 MISC |
| oas — oas_platform | An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to arbitrary file read. An attacker can send a sequence of requests to trigger this vulnerability. | 2022-05-25 | not yet calculated | CVE-2022-26067 MISC |
| oas — oas_platform | A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability. | 2022-05-25 | not yet calculated | CVE-2022-26077 MISC |
| oas — oas_platform | A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. | 2022-05-25 | not yet calculated | CVE-2022-26082 MISC |
| oas — oas_platform | A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to loss of communications. An attacker can send a network request to trigger this vulnerability. | 2022-05-25 | not yet calculated | CVE-2022-26026 MISC |
| online_food — ordering_system | Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the Search parameter at /online-food-order/food-search.php. | 2022-05-25 | not yet calculated | CVE-2022-29650 MISC |
| online_food — ordering_system | An arbitrary file upload vulnerability in the Select Image function of Online Food Ordering System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | 2022-05-25 | not yet calculated | CVE-2022-29651 MISC |
| opencast — opencast | Opencast is a free and open source solution for automated video capture and distribution at scale. Prior to Opencast 10.14 and 11.7, users could pass along URLs for files belonging to organizations other than the user’s own, which Opencast would then import into the current organization, bypassing organizational barriers. Attackers must have full access to Opencast’s ingest REST interface, and also know internal links to resources in another organization of the same Opencast cluster. Users who do not run a multi-tenant cluster are not affected by this issue. This issue is fixed in Opencast 10.14 and 11.7. | 2022-05-24 | not yet calculated | CVE-2022-29237 CONFIRM MISC |
| oretnom23 — automotive_shop_management_system | In oretnom23 Automotive Shop Management System v1.0, the product id parameter suffers from a blind SQL Injection Vulnerability allowing remote attackers to dump all database credential and gain admin access(privilege escalation). | 2022-05-26 | not yet calculated | CVE-2022-30493 MISC |
| oretnom23 — automotive_shop_management_system | In oretnom23 Automotive Shop Management System v1.0, the name id parameter is vulnerable to IDOR – Broken Access Control allowing attackers to change the admin password(vertical privilege escalation) | 2022-05-26 | not yet calculated | CVE-2022-30495 MISC |
| oretnom23 — automotive_shop_management_system | In oretnom23 Automotive Shop Management System v1.0, the first and last name user fields suffer from a stored XSS Injection Vulnerability allowing remote attackers to gain admin access and view internal IPs. | 2022-05-26 | not yet calculated | CVE-2022-30494 MISC |
| pallets — werkzeug | Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. | 2022-05-25 | not yet calculated | CVE-2022-29361 MISC |
| philips — interoperability_solution_xds | Philips Interoperability Solution XDS versions 2.5 through 3.11 and 2018-1 through 2021-1 are vulnerable to clear text transmission of sensitive information when configured to use LDAP via TLS and where the domain controller returns LDAP referrals, which may allow an attacker to remotely read LDAP system credentials. | 2022-05-25 | not yet calculated | CVE-2021-32966 MISC |
| php — zoo_management_system | A vulnerability, which was classified as problematic, has been found in Zoo Management System 1.0. Affected by this issue is /zoo/admin/public_html/view_accounts?type=zookeeper of the content module. The manipulation of the argument admin_name with the input <script>alert(1)</script> leads to an authenticated cross site scripting. Exploit details have been disclosed to the public. | 2022-05-23 | not yet calculated | CVE-2022-1816 MISC MISC |
| pillow — pyhton_pillow | libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files. | 2022-05-25 | not yet calculated | CVE-2022-30595 MISC MISC |
| piwigo — piwigo | Piwigo 11.5.0 is affected by a SQL injection vulnerability via admin.php and the id parameter. | 2022-05-26 | not yet calculated | CVE-2021-40317 MISC |
| protobufjs — protobufjs | The package protobufjs before 6.11.3 are vulnerable to Prototype Pollution which can allow an attacker to add/modify properties of the Object.prototype. This vulnerability can occur in multiple ways: 1. by providing untrusted user input to util.setProperty or to ReflectionObject.setParsedOption functions 2. by parsing/loading .proto files | 2022-05-27 | not yet calculated | CVE-2022-25878 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| publify — publify | Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to 9.2.9. | 2022-05-23 | not yet calculated | CVE-2022-1811 MISC CONFIRM |
| pyjwt — python | PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT token can choose the used signing algorithm. The PyJWT library requires that the application chooses what algorithms are supported. The application can specify `jwt.algorithms.get_default_algorithms()` to get support for all algorithms, or specify a single algorithm. The issue is not that big as `algorithms=jwt.algorithms.get_default_algorithms()` has to be used. Users should upgrade to v2.4.0 to receive a patch for this issue. As a workaround, always be explicit with the algorithms that are accepted and expected when decoding. | 2022-05-24 | not yet calculated | CVE-2022-29217 CONFIRM MISC MISC |
| qnap –qnap_nas_running_proxy_server | A cross-site request forgery (CSRF) vulnerability has been reported to affect QNAP device running Proxy Server. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Proxy Server: QTS 4.5.x: Proxy Server 1.4.2 ( 2021/12/30 ) and later QuTS hero h5.0.0: Proxy Server 1.4.3 ( 2022/01/18 ) and later QuTScloud c4.5.6: Proxy Server 1.4.2 ( 2021/12/30 ) and later | 2022-05-26 | not yet calculated | CVE-2021-34360 MISC |
| quick_heal — total_security | Quick Heal Total Security before 12.1.1.27 allows DLL hijacking during installation. | 2022-05-23 | not yet calculated | CVE-2022-31467 MISC |
| quick_heal — total_security | Quick Heal Total Security before 12.1.1.27 has a TOCTOU race condition that leads to privilege escalation. It may follow a symlink that was created after a malware check. | 2022-05-23 | not yet calculated | CVE-2022-31466 MISC |
| radareorg — radare2 | Access of Uninitialized Pointer in GitHub repository radareorg/radare2 prior to 5.7.0. | 2022-05-21 | not yet calculated | CVE-2022-1809 CONFIRM MISC |
| radereorg — radare | radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser. | 2022-05-25 | not yet calculated | CVE-2021-44974 MISC MISC MLIST |
| radereorg — radare | radareorg radare2 5.5.2 is vulnerable to Buffer Overflow via /libr/core/anal_objc.c mach-o parser. | 2022-05-24 | not yet calculated | CVE-2021-44975 MISC MISC MLIST |
| radereorg — radare2 | Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. | 2022-05-26 | not yet calculated | CVE-2022-1899 CONFIRM MISC |
| rails — active_storage | A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments. | 2022-05-26 | not yet calculated | CVE-2022-21831 MISC |
| roncoo — roncoo_education | An arbitrary file upload vulnerability in the component /course/api/upload/pic of Roncoo Education v9.0.0 allows attackers to execute arbitrary code via a crafted file. | 2022-05-26 | not yet calculated | CVE-2022-29632 MISC |
| school_club_application_system –school_club_application_system | A stored cross-site scripting (XSS) vulnerability in /scas/?page=clubs/application_form&id=7 of School Club Application System v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter. | 2022-05-25 | not yet calculated | CVE-2022-29359 MISC MISC |
| sharp — sharp | sharp is an application for Node.js image processing. Prior to version 0.30.5, there is a possible vulnerability in logic that is run only at `npm install` time when installing versions of `sharp` prior to the latest v0.30.5. If an attacker has the ability to set the value of the `PKG_CONFIG_PATH` environment variable in a build environment then they might be able to use this to inject an arbitrary command at `npm install` time. This is not part of any runtime code, does not affect Windows users at all, and is unlikely to affect anyone that already cares about the security of their build environment. This problem is fixed in version 0.30.5. | 2022-05-25 | not yet calculated | CVE-2022-29256 CONFIRM MISC |
| siteserver — cms | SiteServer CMS V6.15.51 is affected by a SQL injection vulnerability. | 2022-05-24 | not yet calculated | CVE-2021-42655 MISC MISC MISC |
| siteserver — cms | SiteServer CMS < V5.1 is affected by an unrestricted upload of a file with dangerous type (getshell), which could be used to execute arbitrary code. | 2022-05-24 | not yet calculated | CVE-2021-42654 MISC MISC MISC |
| siteserver — cms | SiteServer CMS V6.15.51 is affected by a Cross Site Scripting (XSS) vulnerability. | 2022-05-24 | not yet calculated | CVE-2021-42656 MISC MISC MISC |
| smarty-php — smarty | Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious {block} name or {include} file name. Sites that cannot fully trust template authors should upgrade to versions 3.1.45 or 4.1.1 to receive a patch for this issue. There are currently no known workarounds. | 2022-05-24 | not yet calculated | CVE-2022-29221 MISC CONFIRM MISC MISC |
| solana — solana_rbpf | Solana solana_rbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program. | 2022-05-21 | not yet calculated | CVE-2022-31264 MISC MISC |
| sox — sox | In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in libsox.a. | 2022-05-25 | not yet calculated | CVE-2022-31651 MISC |
| sox — sox | In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a. | 2022-05-25 | not yet calculated | CVE-2022-31650 MISC |
| student_information_system — student_information_system | A vulnerability, which was classified as problematic, was found in Student Information System 1.0. Affected is admin/?page=students of the Student Roll module. The manipulation with the input <script>alert(1)</script> leads to authenticated cross site scripting. Exploit details have been disclosed to the public. | 2022-05-24 | not yet calculated | CVE-2022-1819 MISC MISC |
| suse — rancher | A Missing Encryption of Sensitive Data vulnerability in SUSE Rancher, Rancher allows attackers on the network to read and change network data due to missing encryption of data transmitted via the network when a cluster is created from an RKE template with the CNI value overridden This issue affects: SUSE Rancher Rancher versions prior to 2.5.14; Rancher versions prior to 2.6.5. | 2022-05-25 | not yet calculated | CVE-2022-21951 CONFIRM CONFIRM |
| tableau — tableau_server | Tableau is aware of a broken access control vulnerability present in Tableau Server affecting Tableau Server customers using Local Identity Store for managing users. The vulnerability allows a malicious site administrator to change passwords for users in different sites hosted on the same Tableau Server, resulting in the potential for unauthorized access to data.Tableau Server versions affected are:2020.4.16, 2021.1.13, 2021.2.10, 2021.3.9, 2021.4.4 and earlierNote: All future releases of Tableau Server will address this security issue. Versions that are no longer supported are not tested and may be vulnerable. | 2022-05-25 | not yet calculated | CVE-2022-22127 MISC |
| talend_administration_center — sso_login_endpoint | Talend Administration Center is vulnerable to a reflected Cross-Site Scripting (XSS) issue in the SSO login endpoint. The issue is fixed for versions 8.0.x in TPS-5233, for versions 7.3.x in TPS-5324, and for versions 7.2.x in TPS-5235. Earlier versions of Talend Administration Center may also be impacted; users are encouraged to update to a supported version. | 2022-05-26 | not yet calculated | CVE-2022-31648 MISC MISC |
| telecommunication_software_gmbh — software_samwin_contact_center_suite | A vulnerability classified as critical was found in Telecommunication Software SAMwin Contact Center Suite 5.1. This vulnerability affects the function passwordScramble in the library SAMwinLIBVB.dll of the component Password Handler. Incorrect implementation of a hashing function leads to predictable authentication possibilities. Upgrading to version 6.2 is able to address this issue. It is recommended to upgrade the affected component. | 2022-05-24 | not yet calculated | CVE-2013-10004 MISC MISC |
| telecommunication_software_gmbh — software_samwin_contact_center_suite | A vulnerability was found in Telecommunication Software SAMwin Contact Center Suite 5.1. It has been rated as critical. Affected by this issue is the function getCurrentDBVersion in the library SAMwinLIBVB.dll of the credential handler. Authentication is possible with hard-coded credentials. Upgrading to version 6.2 is able to address this issue. It is recommended to upgrade the affected component. | 2022-05-24 | not yet calculated | CVE-2013-10002 MISC MISC |
| telecommunication_software_gmbh — software_samwin_contact_center_suite | A vulnerability classified as critical has been found in Telecommunication Software SAMwin Contact Center Suite 5.1. This affects the function getCurrentDBVersion in the library SAMwinLIBVB.dll of the database handler. The manipulation leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 6.2 is able to address this issue. It is recommended to upgrade the affected component. | 2022-05-24 | not yet calculated | CVE-2013-10003 MISC MISC |
| tenda — web_server_httpd | There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs. | 2022-05-24 | not yet calculated | CVE-2021-42659 MISC MISC |
| tenda — ac_series_router | Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request. | 2022-05-26 | not yet calculated | CVE-2022-30474 MISC |
| tenda — ac_series_router | Tenda AC Seris Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function fromAddressNat | 2022-05-26 | not yet calculated | CVE-2022-30472 MISC |
| tenda — ac_series_router | Tenda AC Series Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function form_fast_setting_wifi_set | 2022-05-26 | not yet calculated | CVE-2022-30473 MISC |
| tenda — ac_series_router | Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/WifiExtraSet request. | 2022-05-26 | not yet calculated | CVE-2022-30475 MISC |
| tenda — ac_series_router | Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request. | 2022-05-26 | not yet calculated | CVE-2022-30476 MISC |
| tenda — ac_series_router | Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request. | 2022-05-26 | not yet calculated | CVE-2022-30477 MISC |
| thorfdbg – libjpeg | In libjpeg before 1.64, BitStream<false>::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan. | 2022-05-25 | not yet calculated | CVE-2022-31620 MISC MISC |
| tinytoml — tinytoml | There is a stack-overflow vulnerability in tinytoml v0.4 that can cause a crash or DoS. | 2022-05-26 | not yet calculated | CVE-2021-42692 MISC |
| tipask — tipask | In Tipask < 3.5.9, path parameters entered by the user are not validated when downloading attachments, a registered user can download arbitrary files on the Tipask server such as .env, /etc/passwd, laravel.log, causing infomation leakage. | 2022-05-23 | not yet calculated | CVE-2021-41714 MISC MISC MISC |
| totolink — a3600r | Totolink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a stacker overflow in the fread function at infostat.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via the parameter CONTENT_LENGTH. | 2022-05-24 | not yet calculated | CVE-2022-29377 MISC |
| tp-link — tl-wr840n | TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console. This vulnerability allows attackers to connect to the UART port via a serial connection and execute commands as the root user without authentication. | 2022-05-25 | not yet calculated | CVE-2022-29402 MISC |
| trend_micro — maximum_security | Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a low privileged local user to manipulate the product’s secure erase feature to delete arbitrary files. | 2022-05-27 | not yet calculated | CVE-2022-30687 N/A N/A |
| trend_micro — apex_one | An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 2022-05-27 | not yet calculated | CVE-2022-30700 N/A N/A |
| trend_micro — apex_one | An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to craft a special configuration file to load an untrusted library with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 2022-05-27 | not yet calculated | CVE-2022-30701 N/A N/A |
| trend_micro — password_manager |
EOL Product CVE – Installer of Trend Micro Password Manager (Consumer) versions 3.7.0.1223 and below provided by Trend Micro Incorporated contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). Please note that this was reported on an EOL version of the product, and users are advised to upgrade to the latest supported version (5.x). | 2022-05-27 | not yet calculated | CVE-2022-28394 N/A N/A N/A |
| truestack — direct_connect | TrueStack Direct Connect 1.4.7 has Incorrect Access Control. | 2022-05-25 | not yet calculated | CVE-2022-23775 MISC MISC |
| tuxera — ntfs-3g | An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite. | 2022-05-26 | not yet calculated | CVE-2022-30783 MISC MISC |
| tuxera — ntfs-3g | A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22. | 2022-05-26 | not yet calculated | CVE-2022-30786 MISC MISC |
| tuxera — ntfs-3g | A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22. | 2022-05-26 | not yet calculated | CVE-2022-30784 MISC MISC |
| tuxera — ntfs-3g | A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite. | 2022-05-26 | not yet calculated | CVE-2022-30785 MISC MISC |
| tuxera — ntfs-3g | An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite. | 2022-05-26 | not yet calculated | CVE-2022-30787 MISC MISC |
| tuxera — ntfs-3g | A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22. | 2022-05-26 | not yet calculated | CVE-2022-30789 MISC MISC |
| tuxera — ntfs-3g | A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22. | 2022-05-26 | not yet calculated | CVE-2022-30788 MISC MISC |
| ua-parser-js — ua-parser-js | A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component. | 2022-05-24 | not yet calculated | CVE-2021-4229 MISC MISC MISC |
| undertow — undertow | A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.35.SP1, prior to 2.2.6.SP1, prior to 2.2.7.SP1, prior to 2.0.36.SP1, prior to 2.2.9.Final and prior to 2.0.39.Final. | 2022-05-24 | not yet calculated | CVE-2021-3597 MISC |
| undertow — undertow | A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final and prior to 2.2.11.Final. | 2022-05-24 | not yet calculated | CVE-2021-3629 MISC |
| vaadin — vaadin | The default configuration of a TreeGrid component uses Object::toString as a key on the client-side and server communication in Vaadin 14.8.5 through 14.8.9, 22.0.6 through 22.0.14, 23.0.0.beta2 through 23.0.8 and 23.1.0.alpha1 through 23.1.0.alpha4, resulting in potential information disclosure of values that should not be available on the client-side. | 2022-05-24 | not yet calculated | CVE-2022-29567 MISC MISC |
| vim — vim | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | 2022-05-25 | not yet calculated | CVE-2022-1851 MISC CONFIRM |
| vim — vim | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | 2022-05-26 | not yet calculated | CVE-2022-1886 CONFIRM MISC |
| vim — vim | Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | 2022-05-27 | not yet calculated | CVE-2022-1897 CONFIRM MISC |
| vim — vim | Use After Free in GitHub repository vim/vim prior to 8.2. | 2022-05-27 | not yet calculated | CVE-2022-1898 MISC CONFIRM |
| vmware — vmware_tools_for_windows | VMware Tools for Windows(12.0.0, 11.x.y and 10.x.y) contains an XML External Entity (XXE) vulnerability. A malicious actor with non-administrative local user privileges in the Windows guest OS, where VMware Tools is installed, may exploit this issue leading to a denial-of-service condition or unintended information disclosure. | 2022-05-24 | not yet calculated | CVE-2022-22977 MISC |
| wildfly — wildfly | A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability. This flaw affects wildfly-core versions prior to 17.0. | 2022-05-24 | not yet calculated | CVE-2021-3717 MISC |
| wondercms — simple_blog_plugin | The Simple Blog plugin in Wondercms 3.4.1 is vulnerable to stored cross-site scripting (XSS) vulnerability. When any user opens a particular blog hosted on an attackers’ site, XSS may occur. | 2022-05-23 | not yet calculated | CVE-2021-42233 MISC MISC MISC |
| wordpress — vsourz_digitial_advanced_contact_form | Persistent Cross-Site Scripting (XSS) vulnerability in Vsourz Digital’s Advanced Contact form 7 DB plugin <= 1.8.7 at WordPress. | 2022-05-25 | not yet calculated | CVE-2022-29408 CONFIRM CONFIRM |
| world_of_warships — wargaming | The replay feature in the client in Wargaming World of Warships 0.11.4 allows remote attackers to execute code when a user launches a replay from an untrusted source. | 2022-05-26 | not yet calculated | CVE-2022-31265 MISC |
| xampp_for_windows — xampp_for_windows | Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install directory, allowing attackers to execute arbitrary code via overwriting binaries located in the directory. | 2022-05-23 | not yet calculated | CVE-2022-29376 MISC |
| xlight — ftp | Xlight FTP v3.9.3.2 was discovered to contain a stack-based buffer overflow which allows attackers to leak sensitive information via crafted code. | 2022-05-23 | not yet calculated | CVE-2022-28998 MISC MISC MISC MISC |
| xwiki — xwiki_platform | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting with version 8.3-rc-1 and prior to versions 12.10.3 and 14.0, one can ask for any file located in the classloader using the template API and a path with “..” in it. The issue is patched in versions 14.0 and 13.10.3. There is no easy workaround for this issue. | 2022-05-25 | not yet calculated | CVE-2022-29253 MISC CONFIRM MISC |
| xwiki — xwiki_platform_flamingo_theme_ui | XWiki Platform Wiki UI Main Wiki is a package for managing subwikis. Starting with version 5.3-milestone-2, XWiki Platform Wiki UI Main Wiki contains a possible cross-site scripting vector in the `WikiManager.JoinWiki ` wiki page related to the “requestJoin” field. The issue is patched in versions 12.10.11, 14.0-rc-1, 13.4.7, and 13.10.3. The easiest available workaround is to edit the wiki page `WikiManager.JoinWiki` (with wiki editor) according to the suggestion provided in the GitHub Security Advisory. | 2022-05-25 | not yet calculated | CVE-2022-29252 MISC MISC CONFIRM |
| xwiki — xwiki_platform_flamingo_theme_ui | XWiki Platform Flamingo Theme UI is a tool that allows customization and preview of any Flamingo-based skin. Starting with versions 6.2.4 and 6.3-rc-1, a possible cross-site scripting vector is present in the `FlamingoThemesCode.WebHomeSheet` wiki page related to the “newThemeName” form field. The issue is patched in versions 12.10.11, 14.0-rc-1, 13.4.7, and 13.10.3. The easiest available workaround is to edit the wiki page `FlamingoThemesCode.WebHomeSheet` (with wiki editor) according to the suggestion provided in the GitHub Security Advisory. | 2022-05-25 | not yet calculated | CVE-2022-29251 MISC MISC CONFIRM |
| xxl-job — xxl-job | A Cross-Site Request Forgery (CSRF) in XXL-Job v2.3.0 allows attackers to arbitrarily create administrator accounts via the component /gaia-job-admin/user/add. | 2022-05-23 | not yet calculated | CVE-2022-29002 MISC |
| zyxel — cgi_program | A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35 through 5.20, that could allow an attacker to obtain some information stored in the user’s browser, such as cookies or session tokens, via a malicious script. | 2022-05-24 | not yet calculated | CVE-2022-0734 CONFIRM |
| zyxel — multiple_products | A argument injection vulnerability in the ‘packet-trace’ CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command. | 2022-05-24 | not yet calculated | CVE-2022-26532 CONFIRM |
| zyxel — multiple_products | Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload. | 2022-05-24 | not yet calculated | CVE-2022-26531 CONFIRM |
This product is provided subject to this Notification and this Privacy & Use policy.
Malware loads itself from remote servers and bypasses Microsoft’s Defender AV scanner, according to reports.
Cisco Talos discovered eight vulnerabilities in the Open Automation Software, two of them critical, that pose risk for critical infrastructure networks.
Original release date: May 26, 2022
CISA and the Department of Defense (DoD) have released their 5G Security Evaluation Process Investigation Study for federal agencies. The new features, capabilities, and services offered by fifth-generation (5G) cellular network technology can transform mission and business operations; and federal agencies will eventually be applying different 5G usage scenarios: low-, mid-, and high-band spectrum.
The study provides an overview of the proposed 5G Security Evaluation Process and applies the process to a private 5G network use case to demonstrate considerations for each step within the overarching process. The study is a joint effort among CISA, the Department of Homeland Security’s Science and Technology Directorate, and DoD’s Under Secretary of Defense for Research and Engineering.
The proposed process detailed in the study can support government agency activities during the Risk Management Framework system-level “Prepare” step for 5G-enabled systems; and federal program and project managers should use the study’s repeatable methodology in their required evaluations. CISA encourages federal program and project managers involved in 5G implementation to review the blog post by CISA Executive Assistant Director Eric Goldstein, CISA, DHS S&T, DOD Introduce Results of an Assessment into the 5G Security Evaluation Process, which links to the study.
This product is provided subject to this Notification and this Privacy & Use policy.
Categories
Zoom Patches ‘Zero-Click’ RCE Bug
The Google Project Zero researcher found a bug in XML parsing on the Zoom client and server.
2022’s DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their employees are the reasons why incidents occur.
Original release date: May 24, 2022
High Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| There were no high vulnerabilities recorded this week. | ||||
Medium Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| There were no medium vulnerabilities recorded this week. | ||||
Low Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| There were no low vulnerabilities recorded this week. | ||||
Severity Not Yet Assigned
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| htc — one/sense |
A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used. | 2022-05-17 | not yet calculated | CVE-2013-10001 MISC MISC |
| ruby — ruby |
The random_password_generator (aka RandomPasswordGenerator) gem through 1.0.0 for Ruby uses Kernel#rand to generate passwords, which, due to its cyclic nature, can facilitate password prediction. | 2022-05-18 | not yet calculated | CVE-2019-25061 MISC MISC MISC MISC |
| mitsubishi — electric_factory_automation_engineering_software_products |
Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could cause a denial-of-service condition, and allow information to be disclosed, tampered with, and/or destroyed. | 2022-05-19 | not yet calculated | CVE-2020-14496 MISC |
| fieldcomm_group — hart-ip |
A malicious attacker could exploit the interface of the Fieldcomm Group HART-IP (release 1.0.0.0) by constructing messages with sufficiently large payloads to overflow the internal buffer and crash the device, or obtain control of the device. | 2022-05-19 | not yet calculated | CVE-2020-16209 MISC |
| bachmann_eletronic — m-base_controllers |
The affected Bachmann Electronic M-Base Controllers of version MSYS v1.06.14 and later use weak cryptography to protect device passwords. Affected controllers that are actively supported include MX207, MX213, MX220, MC206, MC212, MC220, and MH230 hardware controllers, and affected end-of-life controller include MC205, MC210, MH212, ME203, CS200, MP213, MP226, MPC240, MPC265, MPC270, MPC293, MPE270, and CPC210 hardware controllers. Security Level 0 is set at default from the manufacturer, which could allow an unauthenticated remote attacker to gain access to the password hashes. Security Level 4 is susceptible if an authenticated remote attacker or an unauthenticated person with physical access to the device reads and decrypts the password to conduct further attacks. | 2022-05-19 | not yet calculated | CVE-2020-16231 MISC |
| emerson — openenterprise |
Inadequate encryption may allow the credentials used by Emerson OpenEnterprise, up through version 3.3.5, to access field devices and external systems to be obtained. | 2022-05-19 | not yet calculated | CVE-2020-16235 MISC |
| hcl_software — domino |
HCL Domino is affected by an Insufficient Access Control vulnerability. An authenticated attacker with local access to the system could exploit this vulnerability to attain escalation of privileges, denial of service, or information disclosure. | 2022-05-19 | not yet calculated | CVE-2020-4107 MISC |
| ibm — security_identity_governance_and_intelligence |
IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information in URL parameters that could aid in future attacks against the system. IBM X-Force ID: 192208. | 2022-05-17 | not yet calculated | CVE-2020-4957 XF CONFIRM |
| ibm — security_identity_governance_and_intelligence |
IBM Security Identity Governance and Intelligence 5.2.4, 5.2.5, and 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 192429. | 2022-05-19 | not yet calculated | CVE-2020-4970 XF CONFIRM |
| ibm — datapower_gateway |
IBM DataPower Gateway 10.0.1.0 through 10.0.1.4 and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a temporary denial of service by sending invalid HTTP requests. IBM X-Force ID: 192906. | 2022-05-17 | not yet calculated | CVE-2020-4994 CONFIRM XF |
| craftercms– craftercms |
A logged-in and authenticated user with a Reviewer Role may lock a content item. | 2022-05-16 | not yet calculated | CVE-2021-23265 CONFIRM |
| craftercms– craftercms |
An anonymous user can craft a URL with text that ends up in the log viewer as is. The text can then include textual messages to mislead the administrator. | 2022-05-16 | not yet calculated | CVE-2021-23266 CONFIRM |
| craftercms — crafter_studio |
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods. | 2022-05-16 | not yet calculated | CVE-2021-23267 CONFIRM |
| wordpress — agil_wordpress_plugin |
The AGIL WordPress plugin through 1.0 accepts all zip files and automatically extracts the zip file without validating the extracted file type. Allowing high privilege users such as admin to upload an arbitrary file like PHP, leading to RCE | 2022-05-16 | not yet calculated | CVE-2021-25119 MISC |
| handysoft — handy_groupware |
Improper input validation vulnerability in HANDY Groupware’s ActiveX moudle allows attackers to download or execute arbitrary files. This vulnerability can be exploited by using the file download or execution path as the parameter value of the vulnerable function. | 2022-05-19 | not yet calculated | CVE-2021-26630 MISC |
| hometory — mangboard_commerce_package | Improper input validation vulnerability in Mangboard commerce package could lead to occur for abnormal request. A remote attacker can exploit this vulnerability to manipulate the total order amount into a negative number and then pay for the order. | 2022-05-19 | not yet calculated | CVE-2021-26631 MISC |
| weintek — cmt | The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code. | 2022-05-16 | not yet calculated | CVE-2021-27442 MISC CONFIRM |
| weintek — cmt |
The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator. | 2022-05-16 | not yet calculated | CVE-2021-27444 MISC CONFIRM |
| weintek — cmt |
The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system. | 2022-05-16 | not yet calculated | CVE-2021-27446 MISC CONFIRM |
| xpdfreader — xpdf |
There is a Null Pointer Dereference vulnerability in the XFAScanner::scanNode() function in XFAScanner.cc in xpdf 4.03. | 2022-05-18 | not yet calculated | CVE-2021-27548 MISC |
| ibm — multiple_products |
IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication Server 6.0.3 does not properly ensure that a certificate is actually associated with the host due to improper validation of certificates. IBM X-Force ID: 201104. | 2022-05-17 | not yet calculated | CVE-2021-29726 CONFIRM XF CONFIRM |
| amazon — sooteway_wi-fi_range_extender |
SOOTEWAY Wi-Fi Range Extender v1.5 was discovered to use default credentials (the admin password for the admin account) to access the TELNET service, allowing attackers to erase/read/write the firmware remotely. | 2022-05-20 | not yet calculated | CVE-2021-30028 MISC MISC |
| throughtek — p2p_sdk |
The affected ThroughTek P2P products (SDKs using versions before 3.1.5, any versions with nossl tag, device firmware not using AuthKey for IOTC conneciton, firmware using AVAPI module without enabling DTLS mechanism, and firmware using P2PTunnel or RDT module) do not sufficiently protect data transferred between the local device and ThroughTek servers. This can allow an attacker to access sensitive information, such as camera feeds. | 2022-05-19 | not yet calculated | CVE-2021-32934 MISC |
| xarrow — xarrow_scada |
xArrow SCADA versions 7.2 and prior is vulnerable to cross-site scripting due to parameter ‘bdate’ of the resource xhisvalue.htm, which may allow an unauthorized attacker to execute arbitrary code. | 2022-05-16 | not yet calculated | CVE-2021-33001 CONFIRM |
| xarrow — xarrow_scada |
xArrow SCADA versions 7.2 and prior is vulnerable to cross-site scripting due to parameter ‘edate’ of the resource xhisalarm.htm, which may allow an unauthorized attacker to execute arbitrary code. | 2022-05-16 | not yet calculated | CVE-2021-33021 CONFIRM |
| xarrow — xarrow_scada |
xArrow SCADA versions 7.2 and prior permits unvalidated registry keys to be run with application-level privileges. | 2022-05-16 | not yet calculated | CVE-2021-33025 CONFIRM |
| ipmatcher — ipmatcher |
An Input Validation Vulnerability exists in Joel Christner .NET C# packages WatsonWebserver, IpMatcher 1.0.4.1 and below (IpMatcher) and 4.1.3 and below (WatsonWebserver) due to insufficient validation of input IP addresses and netmasks against the internal Matcher list of IP addresses and subnets. | 2022-05-16 | not yet calculated | CVE-2021-33318 MISC MISC MISC MISC |
| thecus — 4800eco |
Thecus 4800Eco was discovered to contain a command injection vulnerability via the username parameter in /adm/setmain.php. | 2022-05-20 | not yet calculated | CVE-2021-34111 MISC |
| solarwinds — serv-u |
This broken access control vulnerability pertains specifically to a domain admin who can access configuration & user data of other domains which they should not have access to. Please note the admin is unable to modify the data (read only operation). This UAC issue leads to a data leak to unauthorized users for a domain, with no log of them accessing the data unless they attempt to modify it. This read-only activity is logged to the original domain and does not specify which domain was accessed. | 2022-05-17 | not yet calculated | CVE-2021-35249 MISC MISC |
| wordpress — mc4wp_plugin | Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ibericode’s MC4WP plugin <= 4.8.6 at WordPress. | 2022-05-20 | not yet calculated | CVE-2021-36833 CONFIRM CONFIRM |
| grandcom — dynweb |
GRANDCOM DynWEB before 4.2 contains a SQL Injection vulnerability in the admin login interface. A remote unauthenticated attacker can exploit this vulnerability to obtain administrative access to the webpage, access the user database, modify web content and upload custom files. The backend login script does not verify and sanitize user-provided strings. | 2022-05-19 | not yet calculated | CVE-2021-37413 MISC MISC |
| ibm — datapower_gateway |
IBM DataPower Gateway 10.0.2.0, 10.0.3.0, 10.0.1.0 through 10.0.1.4, and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a denial of service by consuming resources with multiple requests. IBM X-Force ID: 208348. | 2022-05-17 | not yet calculated | CVE-2021-38872 CONFIRM XF |
| ibm — datapower_gateway |
IBM DataPower Gateway 10.0.2.0 through 1.0.3.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 211236. | 2022-05-18 | not yet calculated | CVE-2021-38944 CONFIRM XF |
| ibm — jazz_team_server |
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214032. | 2022-05-20 | not yet calculated | CVE-2021-39043 XF CONFIRM |
| lenovo — lenovo_system_interface_foundation |
A race condition vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3 that could allow a local attacker to connect and interact with the IMController child process’ named pipe. | 2022-05-18 | not yet calculated | CVE-2021-3922 CONFIRM |
| lenovo — xclarity_controller_firmware |
A read-only authentication bypass vulnerability was reported in the Third Quarter 2021 release of Lenovo XClarity Controller (XCC) firmware affecting XCC devices configured in LDAP Authentication Only Mode and using an LDAP server that supports “unauthenticated bind”, such as Microsoft Active Directory. An unauthenticated user can gain read-only access to XCC in such a configuration, thereby allowing the XCC device configuration to be viewed but not changed. XCC devices configured to use local authentication, LDAP Authentication + Authorization Mode, or LDAP servers that support only “authenticated bind” and/or “anonymous bind” are not affected. | 2022-05-18 | not yet calculated | CVE-2021-3956 CONFIRM |
| lenovo — lenovo_system_interface_foundation | A Time of Check Time of Use (TOCTOU) vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3that could allow a local attacker to elevate privileges. | 2022-05-18 | not yet calculated | CVE-2021-3969 CONFIRM |
| shopxo — cms |
An issue was discovered in ShopXO CMS 2.2.0. After entering the management page, there is an arbitrary file upload vulnerability in three locations. | 2022-05-19 | not yet calculated | CVE-2021-41938 MISC |
| fiberhome — vdsl2_modem_hg150-ub | In FiberHome VDSL2 Modem HG150-Ub_V3.0, a stored cross-site scripting (XSS) vulnerability in Parental Control –> Access Time Restriction –> Username field, a user cannot delete the rule due to the XSS. | 2022-05-18 | not yet calculated | CVE-2021-41946 MISC MISC |
| churchcrm — churchcrm |
A SQL injection vulnerability exists in ChurchCRM version 2.0.0 to 4.4.5 that allows an authenticated attacker to issue an arbitrary SQL command to the database through the unsanitized EN_tyid, theID and EID fields used when an Edit action on an existing record is being performed. | 2022-05-15 | not yet calculated | CVE-2021-41965 MISC MISC |
| cmseasy — cmseasy | cmseasy V7.7.5_20211012 is affected by an arbitrary file write vulnerability. Through this vulnerability, a PHP script file is written to the website server, and accessing this file can lead to a code execution vulnerability. | 2022-05-17 | not yet calculated | CVE-2021-42643 MISC |
| cmseasy — cmseasy |
cmseasy V7.7.5_20211012 is affected by an arbitrary file read vulnerability. After login, the configuration file information of the website such as the database configuration file (config / config_database) can be read through this vulnerability. | 2022-05-17 | not yet calculated | CVE-2021-42644 MISC |
| inkscape — inkscape |
Inkscape 0.19 is vulnerable to an out-of-bounds read, which may allow an attacker to have access to unauthorized information. | 2022-05-18 | not yet calculated | CVE-2021-42700 CONFIRM |
| inkscape — inkscape |
Inkscape version 0.19 can access an uninitialized pointer, which may allow an attacker to have access to unauthorized information. | 2022-05-18 | not yet calculated | CVE-2021-42702 CONFIRM |
| inkscape — inkscape |
Inkscape version 0.19 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code. | 2022-05-18 | not yet calculated | CVE-2021-42704 CONFIRM |
| lenovo — personal_cloud_storage |
An information disclosure vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an unauthenticated user to retrieve device and networking details. | 2022-05-18 | not yet calculated | CVE-2021-42848 CONFIRM |
| lenovo — personal_cloud_storage |
A weak default password for the serial port was reported in some Lenovo Personal Cloud Storage devices that could allow unauthorized device access to an attacker with physical access. | 2022-05-18 | not yet calculated | CVE-2021-42849 CONFIRM |
| lenovo — personal_cloud_storage |
A weak default administrator password for the web interface and serial port was reported in some Lenovo Personal Cloud Storage devices that could allow unauthorized device access to an attacker with physical or local network access. | 2022-05-18 | not yet calculated | CVE-2021-42850 CONFIRM |
| lenovo — personal_cloud_storage |
A vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an unauthenticated user to create a standard user account. | 2022-05-18 | not yet calculated | CVE-2021-42851 CONFIRM |
| lenovo — personal_cloud_storage |
A command injection vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an authenticated user to execute operating system commands by sending a crafted packet to the device. | 2022-05-18 | not yet calculated | CVE-2021-42852 CONFIRM |
| linux — accel-ppp |
ACCEL-PPP 1.12.0 has an out-of-bounds read in post_msg when processing a call_clear_request. | 2022-05-16 | not yet calculated | CVE-2021-42870 MISC |
| feminer — wms |
A remote command execution (RCE) vulnerability was found in FeMiner wms V1.0 in /wms/src/system/datarec.php. The $_POST[r_name] is directly passed into the $mysqlstr and is executed by exec. | 2022-05-16 | not yet calculated | CVE-2021-42897 MISC |
| ipplan — ipplan |
Stored cross-site scripting (XSS) in admin/usermanager.php over IPPlan v4.92b allows remote attackers to inject arbitrary web script or HTML via the userid parameter. | 2022-05-17 | not yet calculated | CVE-2021-42943 MISC |
| pix-link — mini_router_28k.minirouter.20190211 |
Pix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored cross-site scripting (XSS) vulnerability due to an unsanitized SSID parameter. | 2022-05-20 | not yet calculated | CVE-2021-43728 MISC MISC |
| pix-link — mini_router_28k.minirouter.20190211 |
Pix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored cross-site scripting (XSS) vulnerability due to an unsanitized Security Key parameter. | 2022-05-20 | not yet calculated | CVE-2021-43729 MISC MISC |
| jfrog — artifactory |
JFrog Artifactory prior to 7.31.10, is vulnerable to Broken Access Control where a Project Admin is able to create, edit and delete Repository Layouts while Repository Layouts configuration should only be available for Platform Administrators. | 2022-05-19 | not yet calculated | CVE-2021-45730 CONFIRM |
| fidelis_cybersecurity — network_and-deception |
Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected files and enable escalation of privileges equivalent to the root user. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. | 2022-05-17 | not yet calculated | CVE-2022-0486 CONFIRM |
| jfrog — artifactory |
JFrog Artifactory before 7.36.1 and 6.23.41, is vulnerable to Insecure Deserialization of untrusted data which can lead to DoS, Privilege Escalation and Remote Code Execution when a specially crafted request is sent by a low privileged authenticated user due to insufficient validation of a user-provided serialized object. | 2022-05-16 | not yet calculated | CVE-2022-0573 MISC MISC |
| publify — publify |
Improper Access Control in GitHub repository publify/publify prior to 9.2.8. | 2022-05-16 | not yet calculated | CVE-2022-0574 MISC CONFIRM |
| publify — publify |
Code Injection in GitHub repository publify/publify prior to 9.2.8. | 2022-05-16 | not yet calculated | CVE-2022-0578 CONFIRM MISC |
| wordpress — pricing_table_wordpress_plugin |
The Pricing Table WordPress plugin before 3.6.1 fails to properly sanitize and escape user supplied POST data before it is being interpolated in an SQL statement and then executed via an AJAX action available to unauthenticated users | 2022-05-16 | not yet calculated | CVE-2022-0867 MISC |
| wordpress — gmedia_photo_gallery_wordpress_plugin | The Gmedia Photo Gallery WordPress plugin before 1.20.0 does not sanitise and escape the Album’s name before outputting it in pages/posts with a media embed, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered-html capability is disallowed | 2022-05-16 | not yet calculated | CVE-2022-0873 MISC |
| snow_software — slm |
SLM has an issue with Windows Unquoted/Trusted Service Paths Security Issue. All installations version 9.x.x prior to 9.20.1 should be patched. | 2022-05-18 | not yet calculated | CVE-2022-0883 MISC |
| fidelis_cybersecurity — network_and-deception |
Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected script files, which could result in arbitrary commands being run as root upon subsequent logon by a root user. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. | 2022-05-17 | not yet calculated | CVE-2022-0997 CONFIRM |
| wordpress — wpqa_builder_plugin_wordpress_plugin |
The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not sanitise and escape the city, phone or profile credentials fields when outputting it in the profile page, allowing any authenticated user to perform Cross-Site Scripting attacks. | 2022-05-16 | not yet calculated | CVE-2022-1051 MISC |
| wordpress — th23_social_wordpress_plugin |
The th23 Social WordPress plugin through 1.2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | 2022-05-16 | not yet calculated | CVE-2022-1062 MISC |
| wordpress — bulk_edit_and_create_use_profiles_wordpress_plugin |
The Bulk Edit and Create User Profiles WordPress plugin before 1.5.14 does not sanitise and escape the Users Login, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | 2022-05-16 | not yet calculated | CVE-2022-1089 MISC |
| wordpress — advanced_uploader-wordpress_plugin |
The Advanced Uploader WordPress plugin through 4.2 allows any authenticated users like subscriber to upload arbitrary files, such as PHP, which could lead to RCE | 2022-05-16 | not yet calculated | CVE-2022-1103 MISC |
| lenovo — smart_standby_driver | A buffer overflow vulnerability in Lenovo Smart Standby Driver prior to version 4.1.50.0 could allow a local attacker to cause denial of service. | 2022-05-18 | not yet calculated | CVE-2022-1110 CONFIRM |
| linux — linux_kernel |
Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions. | 2022-05-17 | not yet calculated | CVE-2022-1116 MISC MISC |
| rockwell_automation– multiple_products |
Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in arbitrary code execution. This vulnerability requires user interaction to be successfully exploited | 2022-05-17 | not yet calculated | CVE-2022-1118 MISC |
| wordpress — visual_slide_box_builder_wordpress_plugin |
The Visual Slide Box Builder WordPress plugin through 3.2.9 does not sanitise and escape various parameters before using them in SQL statements via some of its AJAX actions available to any authenticated users (such as subscriber), leading to SQL Injections | 2022-05-16 | not yet calculated | CVE-2022-1182 MISC |
| bind — bind |
On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS (DoT) and DNS over HTTPS (DoH), but configurations using DoT alone are unaffected. Affects BIND 9.18.0 -> 9.18.2 and version 9.19.0 of the BIND 9.19 development branch. | 2022-05-19 | not yet calculated | CVE-2022-1183 CONFIRM |
| wordpress — advanced_image_sitemap_wordpress_plugin |
The Advanced Image Sitemap WordPress plugin through 1.2 does not sanitise and escape the PHP_SELF PHP variable before outputting it back in an attribute in an admin page, leading to Reflected Cross-Site Scripting. | 2022-05-16 | not yet calculated | CVE-2022-1216 MISC |
| wordpress — custom_tinymce_shortcode_button_wordpress_plugin |
The Custom TinyMCE Shortcode Button WordPress plugin through 1.1 does not sanitise and escape the PHP_SELF variable before outputting it back in an attribute in an admin page, leading to Reflected Cross-Site Scripting. | 2022-05-16 | not yet calculated | CVE-2022-1217 MISC |
| wordpress — bulletproof_security_wordpress_plugin |
The BulletProof Security WordPress plugin before 6.1 does not sanitize and escape some of its CAPTCHA settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed | 2022-05-16 | not yet calculated | CVE-2022-1265 MISC |
| wordpress — bmi_bmr_calculator_wordpress_plugin |
The BMI BMR Calculator WordPress plugin through 1.3 does not sanitise and escape arbitrary POST data before outputting it back in the response, leading to a Reflected Cross-Site Scripting | 2022-05-16 | not yet calculated | CVE-2022-1267 MISC |
| wordpress — wp_youtube_live_wordpress_plugin |
The WP YouTube Live WordPress plugin before 1.8.3 does not validate, sanitise and escape various of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed | 2022-05-16 | not yet calculated | CVE-2022-1334 MISC |
| wordpress — wpqa_builder_plugin_wordpress_plugin | The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not validate that the value passed to the image_id parameter of the ajax action wpqa_remove_image belongs to the requesting user, allowing any users (with privileges as low as Subscriber) to delete the profile pictures of any other user. | 2022-05-16 | not yet calculated | CVE-2022-1349 MISC |
| cambium_networks — cnmaestro |
cnMaestro is vulnerable to a local privilege escalation. By default, a user does not have root privileges. However, a user can run scripts as sudo, which could allow an attacker to gain root privileges when running user scripts outside allowed commands. | 2022-05-17 | not yet calculated | CVE-2022-1356 CONFIRM |
| cambium_networks — on-premise_cnmaestro |
The affected On-Premise cnMaestro allows an unauthenticated attacker to access the cnMaestro server and execute arbitrary code in the privileges of the web server. This lack of validation could allow an attacker to append arbitrary data to the logger command. | 2022-05-17 | not yet calculated | CVE-2022-1357 CONFIRM |
| cambium_networks — on-premise_cnmaestro |
The affected On-Premise is vulnerable to data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate and dump all data held in the cnMaestro database. | 2022-05-17 | not yet calculated | CVE-2022-1358 CONFIRM |
| cambium_networks — on-premise_cnmaestro |
The affected On-Premise cnMaestro is vulnerable to an arbitrary file-write through improper limitation of a pathname to a restricted directory inside a specific route. If an attacker supplied path traversal charters (../) as part of a filename, the server will save the file where the attacker chooses. This could allow an attacker to write any data to any file in the server. | 2022-05-17 | not yet calculated | CVE-2022-1359 CONFIRM |
| cambium_networks — on-premise_cnmaestro |
The affected On-Premise cnMaestro is vulnerable to execution of code on the cnMaestro hosting server. This could allow a remote attacker to change server configuration settings. | 2022-05-17 | not yet calculated | CVE-2022-1360 CONFIRM |
| cambium_networks — on-premise_cnmaestro |
The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate data about other user’s accounts and devices. | 2022-05-17 | not yet calculated | CVE-2022-1361 CONFIRM |
| cambium_networks — on-premise_cnmaestro |
The affected On-Premise cnMaestro is vulnerable inside a specific route where a user can upload a crafted package to the system. An attacker could abuse this user-controlled data to execute arbitrary commands on the server. | 2022-05-17 | not yet calculated | CVE-2022-1362 CONFIRM |
| plantuml — plantuml |
URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. An attacker can abuse this to bypass URL restrictions that are imposed by the different security profiles and achieve server side request forgery (SSRF). This allows accessing restricted internal resources/servers or sending requests to third party servers. | 2022-05-14 | not yet calculated | CVE-2022-1379 MISC CONFIRM |
| wordpress — fusion_builder_wordpress_plugin |
The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application’s response. This could be used to interact with hosts on the server’s local network bypassing firewalls and access control measures. | 2022-05-16 | not yet calculated | CVE-2022-1386 MISC MISC MISC |
| wordpress — wp_subtitle_wordpress_plugin |
The WP Subtitle WordPress plugin before 3.4.1 adds a subtitle field and provides a shortcode to display it via [wp_subtitle]. The subtitle is stored as a custom post meta with the key: “wps_subtitle”, which is sanitized upon post save/update, however is not sanitized when updating it directly from the post meta update button (via AJAX) – and this makes the XSS exploitable by authenticated users with a role as low as contributor. | 2022-05-16 | not yet calculated | CVE-2022-1393 MISC |
| wordpress — external_media_wordpress_plugin |
The External Media without Import WordPress plugin through 1.1.2 does not have any authorisation and does to ensure that medias added via URLs are external medias, which could allow any authenticated users, such as subscriber to perform blind SSRF attacks | 2022-05-16 | not yet calculated | CVE-2022-1398 MISC |
| wordpress — vikbooking_hotel_booking_engine_&_pms_wordpress_plugin |
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not have CSRF check in place when adding a tracking campaign, and does not escape the campaign fields when outputting them In attributes. As a result, attackers could make a logged in admin add tracking campaign with XSS payloads in them via a CSRF attack | 2022-05-16 | not yet calculated | CVE-2022-1407 MISC |
| wordpress — vikbooking_hotel_booking_engine_&_pms_wordpress_plugin |
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not escape various settings before outputting them in attributes, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed | 2022-05-16 | not yet calculated | CVE-2022-1408 MISC |
| wordpress — vikbooking_hotel_booking_engine_&_pms_wordpress_plugin |
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not properly validate images, allowing high privilege users such as administrators to upload PHP files disguised as images and containing malicious PHP code | 2022-05-16 | not yet calculated | CVE-2022-1409 MISC |
| gitlab — gitlab |
Missing input masking in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 causes potentially sensitive integration properties to be disclosed in the web interface | 2022-05-19 | not yet calculated | CVE-2022-1413 CONFIRM MISC |
| gitlab — gitlab |
Missing sanitization of data in Pipeline error messages in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows for rendering of attacker controlled HTML tags and CSS styling | 2022-05-19 | not yet calculated | CVE-2022-1416 MISC MISC CONFIRM |
| wordpress — social_stickers_wordpress_plugin | The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues. | 2022-05-16 | not yet calculated | CVE-2022-1418 MISC |
| gitlab — gitlab |
Improper access control in the CI/CD cache mechanism in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows a malicious actor with Developer privileges to perform cache poisoning leading to arbitrary code execution in protected branches | 2022-05-19 | not yet calculated | CVE-2022-1423 CONFIRM MISC MISC |
| wordpress — wpqa_builder_plugin_wordpress_plugin |
The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not validate that the message_id of the wpqa_message_view ajax action belongs to the requesting user, leading to any user being able to read messages for any other users via a Insecure Direct Object Reference (IDOR) vulnerability. | 2022-05-16 | not yet calculated | CVE-2022-1425 MISC |
| octoprint — octoprint |
Cross-site Scripting (XSS) – DOM in GitHub repository octoprint/octoprint prior to 1.8.0. | 2022-05-18 | not yet calculated | CVE-2022-1430 MISC CONFIRM |
| octoprint — octoprint |
Cross-site Scripting (XSS) – Generic in GitHub repository octoprint/octoprint prior to 1.8.0. | 2022-05-18 | not yet calculated | CVE-2022-1432 CONFIRM MISC |
| wordpress — wpcargo_track_&_trace_wordpress_plugin |
The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitize and escapes some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed. | 2022-05-16 | not yet calculated | CVE-2022-1435 MISC |
| wordpress — wpcargo_track_&_trace_wordpress_plugin |
The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitise and escape the wpcargo_tracking_number parameter before outputting it back in the page, which could allow attackers to perform reflected Cross-Site Scripting attacks. | 2022-05-16 | not yet calculated | CVE-2022-1436 MISC |
| wordpress — call_now_button_wordpress_plugin |
The Call Now Button WordPress plugin before 1.1.2 does not escape a parameter before outputting it back in an attribute of a hidden input, leading to a Reflected Cross-Site Scripting when the premium is enabled | 2022-05-16 | not yet calculated | CVE-2022-1455 MISC |
| wordpress — wpc_smart_wishlist_for_woocommerce_wordpress_plugin |
The WPC Smart Wishlist for WooCommerce WordPress plugin before 2.9.9 does not sanitise and escape a parameter before outputting it back in an attribute via an AJAX action, leading to a Reflected Cross-Site Scripting issue. | 2022-05-16 | not yet calculated | CVE-2022-1465 MISC |
| wordpress — scrollreveal.js_effects_wordpress_plugin |
The ScrollReveal.js Effects WordPress plugin through 1.2 does not sanitise and escape its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed | 2022-05-16 | not yet calculated | CVE-2022-1512 MISC MISC |
| publify — publify |
Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify website, compromising confidentiality and integrity of users. | 2022-05-16 | not yet calculated | CVE-2022-1553 CONFIRM MISC |
| wordpress — uleak_security_&_monitoring_wordpress_plugin |
The ULeak Security & Monitoring WordPress plugin through 1.2.3 does not have authorisation and CSRF checks when updating its settings, and is also lacking sanitisation as well as escaping in some of them, which could allow any authenticated users such as subscriber to perform Stored Cross-Site Scripting attacks against admins viewing the settings | 2022-05-16 | not yet calculated | CVE-2022-1557 MISC MISC |
| wordpress — clipr_wordpress_plugin |
The Clipr WordPress plugin through 1.2.3 does not sanitise and escape its API Key settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed | 2022-05-16 | not yet calculated | CVE-2022-1559 MISC MISC |
| wordpress — amministrazione_aperta_wordpress_plugin |
The Amministrazione Aperta WordPress plugin through 3.7.3 does not validate the open parameter before using it in an include statement, leading to a Local File Inclusion issue. The original advisory mentions that unauthenticated users can exploit this, however the affected file generates a fatal error when accessed directly and the affected code is not reached. The issue can be exploited via the dashboard when logged in as an admin, or by making a logged in admin open a malicious link | 2022-05-16 | not yet calculated | CVE-2022-1560 MISC |
| fedora — fedora |
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT. | 2022-05-16 | not yet calculated | CVE-2022-1586 FEDORA MISC MISC MISC |
| pcre2 — pcre2 |
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers. | 2022-05-16 | not yet calculated | CVE-2022-1587 MISC FEDORA MISC |
| octopus — octopus_server |
When generating a user invitation code in Octopus Server, the validity of this code can be set for a specific number of users. It was possible to bypass this restriction of validity to create extra user accounts above the initial number of invited users. | 2022-05-19 | not yet calculated | CVE-2022-1670 MISC |
| linux — linux_kernel_atheros_wireless_adapter_driver |
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. | 2022-05-16 | not yet calculated | CVE-2022-1679 MISC |
| coreos — ignition |
A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only relevant in user environments where the Ignition config contains secrets. The highest threat from this vulnerability is to data confidentiality. Possible workaround is to not put secrets in the Ignition config. | 2022-05-17 | not yet calculated | CVE-2022-1706 MISC MISC MISC MISC MISC |
| jgraph — drawio |
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.5. | 2022-05-17 | not yet calculated | CVE-2022-1711 CONFIRM MISC |
| jgraph — drawio |
SSRF on /proxy in GitHub repository jgraph/drawio prior to 18.0.4. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information. | 2022-05-16 | not yet calculated | CVE-2022-1713 MISC CONFIRM |
| jgraph — drawio |
Path Traversal in WellKnownServlet in GitHub repository jgraph/drawio prior to 18.0.5. Read local files of the web application. | 2022-05-16 | not yet calculated | CVE-2022-1721 CONFIRM MISC |
| jgraph — drawio |
SSRF in editor’s proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses | 2022-05-16 | not yet calculated | CVE-2022-1722 MISC CONFIRM |
| jgraph — drawio |
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.6. | 2022-05-17 | not yet calculated | CVE-2022-1723 MISC CONFIRM |
| bootstrap — bootstrap_tables | Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties. | 2022-05-16 | not yet calculated | CVE-2022-1726 CONFIRM MISC |
| jgraph — drawio |
Improper Input Validation in GitHub repository jgraph/drawio prior to 18.0.6. | 2022-05-18 | not yet calculated | CVE-2022-1727 MISC CONFIRM |
| polonel — trudesk | Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. | 2022-05-16 | not yet calculated | CVE-2022-1728 CONFIRM MISC |
| jgraph — drawio |
Cross-site Scripting (XSS) – Stored in GitHub repository jgraph/drawio prior to 18.0.4. | 2022-05-19 | not yet calculated | CVE-2022-1730 CONFIRM MISC |
| metasonic — doc_webclient | Metasonic Doc WebClient 7.0.14.0 / 7.0.12.0 / 7.0.3.0 is vulnerable to a SQL injection attack in the username field. SSO or System authentication are required to be enabled for vulnerable conditions to exist. | 2022-05-16 | not yet calculated | CVE-2022-1731 MISC |
| fedora — vim |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. | 2022-05-17 | not yet calculated | CVE-2022-1733 CONFIRM MISC FEDORA FEDORA FEDORA |
| linux — linux_kernel |
A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine. | 2022-05-18 | not yet calculated | CVE-2022-1734 MISC |
| fedora — vim |
Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. | 2022-05-17 | not yet calculated | CVE-2022-1735 MISC CONFIRM |
| polonel — trudesk |
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2. | 2022-05-21 | not yet calculated | CVE-2022-1752 CONFIRM MISC |
| wowonder — wowonder |
A vulnerability, which was classified as critical, was found in WoWonder. Affected is the file /requests.php which is responsible to handle group messages. The manipulation of the argument group_id allows posting messages in other groups. It is possible to launch the attack remotely but it might require authentication. A video explaining the attack has been disclosed to the public. | 2022-05-17 | not yet calculated | CVE-2022-1753 MISC MISC MISC |
| polonel — trudesk |
Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2. | 2022-05-20 | not yet calculated | CVE-2022-1754 MISC CONFIRM |
| jgraph — drawio |
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.7. | 2022-05-18 | not yet calculated | CVE-2022-1767 MISC CONFIRM |
| fedora — vim |
Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. | 2022-05-17 | not yet calculated | CVE-2022-1769 CONFIRM MISC FEDORA FEDORA FEDORA |
| polonel — trudesk |
Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2. | 2022-05-20 | not yet calculated | CVE-2022-1770 CONFIRM MISC |
| fedora — vim |
Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. | 2022-05-18 | not yet calculated | CVE-2022-1771 CONFIRM MISC |
| jgraph — drawio |
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.0.7. | 2022-05-18 | not yet calculated | CVE-2022-1774 MISC CONFIRM |
| polonel — trudesk |
Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2. | 2022-05-20 | not yet calculated | CVE-2022-1775 CONFIRM MISC |
| erudika — para |
Cross-site Scripting (XSS) – Generic in GitHub repository erudika/para prior to v1.45.11. | 2022-05-18 | not yet calculated | CVE-2022-1782 MISC CONFIRM |
| jgraph — drawio |
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.8. | 2022-05-20 | not yet calculated | CVE-2022-1784 MISC CONFIRM |
| fedora — vim |
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. | 2022-05-19 | not yet calculated | CVE-2022-1785 CONFIRM MISC |
| gpac — gpac |
Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV. | 2022-05-18 | not yet calculated | CVE-2022-1795 CONFIRM MISC |
| fedora — vim |
Use After Free in GitHub repository vim/vim prior to 8.2.4979. | 2022-05-19 | not yet calculated | CVE-2022-1796 MISC CONFIRM |
| polonel — trudesk |
Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to 1.2.2. | 2022-05-20 | not yet calculated | CVE-2022-1803 CONFIRM MISC |
| rtxteam — rtx |
Cross-site Scripting (XSS) – Reflected in GitHub repository rtxteam/rtx prior to checkpoint_2022-05-18. | 2022-05-20 | not yet calculated | CVE-2022-1806 CONFIRM MISC |
| radareorg — radare2 |
Access of Uninitialized Pointer in GitHub repository radareorg/radare2 prior to 5.7.0. | 2022-05-21 | not yet calculated | CVE-2022-1809 CONFIRM MISC |
| url-regex — url-regex |
All versions of package url-regex are vulnerable to Regular Expression Denial of Service (ReDoS) which can cause the CPU usage to crash. | 2022-05-20 | not yet calculated | CVE-2022-21195 CONFIRM CONFIRM |
| oracle — e-business_suite |
Vulnerability in Oracle E-Business Suite (component: Manage Proxies). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle E-Business Suite. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle E-Business Suite accessible data. Note: Authentication is required for successful attack, however the user may be self-registered. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). | 2022-05-20 | not yet calculated | CVE-2022-21500 MISC |
| ibm — websphere_application_server |
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with the Ajax Proxy Web Application (AjaxProxy.war) deployed, is vulnerable to spoofing by allowing a man-in-the-middle attacker to spoof SSL server hostnames. IBM X-Force ID: 220904. | 2022-05-20 | not yet calculated | CVE-2022-22365 XF CONFIRM |
| ibm — websphere_application_server |
IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 and Open Liberty are vulnerable to identity spoofing by an authenticated user. IBM X-Force ID: 225603. | 2022-05-17 | not yet calculated | CVE-2022-22475 CONFIRM XF |
| ibm — sterling_b2b_integrator |
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow an authenticated user to upload files that could fill up the filesystem and cause a denial of service. IBM X-Force ID: 225977. | 2022-05-17 | not yet calculated | CVE-2022-22482 XF CONFIRM |
| ibm — spectrum_protect_operations_center |
IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser’s application command history. By accessing browser history, an attacker could exploit this vulnerability to obtain other user accounts’ passwords. IBM X-Force ID: 226322. | 2022-05-17 | not yet calculated | CVE-2022-22484 XF CONFIRM |
| tibco — jasperreports_server |
The REST API component of TIBCO Software Inc.’s TIBCO JasperReports Server, TIBCO JasperReports Server – Community Edition, TIBCO JasperReports Server – Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for ActiveMatrix BPM, and TIBCO JasperReports Server for Microsoft Azure contains difficult to exploit Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker with network access to execute scripts targeting the affected system or the victim’s local system. Affected releases are TIBCO Software Inc.’s TIBCO JasperReports Server: versions 8.0.1 and below, TIBCO JasperReports Server – Community Edition: versions 8.0.1 and below, TIBCO JasperReports Server – Developer Edition: versions 8.0.0 and below, TIBCO JasperReports Server for AWS Marketplace: versions 8.0.1 and below, TIBCO JasperReports Server for ActiveMatrix BPM: versions 7.9.2 and below, and TIBCO JasperReports Server for Microsoft Azure: versions 8.0.1 and below. | 2022-05-17 | not yet calculated | CVE-2022-22773 CONFIRM CONFIRM |
| tibco — tibco_bpm |
The Workspace client component of TIBCO Software Inc.’s TIBCO BPM Enterprise and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric contains difficult to exploit Reflected Cross Site Scripting (XSS) vulnerabilities that allow low privileged attackers with network access to execute scripts targeting the affected system or the victim’s local system. Affected releases are TIBCO Software Inc.’s TIBCO BPM Enterprise: versions 4.3.1 and below and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric: versions 4.3.1 and below. | 2022-05-17 | not yet calculated | CVE-2022-22775 CONFIRM CONFIRM |
| tibco — tibco_businessconnect_trading_community_management |
The Web Server component of TIBCO Software Inc.’s TIBCO BusinessConnect Trading Community Management contains easily exploitable vulnerabilities that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using these vulnerabilities requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.’s TIBCO BusinessConnect Trading Community Management: versions 6.1.0 and below. | 2022-05-18 | not yet calculated | CVE-2022-22776 CONFIRM CONFIRM |
| tibco — tibco_businessconnect_trading_community_management |
The Web Server component of TIBCO Software Inc.’s TIBCO BusinessConnect Trading Community Management contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow an unauthenticated attacker with network access to execute scripts targeting the affected system or the victim’s local system. Affected releases are TIBCO Software Inc.’s TIBCO BusinessConnect Trading Community Management: versions 6.1.0 and below. | 2022-05-18 | not yet calculated | CVE-2022-22777 CONFIRM CONFIRM |
| tibco — tibco_businessconnect_trading_community_management |
The Web Server component of TIBCO Software Inc.’s TIBCO BusinessConnect Trading Community Management contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to execute Cross-Site Request Forgery (CSRF) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.’s TIBCO BusinessConnect Trading Community Management: versions 6.1.0 and below. | 2022-05-18 | not yet calculated | CVE-2022-22778 CONFIRM CONFIRM |
| zoom — client_for_meetings |
The Zoom Client for Meetings (for Android, iOS, Linux, MacOS, and Windows) before version 5.10.0 failed to properly parse XML stanzas in XMPP messages. This can allow a malicious user to break out of the current XMPP message context and create a new message context to have the receiving users client perform a variety of actions.This issue could be used in a more sophisticated attack to forge XMPP messages from the server. | 2022-05-18 | not yet calculated | CVE-2022-22784 MISC |
| zoom — client_for_meetings |
The Zoom Client for Meetings (for Android, iOS, Linux, MacOS, and Windows) before version 5.10.0 failed to properly constrain client session cookies to Zoom domains. This issue could be used in a more sophisticated attack to send an unsuspecting users Zoom-scoped session cookies to a non-Zoom domain. This could potentially allow for spoofing of a Zoom user. | 2022-05-18 | not yet calculated | CVE-2022-22785 MISC |
| zoom — client_for_meetings |
The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room for Windows before version 5.10.0, fails to properly check the installation version during the update process. This issue could be used in a more sophisticated attack to trick a user into downgrading their Zoom client to a less secure version. | 2022-05-18 | not yet calculated | CVE-2022-22786 MISC |
| zoom — client_for_meetings |
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.10.0 fails to properly validate the hostname during a server switch request. This issue could be used in a more sophisticated attack to trick an unsuspecting users client to connect to a malicious server when attempting to use Zoom services. | 2022-05-18 | not yet calculated | CVE-2022-22787 CONFIRM |
| vmware — workspace_one |
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. | 2022-05-20 | not yet calculated | CVE-2022-22972 MISC |
| vmware — workspace_one |
VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to ‘root’. | 2022-05-20 | not yet calculated | CVE-2022-22973 MISC |
| vmware — spring_security | Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. When using the BCrypt class with the maximum work factor (31), the encoder does not perform any salt rounds, due to an integer overflow error. The default settings are not affected by this CVE. | 2022-05-19 | not yet calculated | CVE-2022-22976 MISC |
| vmware — spring_security |
In Spring Security versions 5.5.6 and 5.5.7 and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass. | 2022-05-19 | not yet calculated | CVE-2022-22978 MISC |
| tooljet — tooljet |
ToolJet versions v0.5.0 to v1.2.2 are vulnerable to token leakage via Referer header that leads to account takeover . If the user opens the invite link/signup link and then clicks on any external links within the page, it leaks the password set token/signup token in the referer header. Using these tokens the attacker can access the user’s account. | 2022-05-18 | not yet calculated | CVE-2022-23067 CONFIRM MISC |
| tooljet — tooljet |
ToolJet versions v0.6.0 to v1.10.2 are vulnerable to HTML injection where an attacker can inject malicious code inside the first name and last name field while inviting a new user which will be reflected in the invitational e-mail. | 2022-05-18 | not yet calculated | CVE-2022-23068 MISC CONFIRM |
| aruba_networks — clearpass_policy_manager |
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-16 | not yet calculated | CVE-2022-23657 MISC |
| aruba_networks — clearpass_policy_manager |
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-16 | not yet calculated | CVE-2022-23658 MISC |
| aruba_networks — clearpass_policy_manager |
A remote reflected cross site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-16 | not yet calculated | CVE-2022-23659 MISC |
| aruba_networks — clearpass_policy_manager |
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-16 | not yet calculated | CVE-2022-23660 MISC |
| aruba_networks — clearpass_policy_manager |
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-16 | not yet calculated | CVE-2022-23661 MISC |
| aruba_networks — clearpass_policy_manager |
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-16 | not yet calculated | CVE-2022-23662 MISC |
| aruba_networks — clearpass_policy_manager |
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-16 | not yet calculated | CVE-2022-23663 MISC |
| aruba_networks — clearpass_policy_manager |
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-16 | not yet calculated | CVE-2022-23664 MISC |
| aruba_networks — clearpass_policy_manager |
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-16 | not yet calculated | CVE-2022-23665 MISC |
| aruba_networks — clearpass_policy_manager |
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-16 | not yet calculated | CVE-2022-23666 MISC |
| aruba_networks — clearpass_policy_manager |
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-16 | not yet calculated | CVE-2022-23667 MISC |
| aruba_networks — clearpass_policy_manager |
A remote authenticated server-side request forgery (ssrf) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manage that address this security vulnerability. | 2022-05-16 | not yet calculated | CVE-2022-23668 MISC |
| aruba_networks — clearpass_policy_manager |
A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-17 | not yet calculated | CVE-2022-23669 MISC |
| aruba_networks — clearpass_policy_manager |
A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-16 | not yet calculated | CVE-2022-23670 MISC |
| aruba_networks — clearpass_policy_manager |
A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-17 | not yet calculated | CVE-2022-23671 MISC |
| aruba_networks — clearpass_policy_manager |
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-17 | not yet calculated | CVE-2022-23672 MISC |
| aruba_networks — clearpass_policy_manager |
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-17 | not yet calculated | CVE-2022-23673 MISC |
| aruba_networks — clearpass_policy_manager |
A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-17 | not yet calculated | CVE-2022-23674 MISC |
| aruba_networks — clearpass_policy_manager |
A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | 2022-05-17 | not yet calculated | CVE-2022-23675 MISC |
| hewlett_packard_enterprise — oneview |
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. | 2022-05-17 | not yet calculated | CVE-2022-23706 MISC |
| desigo — dxr2 |
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The login functionality of the application fails to normalize the response times of login attempts performed with wrong usernames with the ones executed with correct usernames. A remote unauthenticated attacker could exploit this side-channel information to perform a username enumeration attack and identify valid usernames. | 2022-05-20 | not yet calculated | CVE-2022-24043 CONFIRM |
| desigo — dxr2 |
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The login functionality of the application does not employ any countermeasures against Password Spraying attacks or Credential Stuffing attacks. An attacker could obtain a list of valid usernames on the device by exploiting the issue and then perform a precise Password Spraying or Credential Stuffing attack in order to obtain access to at least one account. | 2022-05-20 | not yet calculated | CVE-2022-24044 CONFIRM |
| desigo — dxr2 |
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The application, after a successful login, sets the session cookie on the browser via client-side JavaScript code, without applying any security attributes (such as “Secure”, “HttpOnly”, or “SameSite”). Any attempts to browse the application via unencrypted HTTP protocol would lead to the transmission of all his/her session cookies in plaintext through the network. An attacker could then be able to sniff the network and capture sensitive information. | 2022-05-20 | not yet calculated | CVE-2022-24045 CONFIRM |
| skyoftech — so_listing_tabs |
The Skyoftech So Listing Tabs module 2.2.0 for OpenCart allows a remote attacker to inject a serialized PHP object via the setting parameter, potentially resulting in the ability to write to files on the server, cause DoS, and achieve remote code execution because of deserialization of untrusted data. | 2022-05-17 | not yet calculated | CVE-2022-24108 MISC MISC MISC MISC |
| simatic — pcs_7 |
A vulnerability has been identified in SIMATIC PCS 7 V9.0 and earlier (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions), SIMATIC WinCC V7.4 and earlier (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 8). An authenticated attacker could escape the WinCC Kiosk Mode by opening the printer dialog in the affected application in case no printer is installed. | 2022-05-20 | not yet calculated | CVE-2022-24287 CONFIRM |
| siemens — teamcenter |
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions), Teamcenter V13.2 (All versions < V13.2.0.8), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions). The tcserver.exe binary in affected applications is vulnerable to a stack overflow condition during the parsing of user input that may lead the binary to crash. | 2022-05-20 | not yet calculated | CVE-2022-24290 CONFIRM |
| fidelis_security — network_and_deception |
Vulnerability in rconfig “date” enables an attacker with user level access to the CLI to inject root level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. | 2022-05-17 | not yet calculated | CVE-2022-24388 CONFIRM |
| fidelis_security — network_and_deception |
Vulnerability in rconfig “cert_utils” enables an attacker with user level access to the CLI to inject root level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. | 2022-05-17 | not yet calculated | CVE-2022-24389 CONFIRM |
| fidelis_security — network_and_deception |
Vulnerability in rconfig “remote_text_file” enables an attacker with user level access to the CLI to inject user level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. | 2022-05-17 | not yet calculated | CVE-2022-24390 CONFIRM |
| fidelis_security — network_and_deception |
Vulnerability in Fidelis Network and Deception CommandPost enables SQL injection through the web interface by an attacker with user level access. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. | 2022-05-17 | not yet calculated | CVE-2022-24391 CONFIRM |
| fidelis_security — network_and_deception |
Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command injection through the web interface using the “feed_comm_test” value for the “feed” parameter. The vulnerability could allow a specially crafted HTTP request to execute system commands on the CommandPost and return results in an HTTP response via an authenticated session. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. | 2022-05-17 | not yet calculated | CVE-2022-24392 CONFIRM |
| fidelis_security — network_and_deception |
Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command injection through the web interface using the “check_vertica_upgrade” value for the “cpIp” parameter. The vulnerability could allow a specially crafted HTTP request to execute system commands on the CommandPost and return results in an HTTP response via an authenticated session. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. | 2022-05-17 | not yet calculated | CVE-2022-24393 CONFIRM |
| fidelis_security — network_and_deception |
Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command injection through the web interface using the “update_checkfile” value for the “filename” parameter. The vulnerability could allow a specially crafted HTTP request to execute system commands on the CommandPost and return results in an HTTP response via an authenticated session. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. | 2022-05-17 | not yet calculated | CVE-2022-24394 CONFIRM |
| openjs_foundation — nodejs | This affects all versions of package dicer. A malicious attacker can send a modified form to server, and crash the nodejs service. An attacker could sent the payload again and again so that the service continuously crashes. | 2022-05-20 | not yet calculated | CVE-2022-24434 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| silicon_labs — z-wavw_500 |
Denial of Service (DoS) in the Z-Wave S0 NonceGet protocol specification in Silicon Labs Z-Wave 500 series allows local attackers to block S0/S2 protected Z-Wave network via crafted S0 NonceGet Z-Wave packages, utilizing included but absent NodeIDs. | 2022-05-17 | not yet calculated | CVE-2022-24611 MISC MISC |
| openclinica — openclinica |
OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known workarounds. This issue has been patched and users are recommended to upgrade. | 2022-05-14 | not yet calculated | CVE-2022-24830 CONFIRM MISC |
| openclinica — openclinica |
OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). Versions prior to 3.16.1 are vulnerable to SQL injection due to the use of string concatenation to create SQL queries instead of prepared statements. No known workarounds exist. This issue has been patched in 3.16.1, 3.15.9, 3.14.1, and 3.13.1 and users are advised to upgrade. | 2022-05-14 | not yet calculated | CVE-2022-24831 CONFIRM MISC |
| flytorg — flyteconsole | FlyteConsole is the web user interface for the Flyte platform. FlyteConsole prior to version 0.52.0 is vulnerable to server-side request forgery (SSRF) when FlyteConsole is open to the general internet. An attacker can exploit any user of a vulnerable instance to access the internal metadata server or other unauthenticated URLs. Passing of headers to an unauthorized actor may occur. The patch for this issue deletes the entire `cors_proxy`, as this is not required for console anymore. A patch is available in FlyteConsole version 0.52.0. Disable FlyteConsole availability on the internet as a workaround. | 2022-05-17 | not yet calculated | CVE-2022-24856 CONFIRM MISC MISC MISC |
| nextcloud — talk |
Nextcloud Talk is a video and audio conferencing app for Nextcloud. In versions prior to 13.0.5 and 14.0.0, a call moderator can indirectly enable user webcams by granting permissions, if they were enabled before removing the permissions. A patch is available in versions 13.0.5 and 14.0.0. There are currently no known workarounds. | 2022-05-17 | not yet calculated | CVE-2022-24890 MISC CONFIRM MISC MISC |
| argo — argo_cd |
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.7.0 and prior to versions 2.1.15m 2.2.9, and 2.3.4 is vulnerable to a symlink following bug allowing a malicious user with repository write access to leak sensitive files from Argo CD’s repo-server. A malicious Argo CD user with write access for a repository which is (or may be) used in a directory-type Application may commit a symlink which points to an out-of-bounds file. Sensitive files which could be leaked include manifest files from other Applications’ source repositories (potentially decrypted files, if you are using a decryption plugin) or any JSON-formatted secrets which have been mounted as files on the repo-server. A patch for this vulnerability has been released in Argo CD versions 2.3.4, 2.2.9, and 2.1.15. Users of versions 2.3.0 or above who do not have any Jsonnet/directory-type Applications may disable the Jsonnet/directory config management tool as a workaround. | 2022-05-20 | not yet calculated | CVE-2022-24904 MISC CONFIRM MISC MISC |
| argo — argo_cd |
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was found in Argo CD prior to versions 2.3.4, 2.2.9, and 2.1.15 that allows an attacker to spoof error messages on the login screen when single sign on (SSO) is enabled. In order to exploit this vulnerability, an attacker would have to trick the victim to visit a specially crafted URL which contains the message to be displayed. As far as the research of the Argo CD team concluded, it is not possible to specify any active content (e.g. Javascript) or other HTML fragments (e.g. clickable links) in the spoofed message. A patch for this vulnerability has been released in Argo CD versions 2.3.4, 2.2.9, and 2.1.15. There are currently no known workarounds. | 2022-05-20 | not yet calculated | CVE-2022-24905 CONFIRM MISC MISC MISC |
| nextcloud — deck |
Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. The full path of the application is exposed to unauthorized users. It is recommended that the Nextcloud Deck app is upgraded to 1.2.11, 1.4.6, or 1.5.4. There is no workaround available. | 2022-05-20 | not yet calculated | CVE-2022-24906 MISC CONFIRM MISC |
| mitsubishi_electric — melsec_iq-f |
Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS) versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS versions prior to 1.270 and Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS) versions prior to 1.030 allows a remote unauthenticated attacker to cause a DoS condition for the product’s program execution or communication by sending specially crafted packets. System reset of the product is required for recovery. | 2022-05-18 | not yet calculated | CVE-2022-25161 MISC MISC |
| mitsubishi_electric — melsec_iq-f |
Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS) versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS versions prior to 1.270 and Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS) versions prior to 1.030 allows a remote unauthenticated attacker to cause a temporary DoS condition for the product’s communication by sending specially crafted packets. | 2022-05-18 | not yet calculated | CVE-2022-25162 MISC MISC |
| apache — tika |
The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files. | 2022-05-16 | not yet calculated | CVE-2022-25169 CONFIRM MLIST |
| proton — proton |
Proton v0.2.0 allows an attacker to create a malicious link inside a markdown file. When the victim clicks the link, the application opens the site in the current frame allowing an attacker to host JavaScript code in the malicious link in order to trigger an XSS attack. The ‘nodeIntegration’ configuration is set to on which allows the ‘webpage’ to use ‘NodeJs’ features, an attacker can leverage this to run OS commands. | 2022-05-20 | not yet calculated | CVE-2022-25224 MISC |
| thinfinity — vnc |
Thinfinity VNC v4.0.0.1 contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can trick a user into browse malicious site, to obtain an ‘ID’ that can be used to send websocket requests and achieve RCE. | 2022-05-20 | not yet calculated | CVE-2022-25227 MISC |
| popcorn_software — popcorn_time |
Popcorn Time 0.4.7 has a Stored XSS in the ‘Movies API Server(s)’ field via the ‘settings’ page. The ‘nodeIntegration’ configuration is set to on which allows the ‘webpage’ to use ‘NodeJs’ features, an attacker can leverage this to run OS commands. | 2022-05-20 | not yet calculated | CVE-2022-25229 MISC MISC |
| wordpress — code_snippets_plugin |
Reflected Cross-Site Scripting (XSS) vulnerability in Code Snippets plugin <= 2.14.3 at WordPress via &orderby vulnerable parameter. | 2022-05-18 | not yet calculated | CVE-2022-25617 CONFIRM CONFIRM |
| open_source — multi-vendor_ online_groceries_management_system
|
Multi-Vendor Online Groceries Management System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /products/view_product.php. | 2022-05-20 | not yet calculated | CVE-2022-26632 MISC |
| open_source — simple_student_quarterly_result/grade_system |
Simple Student Quarterly Result/Grade System v1.0 was discovered to contain a SQL injection vulnerability via /sqgs/Actions.php. | 2022-05-20 | not yet calculated | CVE-2022-26633 MISC |
| hma — vpn |
HMA VPN v5.3.5913.0 contains an unquoted service path which allows attackers to escalate privileges to the system level. | 2022-05-20 | not yet calculated | CVE-2022-26634 MISC MISC |
| apache — shenyui |
In Apache ShenYui, ShenYu-Bootstrap, RegexPredicateJudge.java uses Pattern.matches(conditionData.getParamValue(), realData) to make judgments, where both parameters are controllable by the user. This can cause an attacker pass in malicious regular expressions and characters causing a resource exhaustion. This issue affects Apache ShenYu (incubating) 2.4.0, 2.4.1 and 2.4.2 and is fixed in 2.4.3. | 2022-05-17 | not yet calculated | CVE-2022-26650 CONFIRM MLIST |
| private_internet_access — private_internet_access |
Private Internet Access v3.3 contains an unquoted service path which allows attackers to escalate privileges to the system level. | 2022-05-20 | not yet calculated | CVE-2022-27092 MISC |
| sony — playmemories |
Sony PlayMemories Home v6.0 contains an unquoted service path which allows attackers to escalate privileges to the system level. | 2022-05-20 | not yet calculated | CVE-2022-27094 MISC |
| battleye — battleye |
BattlEye v0.9 contains an unquoted service path which allows attackers to escalate privileges to the system level. | 2022-05-20 | not yet calculated | CVE-2022-27095 MISC |
| siemens — openv2g |
A vulnerability has been identified in OpenV2G (V0.9.4). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption. | 2022-05-20 | not yet calculated | CVE-2022-27242 CONFIRM |
| jvn — multiple_products |
Cross-site request forgery (CSRF) vulnerability in Rebooter(WATCH BOOT nino RPC-M2C [End of Sale] all firmware versions, WATCH BOOT light RPC-M5C [End of Sale] all firmware versions, WATCH BOOT L-zero RPC-M4L [End of Sale] all firmware versions, WATCH BOOT mini RPC-M4H [End of Sale] all firmware versions, WATCH BOOT nino RPC-M2CS firmware version 1.00A to 1.00D, WATCH BOOT light RPC-M5CS firmware version 1.00A to 1.00D, WATCH BOOT L-zero RPC-M4LS firmware version 1.00A to 1.20A, and Signage Rebooter RPC-M4HSi firmware version 1.00A), PoE Rebooter(PoE BOOT nino PoE8M2 firmware version 1.00A to 1.20A), Scheduler(TIME BOOT mini RSC-MT4H [End of Sale] all firmware versions, TIME BOOT RSC-MT8F [End of Sale] all firmware versions, TIME BOOT RSC-MT8FP [End of Sale] all firmware versions, TIME BOOT mini RSC-MT4HS firmware version 1.00A to 1.10A, and TIME BOOT RSC-MT8FS firmware version 1.00A to 1.00E), and Contact Converter(POSE SE10-8A7B1 firmware version 1.00A to 1.20A) allows a remote attacker to hijack the authentication of an administrator and conduct arbitrary operations by having a user to view a specially crafted page. | 2022-05-18 | not yet calculated | CVE-2022-27632 MISC MISC |
| simatic — multiple_products |
A vulnerability has been identified in SIMATIC CP 442-1 RNA (All versions < V1.5.18), SIMATIC CP 443-1 RNA (All versions < V1.5.18). The affected devices improperly handles excessive ARP broadcast requests. This could allow an attacker to create a denial of service condition by performing ARP storming attacks, which can cause the device to reboot. | 2022-05-20 | not yet calculated | CVE-2022-27640 CONFIRM |
| siemens — simcenter_femap |
A vulnerability has been identified in Simcenter Femap (All versions < V2022.2). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted .NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15594) | 2022-05-20 | not yet calculated | CVE-2022-27653 CONFIRM |
| foxit_software — pdf_editor |
Foxit PDF Editor v11.3.1 was discovered to contain an arbitrary file upload vulnerability. | 2022-05-20 | not yet calculated | CVE-2022-28104 MISC MISC |
| sourcecodester — online_sports_complex_booking_system |
Online Sports Complex Booking System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /scbs/view_facility.php. | 2022-05-20 | not yet calculated | CVE-2022-28105 MISC |
| sourcecodester — online_sports_complex_booking_system |
Online Sports Complex Booking System v1.0 was discovered to allow attackers to take over user accounts via a crafted POST request. | 2022-05-20 | not yet calculated | CVE-2022-28106 MISC |
| nvidia — gpu_display_driver |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components. | 2022-05-17 | not yet calculated | CVE-2022-28181 MISC |
| nvidia — gpu_display_driver |
NVIDIA GPU Display Driver for Windows contains a vulnerability in the DirectX11 user mode driver (nvwgf2um/x.dll), where an unauthorized attacker on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution to cause denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components. | 2022-05-17 | not yet calculated | CVE-2022-28182 MISC |
| nvidia — gpu_display_driver |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause an out-of-bounds read, which may lead to denial of service and information disclosure. | 2022-05-17 | not yet calculated | CVE-2022-28183 MISC |
| nvidia — gpu_display_driver |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an unprivileged regular user can access administrator- privileged registers, which may lead to denial of service, information disclosure, and data tampering. | 2022-05-17 | not yet calculated | CVE-2022-28184 MISC |
| nvidia — gpu_display_driver |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the ECC layer, where an unprivileged regular user can cause an out-of-bounds write, which may lead to denial of service and data tampering. | 2022-05-17 | not yet calculated | CVE-2022-28185 MISC |
| nvidia — gpu_display_driver |
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the product receives input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly, which may lead to denial of service or data tampering. | 2022-05-17 | not yet calculated | CVE-2022-28186 MISC |
| nvidia — gpu_display_driver |
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where the memory management software does not release a resource after its effective lifetime has ended, which may lead to denial of service. | 2022-05-17 | not yet calculated | CVE-2022-28187 MISC |
| nvidia — gpu_display_driver |
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the product receives input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly, which may lead to denial of service. | 2022-05-17 | not yet calculated | CVE-2022-28188 MISC |
| nvidia — gpu_display_driver |
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a NULL pointer dereference may lead to a system crash. | 2022-05-17 | not yet calculated | CVE-2022-28189 MISC |
| nvidia — gpu_display_driver |
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where improper input validation can cause denial of service. | 2022-05-17 | not yet calculated | CVE-2022-28190 MISC |
| nvidia — vgpu |
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where uncontrolled resource consumption can be triggered by an unprivileged regular user, which may lead to denial of service. | 2022-05-17 | not yet calculated | CVE-2022-28191 MISC |
| nvidia — vgpu |
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where it may lead to a use-after-free, which in turn may cause denial of service. This attack is complex to carry out because the attacker needs to have control over freeing some host side resources out of sequence, which requires elevated privileges. | 2022-05-17 | not yet calculated | CVE-2022-28192 MISC |
| arm — mali_gpu_kernel_driver |
Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, Bifrost r0p0 through r36p0 before r37p0, and Valhall r19p0 through r36p0 before r37p0) allows improper GPU memory operations to reach a use-after-free situation. | 2022-05-19 | not yet calculated | CVE-2022-28348 CONFIRM MISC |
| arm — mali_gpu_kernel_driver |
Arm Mali GPU Kernel Driver has a use-after-free: Midgard r28p0 through r29p0 before r30p0, Bifrost r17p0 through r23p0 before r24p0, and Valhall r19p0 through r23p0 before r24p0. | 2022-05-19 | not yet calculated | CVE-2022-28349 CONFIRM MISC |
| arm — mali_gpu_kernel_driver |
Arm Mali GPU Kernel Driver allows improper GPU operations in Valhall r29p0 through r36p0 before r37p0 to reach a use-after-free situation. | 2022-05-19 | not yet calculated | CVE-2022-28350 CONFIRM MISC |
| sourcecodester — covid-19_directory_on_vaccination_system |
Sourcecodester Covid-19 Directory on Vaccination System1.0 is vulnerable to SQL Injection via the admin/login.php txtusername (aka Username) field. | 2022-05-20 | not yet calculated | CVE-2022-28531 MISC MISC |
| hpe — oneview |
A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. | 2022-05-17 | not yet calculated | CVE-2022-28616 MISC |
| hpe — oneview |
A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. | 2022-05-17 | not yet calculated | CVE-2022-28617 MISC |
| hpe — nimble |
A command injection security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays that could allow an attacker to execute arbitrary commands on a Nimble appliance. HPE has made the following software updates to resolve the vulnerability in HPE Nimble Storage: 5.0.10.100 or later, 5.2.1.0 or later, 6.0.0.100 or later. | 2022-05-20 | not yet calculated | CVE-2022-28618 MISC |
| Grafana — enterprise_logs |
The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not require authentication when X-Scope-OrgID is used. Versions 1.2.1, 1.3.1, and 1.4.0 contain the bugfix. This affects -auth.type=enterprise in microservices mode | 2022-05-20 | not yet calculated | CVE-2022-28660 CONFIRM |
|
meikyo_electric — multiple_products |
Cross-site scripting vulnerability in Rebooter(WATCH BOOT nino RPC-M2C [End of Sale] all firmware versions, WATCH BOOT light RPC-M5C [End of Sale] all firmware versions, WATCH BOOT L-zero RPC-M4L [End of Sale] all firmware versions, WATCH BOOT mini RPC-M4H [End of Sale] all firmware versions, WATCH BOOT nino RPC-M2CS firmware version 1.00A to 1.00D, WATCH BOOT light RPC-M5CS firmware version 1.00A to 1.00D, WATCH BOOT L-zero RPC-M4LS firmware version 1.00A to 1.20A, and Signage Rebooter RPC-M4HSi firmware version 1.00A), PoE Rebooter(PoE BOOT nino PoE8M2 firmware version 1.00A to 1.20A), Scheduler(TIME BOOT mini RSC-MT4H [End of Sale] all firmware versions, TIME BOOT RSC-MT8F [End of Sale] all firmware versions, TIME BOOT RSC-MT8FP [End of Sale] all firmware versions, TIME BOOT mini RSC-MT4HS firmware version 1.00A to 1.10A, and TIME BOOT RSC-MT8FS firmware version 1.00A to 1.00E), and Contact Converter(POSE SE10-8A7B1 firmware version 1.00A to 1.20A) allows a remote attacker with the administrative privilege to inject an arbitrary script via unspecified vectors. | 2022-05-18 | not yet calculated | CVE-2022-28717 MISC MISC |
| tenda — ax12 |
Tenda AX12 v22.03.01.21_cn was discovered to contain a stack overflow via the lanIp parameter in /goform/AdvSetLanIp. | 2022-05-18 | not yet calculated | CVE-2022-28917 MISC |
| blogengine — blogengine.net |
A Cross-Site Request Forgery (CSRF) vulnerability discovered in BlogEngine.Net v3.3.8.0 allows unauthenticated attackers to read arbitrary files on the hosting web server. | 2022-05-18 | not yet calculated | CVE-2022-28921 MISC MISC |
| universis — universis-students |
An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/. | 2022-05-18 | not yet calculated | CVE-2022-28924 MISC |
| subconverter — subconverter | A remote code execution (RCE) vulnerability in Subconverter v0.7.2 allows attackers to execute arbitrary code via crafted config and url parameters. | 2022-05-19 | not yet calculated | CVE-2022-28927 MISC MISC |
| hospital_management-system — hospital_management-system | Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the delid parameter at viewtreatmentrecord.php. | 2022-05-15 | not yet calculated | CVE-2022-28929 MISC |
| sage_software — erp-pro |
ERP-Pro v3.7.5 was discovered to contain a SQL injection vulnerability via the component /base/SysEveMenuAuthPointMapper.xml.. | 2022-05-15 | not yet calculated | CVE-2022-28930 MISC |
| fisco-bcos — fisco-bcos |
FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node can trigger an integer overflow and cause a Denial of Service (DoS) via an unusually large viewchange message packet. | 2022-05-15 | not yet calculated | CVE-2022-28936 MISC |
| fisco-bcos — fisco-bcos | FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node, via an invalid proposal with an invalid header, will cause normal nodes to stop producing new blocks and processing new clients’ requests. | 2022-05-15 | not yet calculated | CVE-2022-28937 MISC |
| open_policy_agent — opa |
An issue in the component ast/parser.go of Open Policy Agent v0.39.0 causes the application to incorrectly interpret every expression, causing a Denial of Service (DoS) via triggering out-of-range memory access. | 2022-05-19 | not yet calculated | CVE-2022-28946 MISC |
| go-yaml — yaml |
An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input. | 2022-05-19 | not yet calculated | CVE-2022-28948 MISC |
| d-link — dir816l_fw206b01 |
An access control issue in D-Link DIR816L_FW206b01 allows unauthenticated attackers to access folders folder_view.php and category_view.php. | 2022-05-18 | not yet calculated | CVE-2022-28955 MISC MISC |
| d-link — dir816l_fw206b01 |
An issue in the getcfg.php component of D-Link DIR816L_FW206b01 allows attackers to access the device via a crafted payload. | 2022-05-18 | not yet calculated | CVE-2022-28956 MISC MISC |
| d-link — dir816l_fw206b01 |
D-Link DIR816L_FW206b01 was discovered to contain a remote code execution (RCE) vulnerability via the value parameter at shareport.php. | 2022-05-18 | not yet calculated | CVE-2022-28958 MISC MISC |
| spip — spip_web_framework |
Multiple cross-site scripting (XSS) vulnerabilities in the component /spip.php of Spip Web Framework v3.1.13 and below allows attackers to execute arbitrary web scripts or HTML. | 2022-05-19 | not yet calculated | CVE-2022-28959 MISC MISC MISC MISC MISC |
| spip — spip |
A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the _oups parameter at /ecrire. | 2022-05-19 | not yet calculated | CVE-2022-28960 MISC MISC MISC MISC MISC |
| spip — spip_web_framework |
Spip Web Framework v3.1.13 and below was discovered to contain multiple SQL injection vulnerabilities at /ecrire via the lier_trad and where parameters. | 2022-05-19 | not yet calculated | CVE-2022-28961 MISC MISC MISC MISC MISC |
| packet_storm — online_sports_complex_booking_system |
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=delete_client. | 2022-05-19 | not yet calculated | CVE-2022-28962 MISC MISC |
| avast — premium_security |
An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file. | 2022-05-20 | not yet calculated | CVE-2022-28964 MISC MISC |
| avast — premium_security |
Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file. | 2022-05-20 | not yet calculated | CVE-2022-28965 MISC MISC |
| orangehrm — orangehrm |
A stored cross-site scripting (XSS) vulnerability in the addNewPost component of OrangeHRM v4.10.1 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. | 2022-05-20 | not yet calculated | CVE-2022-28985 MISC |
| manageengine — adselfservice_plus |
ManageEngine ADSelfService Plus v6.1 allows attackers to perform username enumeration via a crafted POST request to /ServletAPI/accounts/login. | 2022-05-20 | not yet calculated | CVE-2022-28987 MISC MISC |
| wasms — wasm3 |
WASM3 v0.5.0 was discovered to contain a heap overflow via the component /wabt/bin/poc.wasm. | 2022-05-20 | not yet calculated | CVE-2022-28990 MISC MISC |
| packet_storm — multi_store_inventory_management_system |
Multi Store Inventory Management System v1.0 was discovered to contain an information disclosure vulnerability which allows attackers to access sensitive files. | 2022-05-20 | not yet calculated | CVE-2022-28991 MISC |
| packet_storm — online_banquet_booking_system |
A Cross-Site Request Forgery (CSRF) in Online Banquet Booking System v1.0 allows attackers to change admin credentials via a crafted POST request. | 2022-05-20 | not yet calculated | CVE-2022-28992 MISC |
| packet_storm — multi_store_inventory_management_system |
Multi Store Inventory Management System v1.0 allows attackers to perform an account takeover via a crafted POST request. | 2022-05-20 | not yet calculated | CVE-2022-28993 MISC |
| yaml — regine |
Rengine v1.0.2 was discovered to contain a remote code execution (RCE) vulnerability via the yaml configuration function. | 2022-05-20 | not yet calculated | CVE-2022-28995 MISC |
| axiomatic-systems — bento4 |
Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x86_64/multiarch/strlen-avx2.S. | 2022-05-16 | not yet calculated | CVE-2022-29017 MISC |
| openrazer — openrazer |
A buffer overflow in the razerkbd driver of OpenRazer v3.3.0 and below allows attackers to cause a Denial of Service (DoS) via a crafted buffer sent to the matrix_custom_frame device. | 2022-05-20 | not yet calculated | CVE-2022-29021 MISC |
| openrazer — openrazer
|
A buffer overflow in the razeraccessory driver of OpenRazer v3.3.0 and below allows attackers to cause a Denial of Service (DoS) via a crafted buffer sent to the matrix_custom_frame device. | 2022-05-20 | not yet calculated | CVE-2022-29022 MISC |
| openrazer — openrazer
|
A buffer overflow in the razermouse driver of OpenRazer v3.3.0 and below allows attackers to cause a Denial of Service (DoS) via a crafted buffer sent to the matrix_custom_frame device. | 2022-05-20 | not yet calculated | CVE-2022-29023 MISC |
| seimens — multiple_products | A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Tiff_Loader.dll is vulnerable to infinite loop condition while parsing specially crafted TIFF files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | 2022-05-20 | not yet calculated | CVE-2022-29028 CONFIRM |
| seimens — multiple_products |
A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | 2022-05-20 | not yet calculated | CVE-2022-29029 CONFIRM |
| seimens — multiple_products |
A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Mono_Loader.dll library is vulnerable to integer overflow condition while parsing specially crafted TG4 files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | 2022-05-20 | not yet calculated | CVE-2022-29030 CONFIRM |
| seimens — multiple_products |
A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | 2022-05-20 | not yet calculated | CVE-2022-29031 CONFIRM |
| seimens — multiple_products |
A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library contains a double free vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process. | 2022-05-20 | not yet calculated | CVE-2022-29032 CONFIRM |
| seimens — multiple_products | A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library is vulnerable to uninitialized pointer free while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process. | 2022-05-20 | not yet calculated | CVE-2022-29033 CONFIRM |
| nextcloud — nextcloud_deck |
Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud. In versions prior to 1.4.8, 1.5.6, and 1.6.1, an authenticated user can move stacks with cards from their own board to a board of another user. The Nextcloud Deck app contains a patch for this issue in versions 1.4.8, 1.5.6, and 1.6.1. There are no known currently-known workarounds available. | 2022-05-20 | not yet calculated | CVE-2022-29159 MISC MISC CONFIRM |
| nextcloud — nextcloud_android |
Nextcloud Android is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.0, sensitive tokens, images, and user related details exist after deletion of a user account. This could result in misuse of the former account holder’s information. Nextcloud Android version 3.19.0 contains a patch for this issue. There are no known workarounds available. | 2022-05-20 | not yet calculated | CVE-2022-29160 CONFIRM MISC MISC |
| open_containers — runc |
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec –cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container’s bounding set. This bug has been fixed in runc 1.1.2. This fix changes `runc exec –cap` behavior such that the additional capabilities granted to the process being executed (as specified via `–cap` arguments) do not include inheritable capabilities. In addition, `runc spec` is changed to not set any inheritable capabilities in the created example OCI spec (`config.json`) file. | 2022-05-17 | not yet calculated | CVE-2022-29162 MISC MISC CONFIRM |
| nextcloud — nextcloud_server |
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 22.2.6 and 23.0.3, a user can create a link that is not password protected even if the administrator requires links to be password protected. Versions 22.2.6 and 23.0.3 contain a patch for this issue. There are currently no known workarounds. | 2022-05-20 | not yet calculated | CVE-2022-29163 MISC CONFIRM MISC MISC |
| argo — argo_cd |
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A critical vulnerability has been discovered in Argo CD starting with version 1.4.0 and prior to versions 2.1.15, 2.2.9, and 2.3.4 which would allow unauthenticated users to impersonate as any Argo CD user or role, including the `admin` user, by sending a specifically crafted JSON Web Token (JWT) along with the request. In order for this vulnerability to be exploited, anonymous access to the Argo CD instance must have been enabled. In a default Argo CD installation, anonymous access is disabled. The vulnerability can be exploited to impersonate as any user or role, including the built-in `admin` account regardless of whether it is enabled or disabled. Also, the attacker does not need an account on the Argo CD instance in order to exploit this. If anonymous access to the instance is enabled, an attacker can escalate their privileges, effectively allowing them to gain the same privileges on the cluster as the Argo CD instance, which is cluster admin in a default installation. This will allow the attacker to create, manipulate and delete any resource on the cluster. They may also exfiltrate data by deploying malicious workloads with elevated privileges, thus bypassing any redaction of sensitive data otherwise enforced by the Argo CD API. A patch for this vulnerability has been released in Argo CD versions 2.3.4, 2.2.9, and 2.1.15. As a workaround, one may disable anonymous access, but upgrading to a patched version is preferable. | 2022-05-20 | not yet calculated | CVE-2022-29165 MISC CONFIRM MISC MISC |
| grafana — grafana_enterprise |
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request security allow list is used and there is a possibility to add a custom datasource to Grafana which returns HTTP redirects. In this scenario, Grafana would blindly follow the redirects and potentially give secure information to the clients. Grafana Cloud is not impacted by this vulnerability. Versions 7.5.16 and 8.5.3 contain a patch for this issue. There are currently no known workarounds. | 2022-05-20 | not yet calculated | CVE-2022-29170 CONFIRM MISC MISC MISC |
| countly — countly_server |
countly-server is the server-side part of Countly, a product analytics solution. Prior to versions 22.03.7 and 21.11.4, a malicious actor who knows an account email address/username and full name specified in the database is capable of guessing the password reset token. The actor may use this information to reset the password and take over the account. The problem has been patched in Countly Server version 22.03.7 for servers using the new user interface and in 21.11.4 for servers using the old user interface. | 2022-05-17 | not yet calculated | CVE-2022-29174 MISC CONFIRM |
| ethereum — go_ethereum |
Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Version 1.10.17 contains a patch that addresses the problem. As a workaround, setting loglevel to default level (`INFO`) makes the node not vulnerable to this attack. | 2022-05-20 | not yet calculated | CVE-2022-29177 CONFIRM MISC |
| cilium — cilium |
Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Cilium prior to versions 1.9.16, 1.10.11, and 1.11.15 contains an incorrect default permissions vulnerability. Operating Systems with users belonging to the group ID 1000 can access the API of Cilium via Unix domain socket available on the host where Cilium is running. This could allow malicious users to compromise integrity as well as system availability on that host. The problem has been fixed and the patch is available in versions 1.9.16, 1.10.11, and 1.11.5. A potential workaround is to modify Cilium’s DaemonSet to run with a certain command, which can be found in the GitHub Security Advisory for this vulnerability. | 2022-05-20 | not yet calculated | CVE-2022-29178 MISC MISC MISC CONFIRM |
| cilium — cilium |
Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Prior to versions 1.9.16, 1.10.11, and 1.11.15, if an attacker is able to perform a container escape of a container running as root on a host where Cilium is installed, the attacker can escalate privileges to cluster admin by using Cilium’s Kubernetes service account. The problem has been fixed and the patch is available in versions 1.9.16, 1.10.11, and 1.11.5. There are no known workarounds available. | 2022-05-20 | not yet calculated | CVE-2022-29179 MISC MISC MISC CONFIRM |
| nokogirl — nokogirl |
Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a `String` by calling `#to_s` or equivalent. | 2022-05-20 | not yet calculated | CVE-2022-29181 MISC CONFIRM MISC MISC |
| gocd — gocd |
GoCD is a continuous delivery server. GoCD versions 19.11.0 through 21.4.0 (inclusive) are vulnerable to a Document Object Model (DOM)-based cross-site scripting attack via a pipeline run’s Stage Details > Graphs tab. It is possible for a malicious script on a attacker-hosted site to execute script that will run within the user’s browser context and GoCD session via abuse of a messaging channel used for communication between with the parent page and the stage details graph’s iframe. This could allow an attacker to steal a GoCD user’s session cookies and/or execute malicious code in the user’s context. This issue is fixed in GoCD 22.1.0. There are currently no known workarounds. | 2022-05-20 | not yet calculated | CVE-2022-29182 MISC MISC CONFIRM MISC |
| gocd — gocd |
GoCD is a continuous delivery server. GoCD versions 20.2.0 until 21.4.0 are vulnerable to reflected cross-site scripting via abuse of the pipeline comparison function’s error handling to render arbitrary HTML into the returned page. This could allow an attacker to trick a victim into executing code which would allow the attacker to operate on, or gain control over the same resources as the victim had access to. This issue is fixed in GoCD 21.4.0. As a workaround, block access to `/go/compare/.*` prior to GoCD Server via a reverse proxy, web application firewall or equivalent, which would prevent use of the pipeline comparison function. | 2022-05-20 | not yet calculated | CVE-2022-29183 CONFIRM MISC MISC MISC |
| gocd — gocd |
GoCD is a continuous delivery server. In GoCD versions prior to 22.1.0, it is possible for existing authenticated users who have permissions to edit or create pipeline materials or pipeline configuration repositories to get remote code execution capability on the GoCD server via configuring a malicious branch name which abuses Mercurial hooks/aliases to exploit a command injection weakness. An attacker would require access to an account with existing GoCD administration permissions to either create/edit (`hg`-based) configuration repositories; create/edit pipelines and their (`hg`-based) materials; or, where “pipelines-as-code” configuration repositories are used, to commit malicious configuration to such an external repository which will be automatically parsed into a pipeline configuration and (`hg`) material definition by the GoCD server. This issue is fixed in GoCD 22.1.0. As a workaround, users who do not use/rely upon Mercurial materials can uninstall/remove the `hg`/Mercurial binary from the underlying GoCD Server operating system or Docker image. | 2022-05-20 | not yet calculated | CVE-2022-29184 MISC MISC MISC CONFIRM |
| totp-rs — totp-rs |
totp-rs is a Rust library that permits the creation of 2FA authentification tokens per time-based one-time password (TOTP). Prior to version 1.1.0, token comparison was not constant time, and could theorically be used to guess value of an TOTP token, and thus reuse it in the same time window. The attacker would have to know the password beforehand nonetheless. Starting with patched version 1.1.0, the library uses constant-time comparison. There are currently no known workarounds. | 2022-05-20 | not yet calculated | CVE-2022-29185 CONFIRM MISC MISC |
| rundeck — rundeck |
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Rundeck community and rundeck-enterprise docker images contained a pre-generated SSH keypair. If the id_rsa.pub public key of the keypair was copied to authorized_keys files on remote host, those hosts would allow access to anyone with the exposed private credentials. This misconfiguration only impacts Rundeck Docker instances of PagerDuty® Process Automation On Prem (formerly Rundeck) version 4.0 and earlier, not Debian, RPM or .WAR. Additionally, the id_rsa.pub file would have to be copied from the Docker image filesystem contents without overwriting it and used to configure SSH access on a host. A patch on Rundeck’s `main` branch has removed the pre-generated SSH key pair, but it does not remove exposed keys that have been configured. To patch, users must run a script on hosts in their environment to search for exposed keys and rotate them. Two workarounds are available: Do not use any pre-existing public key file from the rundeck docker images to allow SSH access by adding it to authorized_keys files and, if you have copied the public key file included in the docker image, remove it from any authorized_keys files. | 2022-05-20 | not yet calculated | CVE-2022-29186 CONFIRM MISC |
| smokescreen — smokescreen |
Smokescreen is an HTTP proxy. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional (e.g., external) URLs by way of a deny list. There was an issue in Smokescreen that made it possible to bypass the deny list feature by surrounding the hostname with square brackets (e.g. `[example.com]`). This only impacted the HTTP proxy functionality of Smokescreen. HTTPS requests were not impacted. Smokescreen version 0.0.4 contains a patch for this issue. | 2022-05-21 | not yet calculated | CVE-2022-29188 MISC CONFIRM |
| pion — pion_dtls |
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, a buffer that was used for inbound network traffic had no upper limit. Pion DTLS would buffer all network traffic from the remote user until the handshake completes or timed out. An attacker could exploit this to cause excessive memory usage. Version 2.1.4 contains a patch for this issue. There are currently no known workarounds available. | 2022-05-21 | not yet calculated | CVE-2022-29189 MISC CONFIRM MISC |
| pion — pion_dtls |
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, an attacker can send packets that sends Pion DTLS into an infinite loop when processing. Version 2.1.4 contains a patch for this issue. There are currently no known workarounds available. | 2022-05-21 | not yet calculated | CVE-2022-29190 MISC MISC CONFIRM |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.GetSessionTensor` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29191 CONFIRM MISC MISC MISC MISC MISC MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.QuantizeAndDequantizeV4Grad` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29192 MISC MISC MISC MISC MISC MISC CONFIRM |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.TensorSummaryV2` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29193 MISC MISC MISC MISC MISC MISC CONFIRM |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.DeleteSessionTensor` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29194 MISC CONFIRM MISC MISC MISC MISC MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.StagePeek` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `index` is a scalar but there is no validation for this before accessing its value. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29195 CONFIRM MISC MISC MISC MISC MISC MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.Conv3DBackpropFilterV2` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code does not validate that the `filter_sizes` argument is a vector. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29196 MISC CONFIRM MISC MISC MISC MISC MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a scalar but there is no validation for this before accessing its value. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29197 CONFIRM MISC MISC MISC MISC MISC MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SparseTensorToCSRSparseMatrix` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `dense_shape` is a vector and `indices` is a matrix (as part of requirements for sparse tensors) but there is no validation for this. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29198 MISC CONFIRM MISC MISC MISC MISC MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.LoadAndRemapMatrix does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `initializing_values` is a vector but there is no validation for this before accessing its value. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29199 CONFIRM MISC MISC MISC MISC MISC MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.LSTMBlockCell` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code does not validate the ranks of any of the arguments to this API call. This results in `CHECK`-failures when the elements of the tensor are accessed. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29200 MISC MISC MISC MISC MISC CONFIRM MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.QuantizedConv2D` does not fully validate the input arguments. In this case, references get bound to `nullptr` for each argument that is empty. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29201 MISC MISC MISC MISC MISC CONFIRM MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.ragged.constant` does not fully validate the input arguments. This results in a denial of service by consuming all available memory. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29202 MISC CONFIRM MISC MISC MISC MISC MISC MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SpaceToBatchND` (in all backends such as XLA and handwritten kernels) is vulnerable to an integer overflow: The result of this integer overflow is used to allocate the output tensor, hence we get a denial of service via a `CHECK`-failure (assertion failure), as in TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29203 CONFIRM MISC MISC MISC MISC MISC MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29204 MISC MISC MISC MISC MISC MISC MISC CONFIRM MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, there is a potential for segfault / denial of service in TensorFlow by calling `tf.compat.v1.*` ops which don’t yet have support for quantized types, which was added after migration to TensorFlow 2.x. In these scenarios, since the kernel is missing, a `nullptr` value is passed to `ParseDimensionValue` for the `py_value` argument. Then, this is dereferenced, resulting in segfault. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29205 CONFIRM MISC MISC MISC MISC MISC MISC MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SparseTensorDenseAdd` does not fully validate the input arguments. In this case, a reference gets bound to a `nullptr` during kernel execution. This is undefined behavior. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29206 CONFIRM MISC MISC MISC MISC MISC MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid. In graph mode, it would have been impossible to perform these API calls, but migration to TF 2.x eager mode opened up this vulnerability. If the resource handle is empty, then a reference is bound to a null pointer inside TensorFlow codebase (various codepaths). This is undefined behavior. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29207 MISC MISC MISC MISC MISC MISC CONFIRM |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.EditDistance` has incomplete validation. Users can pass negative values to cause a segmentation fault based denial of service. In multiple places throughout the code, one may compute an index for a write operation. However, the existing validation only checks against the upper bound of the array. Hence, it is possible to write before the array by massaging the input to generate negative values for `loc`. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-20 | not yet calculated | CVE-2022-29208 MISC MISC MISC MISC MISC CONFIRM |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the macros that TensorFlow uses for writing assertions (e.g., `CHECK_LT`, `CHECK_GT`, etc.) have an incorrect logic when comparing `size_t` and `int` values. Due to type conversion rules, several of the macros would trigger incorrectly. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-21 | not yet calculated | CVE-2022-29209 MISC MISC MISC MISC MISC CONFIRM MISC MISC MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. In version 2.8.0, the `TensorKey` hash function used total estimated `AllocatedBytes()`, which (a) is an estimate per tensor, and (b) is a very poor hash function for constants (e.g. `int32_t`). It also tried to access individual tensor bytes through `tensor.data()` of size `AllocatedBytes()`. This led to ASAN failures because the `AllocatedBytes()` is an estimate of total bytes allocated by a tensor, including any pointed-to constructs (e.g. strings), and does not refer to contiguous bytes in the `.data()` buffer. The discoverers could not use this byte vector anyway because types such as `tstring` include pointers, whereas they needed to hash the string values themselves. This issue is patched in Tensorflow versions 2.9.0 and 2.8.1. | 2022-05-21 | not yet calculated | CVE-2022-29210 MISC CONFIRM MISC MISC MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.histogram_fixed_width` is vulnerable to a crash when the values array contain `Not a Number` (`NaN`) elements. The implementation assumes that all floating point operations are defined and then converts a floating point result to an integer index. If `values` contains `NaN` then the result of the division is still `NaN` and the cast to `int32` would result in a crash. This only occurs on the CPU implementation. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-21 | not yet calculated | CVE-2022-29211 MISC CONFIRM MISC MISC MISC MISC MISC MISC MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, certain TFLite models that were created using TFLite model converter would crash when loaded in the TFLite interpreter. The culprit is that during quantization the scale of values could be greater than 1 but code was always assuming sub-unit scaling. Thus, since code was calling `QuantizeMultiplierSmallerThanOneExp`, the `TFLITE_CHECK_LT` assertion would trigger and abort the process. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-21 | not yet calculated | CVE-2022-29212 MISC CONFIRM MISC MISC MISC MISC MISC MISC |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the `tf.compat.v1.signal.rfft2d` and `tf.compat.v1.signal.rfft3d` lack input validation and under certain condition can result in crashes (due to `CHECK`-failures). Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. | 2022-05-21 | not yet calculated | CVE-2022-29213 MISC MISC MISC MISC MISC MISC CONFIRM MISC |
| nextauthjs — next-auth |
NextAuth.js (next-auth) is am open source authentication solution for Next.js applications. Prior to versions 3.29.3 and 4.3.3, an open redirect vulnerability is present when the developer is implementing an OAuth 1 provider. Versions 3.29.3 and 4.3.3 contain a patch for this issue. The maintainers recommend adding a certain configuration to one’s `callbacks` option as a workaround for those unable to upgrade. | 2022-05-21 | not yet calculated | CVE-2022-29214 MISC CONFIRM |
| regionprotect — regionprotect | RegionProtect is a plugin that allows users to manage certain events in certain regions of the world. Versions prior to 1.1.0 contain a YAML injection vulnerability that can cause an instant server crash if the passed arguments are not matched. Version 1.1.0 contains a patch for this issue. As a workaround, restrict operator permissions to untrusted people and avoid entering arguments likely to cause a crash. | 2022-05-21 | not yet calculated | CVE-2022-29215 MISC CONFIRM |
| tensorflow — tensorflow |
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow’s `saved_model_cli` tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reasons as the maintainers had several test cases where numpy expressions were used as arguments. However, given that the tool is always run manually, the impact of this is still not severe. The maintainers have now removed the `safe=False` argument, so all parsing is done without calling `eval`. The patch is available in versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4. | 2022-05-21 | not yet calculated | CVE-2022-29216 MISC MISC MISC MISC MISC MISC MISC CONFIRM |
| pion — pion_dtls |
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn’t posses the private key for and Pion DTLS wouldn’t reject it. This issue affects users that are using Client certificates only. The connection itself is still secure. The Certificate provided by clients can’t be trusted when using a Pion DTLS server prior to version 2.1.5. Users should upgrade to version 2.1.5 to receive a patch. There are currently no known workarounds. | 2022-05-21 | not yet calculated | CVE-2022-29222 MISC MISC CONFIRM |
| cass — cass |
CaSS is a Competency and Skills System. CaSS Library, (npm:cassproject) has a missing cryptographic step when storing cryptographic keys that can allow a server administrator access to an account’s cryptographic keys. This affects CaSS servers using standalone username/password authentication, which uses a method that expects e2e cryptographic security of authorization credentials. The issue has been patched in 1.5.8, however, the vulnerable accounts are only resecured when the user next logs in using standalone authentication, as the data required to resecure the account is not available to the server. The issue may be mitigated by using SSO or client side certificates to log in. Please note that SSO and client side certificate authentication does not have this expectation of no-knowledge credential access, and cryptographic keys are available to the server administrator. | 2022-05-18 | not yet calculated | CVE-2022-29229 MISC CONFIRM |
| shopify — hydrogen |
Hydrogen is a React-based framework for building dynamic, Shopify-powered custom storefronts. There is a potential Cross-Site Scripting (XSS) vulnerability where an arbitrary user is able to execute scripts on pages that are built with Hydrogen. This affects all versions of Hydrogen starting from version 0.10.0 to 0.18.0. This vulnerability is exploitable in applications whose hydrating data is user controlled. All Hydrogen users should upgrade their project to version 0.19.0. There is no current workaround, and users should update as soon as possible. Additionally, the Content Security Policy is not an effective mitigation for this vulnerability. | 2022-05-18 | not yet calculated | CVE-2022-29230 MISC CONFIRM MISC |
| omline_sports_complex — online_sports_complex_booking_system |
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /classes/master.php?f=delete_ Facility. | 2022-05-19 | not yet calculated | CVE-2022-29304 MISC |
| minitool — partition_wizard |
MiniTool Partition Wizard v12.0 contains an unquoted service path which allows attackers to escalate privileges to the system level. | 2022-05-20 | not yet calculated | CVE-2022-29320 MISC |
| d-link — dir-825_ac1200_r2 |
D-LINK DIR-825 AC1200 R2 is vulnerable to Directory Traversal. An attacker could use the “../../../../” setting of the FTP server folder to set the router’s root folder for FTP access. This allows you to access the entire router file system via the FTP server. | 2022-05-17 | not yet calculated | CVE-2022-29332 MISC |
| tiddlywiki5 — tiddlywiki5 |
An arbitrary file upload vulnerability in the file upload module of Tiddlywiki5 v5.2.2 allows attackers to execute arbitrary code via a crafted SVG file. | 2022-05-16 | not yet calculated | CVE-2022-29351 MISC MISC MISC MISC |
| graphql — graphql |
An arbitrary file upload vulnerability in the file upload module of Graphql-upload v13.0.0 allows attackers to execute arbitrary code via a crafted filename. | 2022-05-16 | not yet calculated | CVE-2022-29353 MISC |
| keystone — keystone |
An arbitrary file upload vulnerability in the file upload module of Keystone v4.2.1 allows attackers to execute arbitrary code via a crafted file. | 2022-05-16 | not yet calculated | CVE-2022-29354 MISC |
| wordpress — biplob_adhikari’s_image_hover_effecgts_ultimate_plugin |
Authenticated (admin or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in Biplob Adhikari’s Image Hover Effects Ultimate plugin <= 9.7.1 at WordPress. | 2022-05-20 | not yet calculated | CVE-2022-29424 CONFIRM CONFIRM |
| wordpress — wp_wham’s_checkout_files_upload_for_woocommerce_plugin | Cross-Site Scripting (XSS) vulnerability in WP Wham’s Checkout Files Upload for WooCommerce plugin <= 2.1.2 at WordPress. | 2022-05-20 | not yet calculated | CVE-2022-29425 CONFIRM CONFIRM |
| wordpress — 2j_slideshow_plugin | Authenticated (contributor or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in 2J Slideshow Team’s Slideshow, Image Slider by 2J plugin <= 1.3.54 at WordPress. | 2022-05-20 | not yet calculated | CVE-2022-29426 CONFIRM CONFIRM |
| wordpress — aftab_muni’s_disable_right_click_for_wp_plugin | Cross-Site Request Forgery (CSRF) vulnerability in Aftab Muni’s Disable Right Click For WP plugin <= 1.1.6 at WordPress. | 2022-05-20 | not yet calculated | CVE-2022-29427 CONFIRM CONFIRM |
| wordpress — muneeb’s_wp_slider_plugin | Cross-Site Scripting (XSS) vulnerability in Muneeb’s WP Slider Plugin <= 1.4.5 at WordPress. | 2022-05-20 | not yet calculated | CVE-2022-29428 CONFIRM CONFIRM |
| wordpress — alexander_stokmann’s_code_snippets_extended_plugin |
Remote Code Execution (RCE) in Alexander Stokmann’s Code Snippets Extended plugin <= 1.4.7 on WordPress via Cross-Site Request Forgery. | 2022-05-17 | not yet calculated | CVE-2022-29429 CONFIRM CONFIRM |
| wordpress — kubiq_png_to_jpg_plugin | Cross-Site Scripting (XSS) vulnerability in KubiQ’s PNG to JPG plugin <= 4.0 at WordPress via Cross-Site Request Forgery (CSRF). Vulnerable parameter &jpg_quality. | 2022-05-20 | not yet calculated | CVE-2022-29430 CONFIRM CONFIRM |
| wordpress — kubiq_cpt_base_plugin |
Cross-Site Request Forgery (CSRF) vulnerability in KubiQ CPT base plugin <= 5.8 at WordPress allows an attacker to delete the CPT base. | 2022-05-20 | not yet calculated | CVE-2022-29431 CONFIRM CONFIRM |
| wordpress — tms_plugins_wpdatatables_plugin |
Multiple Authenticated (administrator or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in TMS-Plugins wpDataTables plugin <= 2.1.27 on WordPress via &data-link-text, &data-link-url, &data, &data-shortcode, &data-star-num vulnerable parameters. | 2022-05-20 | not yet calculated | CVE-2022-29432 CONFIRM CONFIRM |
| wordpress — spiffy_plugins_spiffy_calendar |
Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar <= 4.9.0 at WordPress allows an attacker to edit or delete events. | 2022-05-20 | not yet calculated | CVE-2022-29434 CONFIRM CONFIRM |
| wordpress — alexander_stokmann’s_code_snippets_extended_plugin |
Cross-Site Request Forgery (CSRF) vulnerability in Alexander Stokmann’s Code Snippets Extended plugin <= 1.4.7 on WordPress allows an attacker to delete or to turn on/off snippets. | 2022-05-17 | not yet calculated | CVE-2022-29435 CONFIRM CONFIRM |
| wordpress — alexander_stokmann’s_code_snippets_extended_plugin |
Persistent Cross-Site Scripting (XSS) vulnerability in Alexander Stokmann’s Code Snippets Extended plugin <= 1.4.7 on WordPress via Cross-Site Request Forgery (vulnerable parameters &title, &snippet_code). | 2022-05-17 | not yet calculated | CVE-2022-29436 CONFIRM CONFIRM |
| wordpress — wow-company’s_popup_box_plugin |
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company’s Popup Box plugin <= 2.1.2 at WordPress. | 2022-05-18 | not yet calculated | CVE-2022-29445 CONFIRM CONFIRM |
| wordpress — wow-company’s_hover_effects_plugin |
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company’s Counter Box plugin <= 1.1.1 at WordPress. | 2022-05-19 | not yet calculated | CVE-2022-29446 CONFIRM CONFIRM |
| wordpress — wow-company’s_hover_effects_plugin |
Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company’s Hover Effects plugin <= 2.1 at WordPress. | 2022-05-20 | not yet calculated | CVE-2022-29447 CONFIRM CONFIRM |
| wordpress — wow-company’s_herd_effects_plugin | Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company’s Herd Effects plugin <= 5.2 at WordPress. | 2022-05-20 | not yet calculated | CVE-2022-29448 CONFIRM CONFIRM |
| wordpress — opal_hotel_room_booking_plugin |
Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Opal Hotel Room Booking plugin <= 1.2.7 at WordPress. | 2022-05-19 | not yet calculated | CVE-2022-29449 CONFIRM CONFIRM |
| fujitsu — multiple_products |
The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, 1300, 2300, 2500, 2700), IPCOM EX SC(1100, 1300, 2300, 2500, 2700), and IPCOM EX NW(1100, 1300, 2300, 2500, 2700)) allows a remote attacker to execute an arbitrary OS command via unspecified vectors. | 2022-05-18 | not yet calculated | CVE-2022-29516 MISC MISC |
| koyo_electronics — multiple_products |
Screen Creator Advance2, HMI GC-A2 series, and Real time remote monitoring and control tool Screen Creator Advance2 versions prior to Ver.0.1.1.3 Build01, HMI GC-A2 series(GC-A22W-CW, GC-A24W-C(W), GC-A26W-C(W), GC-A24, GC-A24-M, GC-A25, GC-A26, and GC-A26-J2), and Real time remote monitoring and control tool(Remote GC) allows a local attacker to bypass authentication due to the improper check for the Remote control setting’s account names. This may allow attacker who can access the HMI from Real time remote monitoring and control tool may perform arbitrary operations on the HMI. As a result, the information stored in the HMI may be disclosed, deleted or altered, and/or the equipment may be illegally operated via the HMI. | 2022-05-18 | not yet calculated | CVE-2022-29518 MISC MISC |
| net/sched — net/sched |
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. | 2022-05-17 | not yet calculated | CVE-2022-29581 MISC MISC MLIST |
| konica_minolta — bizhub_mfp |
Konica Minolta bizhub MFP devices before 2022-04-14 allow a Sandbox Escape. An attacker must attach a keyboard to a USB port, press F12, and then escape from the kiosk mode. | 2022-05-16 | not yet calculated | CVE-2022-29586 MISC MISC |
| konica_minolta — bizhub_mfp |
Konica Minolta bizhub MFP devices before 2022-04-14 have an internal Chromium browser that executes with root (aka superuser) access privileges. | 2022-05-16 | not yet calculated | CVE-2022-29587 MISC MISC |
| konica_minolta — bizhub_mfp |
Konica Minolta bizhub MFP devices before 2022-04-14 use cleartext password storage for the /var/log/nginx/html/ADMINPASS and /etc/shadow files. | 2022-05-16 | not yet calculated | CVE-2022-29588 MISC MISC |
| formidable — formidable | An arbitrary file upload vulnerability in formidable v3.1.4 allows attackers to execute arbitrary code via a crafted filename. | 2022-05-16 | not yet calculated | CVE-2022-29622 MISC |
| connect-multiparty — connect-multiparty | An arbitrary file upload vulnerability in the file upload module of Connect-Multiparty v2.2.0 allows attackers to execute arbitrary code via a crafted PDF file. | 2022-05-16 | not yet calculated | CVE-2022-29623 MISC |
| totolink — a3100R |
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the comment parameter in the function setIpQosRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | 2022-05-18 | not yet calculated | CVE-2022-29638 MISC |
| totolink — a3100R |
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a command injection vulnerability via the magicid parameter in the function uci_cloudupdate_config. | 2022-05-18 | not yet calculated | CVE-2022-29639 MISC |
| totolink — a3100R |
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the comment parameter in the function setPortForwardRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | 2022-05-18 | not yet calculated | CVE-2022-29640 MISC |
| totolink — a3100R |
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the startTime and endTime parameters in the function setParentalRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | 2022-05-18 | not yet calculated | CVE-2022-29641 MISC MISC |
| totolink — a3100R |
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the url parameter in the function setUrlFilterRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | 2022-05-18 | not yet calculated | CVE-2022-29642 MISC |
| totolink — a3100R |
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the macAddress parameter in the function setMacQos. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | 2022-05-18 | not yet calculated | CVE-2022-29643 MISC |
| totolink — a3100R |
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for the telnet service stored in the component /web_cste/cgi-bin/product.ini. | 2022-05-18 | not yet calculated | CVE-2022-29644 MISC |
| totolink — a3100R |
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for root stored in the component /etc/shadow.sample. | 2022-05-18 | not yet calculated | CVE-2022-29645 MISC |
| totolink — a3100R |
An access control issue in TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 allows attackers to obtain sensitive information via a crafted web request. | 2022-05-18 | not yet calculated | CVE-2022-29646 MISC |
| packet_storm — online_sports_coplex_booking_system | Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=save_client. | 2022-05-19 | not yet calculated | CVE-2022-29652 MISC MISC |
| siemen — teamcenter | A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem. | 2022-05-20 | not yet calculated | CVE-2022-29801 CONFIRM |
| siemens — multiple_products | A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly validate parameters of POST requests. This could allow an authenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on the device. | 2022-05-20 | not yet calculated | CVE-2022-29872 CONFIRM |
| siemens — multiple_products |
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly validate parameters of certain GET and POST requests. This could allow an unauthenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on the device. | 2022-05-20 | not yet calculated | CVE-2022-29873 CONFIRM |
| siemens — multiple_products |
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not encrypt web traffic with clients but communicate in cleartext via HTTP. This could allow an unauthenticated attacker to capture the traffic and interfere with the functionality of the device. | 2022-05-20 | not yet calculated | CVE-2022-29874 CONFIRM |
| siemens — multiple_products |
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly handle the input of a GET request parameter. The provided argument is directly reflected in the web server response. This could allow an unauthenticated attacker to perform reflected XSS attacks. | 2022-05-20 | not yet calculated | CVE-2022-29876 CONFIRM |
| siemens — multiple_products | A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices allow unauthenticated access to the web interface configuration area. This could allow an attacker to extract internal configuration details or to reconfigure network settings. However, the reconfigured settings cannot be activated unless the role of an authenticated administrator user. | 2022-05-20 | not yet calculated | CVE-2022-29877 CONFIRM |
| siemens — multiple_products |
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device. | 2022-05-20 | not yet calculated | CVE-2022-29878 CONFIRM |
| siemens — multiple_products | A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). The web based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow authenticated users to access critical device information. | 2022-05-20 | not yet calculated | CVE-2022-29879 CONFIRM |
| siemens — multiple_products | A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly validate input in the configuration interface. This could allow an authenticated attacker to place persistent XSS attacks to perform arbitrary actions in the name of a logged user which accesses the affected views. | 2022-05-20 | not yet calculated | CVE-2022-29880 CONFIRM |
| siemens — multiple_products | A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). The web based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow unauthenticated users to extract internal configuration details. | 2022-05-20 | not yet calculated | CVE-2022-29881 CONFIRM |
| siemens — multiple_products |
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not handle uploaded files correctly. An unauthenticated attacker could take advantage of this situation to store an XSS attack, which could – when a legitimate user accesses the error logs – perform arbitrary actions in the name of the user. | 2022-05-20 | not yet calculated | CVE-2022-29882 CONFIRM |
| siemens — multiple_products | A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not restrict unauthenticated access to certain pages of the web interface. This could allow an attacker to delete log files without authentication. | 2022-05-20 | not yet calculated | CVE-2022-29883 CONFIRM |
| gxcms — gxcms |
GXCMS V1.5 has a file upload vulnerability in the background. The vulnerability is the template management page. You can edit any template content and then rename to PHP suffix file, after calling PHP file can control the server. | 2022-05-17 | not yet calculated | CVE-2022-30007 MISC |
| hms — hms | In HMS 1.0 when requesting appointment.php through POST, multiple parameters can lead to a SQL injection vulnerability. | 2022-05-16 | not yet calculated | CVE-2022-30011 MISC MISC |
| hms — hms |
In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection. | 2022-05-16 | not yet calculated | CVE-2022-30012 MISC MISC |
| totaljs_cms — totaljs |
A stored cross-site scripting (XSS) vulnerability in the upload function of totaljs CMS 3.4.5 allows attackers to execute arbitrary web scripts via a JavaScript embedded PDF file. | 2022-05-16 | not yet calculated | CVE-2022-30013 MISC MISC |
| mobotix — control_center_(mxcc) |
Mobotix Control Center (MxCC) through 2.5.4.5 has Insufficiently Protected Credentials, Storing Passwords in a Recoverable Format via the MxCC.ini config file. The credential storage method in this software enables an attacker/user of the machine to gain admin access to the software and gain access to recordings/recording locations. | 2022-05-19 | not yet calculated | CVE-2022-30018 MISC |
| tenda — tx9_pro |
Tenda TX9 Pro V22.03.02.10 is vulnerable to Buffer Overflow via the functtion setIPv6Status() in httpd module. | 2022-05-18 | not yet calculated | CVE-2022-30033 MISC |
| ezxml — ezxml |
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap out-of-bounds read. | 2022-05-17 | not yet calculated | CVE-2022-30045 MISC |
| rebuild — rebuild |
A Server-Side Request Forgery (SSRF) in Rebuild v2.8.3 allows attackers to obtain the real IP address and scan Intranet information via the fileurl parameter. | 2022-05-15 | not yet calculated | CVE-2022-30049 MISC |
| tenable — gnuboard |
Gnuboard 5.55 and 5.56 is vulnerable to Cross Site Scripting (XSS) via bbs/member_confirm.php. | 2022-05-16 | not yet calculated | CVE-2022-30050 MISC |
| home — clean_service_system |
In Home Clean Service System 1.0, the password parameter is vulnerable to SQL injection attacks. | 2022-05-17 | not yet calculated | CVE-2022-30052 MISC |
| tenable — toll_tax_management_system |
In Toll Tax Management System 1.0, the id parameter appears to be vulnerable to SQL injection attacks. | 2022-05-17 | not yet calculated | CVE-2022-30053 MISC |
| covid_19_travel_pass_management — covid_19_travel_pass_management |
In Covid 19 Travel Pass Management 1.0, the code parameter is vulnerable to SQL injection attacks. | 2022-05-17 | not yet calculated | CVE-2022-30054 MISC |
| packet_storm — prime95 |
Prime95 30.7 build 9 suffers from a Buffer Overflow vulnerability that could lead to Remote Code Execution. | 2022-05-16 | not yet calculated | CVE-2022-30055 MISC MISC |
| busybox – awk_applet |
A use-after-free in Busybox 1.35-x’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. | 2022-05-18 | not yet calculated | CVE-2022-30065 MISC |
| gnome — gimp |
GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash. | 2022-05-17 | not yet calculated | CVE-2022-30067 MISC |
| wbce_cms — wbce_cms |
WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via adminpagessections_save.php namesection2 parameters. | 2022-05-17 | not yet calculated | CVE-2022-30072 MISC MISC MISC |
| wbce_cms — wbce_cms
|
WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via /admin/users/save.php. | 2022-05-17 | not yet calculated | CVE-2022-30073 MISC MISC |
| belkin — n300_firmware |
In Belkin N300 Firmware 1.00.08, the script located at /setting_hidden.asp, which is accessible before and after configuring the device, exhibits multiple remote command injection vulnerabilities. The following parameters in the [form name] form; [list vulnerable parameters], are not properly sanitized after being submitted to the web interface in a POST request. With specially crafted parameters, it is possible to inject a an OS command which will be executed with root privileges, as the web interface, and all processes on the device, run as root. | 2022-05-18 | not yet calculated | CVE-2022-30105 MISC |
| jirafeau — jirafeau |
The file preview functionality in Jirafeau < 4.4.0, which is enabled by default, could be exploited for cross site scripting. An attacker could upload image/svg+xml files containing JavaScript. When someone visits the File Preview URL for this file, the JavaScript inside of this image/svg+xml file will be executed in the users’ browser. | 2022-05-17 | not yet calculated | CVE-2022-30110 MISC |
| caagearup — mck_smartlock | Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers to unlock the mechanism via replay attacks. | 2022-05-18 | not yet calculated | CVE-2022-30111 MISC MISC MISC |
| apache — tika |
In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.2 and 2.4.0 | 2022-05-16 | not yet calculated | CVE-2022-30126 CONFIRM MLIST |
| microsoft — windows-print_spooler_elevation_privilege_vulnerability |
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29104, CVE-2022-29132. | 2022-05-18 | not yet calculated | CVE-2022-30138 N/A |
| cx_security — chatbot |
ChatBot Application with a Suggestion Feature 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /simple_chat_bot/admin/responses/view_response.php. | 2022-05-20 | not yet calculated | CVE-2022-30518 MISC MISC |
| trend_micro — password_manager_(consumer) |
Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Privilege Escalation Vulnerability that could allow a low privileged local attacker to delete the contents of an arbitrary folder as SYSTEM which can then be used for privilege escalation on the affected machine. | 2022-05-16 | not yet calculated | CVE-2022-30523 MISC MISC |
| opc_foundation — ua_legacy_java_stack | OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker to cause a server to stop processing messages by sending crafted messages that exhaust available resources. | 2022-05-20 | not yet calculated | CVE-2022-30551 MISC MISC MISC |
| moodle — moodle |
A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk. | 2022-05-18 | not yet calculated | CVE-2022-30596 MISC MISC MISC |
| moodle — moodle |
A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field. | 2022-05-18 | not yet calculated | CVE-2022-30597 MISC MISC MISC |
| moodle — moodle |
A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it. | 2022-05-18 | not yet calculated | CVE-2022-30598 MISC MISC MISC |
| moodle — moodle |
A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria. | 2022-05-18 | not yet calculated | CVE-2022-30599 MISC MISC MISC |
| moodle — moodle |
A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed. | 2022-05-18 | not yet calculated | CVE-2022-30600 MISC MISC MISC |
| strapi — strapi |
An authenticated user with access to the Strapi admin panel can view private and sensitive data, such as email and password reset tokens, for other admin panel users that have a relationship (e.g., created by, updated by) with content accessible to the authenticated user. For example, a low-privileged “author” role account can view these details in the JSON response for an “editor” or “super admin” that has updated one of the author’s blog posts. There are also many other scenarios where such details from other users can leak in the JSON response, either through a direct or indirect relationship. Access to this information enables a user to compromise other users’ accounts by successfully invoking the password reset workflow. In a worst-case scenario, a low-privileged user could get access to a “super admin” account with full control over the Strapi instance, and could read and modify any data as well as block access to both the admin panel and API by revoking privileges for all other users. | 2022-05-19 | not yet calculated | CVE-2022-30617 MISC |
| strapi — strapi |
An authenticated user with access to the Strapi admin panel can view private and sensitive data, such as email and password reset tokens, for API users if content types accessible to the authenticated user contain relationships to API users (from:users-permissions). There are many scenarios in which such details from API users can leak in the JSON response within the admin panel, either through a direct or indirect relationship. Access to this information enables a user to compromise these users’ accounts if the password reset API endpoints have been enabled. In a worst-case scenario, a low-privileged user could get access to a high-privileged API account, and could read and modify any data as well as block access to both the admin panel and API by revoking privileges for all other users. | 2022-05-19 | not yet calculated | CVE-2022-30618 MISC |
| needrestart — needrestart |
needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files. | 2022-05-17 | not yet calculated | CVE-2022-30688 MISC MISC MISC MISC MLIST DEBIAN MLIST |
| hashicorp — multiple_products |
HashiCorp Vault and Vault Enterprise from 1.10.0 to 1.10.2 did not correctly configure and enforce MFA on login after server restarts. This affects the Login MFA feature introduced in Vault and Vault Enterprise 1.10.0 and does not affect the separate Enterprise MFA feature set. Fixed in 1.10.3. | 2022-05-17 | not yet calculated | CVE-2022-30689 MISC |
| acronis — snap_deploy_(windows) |
Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Snap Deploy (Windows) before build 3640 | 2022-05-16 | not yet calculated | CVE-2022-30695 MISC |
| acronis — snap_deploy_(windows) | Local privilege escalation due to a DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 3640 | 2022-05-16 | not yet calculated | CVE-2022-30696 MISC |
| acronis — snap_deploy_(windows) | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 3640 | 2022-05-16 | not yet calculated | CVE-2022-30697 MISC |
| webmin — webmin |
Webmin through 1.991, when the Authentic theme is used, allows remote code execution when a user has been manually created (i.e., not created in Virtualmin or Cloudmin). This occurs because settings-editor_write.cgi does not properly restrict the file parameter. | 2022-05-15 | not yet calculated | CVE-2022-30708 MISC MISC MISC MISC MISC MISC MISC MISC |
| janet-lang — janet |
Janet before 1.22.0 mishandles arrays. | 2022-05-16 | not yet calculated | CVE-2022-30763 MISC MISC |
| calibre-web — calibre-web |
Calibre-Web before 0.6.18 allows user table SQL Injection. | 2022-05-16 | not yet calculated | CVE-2022-30765 MISC MISC |
| uboot — uboot |
nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196. | 2022-05-16 | not yet calculated | CVE-2022-30767 MISC MISC MISC |
| terminalfour — terminalfour |
Terminalfour before 8.3.8 allows XSS, aka RDSM-31817. 8.2.18.2.1 and 8.2.18.5 are also fixed versions. | 2022-05-16 | not yet calculated | CVE-2022-30770 MISC MISC MISC |
| pdfreader — xpdf | xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by (for example) sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKE_CXX_COMPILER=afl-clang-fast++ option. | 2022-05-16 | not yet calculated | CVE-2022-30775 MISC |
| atmail — atmail |
atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter. | 2022-05-16 | not yet calculated | CVE-2022-30776 MISC MISC |
| Parallels — h-sphere |
Parallels H-Sphere 3.6.1713 allows XSS via the index_en.php from parameter. | 2022-05-16 | not yet calculated | CVE-2022-30777 MISC MISC |
| laveral — laravel |
Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution via an unserialize pop chain in __destruct in IlluminateBroadcastingPendingBroadcast.php and dispatch($command) in IlluminateBusQueueingDispatcher.php. | 2022-05-16 | not yet calculated | CVE-2022-30778 MISC |
| laveral — laravel |
Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution via an unserialize pop chain in __destruct in GuzzleHttpCookieFileCookieJar.php. | 2022-05-16 | not yet calculated | CVE-2022-30779 MISC |
| gitea — gitea |
Gitea before 1.16.7 does not escape git fetch remote. | 2022-05-16 | not yet calculated | CVE-2022-30781 MISC MISC MISC |
| openmoney — openmoney |
Openmoney API through 2020-06-29 uses the JavaScript Math.random function, which does not provide cryptographically secure random numbers. | 2022-05-16 | not yet calculated | CVE-2022-30782 MISC MISC |
| packet_storm — school_dormitory_management_system | School Dormitory Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /dms/admin/reports/daily_collection_report.php. | 2022-05-20 | not yet calculated | CVE-2022-30886 MISC |
| packet_storm — pharmacy_management_system |
Pharmacy Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file. | 2022-05-20 | not yet calculated | CVE-2022-30887 MISC |
| jenkins — groovy_plugin |
Jenkins Pipeline: Groovy Plugin 2689.v434009a_31b_f1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in sandboxed pipelines. | 2022-05-17 | not yet calculated | CVE-2022-30945 CONFIRM MLIST |
| jenkins — script_security_plugin |
A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver. | 2022-05-17 | not yet calculated | CVE-2022-30946 MLIST CONFIRM |
| jjenkins — git_plugin |
Jenkins Git Plugin 4.11.1 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller’s file system using local paths as SCM URLs, obtaining limited information about other projects’ SCM contents. | 2022-05-17 | not yet calculated | CVE-2022-30947 MLIST CONFIRM |
| jenkins — mercurial_plugin |
Jenkins Mercurial Plugin 2.16 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller’s file system using local paths as SCM URLs, obtaining limited information about other projects’ SCM contents. | 2022-05-17 | not yet calculated | CVE-2022-30948 MLIST CONFIRM |
| jenkins — repo_plugin |
Jenkins REPO Plugin 1.14.0 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller’s file system using local paths as SCM URLs, obtaining limited information about other projects’ SCM contents. | 2022-05-17 | not yet calculated | CVE-2022-30949 MLIST CONFIRM |
| jenkins — wmi_windows_agents_plugin |
Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library which has a buffer overflow vulnerability that may allow users able to connect to a named pipe to execute commands on the Windows agent machine. | 2022-05-17 | not yet calculated | CVE-2022-30950 MLIST CONFIRM |
| jenkins — wmi_windows_agents_plugin |
Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library does not implement access control, potentially allowing users to start processes even if they’re not allowed to log in. | 2022-05-17 | not yet calculated | CVE-2022-30951 MLIST CONFIRM |
| jenkins — pipeline_scm_api_for_blue_ocean_plugin |
Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allows attackers with Job/Configure permission to access credentials with attacker-specified IDs stored in the private per-user credentials stores of any attacker-specified user in Jenkins. | 2022-05-17 | not yet calculated | CVE-2022-30952 MLIST CONFIRM |
| jenkins — blue_ocean_plugin |
A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server. | 2022-05-17 | not yet calculated | CVE-2022-30953 MLIST CONFIRM |
| jenkins — blue_ocean_plugin |
Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server. | 2022-05-17 | not yet calculated | CVE-2022-30954 MLIST CONFIRM |
| jenkins — gitlab_plugin |
Jenkins GitLab Plugin 1.5.31 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 2022-05-17 | not yet calculated | CVE-2022-30955 CONFIRM |
| jenkins — rundeck_plugin |
Jenkins Rundeck Plugin 3.6.10 and earlier does not restrict URL schemes in Rundeck webhook submissions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to submit crafted Rundeck webhook payloads. | 2022-05-17 | not yet calculated | CVE-2022-30956 CONFIRM |
| jenkins — ssh_plugin |
A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 2022-05-17 | not yet calculated | CVE-2022-30957 MLIST CONFIRM |
| jenkins — ssh_plugin |
A cross-site request forgery (CSRF) vulnerability in Jenkins SSH Plugin 2.6.1 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 2022-05-17 | not yet calculated | CVE-2022-30958 CONFIRM |
| jenkins — ssh_plugin |
A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 2022-05-17 | not yet calculated | CVE-2022-30959 CONFIRM |
| jenkins — application_detector_plugin |
Jenkins Application Detector Plugin 1.0.8 and earlier does not escape the name of Chois Application Version parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-05-17 | not yet calculated | CVE-2022-30960 CONFIRM |
| jenkins — autocomplete_parameter_plugin |
Jenkins Autocomplete Parameter Plugin 1.1 and earlier does not escape the name of Dropdown Autocomplete and Auto Complete String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-05-17 | not yet calculated | CVE-2022-30961 CONFIRM |
| jenkins — global_variable_string_parameter_plugin | Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-05-17 | not yet calculated | CVE-2022-30962 CONFIRM |
| jenkins — jdk_parameter_plugin |
Jenkins JDK Parameter Plugin 1.0 and earlier does not escape the name and description of JDK parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-05-17 | not yet calculated | CVE-2022-30963 CONFIRM |
| jenkins — multiselect_parameter_plugin |
Jenkins Multiselect parameter Plugin 1.3 and earlier does not escape the name and description of Multiselect parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-05-17 | not yet calculated | CVE-2022-30964 CONFIRM |
| jenkins — promoted_builds_(simple)_plugin |
Jenkins Promoted Builds (Simple) Plugin 1.9 and earlier does not escape the name and description of Promotion Level parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-05-17 | not yet calculated | CVE-2022-30965 CONFIRM |
| jenkins — random_string_parameter |
Jenkins Random String Parameter Plugin 1.0 and earlier does not escape the name and description of Random String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-05-17 | not yet calculated | CVE-2022-30966 CONFIRM |
| jenkins — selection_tasks_plugin |
Jenkins Selection tasks Plugin 1.0 and earlier does not escape the name and description of Script Selection task variable parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-05-17 | not yet calculated | CVE-2022-30967 CONFIRM |
| jenkins — vboxwrapper_plugin |
Jenkins vboxwrapper Plugin 1.3 and earlier does not escape the name and description of VBox node parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-05-17 | not yet calculated | CVE-2022-30968 CONFIRM |
| jenkins — autocomplete_paraeter_plugin |
A cross-site request forgery (CSRF) vulnerability in Jenkins Autocomplete Parameter Plugin 1.1 and earlier allows attackers to execute arbitrary code without sandbox protection if the victim is an administrator. | 2022-05-17 | not yet calculated | CVE-2022-30969 CONFIRM |
| jenkins — autocomplete_paraeter_plugin |
Jenkins Autocomplete Parameter Plugin 1.1 and earlier references Dropdown Autocomplete parameter and Auto Complete String parameter names in an unsafe manner from Javascript embedded in view definitions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-05-17 | not yet calculated | CVE-2022-30970 CONFIRM |
| jenkins — storale_configs_plugin |
Jenkins Storable Configs Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 2022-05-17 | not yet calculated | CVE-2022-30971 CONFIRM |
| jenkins — storale_configs_plugin |
A cross-site request forgery (CSRF) vulnerability in Jenkins Storable Configs Plugin 1.0 and earlier allows attackers to have Jenkins parse a local XML file (e.g., archived artifacts) that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery. | 2022-05-17 | not yet calculated | CVE-2022-30972 CONFIRM |
| artifex — mujs | compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413. | 2022-05-18 | not yet calculated | CVE-2022-30974 MISC |
| artifex — mujs | In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp. | 2022-05-18 | not yet calculated | CVE-2022-30975 MISC |
| gpac — gpac |
GPAC 2.0.0 misuses a certain Unicode utf8_wcslen (renamed gf_utf8_wcslen) function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box. | 2022-05-18 | not yet calculated | CVE-2022-30976 MISC MISC MISC |
| acronis — multiple_products | Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Linux) before build 29240, Acronis Agent (Linux) before build 28037 | 2022-05-18 | not yet calculated | CVE-2022-30990 MISC |
| acronis — multiple_products |
HTML injection via report name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240 | 2022-05-18 | not yet calculated | CVE-2022-30991 MISC |
| acronis — multiple_products | Open redirect via user-controlled query parameter. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240 | 2022-05-18 | not yet calculated | CVE-2022-30992 MISC |
| acronis — multiple_products | Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240 | 2022-05-18 | not yet calculated | CVE-2022-30993 MISC |
| acronis — acronis_cyber_protect_15_(windows) | Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 29240 | 2022-05-18 | not yet calculated | CVE-2022-30994 MISC |
| goverlan — multiple_products |
In certain Goverlan products, the Windows Firewall is temporarily turned off upon a Goverlan agent update operation. This allows remote attackers to bypass firewall blocking rules for a time period of up to 30 seconds. This affects Goverlan Reach Console before 10.5.1, Reach Server before 3.70.1, and Reach Client Agents before 10.1.11. | 2022-05-20 | not yet calculated | CVE-2022-31215 MISC MISC |
| mailcow — mailcow |
mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the –debug option in conjunction with the —PIPEMESS option in Sync Jobs. | 2022-05-20 | not yet calculated | CVE-2022-31245 MISC MISC |
| checkmk — checkmk | In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can escalate to root by editing an OMD hook symlink. | 2022-05-20 | not yet calculated | CVE-2022-31258 MISC MISC |
| beego — beego |
The route lookup process in beego through 1.12.4 and 2.x through 2.0.2 allows attackers to bypass access control. When a /p1/p2/:name route is configured, attackers can access it by appending .xml in various places (e.g., p1.xml instead of p1). | 2022-05-21 | not yet calculated | CVE-2022-31259 MISC MISC MISC |
| solana — solana_rbpf |
Solana solana_rbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program. | 2022-05-21 | not yet calculated | CVE-2022-31264 MISC MISC |
| gitblit — gitblit |
Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext ‘attacker@example.comntrole = “#admin”‘ value. | 2022-05-21 | not yet calculated | CVE-2022-31267 MISC MISC |
| gitblit — gitblit |
A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ (e.g., followed by a WEB-INF or META-INF pathname). | 2022-05-21 | not yet calculated | CVE-2022-31268 MISC |
This product is provided subject to this Notification and this Privacy & Use policy.