US-CERT Bulletin (SB22-052):Vulnerability Summary for the Week of February 14, 2022
Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
High Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
accel-ppp — accel-ppp | The rad_packet_recv function in opt/src/accel-pppd/radius/packet.c suffers from a buffer overflow vulnerability, whereby user input len is copied into a fixed buffer &attr->val.integer without any bound checks. If the client connects to the server and sends a large radius packet, a buffer overflow vulnerability will be triggered. | 2022-02-14 | 7.5 | CVE-2022-24704 MISC |
accel-ppp — accel-ppp | The rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability. | 2022-02-14 | 7.5 | CVE-2022-24705 MISC |
apache — apisix | An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX’s data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed. | 2022-02-11 | 7.5 | CVE-2022-24112 MISC MLIST |
apache — cassandra | When running Apache Cassandra with the following configuration: enable_user_defined_functions: true enable_scripted_user_defined_functions: true enable_user_defined_functions_threads: false it is possible for an attacker to execute arbitrary code on the host. The attacker would need to have enough permissions to create user defined functions in the cluster to be able to exploit this. Note that this configuration is documented as unsafe, and will continue to be considered unsafe after this CVE. | 2022-02-11 | 8.5 | CVE-2021-44521 MISC MLIST MISC |
broadcom — xcom_data_transport | XCOM Data Transport for Windows, Linux, and UNIX 11.6 releases contain a vulnerability due to insufficient input validation that could potentially allow remote attackers to execute arbitrary commands with elevated privileges. | 2022-02-14 | 10 | CVE-2022-23992 MISC |
dairy_farm_shop_management_system_project — dairy_farm_shop_management_system | Dairy Farm Shop Management System v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised. | 2022-02-11 | 7.5 | CVE-2020-36062 MISC MISC MISC |
drupal — drupal | Drupal’s JSON:API and REST/File modules allow file uploads through their HTTP APIs. The modules do not correctly run all file validation, which causes an access bypass vulnerability. An attacker might be able to upload files that bypass the file validation process implemented by modules on the site. | 2022-02-11 | 7.5 | CVE-2020-13675 CONFIRM |
foxit — pdf_reader | Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have a Stack-Based Buffer Overflow related to XFA, for the ‘subform colSpan=”-2″‘ and ‘draw colSpan=”1″‘ substrings. | 2022-02-11 | 7.5 | CVE-2022-24954 MISC MISC |
foxit — pdf_reader | Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have an Uncontrolled Search Path Element for DLL files. | 2022-02-11 | 7.5 | CVE-2022-24955 MISC |
golang — go | Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. | 2022-02-11 | 7.8 | CVE-2022-23772 MISC |
google — android | In onActivityViewReady of DetailDialog.kt, there is a possible Intent Redirect due to a confused deputy. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-193445603 | 2022-02-11 | 7.2 | CVE-2021-39668 MISC |
google — android | In fastboot, there is a possible secure boot bypass due to a configuration error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android SoC Android ID: A-202018701 | 2022-02-11 | 7.2 | CVE-2021-39672 MISC |
google — android | In openFileAndEnforcePathPermissionsHelper of MediaProvider.java, there is a possible bypass of a permissions check due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-200682135 | 2022-02-11 | 7.2 | CVE-2021-39663 MISC |
google — android | In btm_sec_connected and btm_sec_disconnected of btm_sec.cc file , there is a possible use after free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-201083442 | 2022-02-11 | 7.2 | CVE-2021-39674 MISC |
google — android | In checkUriPermission of MediaProvider.java , there is a possible way to gain access to the content of media provider collections due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-197302116 | 2022-02-11 | 7.2 | CVE-2021-39662 MISC |
google — android | In updatePackageMappingsData of UsageStatsService.java, there is a possible way to bypass security and privacy settings of app usage due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-197399948 | 2022-02-11 | 7.2 | CVE-2021-39619 MISC |
google — android | In writeThrowable of AndroidFuture.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-197228210 | 2022-02-11 | 7.2 | CVE-2021-39676 MISC |
google — android | Summary:Product: AndroidVersions: Android SoCAndroid ID: A-204686438 | 2022-02-11 | 10 | CVE-2021-39616 MISC |
google — android | An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | 2022-02-11 | 7.2 | CVE-2022-23428 MISC |
google — android | In GKI_getbuf of gki_buffer.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-205729183 | 2022-02-11 | 10 | CVE-2021-39675 MISC |
google — android | ismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms system service?but it does not check the permissions of the caller?resulting in permission leaks?Third-party apps can use this service to arbitrarily modify and set system properties?Product: AndroidVersions: Android SoCAndroid ID: A-207479207 | 2022-02-11 | 10 | CVE-2021-39658 MISC |
google — android | Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station. | 2022-02-11 | 7.5 | CVE-2022-23425 MISC |
google — android | ims_ex is a vendor system service used to manage VoLTE in unisoc devices?But it does not verify the caller’s permissions?so that normal apps (No phone permissions) can obtain some VoLTE sensitive information and manage VoLTE calls.Product: AndroidVersions: Android SoCAndroid ID: A-206492634 | 2022-02-11 | 9.4 | CVE-2021-39635 MISC |
microweber — microweber | OS Command Injection in Packagist microweber/microweber prior to 1.2.11. | 2022-02-11 | 9.3 | CVE-2022-0557 CONFIRM MISC |
mitsubishielectric — cw_configurator | Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an attacker to execute arbitrary code. | 2022-02-11 | 7.5 | CVE-2020-14523 MISC MISC MISC |
nokia — bts_trs_web_console | Nokia BTS TRS web console FTM_W20_FP2_2019.08.16_0010 allows Authentication Bypass. A malicious unauthenticated user can get access to all the functionalities exposed via the web panel, circumventing the authentication process, by using URL encoding for the . (dot) character. | 2022-02-11 | 7.5 | CVE-2021-31932 MISC |
portainer — portainer | In Portainer Agent before 2.11.1, an API server can continue running even if not associated with a Portainer instance in the past few days. | 2022-02-11 | 7.5 | CVE-2022-24961 MISC MISC MISC MISC |
qualcomm — apq8009w_firmware | Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 2022-02-11 | 7.2 | CVE-2021-30323 CONFIRM |
qualcomm — apq8096au_firmware | Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 2022-02-11 | 7.2 | CVE-2021-35069 CONFIRM |
qualcomm — aqt1000_firmware | Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 2022-02-11 | 7.2 | CVE-2021-30317 CONFIRM |
qualcomm — aqt1000_firmware | Possible out of bounds write due to improper validation of number of GPIOs configured in an internal parameters array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | 2022-02-11 | 7.2 | CVE-2021-30322 CONFIRM |
qualcomm — ar8035_firmware | Possible integer overflow due to improper fragment datatype while calculating number of fragments in a request message in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | 2022-02-11 | 7.2 | CVE-2021-35074 CONFIRM |
qualcomm — ar8035_firmware | Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | 2022-02-11 | 7.2 | CVE-2021-35077 CONFIRM |
qualcomm — ar8035_firmware | Possible null pointer dereference due to lack of WDOG structure validation during registration in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | 2022-02-11 | 7.2 | CVE-2021-35075 CONFIRM |
radare — radare2 | Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. | 2022-02-16 | 7.5 | CVE-2022-0559 MISC CONFIRM |
schneider-electric — interactive_graphical_scada_system_data_collector | A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead to remote code execution through a number of paths, when an attacker, writes arbitrary files to folders in context of the DC module, by sending constructed messages on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior) | 2022-02-11 | 7.5 | CVE-2021-22803 MISC |
schneider-electric — interactive_graphical_scada_system_data_collector | A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a constructed message is received on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior) | 2022-02-11 | 7.5 | CVE-2021-22802 MISC |
snowsoftware — snow_inventory_java_scanner | A vulnerability in Snow Inventory Java Scanner allows an attacker to run malicious code at a higher level of privileges. This issue affects: SNOW Snow Inventory Java Scanner 1.0 | 2022-02-16 | 7.2 | CVE-2021-4106 MISC |
tongda2000 — tongda_oa | Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal/get_seal.php via the DEVICE_LIST parameter. | 2022-02-14 | 7.5 | CVE-2022-24206 MISC |
tongda2000 — tongda_oa | Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via the d_name parameter. | 2022-02-14 | 7.5 | CVE-2022-23902 MISC |
tsg-solutions — tokheim_profleet_dialog | Tokheim Profleet DiaLOG 11.005.02 is affected by SQL Injection. The component is the Field__UserLogin parameter on the logon page. | 2022-02-11 | 10 | CVE-2021-34235 MISC |
Medium Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
10web — spidercalendar | The SpiderCalendar WordPress plugin through 1.5.65 does not sanitise and escape the callback parameter before outputting it back in the page via the window AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue. | 2022-02-14 | 4.3 | CVE-2022-0212 MISC |
apache — cayenne | Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne’s optional Remote Object Persistence (ROP) feature is a web services-based technology that provides object persistence and query functionality to ‘remote’ applications. In Apache Cayenne 4.1 and earlier, running on non-current patch versions of Java, an attacker with client access to Cayenne ROP can transmit a malicious payload to any vulnerable third-party dependency on the server. This can result in arbitrary code execution. | 2022-02-11 | 6.5 | CVE-2022-24289 MISC MLIST |
appneta — tcpreplay | tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c. | 2022-02-11 | 4.3 | CVE-2021-45387 MISC |
appneta — tcpreplay | tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c | 2022-02-11 | 4.3 | CVE-2021-45386 MISC |
drupal — drupal | The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module (which comes with the Standard profile) is installed. | 2022-02-11 | 4 | CVE-2020-13676 CONFIRM |
drupal — drupal | Under some circumstances, the Drupal core JSON:API module does not properly restrict access to certain content, which may result in unintended access bypass. Sites that do not have the JSON:API module enabled are not affected. | 2022-02-11 | 4.3 | CVE-2020-13677 CONFIRM |
drupal — drupal | The QuickEdit module does not properly validate access to routes, which could allow cross-site request forgery under some circumstances and lead to possible data integrity issues. Sites are only affected if the QuickEdit module (which comes with the Standard profile) is installed. Removing the “access in-place editing” permission from untrusted users will not fully mitigate the vulnerability. | 2022-02-11 | 4.3 | CVE-2020-13674 CONFIRM |
drupal — drupal | Cross-site Scripting (XSS) vulnerability in ckeditor of Drupal Core allows attacker to inject XSS. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10.; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6. | 2022-02-11 | 4.3 | CVE-2020-13669 CONFIRM |
fastify — fastify-multipart | This affects the package fastify-multipart before 5.3.1. By providing a name=constructor property it is still possible to crash the application. **Note:** This is a bypass of CVE-2020-8136 (https://security.snyk.io/vuln/SNYK-JS-FASTIFYMULTIPART-1290382). | 2022-02-11 | 5 | CVE-2021-23597 CONFIRM CONFIRM CONFIRM |
ffjpeg_project — ffjpeg | A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 (2021-12-06) in bmp_load(). When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to `pb->pdata` and did not exit the program. So the program crashes when it tries to access the pb->data, in jfif_encode() at jfif.c:763. This is due to the incomplete patch for CVE-2020-13438. | 2022-02-11 | 4.3 | CVE-2021-45385 MISC MISC |
golang — go | Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element. | 2022-02-11 | 6.4 | CVE-2022-23806 MISC |
golang — go | cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags. | 2022-02-11 | 5 | CVE-2022-23773 MISC |
google — android | Unprotected dynamic receiver in Telecom prior to SMR Feb-2022 Release 1 allows untrusted applications to launch arbitrary activity. | 2022-02-11 | 4.6 | CVE-2022-22292 MISC |
google — android | In startVideoStream() there is a possibility of an OOB Read in the heap, when the camera buffer is ‘zero’ in size.Product: AndroidVersions: Android-11Android ID: A-205097028 | 2022-02-11 | 5 | CVE-2021-39677 MISC |
google — android | In onCreate of InstallCaCertificateWarning.java, there is a possible way to mislead an user about CA installation circumstances due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-196969991 | 2022-02-11 | 4.4 | CVE-2021-39669 MISC |
google — android | An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | 2022-02-11 | 4.6 | CVE-2022-23431 MISC |
google — android | An improper input validation in SMC_SRPMB_WSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | 2022-02-11 | 4.6 | CVE-2022-23432 MISC |
google — android | In checkSpsUpdated of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-204077881 | 2022-02-11 | 4.3 | CVE-2021-39665 MISC |
google — android | In code generated by aidl_const_expressions.cpp, there is a possible out of bounds read due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-206718630 | 2022-02-11 | 4.3 | CVE-2021-39671 MISC |
google — chrome | Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0308 MISC MISC |
google — chrome | Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-02-11 | 6.8 | CVE-2021-4100 MISC MISC |
google — chrome | Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 2022-02-11 | 4.3 | CVE-2021-4098 MISC MISC |
google — chrome | Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to incorrectly set origin via a crafted HTML page. | 2022-02-12 | 4.3 | CVE-2022-0111 MISC MISC |
google — chrome | Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 2022-02-12 | 4.3 | CVE-2022-0108 MISC MISC |
google — chrome | Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page. | 2022-02-12 | 4.3 | CVE-2022-0109 MISC MISC |
google — chrome | Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-02-11 | 6.8 | CVE-2021-4099 MISC MISC |
google — chrome | Incorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 2022-02-12 | 4.3 | CVE-2022-0110 MISC MISC |
google — chrome | Use after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0307 MISC MISC |
google — chrome | Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0097 MISC MISC |
google — chrome | Use after free in PDF Accessibility in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0105 MISC MISC |
google — chrome | Use after free in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0106 MISC MISC |
google — chrome | Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0107 MISC MISC |
google — chrome | Use after free in Safe browsing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0289 MISC MISC |
google — chrome | Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0102 MISC MISC |
google — chrome | Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture. | 2022-02-12 | 6.8 | CVE-2022-0101 MISC MISC |
google — chrome | Use after free in Bookmarks in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0304 MISC MISC |
google — chrome | Heap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0100 MISC MISC |
google — chrome | Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture. | 2022-02-12 | 6.8 | CVE-2022-0099 MISC MISC |
google — chrome | Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures. | 2022-02-12 | 6.8 | CVE-2022-0098 MISC MISC |
google — chrome | Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0290 MISC MISC |
google — chrome | Use after free in Web packaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0293 MISC MISC |
google — chrome | Use after free in SwiftShader in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0103 MISC MISC |
google — chrome | Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0096 MISC MISC |
google — chrome | Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0295 MISC MISC |
google — chrome | Use after free in Printing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0296 MISC MISC |
google — chrome | Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-02-11 | 6.8 | CVE-2021-4102 MISC MISC |
google — chrome | Use after free in Vulkan in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0297 MISC MISC |
google — chrome | Use after free in Scheduling in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0298 MISC MISC |
google — chrome | Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-02-11 | 6.8 | CVE-2021-4101 MISC MISC |
google — chrome | Use after free in Text Input Method Editor in Google Chrome on Android prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0300 MISC MISC |
google — chrome | Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0302 MISC MISC |
google — chrome | Heap buffer overflow in ANGLE in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | 6.8 | CVE-2022-0104 MISC MISC |
kde — kate | The LSP (Language Server Protocol) plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. If this binary is absent from the PATH, it will try running the LSP server binary in the directory of the file that was just opened (due to a misunderstanding of the QProcess API, that was never intended). This can be an untrusted directory. | 2022-02-11 | 6.8 | CVE-2022-23853 MISC CONFIRM |
libtiff — libtiff | Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712. | 2022-02-11 | 4.3 | CVE-2022-0561 MISC MISC CONFIRM |
libtiff — libtiff | Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c. | 2022-02-11 | 4.3 | CVE-2022-0562 MISC MISC CONFIRM |
linux — linux_kernel | drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release. | 2022-02-11 | 4.6 | CVE-2022-24958 MISC MISC MISC |
microweber — microweber | Open Redirect in Packagist microweber/microweber prior to 1.2.11. | 2022-02-11 | 5.8 | CVE-2022-0560 CONFIRM MISC |
permalink_manager_lite_project — permalink_manager_lite | The Permalink Manager Lite WordPress plugin before 2.2.15 and Permalink Manager Pro WordPress plugin before 2.2.15 do not sanitise and escape query parameters before outputting them back in the debug page, leading to a Reflected Cross-Site Scripting issue | 2022-02-14 | 4.3 | CVE-2022-0201 CONFIRM MISC |
qualcomm — apq8009w_firmware | Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | 2022-02-11 | 4.6 | CVE-2021-30318 CONFIRM |
qualcomm — apq8096au_firmware | Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 2022-02-11 | 4.6 | CVE-2021-30325 CONFIRM |
qualcomm — apq8096au_firmware | Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 2022-02-11 | 4.6 | CVE-2021-30324 CONFIRM |
qualcomm — ar8035_firmware | Possible assertion due to improper size validation while processing the DownlinkPreemption IE in an RRC Reconfiguration/RRC Setup message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | 2022-02-11 | 5 | CVE-2021-30326 CONFIRM |
qualcomm — mdm9650_firmware | Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | 2022-02-11 | 4.6 | CVE-2021-30309 CONFIRM |
samsung — bixby_vision | Exposure of Sensitive Information vulnerability in Bixby Vision prior to version 3.7.50.6 allows attackers to access internal data of Bixby Vision via unprotected intent. | 2022-02-11 | 5 | CVE-2022-24003 MISC |
samsung — link_sharing | Improper Authorization vulnerability in Link Sharing prior to version 12.4.00.3 allows attackers to open protected activity via PreconditionActivity. | 2022-02-11 | 5 | CVE-2022-24002 MISC |
samsung — reminder | Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08.6000 in Andoid Q(10) allows attackers to register reminders or execute exporeted activities remotely. | 2022-02-11 | 5 | CVE-2022-23433 MISC |
samsung — wear_os | Unprotected component vulnerability in StTheaterModeDurationAlarmReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to disable theater mode without a proper permission. | 2022-02-11 | 4.3 | CVE-2022-23997 MISC |
schneider-electric — interactive_graphical_scada_system_data_collector | A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in denial of service, due to missing length check on user-supplied data from a constructed message received on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21320 and prior) | 2022-02-11 | 5 | CVE-2021-22824 MISC |
schneider-electric — interactive_graphical_scada_system_data_collector | A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21320 and prior) | 2022-02-11 | 5 | CVE-2021-22823 MISC |
schneider-electric — interactive_graphical_scada_system_data_collector | A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior) | 2022-02-11 | 5 | CVE-2021-22805 MISC |
schneider-electric — interactive_graphical_scada_system_data_collector | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause disclosure of arbitrary files being read in the context of the user running IGSS, due to missing validation of user supplied data in network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior) | 2022-02-11 | 5 | CVE-2021-22804 MISC |
schneider-electric — modicon_m218_firmware | A CWE-20: Improper Input Validation vulnerability exists that could cause a Denial of Service when a crafted packet is sent to the controller over network port 1105/TCP. Affected Product: Modicon M218 Logic Controller (V5.1.0.6 and prior) | 2022-02-11 | 5 | CVE-2021-22800 MISC |
updraftplus — updraftplus | The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly validate a user has the required privileges to access a backup’s nonce identifier, which may allow any users with an account on the site (such as subscriber) to download the most recent site & database backup. | 2022-02-17 | 4 | CVE-2022-0633 CONFIRM MISC MISC MISC |
wpbeaveraddons — powerpack_lite_for_beaver_builder | The PowerPack Lite for Beaver Builder WordPress plugin before 1.2.9.3 does not sanitise and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting | 2022-02-14 | 4.3 | CVE-2022-0176 MISC CONFIRM |
wpchill — remove_footer_credit | The Remove Footer Credit WordPress plugin before 1.0.6 does not have CSRF check in place when saving its settings, which could allow attacker to make logged in admins change them and lead to Stored XSS issue as well due to the lack of sanitisation | 2022-02-14 | 6 | CVE-2021-24446 MISC |
yzmcms — yzmcms | YzmCMS v6.3 is affected by Cross Site Request Forgery (CSRF) in /admin.add | 2022-02-15 | 6.8 | CVE-2022-23384 MISC |
Low Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
drupal — drupal | Cross-site Scripting (XSS) vulnerability in Drupal core’s sanitization API fails to properly filter cross-site scripting under certain circumstances. This issue affects: Drupal Core 9.1.x versions prior to 9.1.7; 9.0.x versions prior to 9.0.12; 8.9.x versions prior to 8.9.14; 7.x versions prior to 7.80. | 2022-02-11 | 2.6 | CVE-2020-13672 CONFIRM |
factorfx — ocs_inventory | OCS Inventory 2.9.1 is affected by Cross Site Scripting (XSS). To exploit the vulnerability, the attacker needs to manipulate the name of some device on your computer, such as a printer, replacing the device name with some malicious code that allows the execution of Stored Cross-site Scripting (XSS). | 2022-02-11 | 3.5 | CVE-2021-46355 MISC MISC |
google — android | PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent. | 2022-02-11 | 3.6 | CVE-2022-23427 MISC |
google — android | Logging of excessive data vulnerability in telephony prior to SMR Feb-2022 Release 1 allows privileged attackers to get Cell Location Information through log of user device. | 2022-02-11 | 2.1 | CVE-2022-22291 MISC |
google — android | In TBD of TBD, there is a possible out of bounds read due to TBD. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-206039140References: N/A | 2022-02-11 | 2.1 | CVE-2021-39688 MISC |
google — android | In HandleTransactionIoEvent of actuator_driver.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204421047References: N/A | 2022-02-11 | 2.1 | CVE-2021-39687 MISC |
google — android | In extract of MediaMetricsItem.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-204445255 | 2022-02-11 | 2.1 | CVE-2021-39666 MISC |
google — android | In clear_data_dlg_text of strings.xml, there is a possible situation when “Clear storage” functionality sets up the wrong security/privacy expectations due to a misleading message. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-193890833 | 2022-02-11 | 2.1 | CVE-2021-39631 MISC |
google — android | In isServiceDistractionOptimized of CarPackageManagerService.java, there is a possible disclosure of installed packages due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-180418334 | 2022-02-11 | 2.1 | CVE-2021-0524 MISC |
google — android | A vulnerability using PendingIntent in DeX Home and DeX for PC prior to SMR Feb-2022 Release 1 allows attackers to access files with system privilege. | 2022-02-11 | 3.6 | CVE-2022-23426 MISC |
google — android | An improper boundary check in audio hal service prior to SMR Feb-2022 Release 1 allows attackers to read invalid memory and it leads to application crash. | 2022-02-11 | 3.6 | CVE-2022-23429 MISC |
google — android | In LoadedPackage::Load of LoadedArsc.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure when parsing an APK file with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-203938029 | 2022-02-11 | 1.9 | CVE-2021-39664 MISC |
linux — linux_kernel | An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c. | 2022-02-11 | 2.1 | CVE-2022-24959 MISC MISC |
najeebmedia — ppom_for_woocommerce | The PPOM for WooCommerce WordPress plugin before 24.0 does not have authorisation and CSRF checks in the ppom_settings_panel_action AJAX action, allowing any authenticated to call it and set arbitrary settings. Furthermore, due to the lack of sanitisation and escaping, it could lead to Stored XSS issues | 2022-02-14 | 3.5 | CVE-2021-25018 MISC |
projeqtor — projeqtor | A Cross Site Scripting (XSS) vulnerability exists in Projeqtor 9.3.1 via /projeqtor/tool/saveAttachment.php, which allows an attacker to upload a SVG file containing malicious JavaScript code. | 2022-02-11 | 3.5 | CVE-2021-42940 MISC MISC |
s-cart — s-cart | A Directory Traversal vulnerability exists in S-Cart 6.7 via download in sc-admin/backup. | 2022-02-11 | 2.1 | CVE-2021-44111 MISC |
samsung — bixby | A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S(12), 3.7.50.6 in Andorid R(11) and below allows attackers to execute privileged action by hijacking and modifying the intent. | 2022-02-11 | 2.1 | CVE-2022-23434 MISC |
tcman — gim | The m_txtNom y m_txtCognoms parameters in TCMAN GIM v8.01 allow an attacker to perform persistent XSS attacks. This vulnerability could be used to carry out a number of browser-based attacks including browser hijacking or theft of sensitive data. | 2022-02-11 | 3.5 | CVE-2021-4046 CONFIRM |
themify — portfolio_post | Themify Portfolio Post WordPress plugin before 1.1.7 does not sanitise and escape the num_of_pages parameter before outputting it back the response of the themify_create_popup_page_pagination AJAX action (available to any authenticated user), leading to a Reflected Cross-Site Scripting | 2022-02-14 | 3.5 | CVE-2022-0200 MISC |
vicidial — vicidial | Vicidial 2.14-783a was discovered to contain a cross-site scripting (XSS) vulnerability via the input tabs. | 2022-02-15 | 3.5 | CVE-2021-46557 MISC |
wp_photo_album_plus_project — wp_photo_album_plus | The WP Photo Album Plus WordPress plugin before 8.0.10 was vulnerable to Stored Cross-Site Scripting (XSS). Error log content was handled improperly, therefore any user, even unauthenticated, could cause arbitrary javascript to be executed in the admin panel. | 2022-02-14 | 3.5 | CVE-2021-25115 CONFIRM MISC |
wpchill — remove_footer_credit | The Remove Footer Credit WordPress plugin before 1.0.11 does properly sanitise its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed. | 2022-02-14 | 3.5 | CVE-2021-25050 CONFIRM MISC |
Severity Not Yet Assigned
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
389-ds-base — 389-ds-base |
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash. | 2022-02-18 | not yet calculated | CVE-2021-4091 MISC |
ad_invalid_click_protector — ad_invalid_click_protector |
The Ad Invalid Click Protector (AICP) WordPress plugin before 1.2.6 is affected by a SQL Injection in the id parameter of the delete action. | 2022-02-14 | not yet calculated | CVE-2022-0190 MISC |
adobe — after_effects |
Adobe After Effects versions 22.1.1 (and earlier) and 18.4.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-02-16 | not yet calculated | CVE-2022-23200 MISC MISC |
adobe — commerce |
Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution. | 2022-02-16 | not yet calculated | CVE-2022-24086 MISC |
adobe — creative_cloud_desktop |
Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must download a malicious DLL file. The attacker has to deliver the DLL on the same folder as the installer which makes it as a high complexity attack vector. | 2022-02-16 | not yet calculated | CVE-2022-23202 MISC |
adobe — illustrator | Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-02-16 | not yet calculated | CVE-2022-23199 MISC |
adobe — illustrator | Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-02-16 | not yet calculated | CVE-2022-23198 MISC |
adobe — illustrator | Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-02-16 | not yet calculated | CVE-2022-23197 MISC |
adobe — illustrator | Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-02-16 | not yet calculated | CVE-2022-23196 MISC |
adobe — illustrator | Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-02-16 | not yet calculated | CVE-2022-23195 MISC |
adobe — illustrator | Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-02-16 | not yet calculated | CVE-2022-23194 MISC |
adobe — illustrator | Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-02-16 | not yet calculated | CVE-2022-23193 MISC |
adobe — illustrator | Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-02-16 | not yet calculated | CVE-2022-23192 MISC |
adobe — illustrator | Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-02-16 | not yet calculated | CVE-2022-23191 MISC |
adobe — illustrator | Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-02-16 | not yet calculated | CVE-2022-23190 MISC |
adobe — illustrator | Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-02-16 | not yet calculated | CVE-2022-23189 MISC |
adobe — illustrator | Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a buffer overflow vulnerability due to insecure handling of a crafted malicious file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted malicious file in Illustrator. | 2022-02-16 | not yet calculated | CVE-2022-23188 MISC |
adobe — illustrator |
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-02-16 | not yet calculated | CVE-2022-23186 MISC |
adobe — photoshop |
Adobe Photoshop versions 22.5.4 (and earlier) and 23.1 (and earlier) are affected by a buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in Photoshop. | 2022-02-16 | not yet calculated | CVE-2022-23203 MISC |
adobe — premiere_rush |
Adobe Premiere Rush versions 2.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-02-16 | not yet calculated | CVE-2022-23204 MISC |
airspan_networks — mimosa_devices | This vulnerability could allow an attacker to force the server to create and execute a web request granting access to backend APIs that are only accessible to the Mimosa MMP server, or request pages that could perform some actions themselves. The attacker could force the server into accessing routes on those cloud-hosting platforms, accessing secret keys, changing configurations, etc. Affecting MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1. | 2022-02-18 | not yet calculated | CVE-2022-21215 MISC |
airspan_networks — mimosa_devices | MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not perform proper authorization and authentication checks on multiple API routes. An attacker may gain access to these API routes and achieve remote code execution, create a denial-of-service condition, and obtain sensitive information. | 2022-02-18 | not yet calculated | CVE-2022-21196 MISC |
airspan_networks — mimosa_devices | MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not properly sanitize user input, which may allow an attacker to perform a SQL injection and obtain sensitive information. | 2022-02-18 | not yet calculated | CVE-2022-21176 MISC |
airspan_networks — mimosa_devices | MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not properly sanitize user input on several locations, which may allow an attacker to inject arbitrary commands. | 2022-02-18 | not yet calculated | CVE-2022-21143 MISC |
airspan_networks — mimosa_devices | MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not perform proper authorization checks on multiple API functions. An attacker may gain access to these functions and achieve remote code execution, create a denial-of-service condition, and obtain sensitive information. | 2022-02-18 | not yet calculated | CVE-2022-21141 MISC |
airspan_networks — mimosa_devices |
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 uses the MD5 algorithm to hash the passwords before storing them but does not salt the hash. As a result, attackers may be able to crack the hashed passwords. | 2022-02-18 | not yet calculated | CVE-2022-21800 MISC |
airspan_networks — mimosa_products |
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 has a deserialization function that does not validate or check the data, allowing arbitrary classes to be created. | 2022-02-18 | not yet calculated | CVE-2022-0138 MISC |
antd-admin — antd-admin |
antd-admin 5.5.0 is affected by an incorrect access control vulnerability. Unauthorized access to some interfaces in the foreground leads to leakage of sensitive information. | 2022-02-14 | not yet calculated | CVE-2021-46371 MISC |
argocd — argocd |
A flaw was found in argocd. Any unprivileged user is able to deploy argocd in their namespace and with the created ServiceAccount argocd-argocd-server, the unprivileged user is able to read all resources of the cluster including all secrets which might enable privilege escalations. The highest threat from this vulnerability is to data confidentiality. | 2022-02-16 | not yet calculated | CVE-2021-3557 MISC |
artifex — mujs |
Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements. | 2022-02-14 | not yet calculated | CVE-2021-45005 MISC MISC |
asus — cmax6000 |
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from ASUS CMAX6000 v1.02.00. | 2022-02-17 | not yet calculated | CVE-2021-46247 MISC |
atheme — irc_services |
Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence. | 2022-02-14 | not yet calculated | CVE-2022-24976 MISC MISC MISC |
atlassian — confluence_server_and_data_center |
Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Confluence installer. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3. | 2022-02-15 | not yet calculated | CVE-2021-43940 MISC |
atlassian — jira_server_and_data_center | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify several resources (including CsvFieldMappingsPage.jspa and ImporterValueMappingsPage.jspa) via a Cross-Site Request Forgery (CSRF) vulnerability in the jira-importers-plugin. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3. | 2022-02-15 | not yet calculated | CVE-2021-43941 MISC |
atlassian — jira_server_and_data_center | Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view the names of private objects via an Improper Authorization vulnerability in the “Move objects” feature. The affected versions are before version 4.21.0. | 2022-02-15 | not yet calculated | CVE-2021-43948 MISC |
atlassian — jira_server_and_data_center | Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to toggle the Thread Contention and CPU monitoring settings via a Cross-Site Request Forgery (CSRF) vulnerability in the /secure/admin/ViewInstrumentation.jspa endpoint. The affected versions are before version 8.21.0. | 2022-02-15 | not yet calculated | CVE-2021-43953 MISC |
atlassian — jira_server_and_data_center |
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to restore the default configuration of fields via a Cross-Site Request Forgery (CSRF) vulnerability in the /secure/admin/RestoreDefaults.jspa endpoint. The affected versions are before version 8.21.0. | 2022-02-15 | not yet calculated | CVE-2021-43952 MISC |
atlassian — jira_server_and_data_center |
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view import source configuration information via a Broken Access Control vulnerability in the Insight Import Source feature. The affected versions are before version 4.21.0. | 2022-02-15 | not yet calculated | CVE-2021-43950 N/A |
awful-salmonella-tar — awful-salmonella-tar |
A ..%2F path traversal vulnerability exists in the path handler of awful-salmonella-tar before 0.0.4. Attackers can only list directories (not read files). This occurs because the safe-path? Scheme predicate is not used for directories. | 2022-02-18 | not yet calculated | CVE-2022-25358 MISC MISC |
axis_ip_utility — axis_ip_utility |
AXIS IP Utility prior to 4.17.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be placed in the same folder. | 2022-02-14 | not yet calculated | CVE-2022-23410 MISC |
backdropcms — backdropcms |
A stored cross-site scripting (XSS) vulnerability in the Add Link function of BackdropCMS v1.21.1 allows attackers to execute arbitrary web scripts or HTML. | 2022-02-15 | not yet calculated | CVE-2022-24590 MISC MISC |
baicloud-cms — baicloud-cms |
BaiCloud-cms v2.5.7 was discovered to contain multiple SQL injection vulnerabilities via the tongji and baidu_map parameters in /user/ztconfig.php. | 2022-02-19 | not yet calculated | CVE-2021-44302 MISC |
bbs_forum — bbs_forum |
An issue in the getType function of BBS Forum v5.3 and below allows attackers to upload arbitrary files. | 2022-02-14 | not yet calculated | CVE-2022-23390 MISC |
bd — viper_lt_system |
BD Viper LT system, versions 2.0 and later, contains hardcoded credentials. If exploited, threat actors may be able to access, modify or delete sensitive information, including electronic protected health information (ePHI), protected health information (PHI) and personally identifiable information (PII). BD Viper LT system versions 4.0 and later utilize Microsoft Windows 10 and have additional Operating System hardening configurations which increase the attack complexity required to exploit this vulnerability. | 2022-02-12 | not yet calculated | CVE-2022-22765 CONFIRM |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15508. | 2022-02-18 | not yet calculated | CVE-2021-46636 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15507. | 2022-02-18 | not yet calculated | CVE-2021-46635 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15408. | 2022-02-18 | not yet calculated | CVE-2021-46614 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15509. | 2022-02-18 | not yet calculated | CVE-2021-46637 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15510. | 2022-02-18 | not yet calculated | CVE-2021-46638 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15416. | 2022-02-18 | not yet calculated | CVE-2021-46622 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JT files. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15415. | 2022-02-18 | not yet calculated | CVE-2021-46621 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15414. | 2022-02-18 | not yet calculated | CVE-2021-46620 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15413. | 2022-02-18 | not yet calculated | CVE-2021-46619 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15368. | 2022-02-18 | not yet calculated | CVE-2021-46574 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15380. | 2022-02-18 | not yet calculated | CVE-2021-46586 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15464. | 2022-02-18 | not yet calculated | CVE-2021-46634 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15463. | 2022-02-18 | not yet calculated | CVE-2021-46633 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15382. | 2022-02-18 | not yet calculated | CVE-2021-46588 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15369. | 2022-02-18 | not yet calculated | CVE-2021-46575 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15381. | 2022-02-18 | not yet calculated | CVE-2021-46587 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15532. | 2022-02-18 | not yet calculated | CVE-2021-46646 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15370. | 2022-02-18 | not yet calculated | CVE-2021-46576 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15371. | 2022-02-18 | not yet calculated | CVE-2021-46577 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15372. | 2022-02-18 | not yet calculated | CVE-2021-46578 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15373. | 2022-02-18 | not yet calculated | CVE-2021-46579 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15379. | 2022-02-18 | not yet calculated | CVE-2021-46585 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15378. | 2022-02-18 | not yet calculated | CVE-2021-46584 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15374. | 2022-02-18 | not yet calculated | CVE-2021-46580 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15376. | 2022-02-18 | not yet calculated | CVE-2021-46582 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PNG images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15412. | 2022-02-18 | not yet calculated | CVE-2021-46618 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF images. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15411. | 2022-02-18 | not yet calculated | CVE-2021-46617 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15410. | 2022-02-18 | not yet calculated | CVE-2021-46616 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15400. | 2022-02-18 | not yet calculated | CVE-2021-46606 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15394. | 2022-02-18 | not yet calculated | CVE-2021-46600 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15395. | 2022-02-18 | not yet calculated | CVE-2021-46601 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15396. | 2022-02-18 | not yet calculated | CVE-2021-46602 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15397. | 2022-02-18 | not yet calculated | CVE-2021-46603 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PNG images. Crafted data in a PNG image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15398. | 2022-02-18 | not yet calculated | CVE-2021-46604 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15399. | 2022-02-18 | not yet calculated | CVE-2021-46605 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15401. | 2022-02-18 | not yet calculated | CVE-2021-46607 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15393. | 2022-02-18 | not yet calculated | CVE-2021-46599 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15402. | 2022-02-18 | not yet calculated | CVE-2021-46608 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15403. | 2022-02-18 | not yet calculated | CVE-2021-46609 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15404. | 2022-02-18 | not yet calculated | CVE-2021-46610 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15405. | 2022-02-18 | not yet calculated | CVE-2021-46611 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15406. | 2022-02-18 | not yet calculated | CVE-2021-46612 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15407. | 2022-02-18 | not yet calculated | CVE-2021-46613 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15533. | 2022-02-18 | not yet calculated | CVE-2021-46647 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15534. | 2022-02-18 | not yet calculated | CVE-2021-46648 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15375. | 2022-02-18 | not yet calculated | CVE-2021-46581 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15536. | 2022-02-18 | not yet calculated | CVE-2021-46650 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15385. | 2022-02-18 | not yet calculated | CVE-2021-46591 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15530. | 2022-02-18 | not yet calculated | CVE-2021-46644 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. Crafted data in a BMP image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15531. | 2022-02-18 | not yet calculated | CVE-2021-46645 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15409. | 2022-02-18 | not yet calculated | CVE-2021-46615 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15391. | 2022-02-18 | not yet calculated | CVE-2021-46597 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15383. | 2022-02-18 | not yet calculated | CVE-2021-46589 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15390. | 2022-02-18 | not yet calculated | CVE-2021-46596 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15389. | 2022-02-18 | not yet calculated | CVE-2021-46595 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15388. | 2022-02-18 | not yet calculated | CVE-2021-46594 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15535. | 2022-02-18 | not yet calculated | CVE-2021-46649 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15392. | 2022-02-18 | not yet calculated | CVE-2021-46598 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15387. | 2022-02-18 | not yet calculated | CVE-2021-46593 MISC MISC |
bentley — microstation_connect | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15384. | 2022-02-18 | not yet calculated | CVE-2021-46590 MISC MISC |
bentley — microstation_connect |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15511. | 2022-02-18 | not yet calculated | CVE-2021-46639 MISC MISC |
bentley — microstation_connect |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14987. | 2022-02-18 | not yet calculated | CVE-2021-46562 MISC MISC |
bentley — microstation_connect |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15367. | 2022-02-18 | not yet calculated | CVE-2021-46573 MISC MISC |
bentley — microstation_connect |
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15537. | 2022-02-18 | not yet calculated | CVE-2021-46651 MISC MISC |
bentley — microstation_connect |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15028. | 2022-02-18 | not yet calculated | CVE-2021-46567 MISC MISC |
bentley — microstation_connect |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15027. | 2022-02-18 | not yet calculated | CVE-2021-46566 MISC MISC |
bentley — microstation_connect |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15024. | 2022-02-18 | not yet calculated | CVE-2021-46565 MISC MISC |
bentley — microstation_connect |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15023. | 2022-02-18 | not yet calculated | CVE-2021-46564 MISC MISC |
bentley — microstation_connect |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15366. | 2022-02-18 | not yet calculated | CVE-2021-46572 MISC MISC |
bentley — microstation_connect |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14990. | 2022-02-18 | not yet calculated | CVE-2021-46563 MISC MISC |
bentley — microstation_connect |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15030. | 2022-02-18 | not yet calculated | CVE-2021-46568 MISC MISC |
bentley — microstation_connect |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15031. | 2022-02-18 | not yet calculated | CVE-2021-46569 MISC MISC |
bentley — microstation_connect |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15377. | 2022-02-18 | not yet calculated | CVE-2021-46583 MISC MISC |
bentley — microstation_connect |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15386. | 2022-02-18 | not yet calculated | CVE-2021-46592 MISC MISC |
bentley — view | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15630. | 2022-02-18 | not yet calculated | CVE-2021-46655 MISC MISC |
bentley — view | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15458. | 2022-02-18 | not yet calculated | CVE-2021-46628 MISC MISC |
bentley — view | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15457. | 2022-02-18 | not yet calculated | CVE-2021-46627 MISC MISC |
bentley — view | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15456. | 2022-02-18 | not yet calculated | CVE-2021-46626 MISC MISC |
bentley — view | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JT files. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15455. | 2022-02-18 | not yet calculated | CVE-2021-46625 MISC MISC |
bentley — view | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15453. | 2022-02-18 | not yet calculated | CVE-2021-46623 MISC MISC |
bentley — view | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15538. | 2022-02-18 | not yet calculated | CVE-2021-46652 MISC MISC |
bentley — view | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15539. | 2022-02-18 | not yet calculated | CVE-2021-46653 MISC MISC |
bentley — view | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15540. | 2022-02-18 | not yet calculated | CVE-2021-46654 MISC MISC |
bentley — view |
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15364. | 2022-02-18 | not yet calculated | CVE-2021-46570 MISC MISC |
bentley — view |
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15514. | 2022-02-18 | not yet calculated | CVE-2021-46642 MISC MISC |
bentley — view |
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15460. | 2022-02-18 | not yet calculated | CVE-2021-46630 MISC MISC |
bentley — view |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN file. Crafted data in a DNG file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15513. | 2022-02-18 | not yet calculated | CVE-2021-46641 MISC MISC |
bentley — view |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15512. | 2022-02-18 | not yet calculated | CVE-2021-46640 MISC MISC |
bentley — view |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15515. | 2022-02-18 | not yet calculated | CVE-2021-46643 MISC MISC |
bentley — view |
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15454. | 2022-02-18 | not yet calculated | CVE-2021-46624 MISC MISC |
bentley — view |
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15462. | 2022-02-18 | not yet calculated | CVE-2021-46632 MISC MISC |
bentley — view |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF images. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15461. | 2022-02-18 | not yet calculated | CVE-2021-46631 MISC MISC |
bentley — view |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15365. | 2022-02-18 | not yet calculated | CVE-2021-46571 MISC MISC |
bentley — view |
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15459. | 2022-02-18 | not yet calculated | CVE-2021-46629 MISC MISC |
bentley — view |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15631. | 2022-02-18 | not yet calculated | CVE-2021-46656 MISC MISC |
bigfileagent — bigfileagent |
An path traversal vulnerability leading to delete arbitrary files was discovered in BigFileAgent. Remote attackers can use this vulnerability to delete arbitrary files of unspecified number of users. | 2022-02-18 | not yet calculated | CVE-2021-26619 MISC |
binisoft — windows_firewall_control |
In Malwarebytes Binisoft Windows Firewall Control before 6.8.1.0, programs executed from the Tools tab can be used to escalate privileges. | 2022-02-14 | not yet calculated | CVE-2022-25150 MISC MISC |
bitdefender — antivirus_plus |
A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 24.0.26.136. Bitdefender Internet Security versions prior to 24.0.26.136. Bitdefender Total Security versions prior to 24.0.26.136. | 2022-02-18 | not yet calculated | CVE-2020-8107 MISC |
bmc — track-it! |
This vulnerability allows remote attackers to bypass authentication on affected installations of BMC Track-It! 20.21.01.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-14618. | 2022-02-18 | not yet calculated | CVE-2022-24047 MISC MISC |
boltwire — boltwire |
A cross-site scripting (XSS) vulnerability in BoltWire v7.10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the name and lastname parameters. | 2022-02-15 | not yet calculated | CVE-2022-24227 MISC MISC |
bookwyrm-social — bookwyrm |
BookWyrm is a decentralized social network for tracking reading habits and reviewing books. The functionality to load a cover via url is vulnerable to a server-side request forgery attack. Any BookWyrm instance running a version prior to v0.3.0 is susceptible to attack from a logged-in user. The problem has been patched and administrators should upgrade to version 0.3.0 As a workaround, BookWyrm instances can close registration and limit members to trusted individuals. | 2022-02-16 | not yet calculated | CVE-2022-23644 CONFIRM |
burden — burden |
Burden v3.0 was discovered to contain a stored cross-site scripting (XSS) in the Add Category function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the task parameter. | 2022-02-15 | not yet calculated | CVE-2022-24589 MISC MISC |
centos — stream |
A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the “Application menu” or “Window list” GNOME extensions are enabled. This flaw allows a physical attacker who has access to a locked system to kill existing applications and start new ones as the locked user, even if the session is still locked. | 2022-02-18 | not yet calculated | CVE-2021-20315 MISC |
cerebrate — cerebrate |
An issue was discovered in Cerebrate through 1.4. An incorrect sharing group ACL allowed an unprivileged user to edit and modify sharing groups. | 2022-02-18 | not yet calculated | CVE-2022-25318 MISC |
cerebrate — cerebrate |
An issue was discovered in Cerebrate through 1.4. genericForm allows reflected XSS in form descriptions via a user-controlled description. | 2022-02-18 | not yet calculated | CVE-2022-25317 MISC |
cerebrate — cerebrate |
An issue was discovered in Cerebrate through 1.4. XSS could occur in the bookmarks component. | 2022-02-18 | not yet calculated | CVE-2022-25321 MISC MISC |
cerebrate — cerebrate |
An issue was discovered in Cerebrate through 1.4. Endpoints could be open even when not enabled. | 2022-02-18 | not yet calculated | CVE-2022-25319 MISC |
cerebrate — cerebrate |
An issue was discovered in Cerebrate through 1.4. Username enumeration could occur. | 2022-02-18 | not yet calculated | CVE-2022-25320 MISC |
cesanta — mongoose |
This affects the package cesanta/mongoose before 7.6. The unsafe handling of file names during upload using mg_http_upload() method may enable attackers to write files to arbitrary locations outside the designated target folder. | 2022-02-18 | not yet calculated | CVE-2022-25299 CONFIRM CONFIRM |
cisco — email_security_appliance |
A vulnerability in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling in DNS name resolution by the affected software. An attacker could exploit this vulnerability by sending specially formatted email messages that are processed by an affected device. A successful exploit could allow the attacker to cause the device to become unreachable from management interfaces or to process additional email messages for a period of time until the device recovers, resulting in a DoS condition. Continued attacks could cause the device to become completely unavailable, resulting in a persistent DoS condition. | 2022-02-17 | not yet calculated | CVE-2022-20653 CISCO |
cisco — multiple_products |
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. | 2022-02-17 | not yet calculated | CVE-2022-20659 CISCO |
cisco — redundancy_configuration_manager |
A vulnerability in the checkpoint manager implementation of Cisco Redundancy Configuration Manager (RCM) for Cisco StarOS Software could allow an unauthenticated, remote attacker to cause the checkpoint manager process to restart upon receipt of malformed TCP data. This vulnerability is due to improper input validation of an ingress TCP packet. An attacker could exploit this vulnerability by sending crafted TCP data to the affected application. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to the checkpoint manager process restarting. | 2022-02-17 | not yet calculated | CVE-2022-20750 CISCO |
cmp — cmp |
The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout. | 2022-02-14 | not yet calculated | CVE-2022-0188 CONFIRM MISC |
cobaltstrike — cobaltstrike |
CobaltStrike <=4.5 HTTP(S) listener does not determine whether the request URL begins with “/”, and attackers can obtain relevant information by specifying the URL. | 2022-02-15 | not yet calculated | CVE-2022-23317 MISC |
cobbler — cobbler |
An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the “#from MODULE import” substring. (Only lines beginning with #import are blocked.) | 2022-02-19 | not yet calculated | CVE-2021-45082 MISC MISC |
codereview — qt-project |
In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH. | 2022-02-16 | not yet calculated | CVE-2022-25255 MISC MISC MISC MISC MISC |
commscope — surfbooard |
CommScope SURFboard SBG6950AC2 9.1.103AA23 devices allow Command Injection. | 2022-02-15 | not yet calculated | CVE-2021-41552 MISC MISC |
compass_plus — tranzware_online_fimi_web_interface_transware_online |
A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online (TWO) 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the request to be sent to a completely different Domain/IP address. This is due to that the server implicitly trusts the Host header, and fails to validate or escape it properly. An attacker can use this input to redirect target users to a malicious domain/web page. This would result in expanding the potential to further attacks and malicious actions. | 2022-02-14 | not yet calculated | CVE-2021-43106 MISC |
complianz — complianz |
The Complianz WordPress plugin before 6.0.0 does not escape the s parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting | 2022-02-14 | not yet calculated | CVE-2022-0193 MISC CONFIRM |
corda — corda |
In Corda before 4.1, the meaning of serialized data can be modified via an attacker-controlled CustomSerializer. | 2022-02-14 | not yet calculated | CVE-2019-25057 MISC |
core_ftp — core_ftp |
Core FTP / SFTP Server v2 Build 725 was discovered to allow unauthenticated attackers to cause a Denial of Service (DoS) via a crafted packet through the SSH service. | 2022-02-17 | not yet calculated | CVE-2022-22899 MISC MISC MISC |
crossbeam-rs — crossbeam |
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of `{i,u}64` was always the same as `Atomic{I,U}64`. However, the alignment of `{i,u}64` on a 32-bit target can be smaller than `Atomic{I,U}64`. This can cause unaligned memory accesses and data race. Crates using `fetch_*` methods with `AtomicCell<{i,u}64>` are affected by this issue. 32-bit targets without `Atomic{I,U}64` and 64-bit targets are not affected by this issue. This has been fixed in crossbeam-utils 0.8.7. There are currently no known workarounds. | 2022-02-15 | not yet calculated | CVE-2022-23639 MISC CONFIRM MISC |
crypt_gpg — crypt_gpg |
The Crypt_GPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions. | 2022-02-17 | not yet calculated | CVE-2022-24953 CONFIRM MISC |
cryptomator — cryptomator |
Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and com.apple.security.cs.allow-dyld-environment-variables entitlements. An attacker can exploit this by creating a malicious .dylib file that can be executed via the DYLD_INSERT_LIBRARIES environment variable. | 2022-02-19 | not yet calculated | CVE-2022-25366 MISC MISC |
custom_popup_builder — custom_popup_builder |
The Popup | Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog | 2022-02-14 | not yet calculated | CVE-2022-0214 MISC |
d-link — routers | Remote Code Execution (RCE) vulnerability exists in D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin. Malicious users can use this vulnerability to use “\ ” or backticks to bypass the shell metacharacters in the ssid0 or ssid1 parameters to execute arbitrary commands.This vulnerability is due to the fact that CVE-2019-17509 is not fully patched and can be bypassed by using line breaks or backticks on its basis. | 2022-02-17 | not yet calculated | CVE-2021-46319 MISC MISC |
d-link — routers | Remote Command Execution (RCE) vulnerability exists in HNAP1/control/SetWizardConfig.php in D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin. Malicoius users can use this vulnerability to use “\ ” or backticks in the shell metacharacters in the ssid0 or ssid1 parameters to cause arbitrary command execution. Since CVE-2019-17510 vulnerability has not been patched and improved www/hnap1/control/setwizardconfig.php, can also use line breaks and backquotes to bypass. | 2022-02-17 | not yet calculated | CVE-2021-46315 MISC MISC |
d-link — routers |
A Remote Command Execution (RCE) vulnerability exists in HNAP1/control/SetNetworkTomographySettings.php of D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin because backticks can be used for command injection when judging whether it is a reasonable domain name. | 2022-02-17 | not yet calculated | CVE-2021-46314 MISC MISC |
d-link — routers |
D-Link DSL-2730E CT-20131125 devices allow XSS via the username parameter to the password page in the maintenance configuration. | 2022-02-18 | not yet calculated | CVE-2021-46108 MISC MISC |
d-link — routers |
A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life (“EOL”) /End of Service Life (“EOS”) Life-Cycle and as such this issue will not be patched. | 2022-02-17 | not yet calculated | CVE-2021-45382 MISC MISC |
dart_sdk — dart_sdk |
Dart SDK contains the HTTPClient in dart:io library whcih includes authorization headers when handling cross origin redirects. These headers may be explicitly set and contain sensitive information. By default, HttpClient handles redirection logic. If a request is sent to example.com with authorization header and it redirects to an attackers site, they might not expect attacker site to receive authorization header. We recommend updating the Dart SDK to version 2.16.0 or beyond. | 2022-02-18 | not yet calculated | CVE-2022-0451 MISC MISC |
debian — debian-edu-config |
It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares (~/public_html), which could result in privilege escalation. | 2022-02-11 | not yet calculated | CVE-2021-20001 MISC MLIST MLIST DEBIAN |
dedecms — dedecms |
DedeCMS v5.7.87 was discovered to contain a SQL injection vulnerability in article_coonepage_rule.php via the ids parameter. | 2022-02-14 | not yet calculated | CVE-2022-23337 MISC |
discourse — discourse |
Discourse is an open source discussion platform. In versions prior to 2.8.1 in the `stable` branch, 2.9.0.beta2 in the `beta` branch, and 2.9.0.beta2 in the `tests-passed` branch, users can trigger a Denial of Service attack by posting a streaming URL. Parsing Oneboxes in the background job trigger an infinite loop, which cause memory leaks. This issue is patched in version 2.8.1 of the `stable` branch, 2.9.0.beta2 of the `beta` branch, and 2.9.0.beta2 of the `tests-passed` branch. As a workaround, disable onebox in admin panel completely or specify allow list of domains that will be oneboxed. | 2022-02-15 | not yet calculated | CVE-2022-23641 MISC CONFIRM MISC |
docker — dekstop |
Docker Desktop before 4.5.1 on Windows allows attackers to move arbitrary files. NOTE: this issue exists because of an incomplete fix for CVE-2022-23774. | 2022-02-19 | not yet calculated | CVE-2022-25365 MISC |
drupal — core |
Drupal core’s form API has a vulnerability where certain contributed or custom modules’ forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data. | 2022-02-16 | not yet calculated | CVE-2022-25271 CONFIRM |
drupal — quick_edit |
The Quick Edit module does not properly check entity access in some circumstances. This could result in users with the “access in-place editing” permission viewing some content they are are not authorized to access. Sites are only affected if the QuickEdit module (which comes with the Standard profile) is installed. | 2022-02-17 | not yet calculated | CVE-2022-25270 CONFIRM |
duck — duck |
duck before 0.10 did not properly handle loading of untrusted code from the current directory. | 2022-02-19 | not yet calculated | CVE-2016-1239 MISC |
duxcms — duxcms |
DuxCMS v3.1.3 was discovered to contain a SQL injection vulnerability via the component s/tools/SendTpl/index?keyword=. | 2022-02-16 | not yet calculated | CVE-2021-3242 MISC MISC |
easycms — easycms |
EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In the background, search terms provided by the user were not sanitized and were used directly to construct a SQL statement. | 2022-02-16 | not yet calculated | CVE-2022-23358 MISC |
emerson — dixell_xweb-500_products | ** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the files in the remote directories. Note: the product has not been supported since 2018 and should be removed or replaced. | 2022-02-14 | not yet calculated | CVE-2021-45421 MISC MISC MISC |
emerson — dixell_xweb-500_products |
** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note: the product has not been supported since 2018 and should be removed or replaced. | 2022-02-14 | not yet calculated | CVE-2021-45420 MISC MISC MISC |
enterprisedt — completeftp |
CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code Execution by leveraging a Windows user account that has SSH access. The exec command is always run as SYSTEM. | 2022-02-14 | not yet calculated | CVE-2019-16864 MISC MISC |
expat — expat | xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. | 2022-02-16 | not yet calculated | CVE-2022-25235 MISC MLIST |
expat — expat |
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. | 2022-02-18 | not yet calculated | CVE-2022-25313 MISC MLIST |
expat — expat |
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. | 2022-02-18 | not yet calculated | CVE-2022-25314 MISC MLIST |
expat — expat |
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. | 2022-02-18 | not yet calculated | CVE-2022-25315 MISC MLIST |
expat — expat |
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. | 2022-02-16 | not yet calculated | CVE-2022-25236 MISC MLIST |
expressionengine — expressionengine |
Unsanitized user input in ExpressionEngine <= 5.4.0 control panel member creation leads to an SQL injection. The user needs member creation/admin control panel access to execute the attack. | 2022-02-18 | not yet calculated | CVE-2020-8242 MISC |
fancy_product_designer — fancy_product_designer |
The Fancy Product Designer WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the ID parameter found in the ~/inc/api/class-view.php file which allows attackers with administrative level permissions to inject arbitrary SQL queries to obtain sensitive information, in versions up to and including 4.7.4. | 2022-02-16 | not yet calculated | CVE-2021-4134 MISC MISC |
filecloud — filecloud |
In FileCloud before 21.3, file upload is not protected against Cross-Site Request Forgery (CSRF). | 2022-02-16 | not yet calculated | CVE-2022-25242 MISC MISC |
filecloud — filecloud |
In FileCloud before 21.3, the CSV user import functionality is vulnerable to Cross-Site Request Forgery (CSRF). | 2022-02-16 | not yet calculated | CVE-2022-25241 MISC MISC |
flatpress — flatpress |
Flatpress v1.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability in the Upload SVG File function. | 2022-02-15 | not yet calculated | CVE-2022-24588 MISC MISC |
forgerock — forgerock_access_management |
Missing access control in ForgeRock Access Management 7.1.0 and earlier versions on all platforms allows remote unauthenticated attackers to hijack sessions, including potentially admin-level sessions. This issue affects: ForgeRock Access Management 7.1 versions prior to 7.1.1; 6.5 versions prior to 6.5.4; all previous versions. | 2022-02-14 | not yet calculated | CVE-2021-4201 CONFIRM |
form_store_to_db — form_store_to_db | The Form Store to DB WordPress plugin before 1.1.1 does not sanitise and escape parameter keys before outputting it back in the created entry, allowing unauthenticated attacker to perform Cross-Site Scripting attacks against admin | 2022-02-14 | not yet calculated | CVE-2021-25107 CONFIRM MISC |
foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15853. | 2022-02-18 | not yet calculated | CVE-2022-24366 MISC MISC |
foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15877. | 2022-02-18 | not yet calculated | CVE-2022-24367 MISC MISC |
foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15851. | 2022-02-18 | not yet calculated | CVE-2022-24364 MISC MISC |
foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15852. | 2022-02-18 | not yet calculated | CVE-2022-24365 MISC MISC |
foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15744. | 2022-02-18 | not yet calculated | CVE-2022-24360 MISC MISC |
foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15861. | 2022-02-18 | not yet calculated | CVE-2022-24363 MISC MISC |
foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15987. | 2022-02-18 | not yet calculated | CVE-2022-24362 MISC MISC |
foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15702. | 2022-02-18 | not yet calculated | CVE-2022-24359 MISC MISC |
foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15703. | 2022-02-18 | not yet calculated | CVE-2022-24358 MISC MISC |
foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15743. | 2022-02-18 | not yet calculated | CVE-2022-24357 MISC MISC |
foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the OnMouseExit method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14848. | 2022-02-18 | not yet calculated | CVE-2022-24356 MISC MISC |
foxit — pdf_reader |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15812. | 2022-02-18 | not yet calculated | CVE-2022-24971 MISC MISC |
foxit — pdf_reader |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15811. | 2022-02-18 | not yet calculated | CVE-2022-24361 MISC MISC |
foxit — pdf_reader |
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA forms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14819. | 2022-02-18 | not yet calculated | CVE-2022-24370 MISC MISC |
foxit — pdf_reader |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. Crafted data in a JP2 image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16087. | 2022-02-18 | not yet calculated | CVE-2022-24369 MISC MISC |
foxit — pdf_reader |
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16115. | 2022-02-18 | not yet calculated | CVE-2022-24368 MISC MISC |
fulusso — fulusso |
Fulusso v1.1 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability in /BindAccount/SuccessTips.js. This vulnerability allows attackers to inject malicious code into a victim user’s device via open redirection. | 2022-02-14 | not yet calculated | CVE-2022-23367 MISC |
futurio_extra — futurio_extra | The Futurio Extra WordPress plugin before 1.6.3 allows any logged in user, such as subscriber, to extract any other user’s email address. | 2022-02-14 | not yet calculated | CVE-2021-25110 MISC |
futurio_extra — futurio_extra |
The Futurio Extra WordPress plugin before 1.6.3 is affected by a SQL Injection vulnerability that could be used by high privilege users to extract data from the database as well as used to perform Cross-Site Scripting (XSS) against logged in admins by making send open a malicious link. | 2022-02-14 | not yet calculated | CVE-2021-25109 MISC |
galois_2p8 — galois_2p8 |
In galois_2p8 before 0.1.2, PrimitivePolynomialField::new has an off-by-one buffer overflow for a vector. | 2022-02-14 | not yet calculated | CVE-2022-24988 MISC |
ghostscript — interpreter | A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | 2022-02-16 | not yet calculated | CVE-2021-3781 MISC MISC |
github — enterprise_server |
A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.3 and was fixed in versions 3.0.21, 3.1.13, 3.2.5. This vulnerability was reported via the GitHub Bug Bounty program. | 2022-02-18 | not yet calculated | CVE-2021-41599 MISC MISC MISC |
google — chrome | Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions. | 2022-02-12 | not yet calculated | CVE-2022-0310 MISC MISC |
google — chrome | Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | not yet calculated | CVE-2022-0306 MISC MISC |
google — chrome | Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. | 2022-02-12 | not yet calculated | CVE-2022-0305 MISC MISC |
google — chrome | Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. | 2022-02-12 | not yet calculated | CVE-2022-0294 MISC MISC |
google — chrome | Inappropriate implementation in Fenced Frames in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. | 2022-02-12 | not yet calculated | CVE-2022-0292 MISC MISC |
google — chrome | Inappropriate implementation in Storage in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. | 2022-02-12 | not yet calculated | CVE-2022-0291 MISC MISC |
google — chrome | Heap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | not yet calculated | CVE-2022-0301 MISC MISC |
google — chrome | Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 2022-02-12 | not yet calculated | CVE-2022-0309 MISC MISC |
google — chrome |
Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | 2022-02-12 | not yet calculated | CVE-2022-0311 MISC MISC |
gravitl — netmaker |
Use of Hard-coded Cryptographic Key in Go github.com/gravitl/netmaker prior to 0.8.5,0.9.4,0.10.0,0.10.1. | 2022-02-18 | not yet calculated | CVE-2022-0664 CONFIRM MISC |
hancom — office |
A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | 2022-02-16 | not yet calculated | CVE-2021-21958 MISC |
hashicorp — nomad_and_nomad_enterprise | HashiCorp Nomad and Nomad Enterprise before 1.0.17, 1.1.x before 1.1.12, and 1.2.x before 1.2.6 has Uncontrolled Resource Consumption. | 2022-02-15 | not yet calculated | CVE-2022-24684 MISC MISC |
hashicorp — nomad_and_nomad_enterprise | HashiCorp Nomad and Nomad Enterprise 0.9.2 through 1.0.17, 1.1.11, and 1.2.5 allow operators with read-fs and alloc-exec (or job-submit) capabilities to read arbitrary files on the host filesystem as root. | 2022-02-17 | not yet calculated | CVE-2022-24683 MISC MISC |
hashicorp — nomad_and_nomad_enterprise |
HashiCorp Nomad and Nomad Enterprise 0.3.0 through 1.0.17, 1.1.11, and 1.2.5 artifact download functionality has a race condition such that the Nomad client agent could download the wrong artifact into the wrong destination. Fixed in 1.0.18, 1.1.12, and 1.2.6 | 2022-02-14 | not yet calculated | CVE-2022-24686 MISC MISC |
hospital_management_system — hospital_management_system |
Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php. | 2022-02-15 | not yet calculated | CVE-2022-24226 MISC MISC |
hospital_patient_record_management_system — hospital_patient_record_management_system | An access control issue in hprms/admin/?page=user/list of Hospital Patient Record Management System v1.0 allows attackers to escalate privileges via accessing and editing the user list. | 2022-02-14 | not yet calculated | CVE-2022-22854 MISC |
hospital_patient_record_management_system — hospital_patient_record_management_system | A stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Name field. | 2022-02-16 | not yet calculated | CVE-2022-22853 MISC MISC MISC |
hp — support_assistant_software |
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | 2022-02-16 | not yet calculated | CVE-2020-6917 MISC |
hp — support_assistant_software |
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | 2022-02-16 | not yet calculated | CVE-2020-6922 MISC |
hp — support_assistant_software |
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | 2022-02-16 | not yet calculated | CVE-2020-6921 MISC |
hp — support_assistant_software |
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | 2022-02-16 | not yet calculated | CVE-2020-6920 MISC |
hp — support_assistant_software |
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | 2022-02-16 | not yet calculated | CVE-2020-6919 MISC |
hp — support_assistant_software |
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | 2022-02-16 | not yet calculated | CVE-2020-6918 MISC |
hp — uefi_firmware |
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution. | 2022-02-16 | not yet calculated | CVE-2021-39301 MISC |
hp — uefi_firmware |
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution. | 2022-02-16 | not yet calculated | CVE-2021-39300 MISC |
hp — uefi_firmware |
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution. | 2022-02-16 | not yet calculated | CVE-2021-39297 MISC |
hp — uefi_firmware |
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution. | 2022-02-16 | not yet calculated | CVE-2021-39298 MISC |
hp — uefi_firmware |
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution. | 2022-02-16 | not yet calculated | CVE-2021-39299 MISC |
hutool — hutool |
Hutool v5.7.18’s HttpRequest was discovered to ignore all TLS/SSL certificate validation. | 2022-02-16 | not yet calculated | CVE-2022-22885 MISC MISC |
ibm — cognos_analytics_mobile_for_android |
IBM Cognos Analytics Mobile for Android applications prior to version 1.1.14 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 215592. | 2022-02-14 | not yet calculated | CVE-2021-39079 CONFIRM XF |
ibm — cognos_analytics_mobile_for_android |
Due to weak obfuscation, IBM Cognos Analytics Mobile for Android application prior to version 1.1.14 , an attacker could be able to reverse engineer the codebase to gain knowledge about the programming technique, interface, class definitions, algorithms and functions used. IBM X-Force ID: 215593. | 2022-02-14 | not yet calculated | CVE-2021-39080 CONFIRM XF |
ibm — guardium_data_encryption |
IBM Guardium Data Encryption (GDE) 5.0.0.2 and 5.0.0.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 213964. | 2022-02-18 | not yet calculated | CVE-2021-39026 XF CONFIRM |
ibm — maximo_anywhere |
IBM Maximo Anywhere 7.6.4.0 applications could disclose sensitive information to a user with physical access to the device. IBM X-Force ID: 161493. | 2022-02-16 | not yet calculated | CVE-2019-4351 XF CONFIRM |
ibm — maximo_anywhere |
IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code. IBM X-Force ID: 161494. | 2022-02-16 | not yet calculated | CVE-2019-4352 CONFIRM XF |
ibm — maximo_anywhere |
IBM Maximo Anywhere 7.6.4.0 could allow an attacker to reverse engineer the application due to the lack of binary protection precautions. IBM X-Force ID: 160697. | 2022-02-16 | not yet calculated | CVE-2019-4291 CONFIRM XF |
ibm — maximo_asset_management |
IBM Maximo Asset Management 7.6.1.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 210892. | 2022-02-18 | not yet calculated | CVE-2021-38935 XF CONFIRM |
ibm — mq |
IBM MQ 9.1 LTS is vulnerable to a denial of service attack caused by an issue within the channel process. IBM X-Force ID: 213964. | 2022-02-17 | not yet calculated | CVE-2021-39034 XF CONFIRM |
ibtana — ibtana |
The Ibtana WordPress plugin before 1.1.4.9 does not have authorisation and CSRF checks in the ive_save_general_settings AJAX action, allowing any authenticated users, such as subscriber to call it and change the plugin’s settings which could lead to Stored Cross-Site Scripting issue. | 2022-02-14 | not yet calculated | CVE-2021-25014 MISC |
impresscms — impresscms |
ImpressCMS before 1.4.2 allows unauthenticated remote code execution via …../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. The payload may be placed in PHP_SESSION_UPLOAD_PROGRESS when the PHP installation supports upload_progress. | 2022-02-14 | not yet calculated | CVE-2022-24977 MISC MISC MISC |
internationalscratchwiki — scratch-confirmaccount-v3 | A Cross-Site Request Forgery (CSRF) in RequirementsBypassPage.php of Scratch Wiki scratch-confirmaccount-v3 allows attackers to modify account request requirement bypasses. | 2022-02-15 | not yet calculated | CVE-2021-46252 MISC MISC |
iobit_advanced_systemcare — iobit_advanced_systemcare |
A Use after Free vulnerability exists in IOBit Advanced SystemCare 15 pro via requests sent in sequential order using the IOCTL driver codes, which could let a malicious user execute arbitrary code or a Denial of Service (system crash). IOCTL list: iobit_ioctl = [0x8001e01c, 0x8001e020, 0x8001e024, 0x8001e040,0x8001e044, 0x8001e048, 0x8001e04c, 0x8001e000, 0x8001e004, 0x8001e008, 0x8001e00c, 0x8001e010, 0x8001e014, 0x8001e018] | 2022-02-18 | not yet calculated | CVE-2021-44968 MISC |
isabel_stored_xxs — isabel_stored_xss |
Multiple cross-site scripting (XSS) vulnerabilities in the Add User module of Issabel PBX 20200102 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the username and password fields. | 2022-02-15 | not yet calculated | CVE-2021-46558 MISC |
jeecg-boot — jeecg-boot |
Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /sys/user/queryUserComponentData. | 2022-02-16 | not yet calculated | CVE-2022-22881 MISC |
jeecg-boot — jeecg-boot |
Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /jeecg-boot/sys/user/queryUserByDepId. | 2022-02-16 | not yet calculated | CVE-2022-22880 MISC |
jenkin — pipeline_multibranch |
Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system. | 2022-02-15 | not yet calculated | CVE-2022-25179 CONFIRM |
jenkins — agent_server_parameter |
Jenkins Agent Server Parameter Plugin 1.0 and earlier does not escape parameter names of agent server parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-02-15 | not yet calculated | CVE-2022-25191 CONFIRM |
jenkins — autonomiq | A cross-site request forgery (CSRF) vulnerability in Jenkins autonomiq Plugin 1.15 and earlier allows attackers to connect to an attacker-specified URL server using attacker-specified credentials. | 2022-02-15 | not yet calculated | CVE-2022-25194 CONFIRM |
jenkins — autonomiq |
A missing permission check in Jenkins autonomiq Plugin 1.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. | 2022-02-15 | not yet calculated | CVE-2022-25195 CONFIRM |
jenkins — checkmarx |
A cross-site request forgery (CSRF) vulnerability in Jenkins Checkmarx Plugin 2022.1.2 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 2022-02-15 | not yet calculated | CVE-2022-25200 CONFIRM MLIST |
jenkins — checkmarx |
Missing permission checks in Jenkins Checkmarx Plugin 2022.1.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 2022-02-15 | not yet calculated | CVE-2022-25201 CONFIRM |
jenkins — chef_sinatra | A cross-site request forgery (CSRF) vulnerability in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response. | 2022-02-15 | not yet calculated | CVE-2022-25207 CONFIRM MLIST |
jenkins — chef_sinatra |
Jenkins Chef Sinatra Plugin 1.20 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 2022-02-15 | not yet calculated | CVE-2022-25209 CONFIRM |
jenkins — chef_sinatra |
A missing permission check in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers with Overall/Read permission to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response. | 2022-02-15 | not yet calculated | CVE-2022-25208 CONFIRM MLIST |
jenkins — conjur_secrets |
A missing permission check in Jenkins Conjur Secrets Plugin 1.0.11 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 2022-02-15 | not yet calculated | CVE-2022-25190 CONFIRM |
jenkins — convertigo_mobile_platform |
Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier uses static fields to store job configuration information, allowing attackers with Item/Configure permission to capture passwords of the jobs that will be configured. | 2022-02-15 | not yet calculated | CVE-2022-25210 CONFIRM |
jenkins — custom_checkbox_parameter |
Jenkins Custom Checkbox Parameter Plugin 1.1 and earlier does not escape parameter names of custom checkbox parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-02-15 | not yet calculated | CVE-2022-25189 CONFIRM |
jenkins — dbcharts | A cross-site request forgery (CSRF) vulnerability in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers to connect to an attacker-specified database via JDBC using attacker-specified credentials and to determine if a class is available in the Jenkins instance. | 2022-02-15 | not yet calculated | CVE-2022-25205 CONFIRM |
jenkins — dbcharts |
A missing check in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified database via JDBC using attacker-specified credentials. | 2022-02-15 | not yet calculated | CVE-2022-25206 CONFIRM |
jenkins — doktor |
Jenkins Doktor Plugin 0.4.1 and earlier implements functionality that allows agent processes to render files on the controller as Markdown or Asciidoc, and error messages allow attackers able to control agent processes to determine whether a file with a given name exists. | 2022-02-15 | not yet calculated | CVE-2022-25204 CONFIRM |
jenkins — fortify |
Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with content not controllable by the attacker. | 2022-02-15 | not yet calculated | CVE-2022-25188 CONFIRM MLIST |
jenkins — generic_webhook_trigger |
Jenkins Generic Webhook Trigger Plugin 1.81 and earlier does not escape the build cause when using the webhook, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-02-15 | not yet calculated | CVE-2022-25185 CONFIRM MLIST |
jenkins — gitlab_authentication |
Jenkins GitLab Authentication Plugin 1.13 and earlier records the HTTP Referer header as part of the URL query parameters when the authentication process starts, allowing attackers with access to Jenkins to craft a URL that will redirect users to an attacker-specified URL after logging in. | 2022-02-15 | not yet calculated | CVE-2022-25196 CONFIRM MLIST |
jenkins — hashicorp_vault |
Jenkins HashiCorp Vault Plugin 3.8.0 and earlier implements functionality that allows agent processes to retrieve any Vault secrets for use on the agent, allowing attackers able to control agent processes to obtain Vault secrets for an attacker-specified path and key. | 2022-02-15 | not yet calculated | CVE-2022-25186 CONFIRM |
jenkins — hashicorp_vault |
Jenkins HashiCorp Vault Plugin 336.v182c0fbaaeb7 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins controller file system. | 2022-02-15 | not yet calculated | CVE-2022-25197 CONFIRM |
jenkins — pipeline_build_step |
Jenkins Pipeline: Build Step Plugin 2.15 and earlier reveals password parameter default values when generating a pipeline script using the Pipeline Snippet Generator, allowing attackers with Item/Read permission to retrieve the default password parameter value from jobs. | 2022-02-15 | not yet calculated | CVE-2022-25184 CONFIRM |
jenkins — pipeline_groovy | Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier includes password parameters from the original build in replayed builds, allowing attackers with Run/Replay permission to obtain the values of password parameters passed to previous builds of a Pipeline. | 2022-02-15 | not yet calculated | CVE-2022-25180 CONFIRM |
jenkins — pipeline_groovy |
Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers able to configure Pipelines to read arbitrary files on the Jenkins controller file system. | 2022-02-15 | not yet calculated | CVE-2022-25176 CONFIRM |
jenkins — pipeline_groovy |
Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier uses the same checkout directories for distinct SCMs when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents. | 2022-02-15 | not yet calculated | CVE-2022-25173 CONFIRM MLIST |
jenkins — pipeline_multibranch |
Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier uses distinct checkout directories per SCM for the readTrusted step, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents. | 2022-02-15 | not yet calculated | CVE-2022-25175 CONFIRM |
jenkins — pipeline_shared_groovy |
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the same checkout directories for distinct SCMs for Pipeline libraries, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents. | 2022-02-15 | not yet calculated | CVE-2022-25174 CONFIRM |
jenkins — pipeline_shared_groovy_libraries | A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM through crafted SCM contents, if a global Pipeline library already exists. | 2022-02-15 | not yet calculated | CVE-2022-25181 CONFIRM |
jenkins — pipeline_shared_groovy_libraries |
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the names of Pipeline libraries to create cache directories without any sanitization, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM using specially crafted library names if a global Pipeline library configured to use caching already exists. | 2022-02-15 | not yet calculated | CVE-2022-25183 CONFIRM |
jenkins — pipeline_shared_groovy_libraries |
A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code on the Jenkins controller JVM using specially crafted library names if a global Pipeline library is already configured. | 2022-02-15 | not yet calculated | CVE-2022-25182 CONFIRM |
jenkins — pipeline_shared_groovy_libraries |
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier does not restrict the names of resources passed to the libraryResource step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system. | 2022-02-15 | not yet calculated | CVE-2022-25178 CONFIRM |
jenkins — pipeline_shared_groovy_libraries |
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier follows symbolic links to locations outside of the expected Pipeline library when reading files using the libraryResource step, allowing attackers able to configure Pipelines to read arbitrary files on the Jenkins controller file system. | 2022-02-15 | not yet calculated | CVE-2022-25177 CONFIRM |
jenkins — promoted_builds |
Jenkins Promoted Builds (Simple) Plugin 1.9 and earlier does not escape the name of custom promotion levels, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission. | 2022-02-15 | not yet calculated | CVE-2022-25202 CONFIRM |
jenkins — scp_publisher | A cross-site request forgery (CSRF) vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials. | 2022-02-15 | not yet calculated | CVE-2022-25198 CONFIRM |
jenkins — scp_publisher |
A missing permission check in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials. | 2022-02-15 | not yet calculated | CVE-2022-25199 CONFIRM |
jenkins — snow_commander | A cross-site request forgery (CSRF) vulnerability in Jenkins Snow Commander Plugin 2.0 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 2022-02-15 | not yet calculated | CVE-2022-25192 CONFIRM |
jenkins — snow_commander |
Missing permission checks in Jenkins Snow Commander Plugin 2.0 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 2022-02-15 | not yet calculated | CVE-2022-25193 CONFIRM |
jenkins — support_core |
Jenkins Support Core Plugin 2.79 and earlier does not redact some sensitive information in the support bundle. | 2022-02-15 | not yet calculated | CVE-2022-25187 CONFIRM |
jenkins — swamp | A missing permission check in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server using attacker-specified credentials. | 2022-02-15 | not yet calculated | CVE-2022-25211 CONFIRM |
jenkins — swamp |
A cross-site request forgery (CSRF) vulnerability in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials. | 2022-02-15 | not yet calculated | CVE-2022-25212 CONFIRM |
jenkins — teams_views | Jenkins Team Views Plugin 0.9.0 and earlier does not escape team names, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Read permission. | 2022-02-15 | not yet calculated | CVE-2022-25203 CONFIRM |
jerryscript_project — jerryscript |
There is an Assertion in ‘context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION’ failed at parser_parse_function_arguments in /js/js-parser.c of JerryScript commit a6ab5e9. | 2022-02-17 | not yet calculated | CVE-2022-22901 MISC MISC MISC |
jqueryform.com — jqueryform.com |
Forms generated by JQueryForm.com before 2022-02-05 (if file-upload capability is enabled) allow remote unauthenticated attackers to upload executable files and achieve remote code execution. This occurs because file-extension checks occur on the client side, and because not all executable content (e.g., .phtml or .php.bak) is blocked. | 2022-02-16 | not yet calculated | CVE-2022-24984 MISC MISC MISC |
jqueryform.com — jqueryform.com |
A reflected cross-site scripting (XSS) vulnerability in forms generated by JQueryForm.com before 2022-02-05 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter to admin.php. | 2022-02-16 | not yet calculated | CVE-2022-24981 MISC MISC MISC |
jqueryform.com — jqueryform.com |
Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to access the cleartext credentials of all other form users. admin.php contains a hidden base64-encoded string with these credentials. | 2022-02-16 | not yet calculated | CVE-2022-24982 MISC MISC MISC |
jqueryform.com — jqueryform.com |
Forms generated by JQueryForm.com before 2022-02-05 allow remote attackers to obtain the URI to any uploaded file by capturing the POST response. When chained with CVE-2022-24984, this could lead to unauthenticated remote code execution on the underlying web server. This occurs because the Unique ID field is contained in the POST response upon submitting a form. | 2022-02-16 | not yet calculated | CVE-2022-24983 MISC MISC MISC |
jqueryform.com — jqueryform.com |
Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to bypass authentication and access the administrative section of other forms hosted on the same web server. This is relevant only when an organization hosts more than one of these forms on their server. | 2022-02-16 | not yet calculated | CVE-2022-24985 MISC MISC MISC |
k-box — k-box |
K-Box is a web-based application to manage documents, images, videos and geodata. Prior to version 0.33.1, a stored Cross-Site-Scripting (XSS) vulnerability is present in the markdown editor used by the document abstract and markdown file preview. A specifically crafted anchor link can, if clicked, execute untrusted javascript actions, like retrieving user cookies. Version 0.33.1 includes a patch that allows discarding unsafe links. | 2022-02-14 | not yet calculated | CVE-2022-23637 MISC CONFIRM |
kicad — eda | A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadXYCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | 2022-02-16 | not yet calculated | CVE-2022-23803 MISC |
kicad — eda |
A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadIJCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | 2022-02-16 | not yet calculated | CVE-2022-23804 MISC |
kiteworks_mft– kiteworks_mft |
Kiteworks MFT 7.5 may allow an unauthorized user to reset other users’ passwords. This is fixed in version 7.6 and later. | 2022-02-14 | not yet calculated | CVE-2022-24110 MISC CONFIRM |
kkfileview — kkfileview |
kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host. | 2022-02-15 | not yet calculated | CVE-2021-43734 MISC |
kvm_amd — kvm_amd |
A flaw was found in the KVM’s AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario. | 2022-02-18 | not yet calculated | CVE-2021-4093 MISC MISC |
lemminx — lemminx |
A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redirect could allow unauthorized access to sensitive information locally if LemMinX is run under a privileged user. | 2022-02-18 | not yet calculated | CVE-2022-0672 MISC |
lemminx — lemminx |
A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files due to directory traversal. | 2022-02-18 | not yet calculated | CVE-2022-0673 MISC |
libexa — dxp_exsystems/expublish-kernel |
Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows injection attacks via image filenames. | 2022-02-18 | not yet calculated | CVE-2022-25337 MISC |
libexa — dxp_exsystems/expublish-kernel |
Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows Insecure Direct Object Reference (IDOR) attacks against image files because the image path and filename can be correctly deduced. | 2022-02-18 | not yet calculated | CVE-2022-25336 MISC |
librenms — librenms | Exposure of Sensitive Information to an Unauthorized Actor in Packagist librenms/librenms prior to 22.2.0. | 2022-02-15 | not yet calculated | CVE-2022-0588 CONFIRM MISC MISC |
librenms — librenms | Cross-site Scripting (XSS) – Stored in Packagist librenms/librenms prior to 22.2.0. | 2022-02-14 | not yet calculated | CVE-2022-0575 MISC CONFIRM MISC |
librenms — librenms | Improper Authorization in Packagist librenms/librenms prior to 22.2.0. | 2022-02-15 | not yet calculated | CVE-2022-0587 CONFIRM MISC MISC |
librenms — librenms |
Improper Access Control in Packagist librenms/librenms prior to 22.2.0. | 2022-02-14 | not yet calculated | CVE-2022-0580 CONFIRM MISC MISC |
librenms — librenms |
Cross-site Scripting (XSS) – Generic in Packagist librenms/librenms prior to 22.1.0. | 2022-02-14 | not yet calculated | CVE-2022-0576 MISC CONFIRM MISC |
librenms — librenms |
Cross-site Scripting (XSS) – Stored in Packagist librenms/librenms prior to 22.1.0. | 2022-02-15 | not yet calculated | CVE-2022-0589 MISC CONFIRM MISC |
libsixel — libsixel |
In libsixel 1.8.6, sixel_encoder_output_without_macro (called from sixel_encoder_encode_frame in encoder.c) has a double free. | 2022-02-19 | not yet calculated | CVE-2021-46700 MISC |
linux — linux_kernel | A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability. | 2022-02-16 | not yet calculated | CVE-2021-3760 MISC |
linux — linux_kernel |
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | 2022-02-16 | not yet calculated | CVE-2021-3752 MISC MISC MISC |
linux — linux_kernel |
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. | 2022-02-18 | not yet calculated | CVE-2021-20321 MISC MISC |
linux — linux_kernel |
In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference. | 2022-02-14 | not yet calculated | CVE-2021-44879 MISC CONFIRM MISC MISC |
linux — linux_kernel |
An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmval[bmlen-1] in nfsd4_decode_bitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system integrity and confidentiality threat. | 2022-02-18 | not yet calculated | CVE-2021-4090 MISC MISC |
linux — linux_kernel |
A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel. In this flaw, a local attacker with special user privilege can circumvent the verifier and may lead to a confidentiality problem. | 2022-02-18 | not yet calculated | CVE-2021-20320 MISC MISC |
linux — linux_kernel |
A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. | 2022-02-16 | not yet calculated | CVE-2022-0617 MISC MISC MISC |
linux — linux_kernel |
An information leak flaw was found due to uninitialized memory in the Linux kernel’s TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows a local user to read some kernel memory. This issue is limited to no more than 7 bytes, and the user cannot control what is read. This flaw affects the Linux kernel versions prior to 5.17-rc1. | 2022-02-11 | not yet calculated | CVE-2022-0382 MISC |
linux — linux_kernel |
A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP) subsystem was found in the way user triggers cancel_work_sync after the unregister_netdev during removing device. A local user could use this flaw to crash the system or escalate their privileges on the system. It is actual from Linux Kernel 5.17-rc1 (when mctp-serial.c introduced) till 5.17-rc5. | 2022-02-18 | not yet calculated | CVE-2022-0646 MISC |
linux — linux_kernel |
An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur. | 2022-02-16 | not yet calculated | CVE-2022-25258 MISC MISC MISC |
linux — linux_kernel |
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file. | 2022-02-16 | not yet calculated | CVE-2022-25265 MISC MISC |
linux — linux_kernel |
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. | 2022-02-18 | not yet calculated | CVE-2021-20322 MISC MISC MISC MISC MISC |
linux — linux_kernel |
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality. | 2022-02-16 | not yet calculated | CVE-2021-3753 MISC MISC MISC |
litespeed.js — litespeed.js |
This affects the package litespeed.js before 0.3.12; the package appwrite/server-ce from 0.12.0 and before 0.12.2, before 0.11.1. When parsing the query string in the getJsonFromUrl function, the key that is set in the result object is not properly sanitized leading to a Prototype Pollution vulnerability. | 2022-02-16 | not yet calculated | CVE-2021-23682 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
liveconfig — liveconfig | A Stored XSS issue exists in the admin/users user administration form in LiveConfig 2.12.2. | 2022-02-18 | not yet calculated | CVE-2021-40840 MISC MISC |
liveconfig — liveconfig | A Path Traversal vulnerability for a log file in LiveConfig 2.12.2 allows authenticated attackers to read files on the underlying server. | 2022-02-18 | not yet calculated | CVE-2021-40841 MISC MISC |
livehelperchat — livehelperchat |
Cross-site Scripting (XSS) – Stored in Packagist remdex/livehelperchat prior to 3.93v. | 2022-02-16 | not yet calculated | CVE-2022-0612 CONFIRM MISC |
magnolia — magnolia |
A Server-Side Template Injection (SSTI) vulnerability in the Registration and Forgotten Password forms of Magnolia v6.2.3 and below allows attackers to execute arbitrary code via a crafted payload entered into the fullname parameter. | 2022-02-11 | not yet calculated | CVE-2021-46362 MISC MISC |
magnolia — magnolia |
An issue in the Export function of Magnolia v6.2.3 and below allows attackers to execute arbitrary code via a crafted XLF file. | 2022-02-11 | not yet calculated | CVE-2021-46365 MISC MISC |
magnolia — magnolia |
An issue in the Export function of Magnolia v6.2.3 and below allows attackers to execute arbitrary code via a crafted CSV/XLS file. | 2022-02-11 | not yet calculated | CVE-2021-46363 MISC MISC |
magnolia_cms — magnolia_cms |
An issue in the Freemark Filter of Magnolia CMS v6.2.11 and below allows attackers to bypass security restrictions and execute arbitrary code via a crafted FreeMarker payload. | 2022-02-11 | not yet calculated | CVE-2021-46361 MISC MISC |
mappress_maps — mappress_maps |
The MapPress Maps for WordPress plugin before 2.73.4 does not sanitise and escape the mapid parameter before outputting it back in the “Bad mapid” error message, leading to a Reflected Cross-Site Scripting | 2022-02-14 | not yet calculated | CVE-2022-0208 MISC |
mariadb — mariadb | This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193. | 2022-02-18 | not yet calculated | CVE-2022-24051 MISC MISC |
mariadb — mariadb | This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16207. | 2022-02-18 | not yet calculated | CVE-2022-24050 MISC MISC |
mariadb — mariadb |
This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16191. | 2022-02-18 | not yet calculated | CVE-2022-24048 MISC MISC |
mariadb — mariadb |
This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16190. | 2022-02-18 | not yet calculated | CVE-2022-24052 MISC MISC |
mbsync — mbsync |
A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote code execution on the client. | 2022-02-16 | not yet calculated | CVE-2021-3578 MISC MISC MLIST FEDORA MISC FEDORA MISC |
mbsync — mbsync |
A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for remote code execution. | 2022-02-18 | not yet calculated | CVE-2021-3657 MISC MISC |
mediawiki — mediawiki |
MediaWiki before 1.23.16, 1.24.x through 1.27.x before 1.27.2, and 1.28.x before 1.28.1 allows remote attackers to discover the IP addresses of Wiki visitors via a style=”background-image: attr(title url);” attack within a DIV element that has an attacker-controlled URL in the title attribute. | 2022-02-18 | not yet calculated | CVE-2017-0371 MISC MISC |
metinfo — metinfo |
Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in language_general.class.php via doModifyParameter. | 2022-02-14 | not yet calculated | CVE-2022-23335 MISC |
metinfo — metinfo |
Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in parameter_admin.class.php via the table_para parameter. | 2022-02-14 | not yet calculated | CVE-2022-22295 MISC |
microweber — microweber | Cross-site Scripting (XSS) – Reflected in Packagist microweber/microweber prior to 1.2.11. | 2022-02-19 | not yet calculated | CVE-2022-0678 CONFIRM MISC |
microweber — microweber | Business Logic Errors in Packagist microweber/microweber prior to 1.2.11. | 2022-02-15 | not yet calculated | CVE-2022-0596 CONFIRM MISC |
microweber — microweber | Use multiple time the one-time coupon in Packagist microweber/microweber prior to 1.2.11. | 2022-02-19 | not yet calculated | CVE-2022-0689 MISC CONFIRM |
microweber — microweber |
Cross-site Scripting (XSS) – Reflected in Packagist microweber/microweber prior to 1.2.11. | 2022-02-19 | not yet calculated | CVE-2022-0690 MISC CONFIRM |
microweber — microweber |
Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11. | 2022-02-18 | not yet calculated | CVE-2022-0660 CONFIRM MISC |
microweber — microweber |
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11. | 2022-02-18 | not yet calculated | CVE-2022-0666 MISC CONFIRM |
microweber — microweber |
Open Redirect in Packagist microweber/microweber prior to 1.2.11. | 2022-02-15 | not yet calculated | CVE-2022-0597 CONFIRM MISC |
microweber — microweber |
Cross-Site Request Forgery (CSRF) in Packagist microweber/microweber prior to 1.2.11. | 2022-02-17 | not yet calculated | CVE-2022-0638 MISC CONFIRM |
mig-controller — mig-controller |
An incorrect default permissions vulnerability was found in the mig-controller. Due to an incorrect cluster namespaces handling an attacker may be able to migrate a malicious workload to the target cluster, impacting confidentiality, integrity, and availability of the services located on that cluster. | 2022-02-18 | not yet calculated | CVE-2021-3948 MISC |
ming-soft — mcms |
A problem was found in ming-soft MCMS v5.1. There is a sql injection vulnerability in /ms/cms/content/list.do | 2022-02-17 | not yet calculated | CVE-2021-44868 MISC |
ming-soft — mcms |
MCMS v5.2.5 was discovered to contain a Server Side Template Injection (SSTI) vulnerability via the Template Management module. | 2022-02-18 | not yet calculated | CVE-2021-46063 MISC |
ming-soft — mcms |
An arbitrary file upload vulnerability in the component /ms/file/uploadTemplate.do of MCMS v5.2.4 allows attackers to execute arbitrary code. | 2022-02-18 | not yet calculated | CVE-2021-46036 MISC |
ming-soft — mcms |
MCMS v5.2.4 was discovered to contain an arbitrary file deletion vulnerability via the component /template/unzip.do. | 2022-02-18 | not yet calculated | CVE-2021-46037 MISC |
ming-soft — mcms |
MCMS v5.2.5 was discovered to contain an arbitrary file deletion vulnerability via the component oldFileName. | 2022-02-18 | not yet calculated | CVE-2021-46062 MISC |
mitsubishi_electric — multiple_factory_automation_engineering_software_products |
Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition. | 2022-02-11 | not yet calculated | CVE-2020-14521 MISC MISC |
mobisoft — mobiplus |
MobiSoft – MobiPlus User Take Over and Improper Handling of url Parameters Attacker can navigate to specific url which will expose all the users and password in clear text. http://IP/MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData&GridName=Users | 2022-02-16 | not yet calculated | CVE-2022-22792 MISC |
mortgage_calculators_wp — mortgage_calculators_wp |
The Mortgage Calculators WP WordPress plugin before 1.56 does not implement any sanitisation on the color setting of the background of a calculator, which could allow high privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 2022-02-14 | not yet calculated | CVE-2021-24904 MISC |
moxa — routers |
Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via crafted packets. | 2022-02-18 | not yet calculated | CVE-2021-46082 MISC MISC |
mruby — mruby | Out-of-bounds Read in Homebrew mruby prior to 3.2. | 2022-02-19 | not yet calculated | CVE-2022-0630 MISC CONFIRM |
mruby — mruby | Out-of-bounds Read in Homebrew mruby prior to 3.2. | 2022-02-17 | not yet calculated | CVE-2022-0623 CONFIRM MISC |
mruby — mruby | Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2. | 2022-02-16 | not yet calculated | CVE-2022-0614 CONFIRM MISC |
mruby — mruby | Heap-based Buffer Overflow in Homebrew mruby prior to 3.2. | 2022-02-18 | not yet calculated | CVE-2022-0631 MISC CONFIRM |
mruby — mruby |
Heap-based Buffer Overflow in Homebrew mruby prior to 3.2. | 2022-02-14 | not yet calculated | CVE-2022-0570 CONFIRM MISC |
mruby — mruby |
NULL Pointer Dereference in Homebrew mruby prior to 3.2. | 2022-02-19 | not yet calculated | CVE-2022-0632 CONFIRM MISC |
netfliter — netfilter |
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. | 2022-02-16 | not yet calculated | CVE-2021-3773 MISC |
newstatpress — newstatpress |
The NewStatPress WordPress plugin before 1.3.6 does not properly escape the whatX parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues | 2022-02-14 | not yet calculated | CVE-2022-0206 MISC |
nginx — njs | njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c. | 2022-02-14 | not yet calculated | CVE-2021-46462 MISC MISC |
nginx — njs | njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a Type Confusion vulnerability in njs_promise_perform_then(). | 2022-02-14 | not yet calculated | CVE-2021-46463 MISC MISC |
nginx — njs |
njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in njs_await_fulfilled. | 2022-02-14 | not yet calculated | CVE-2022-25139 MISC MISC |
nginx — njs |
njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_vmcode.c. | 2022-02-14 | not yet calculated | CVE-2021-46461 MISC MISC |
npm_urijs — npm_urijs |
Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8. | 2022-02-16 | not yet calculated | CVE-2022-0613 CONFIRM MISC |
npm_url-parse — npm_url-parse |
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6. | 2022-02-14 | not yet calculated | CVE-2022-0512 CONFIRM MISC |
npm_url-parse — npm_url-parse |
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7. | 2022-02-17 | not yet calculated | CVE-2022-0639 MISC CONFIRM |
nvidia — license_system |
NVIDIA License System contains a vulnerability in the installation scripts for the DLS virtual appliance, where a user on a network after signing in to the portal can access other users’ credentials, allowing them to gain escalated privileges, resulting in limited impact to both confidentiality and integrity. | 2022-02-15 | not yet calculated | CVE-2022-21818 MISC |
o2oa — o2oa |
O2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerability via /x_program_center/jaxrs/invoke. | 2022-02-17 | not yet calculated | CVE-2022-22916 MISC MISC |
object-extend — object-extend |
The package object-extend from 0.0.0 are vulnerable to Prototype Pollution via object-extend. | 2022-02-18 | not yet calculated | CVE-2021-23702 CONFIRM |
online_shopping_portal — online_shopping_portal |
Online Shopping Portal v3.1 was discovered to contain multiple time-based SQL injection vulnerabilities via the email and contactno parameters. | 2022-02-18 | not yet calculated | CVE-2021-46110 MISC |
ovidentia_cms — ovidentia_cms |
An incorrect access control issue in the component FileManager of Ovidentia CMS 6.0 allows authenticated attackers to to view and download content in the upload directory via path traversal. | 2022-02-17 | not yet calculated | CVE-2022-22914 MISC MISC |
pcf2bdf — pcf2bdf | A segmentation fault during PCF file parsing in pcf2bdf versions >=1.05 allows an attacker to trigger a program crash via a specially crafted PCF font file. This crash affects the availability of the software and dependent downstream components. | 2022-02-17 | not yet calculated | CVE-2022-23319 MISC MISC |
pcf2bdf — pcf2bdf |
A heap-buffer-overflow in pcf2bdf, versions >= 1.05 allows an attacker to trigger unsafe memory access via a specially crafted PCF font file. This out-of-bound read may lead to an application crash, information disclosure via program memory or other context-dependent impact. | 2022-02-17 | not yet calculated | CVE-2022-23318 MISC MISC |
perfect_brands — perfect_brands |
The vulnerability discovered in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4) allows server information exposure. | 2022-02-18 | not yet calculated | CVE-2022-23982 CONFIRM CONFIRM |
perfect_brands — perfect_brands |
The vulnerability allows Subscriber+ level users to create brands in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4). | 2022-02-18 | not yet calculated | CVE-2022-23981 CONFIRM CONFIRM |
pexip — infinity |
Pexip Infinity before 27.0 has improper WebRTC input validation. An unauthenticated remote attacker can use excessive resources, temporarily causing denial of service. | 2022-02-18 | not yet calculated | CVE-2022-23228 MISC |
pexip — infinity_connect |
Pexip Infinity Connect before 1.8.0 omits certain provisioning authenticity checks. Thus, untrusted code may execute. | 2022-02-18 | not yet calculated | CVE-2021-29655 MISC |
pexip — infinity_connect |
Pexip Infinity Connect before 1.8.0 mishandles TLS certificate validation. The allow list is not properly checked. | 2022-02-18 | not yet calculated | CVE-2021-29656 MISC |
phoronix-test-suite — phoronix-test-suite |
Cross-site Scripting (XSS) – Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2. | 2022-02-14 | not yet calculated | CVE-2022-0571 CONFIRM MISC |
php-fusion — php-fusion |
A reflected cross-site scripting (XSS) vulnerability in PHP-Fusion 7.02.07 allows remote attackers to inject arbitrary web script or HTML via the status parameter in the CMS admin panel. | 2022-02-17 | not yet calculated | CVE-2014-8597 MISC |
php_everywhere — php_everywhere |
PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via a WordPress gutenberg block by any user able to edit posts. | 2022-02-16 | not yet calculated | CVE-2022-24665 MISC |
php_everywhere — php_everywhere |
PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress metaboxes, which could be used by any user able to edit posts. | 2022-02-16 | not yet calculated | CVE-2022-24664 MISC |
php_everywhere — php_everywhere |
PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress shortcodes, which can be used by any authenticated user. | 2022-02-16 | not yet calculated | CVE-2022-24663 MISC |
pimcore — pimcore |
Exposure of Sensitive Information to an Unauthorized Actor in Packagist pimcore/pimcore prior to 10.3.1. | 2022-02-14 | not yet calculated | CVE-2022-0565 MISC CONFIRM |
pjsip — pjproduct | Buffer overflow in PJSUA API when calling pjsua_call_dump. An attacker-controlled ‘buffer’ argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the ‘maxlen’ argument supplied | 2022-02-16 | not yet calculated | CVE-2021-43303 MISC |
pjsip — pjproduct | Read out-of-bounds in PJSUA API when calling pjsua_recorder_create. An attacker-controlled ‘filename’ argument may cause an out-of-bounds read when the filename is shorter than 4 characters. | 2022-02-16 | not yet calculated | CVE-2021-43302 MISC |
pjsip — pjproduct | Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled ‘file_names’ argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation. | 2022-02-16 | not yet calculated | CVE-2021-43301 MISC |
pjsip — pjproduct | Stack overflow in PJSUA API when calling pjsua_recorder_create. An attacker-controlled ‘filename’ argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation. | 2022-02-16 | not yet calculated | CVE-2021-43300 MISC |
pjsip — pjproduct |
Stack overflow in PJSUA API when calling pjsua_player_create. An attacker-controlled ‘filename’ argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation. | 2022-02-16 | not yet calculated | CVE-2021-43299 MISC |
pki-server — pki-server |
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat from this vulnerability is to confidentiality. | 2022-02-16 | not yet calculated | CVE-2021-3551 MISC |
plist — plist |
Prototype pollution vulnerability via .parse() in Plist before v3.0.4 allows attackers to cause a Denial of Service (DoS) and may lead to remote code execution. | 2022-02-17 | not yet calculated | CVE-2022-22912 MISC |
pluxml — pluxml |
A stored cross-site scripting (XSS) vulnerability in the component core/admin/medias.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML. | 2022-02-15 | not yet calculated | CVE-2022-24587 MISC MISC |
pluxml — pluxml |
A stored cross-site scripting (XSS) vulnerability in the component /core/admin/categories.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content and thumbnail parameters. | 2022-02-15 | not yet calculated | CVE-2022-24586 MISC MISC |
pluxml — pluxml |
A stored cross-site scripting (XSS) vulnerability in the component /core/admin/comment.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the author parameter. | 2022-02-15 | not yet calculated | CVE-2022-24585 MISC MISC |
polkit — polkit |
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2022-02-16 | not yet calculated | CVE-2021-3560 MISC MISC |
prismjs — prism |
Prism is a syntax highlighting library. Starting with version 1.14.0 and prior to version 1.27.0, Prism’s command line plugin can be used by attackers to achieve a cross-site scripting attack. The command line plugin did not properly escape its output, leading to the input text being inserted into the DOM as HTML code. Server-side usage of Prism is not impacted. Websites that do not use the Command Line plugin are also not impacted. This bug has been fixed in v1.27.0. As a workaround, do not use the command line plugin on untrusted inputs, or sanitize all code blocks (remove all HTML code text) from all code blocks that use the command line plugin. | 2022-02-18 | not yet calculated | CVE-2022-23647 CONFIRM MISC MISC |
prometheus — client_golang |
client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of `promhttp.InstrumentHandler*` middleware except `RequestsInFlight`; not filter any specific methods (e.g GET) before middleware; pass metric with `method` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown `method`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the `method` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods. | 2022-02-15 | not yet calculated | CVE-2022-21698 MISC MISC CONFIRM MISC |
publiccms — publiccms |
PublicCMS v4.0 was discovered to contain a remote code execution (RCE) vulnerability via the cmdarray parameter. | 2022-02-14 | not yet calculated | CVE-2022-23389 MISC |
pybbs — pybbs |
A cross-site scripting (XSS) vulnerability in Pybbs v6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Search box. | 2022-02-14 | not yet calculated | CVE-2022-23391 MISC |
qemu — qemu |
A stack-buffer-overflow was found in QEMU in the NVME component. The flaw lies in nvme_changed_nslist() where a malicious guest controlling certain input can read out of bounds memory. A malicious user could use this flaw leading to disclosure of sensitive information. | 2022-02-18 | not yet calculated | CVE-2021-3947 MISC |
qemu — qemu |
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the ‘page’ argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition. | 2022-02-18 | not yet calculated | CVE-2021-3930 MISC |
red_hat — enterprise_linux |
Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4. A user who installs or updates to Red Hat Enterprise Linux 8.5.0 would be vulnerable to the mentioned CVEs, even if they were properly fixed in Red Hat Enterprise Linux 8.4. CVE-2021-20325 was assigned to that Red Hat specific security regression and it does not affect the upstream versions of httpd. | 2022-02-18 | not yet calculated | CVE-2021-20325 MISC |
redis — redis |
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution. | 2022-02-18 | not yet calculated | CVE-2022-0543 MISC DEBIAN MISC MLIST |
ricoh — printer_series |
RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were discovered to contain a stack buffer overflow in the file /etc/wpa_supplicant.conf. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | 2022-02-15 | not yet calculated | CVE-2021-33945 MISC |
rigoblock_dragos — rigoblock_dragos |
RigoBlock Dragos through 2022-02-17 lacks the onlyOwner modifier for setMultipleAllowances. This enables token manipulation, as exploited in the wild in February 2022. NOTE: although 2022-02-17 is the vendor’s vulnerability announcement date, the vulnerability will not be remediated until a major protocol upgrade occurs. | 2022-02-18 | not yet calculated | CVE-2022-25335 MISC MISC MISC MISC MISC |
s-cms — s-cms |
S-CMS v5.0 was discovered to contain a SQL injection vulnerability in member_pay.php via the O_id parameter. | 2022-02-14 | not yet calculated | CVE-2022-23336 MISC |
samba — samba |
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation. | 2022-02-18 | not yet calculated | CVE-2020-25717 MISC MISC |
samba — samba |
A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC (read-only domain controller). This would allow an RODC to print administrator tickets. | 2022-02-18 | not yet calculated | CVE-2020-25718 MISC MISC |
samba — samba |
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required. | 2022-02-18 | not yet calculated | CVE-2016-2124 MISC MISC |
samba — samba |
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise. | 2022-02-18 | not yet calculated | CVE-2020-25719 MISC MISC |
samba — samba |
Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise. | 2022-02-18 | not yet calculated | CVE-2020-25722 MISC MISC |
sangoma_technologies_corporation — switchvox |
Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information disclosure vulnerability due to an improper access restriction. Users information such as first name, last name, acount id, server uuid, email address, profile image, number, timestamps, etc can be extracted by sending an unauthenticated HTTP GET request to the https://Switchvox-IP/main?cmd=invalid_browser. | 2022-02-14 | not yet calculated | CVE-2021-45310 MISC |
sante — dicom_viewer_pro | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. Crafted data in a J2K file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15076. | 2022-02-18 | not yet calculated | CVE-2022-24056 MISC |
sante — dicom_viewer_pro | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 13.2.0.21165. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15104. | 2022-02-18 | not yet calculated | CVE-2022-24062 MISC |
sante — dicom_viewer_pro | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. Crafted data in a J2K file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15095. | 2022-02-18 | not yet calculated | CVE-2022-24058 MISC |
sante — dicom_viewer_pro | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. Crafted data in a DCM file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process Was ZDI-CAN-15098. | 2022-02-18 | not yet calculated | CVE-2022-24059 MISC |
sante — dicom_viewer_pro | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. Crafted data in a DCM file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15099. | 2022-02-18 | not yet calculated | CVE-2022-24060 MISC |
sante — dicom_viewer_pro | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15100. | 2022-02-18 | not yet calculated | CVE-2022-24061 MISC |
sante — dicom_viewer_pro | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 13.2.0.21165. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15105. | 2022-02-18 | not yet calculated | CVE-2022-24063 MISC |
sante — dicom_viewer_pro | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. Crafted data in a J2K file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15077. | 2022-02-18 | not yet calculated | CVE-2022-24057 MISC |
sante — dicom_viewer_pro | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14972. | 2022-02-18 | not yet calculated | CVE-2022-24055 MISC |
sante — dicom_viewer_pro |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 11.8.8.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15161. | 2022-02-18 | not yet calculated | CVE-2022-24064 MISC |
sas — web_report_studio |
SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfs_request_backlabel_list and saspfs_request_backurl_list. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing the button, e.g., a malicious web page. In addition, the second parameter executes JavaScript, which means XSS is possible by adding a javascript: URL. | 2022-02-19 | not yet calculated | CVE-2022-25256 MISC MISC |
scoold — scoold |
Scoold 1.47.2 is a Q&A/knowledge base platform written in Java. When writing a Q&A, the markdown editor is vulnerable to a XSS attack when using uppercase letters. | 2022-02-18 | not yet calculated | CVE-2021-46372 MISC |
scratchverifier — scratchoauth2 | An issue in SOA2Login::commented of ScratchOAuth2 before commit a91879bd58fa83b09283c0708a1864cdf067c64a allows attackers to authenticate as other users on downstream components that rely on ScratchOAuth2. | 2022-02-15 | not yet calculated | CVE-2021-46250 MISC |
scratchverifier — scratchoauth2 | A reflected cross-site scripting (XSS) in ScratchOAuth2 before commit 1603f04e44ef67dde6ccffe866d2dca16defb293 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. | 2022-02-15 | not yet calculated | CVE-2021-46251 MISC |
scratchverifier — scratchoauth2 |
An authorization bypass exploited by a user-controlled key in SpecificApps REST API in ScratchOAuth2 before commit d856dc704b2504cd3b92cf089fdd366dd40775d6 allows app owners to set flags that indicate whether an app is verified on their own apps. | 2022-02-15 | not yet calculated | CVE-2021-46249 MISC |
sendinblue — sendinblue |
The Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue WordPress plugin before 3.1.31 does not escape the lang and pid parameter before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues | 2022-02-14 | not yet calculated | CVE-2021-24874 MISC |
sha256crypt — sha512crypt |
sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm’s runtime is proportional to the square of the length of the password. | 2022-02-19 | not yet calculated | CVE-2016-20013 MISC MISC MISC |
showdoc — showdoc |
Unrestricted Upload of File with Dangerous Type in Packagist showdoc/showdoc prior to 2.10.2. | 2022-02-19 | not yet calculated | CVE-2022-0409 CONFIRM MISC |
sigstore — cosign |
Cosign provides container signing, verification, and storage in an OCI registry for the sigstore project. Prior to version 1.5.2, Cosign can be manipulated to claim that an entry for a signature exists in the Rekor transparency log even if it doesn’t. This requires the attacker to have pull and push permissions for the signature in OCI. This can happen with both standard signing with a keypair and “keyless signing” with Fulcio. If an attacker has access to the signature in OCI, they can manipulate cosign into believing the entry was stored in Rekor even though it wasn’t. The vulnerability has been patched in v1.5.2 of Cosign. The `signature` in the `signedEntryTimestamp` provided by Rekor is now compared to the `signature` that is being verified. If these don’t match, then an error is returned. If a valid bundle is copied to a different signature, verification should fail. Cosign output now only informs the user that certificates were verified if a certificate was in fact verified. There is currently no known workaround. | 2022-02-18 | not yet calculated | CVE-2022-23649 CONFIRM MISC |
simplelink — simplelink_solution_nwp |
An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of Texas Instruments CC3200 SimpleLink Solution NWP 2.9.0.0. A specially-crafted HTTP request can lead to an uninitialized read. An attacker can send an HTTP request to trigger this vulnerability. | 2022-02-16 | not yet calculated | CVE-2021-21966 MISC |
snapd — snapd | A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap’s private mount namespace and causing snap-confine to execute arbitrary code and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1 | 2022-02-17 | not yet calculated | CVE-2021-44731 MISC MLIST FEDORA FEDORA DEBIAN |
snapd — snapd |
snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions. This could allow a local attacker to read information that should have been private. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1 | 2022-02-17 | not yet calculated | CVE-2021-3155 MISC MISC MISC |
snapd — snapd |
snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1 | 2022-02-17 | not yet calculated | CVE-2021-44730 MISC MLIST FEDORA FEDORA DEBIAN |
snapd — snapd |
snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1 | 2022-02-17 | not yet calculated | CVE-2021-4120 MISC MISC MLIST FEDORA FEDORA |
snipe — snipe-it |
Exposure of Sensitive Information to an Unauthorized Actor in Packagist snipe/snipe-it prior to v5.3.9. | 2022-02-14 | not yet calculated | CVE-2022-0569 MISC CONFIRM |
snipe — snipe-it |
Improper Privilege Management in Packagist snipe/snipe-it prior to 5.3.11. | 2022-02-16 | not yet calculated | CVE-2022-0611 CONFIRM MISC |
snipe — snipe-it |
Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11. | 2022-02-17 | not yet calculated | CVE-2022-0622 CONFIRM MISC |
snipe — snipe-it |
Improper Privilege Management in Packagist snipe/snipe-it prior to 5.3.9. | 2022-02-14 | not yet calculated | CVE-2022-0579 CONFIRM MISC |
sonos — one_speaker |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos One Speaker prior to 3.4.1 (S2 systems) and 11.2.13 build 57923290 (S1 systems). Authentication is not required to exploit this vulnerability. The specific flaw exists within the ALAC audio codec. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15798. | 2022-02-18 | not yet calculated | CVE-2022-24049 MISC |
sonos — one_speaker |
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker prior to 3.4.1 (S2 systems) and 11.2.13 build 57923290 (S1 systems). Authentication is not required to exploit this vulnerability. The specific flaw exists within the anacapd daemon. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15828. | 2022-02-18 | not yet calculated | CVE-2022-24046 MISC |
sourcecodester — attendance_management_system |
An Arbitrary File Deletion vulnerability exists in SourceCodester Attendance Management System v1.0 via the csv parameter in admin/pageUploadCSV.php, which can cause a Denial of Service (crash). | 2022-02-14 | not yet calculated | CVE-2021-45348 MISC |
sourcegraph — sourcegraph | Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.37 is vulnerable to remote code execution in the `gitserver` service. The service acts as a git exec proxy, and fails to properly restrict calling `git config`. This allows an attacker to set the git `core.sshCommand` option, which sets git to use the specified command instead of ssh when they need to connect to a remote system. Exploitation of this vulnerability depends on how Sourcegraph is deployed. An attacker able to make HTTP requests to internal services like gitserver is able to exploit it. This issue is patched in Sourcegraph version 3.37. As a workaround, ensure that requests to gitserver are properly protected. | 2022-02-18 | not yet calculated | CVE-2022-23642 CONFIRM MISC |
sourcegraph — sourcegraph |
Sourcegraph is a code search and navigation engine. Sourcegraph versions 3.35 and 3.36 reintroduced a previously fixed side-channel vulnerabilitity in the Code Monitoring feature where strings in private source code could be guessed by an authenticated but unauthorized actor. This issue affects only the Code Monitoring feature, whereas CVE-2021-43823 also affected saved searches. A successful attack would require an authenticated bad actor to create many Code Monitors to receive confirmation that a specific string exists. This could allow an attacker to guess formatted tokens in source code, such as API keys. This issue was patched in versions 3.35.2 and 3.36.3 of Sourcegraph. Those who are unable to upgrade may disable the Code Monitor feature in their installation. | 2022-02-15 | not yet calculated | CVE-2022-23643 CONFIRM MISC |
splashtop — remote_client |
Splashtop Remote Client (Business Edition) through 3.4.8.3 creates a Temporary File in a Directory with Insecure Permissions. | 2022-02-15 | not yet calculated | CVE-2021-42714 MISC MISC |
splashtop — remote_client |
Splashtop Remote Client (Personal Edition) through 3.4.6.1 creates a Temporary File in a Directory with Insecure Permissions. | 2022-02-15 | not yet calculated | CVE-2021-42713 MISC MISC |
splashtop — streamer |
Splashtop Streamer through 3.4.8.3 creates a Temporary File in a Directory with Insecure Permissions. | 2022-02-15 | not yet calculated | CVE-2021-42712 MISC MISC |
sprinfall — webcc |
This affects the package sprinfall/webcc before 0.3.0. It is possible to traverse directories to fetch arbitrary files from the server. | 2022-02-18 | not yet calculated | CVE-2022-25298 MISC MISC |
sqlite_project — sqlite |
A Memory Leak vulnerabilty exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicous user obtain sensitive information.. | 2022-02-14 | not yet calculated | CVE-2021-45346 MISC |
svg-sanitizer — svg-sanitizer |
svg-sanitizer is a SVG/XML sanitizer written in PHP. A cross-site scripting vulnerability impacts all users of the `svg-sanitizer` library prior to version 0.15.0. This issue is fixed in version 0.15.0. There is currently no workaround available. | 2022-02-14 | not yet calculated | CVE-2022-23638 MISC CONFIRM |
svgpp_svg++_library — svgpp_svg++_library |
In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly, returning a null pointer in advance at the second if, resulting in a null pointer reference behind the renderDocument function. | 2022-02-15 | not yet calculated | CVE-2021-44960 MISC MISC |
swtpm — swtpm |
swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm’s state, where the blobheader’s hdrsize indicator has an invalid value, may cause an out-of-bounds access when the byte array representing the state of the TPM is accessed. This will likely crash swtpm or prevent it from starting since the state cannot be understood. Users should upgrade to swtpm v0.5.3, v0.6.2, or v0.7.1 to receive a patch. There are currently no known workarounds. | 2022-02-18 | not yet calculated | CVE-2022-23645 CONFIRM MISC MISC MISC MISC |
symantec — layer7_api_management_oauth_toolkit |
A reflected cross-site scripting (XSS) vulnerability in the Symantec Layer7 API Management OAuth Toolkit (OTK) allows a remote attacker to craft a malicious URL for the OTK web UI and target OTK users with phishing attacks or other social engineering techniques. A successful attack allows injecting malicious code into the OTK web UI client application. | 2022-02-18 | not yet calculated | CVE-2021-30650 MISC |
tenda — routers |
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiBasicCfg module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | 2022-02-15 | not yet calculated | CVE-2021-46321 MISC |
tenda — routers |
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wanBasicCfg module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | 2022-02-15 | not yet calculated | CVE-2021-46265 MISC |
tenda — routers |
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the onlineList module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | 2022-02-15 | not yet calculated | CVE-2021-46264 MISC |
tenda — routers |
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiTime module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | 2022-02-15 | not yet calculated | CVE-2021-46263 MISC |
tenda — routers |
A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code execution via shell metacharacters in the guestuser field to the __fastcall function with a POST request. | 2022-02-11 | not yet calculated | CVE-2020-26728 MISC MISC MISC |
tenda — routers |
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the PPPoE module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | 2022-02-15 | not yet calculated | CVE-2021-46262 MISC |
tenda — routers |
A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49_multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled “deviceName” value is passed directly to the “doSystemCmd” function. | 2022-02-18 | not yet calculated | CVE-2021-45401 MISC |
tenda — routers |
A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in page /goform/setIPv6Status via the prefixDelegate parameter, which causes a Denial of Service. | 2022-02-14 | not yet calculated | CVE-2021-45392 MISC MISC MISC MISC |
tenda — routers |
A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in the goform/setIPv6Status binary file /usr/sbin/httpd via the conType parameter, which causes a Denial of Service. | 2022-02-16 | not yet calculated | CVE-2021-45391 MISC MISC MISC MISC |
termtalk_server — termtalk_server |
A Directory Traversal vulnerability exists in Solari di Udine TermTalk Server (TTServer) 3.24.0.2, which lets an unauthenticated malicious user gain access to the files on the remote system by gaining access to the relative path of the file they want to download (http://url:port/file?valore). | 2022-02-15 | not yet calculated | CVE-2021-35380 MISC MISC |
tibco — auditsafe |
The Web Server component of TIBCO Software Inc.’s TIBCO AuditSafe contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to execute API methods on the affected system. Affected releases are TIBCO Software Inc.’s TIBCO AuditSafe: versions 1.1.0 and below. | 2022-02-15 | not yet calculated | CVE-2022-22770 CONFIRM |
tibco — businessconnect_container_edition |
The Database component of TIBCO Software Inc.’s TIBCO BusinessConnect Container Edition contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to obtain the usernames and passwords of users of the affected system. Affected releases are TIBCO Software Inc.’s TIBCO BusinessConnect Container Edition: versions 1.1.0 and below. | 2022-02-15 | not yet calculated | CVE-2021-43049 CONFIRM CONFIRM |
tibco — businessconnect_container_edition |
The Auth Server component of TIBCO Software Inc.’s TIBCO BusinessConnect Container Edition contains an easily exploitable vulnerability that allows an unauthenticated attacker with local access to obtain administrative usernames and passwords for the affected system. Affected releases are TIBCO Software Inc.’s TIBCO BusinessConnect Container Edition: versions 1.1.0 and below. | 2022-02-15 | not yet calculated | CVE-2021-43050 CONFIRM CONFIRM |
totolink — technology_routers | A command injection vulnerability in the function meshSlaveDlfw of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet. | 2022-02-19 | not yet calculated | CVE-2022-25132 MISC |
totolink — technology_routers | A command injection vulnerability in the function recvSlaveCloudCheckStatus of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet. | 2022-02-19 | not yet calculated | CVE-2022-25131 MISC |
totolink — technology_routers | A command injection vulnerability in the function setUpgradeFW of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet. | 2022-02-19 | not yet calculated | CVE-2022-25134 MISC |
totolink — technology_routers | A command injection vulnerability in the function updateWifiInfo of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet. | 2022-02-19 | not yet calculated | CVE-2022-25130 MISC |
totolink — technology_routers |
A command injection vulnerability in the function isAssocPriDevice of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet. | 2022-02-19 | not yet calculated | CVE-2022-25133 MISC |
totolink — technology_routers |
A command injection vulnerability in the function meshSlaveUpdate of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet. | 2022-02-19 | not yet calculated | CVE-2022-25136 MISC |
totolink — technology_routers |
A command injection vulnerability in the function recv_mesh_info_sync of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet. | 2022-02-19 | not yet calculated | CVE-2022-25135 MISC |
totolink — technology_routers |
A command injection vulnerability in the function recvSlaveUpgstatus of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet. | 2022-02-19 | not yet calculated | CVE-2022-25137 MISC |
toword_of_tooffice — toword_of_tooffice |
An improper input validation leading to arbitrary file creation was discovered in ToWord of ToOffice. Remote attackers use this vulnerability to execute arbitrary file included malicious code. | 2022-02-18 | not yet calculated | CVE-2021-26618 MISC |
tp-link — routers |
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 prior to 1.1.4 Build 20211022 rel.59103(5553) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB.ko module. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15835. | 2022-02-18 | not yet calculated | CVE-2022-24354 MISC |
tp-link — routers |
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n (5553) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of file name extensions. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13910. | 2022-02-18 | not yet calculated | CVE-2022-24355 MISC |
tp-link — wi-fi_range_extender |
TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable and easily detectable session keys, allowing attackers to gain administrative privileges. | 2022-02-18 | not yet calculated | CVE-2022-22922 MISC MISC |
traefik — traefik |
Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.6.1, Traefik skips the router transport layer security (TLS) configuration when the host header is a fully qualified domain name (FQDN). For a request, the TLS configuration choice can be different than the router choice, which implies the use of a wrong TLS configuration. When sending a request using FQDN handled by a router configured with a dedicated TLS configuration, the TLS configuration falls back to the default configuration that might not correspond to the configured one. If the CNAME flattening is enabled, the selected TLS configuration is the SNI one and the routing uses the CNAME value, so this can skip the expected TLS configuration. Version 2.6.1 contains a patch for this issue. As a workaround, one may add the FDQN to the host rule. However, there is no workaround if the CNAME flattening is enabled. | 2022-02-17 | not yet calculated | CVE-2022-23632 CONFIRM MISC MISC |
trigone — remote_system_monitor |
TRIGONE Remote System Monitor 3.61 is vulnerable to an unquoted path service allowing local users to launch processes with elevated privileges. | 2022-02-17 | not yet calculated | CVE-2021-46368 MISC MISC |
twentysix — x26-cogs |
x26-Cogs is a repository of cogs made by Twentysix for the Red Discord bot. Among these cogs is the Defender cog, a tool for Discord server moderation. A vulnerability in the Defender cog prior to version 1.10.0 allows users with admin privileges to issue commands as other users who share the same server. If a bot owner shares the same server as the attacker, it is possible for the attacker to issue bot-owner restricted commands. The issue has been patched in version 1.10.0. One may unload the Defender cog as a workaround. | 2022-02-15 | not yet calculated | CVE-2022-23604 MISC MISC CONFIRM |
typo3 — typo3 | An issue was discovered in the Varnishcache extension before 2.0.1 for TYPO3. The Edge Site Includes (ESI) content element renderer component does not include an access check. This allows an unauthenticated user to render various content elements, resulting in insecure direct object reference (IDOR), with the potential of exposing internal content elements. | 2022-02-19 | not yet calculated | CVE-2022-24979 CONFIRM MISC |
typo3 — typo3 |
An issue was discovered in the Kitodo.Presentation (aka dif) extension before 2.3.2, 3.x before 3.2.3, and 3.3.x before 3.3.4 for TYPO3. A missing access check in an eID script allows an unauthenticated user to submit arbitrary URLs to this component. This results in SSRF, allowing attackers to view the content of any file or webpage the webserver has access to. | 2022-02-19 | not yet calculated | CVE-2022-24980 CONFIRM MISC |
valmet — dna |
A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517, allows an attacker to execute commands with SYSTEM privileges This issue affects: Valmet DNA versions from Collection 2012 until Collection 2021. | 2022-02-16 | not yet calculated | CVE-2021-26726 CONFIRM MISC |
vercel — next.js |
Next.js is a React framework. Starting with version 10.0.0 and prior to version 12.1.0, Next.js is vulnerable to User Interface (UI) Misrepresentation of Critical Information. In order to be affected, the `next.config.js` file must have an `images.domains` array assigned and the image host assigned in `images.domains` must allow user-provided SVG. If the `next.config.js` file has `images.loader` assigned to something other than default, the instance is not affected. Version 12.1.0 contains a patch for this issue. As a workaround, change `next.config.js` to use a different `loader configuration` other than the default. | 2022-02-17 | not yet calculated | CVE-2022-23646 CONFIRM MISC MISC |
vim — vim |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | 2022-02-14 | not yet calculated | CVE-2022-0572 CONFIRM MISC FEDORA |
vim — vim |
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | 2022-02-17 | not yet calculated | CVE-2022-0629 MISC CONFIRM |
vmware — esxi |
ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor with network access to ESXi may exploit this issue to create a denial-of-service condition by overwhelming rhttpproxy service with multiple requests. | 2022-02-16 | not yet calculated | CVE-2021-22050 MISC |
vmware — multiple_products |
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine’s VMX process running on the host. | 2022-02-16 | not yet calculated | CVE-2021-22040 MISC |
vmware — multiple_products |
VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged user. | 2022-02-16 | not yet calculated | CVE-2021-22042 MISC |
vmware — multiple_products |
VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerability that exists in the way temporary files are handled. A malicious actor with access to settingsd, may exploit this issue to escalate their privileges by writing arbitrary files. | 2022-02-16 | not yet calculated | CVE-2021-22043 MISC |
vmware — multiple_products |
VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine’s VMX process running on the host. | 2022-02-16 | not yet calculated | CVE-2021-22041 MISC |
vmware — nsx_edge |
VMware NSX Edge contains a CLI shell injection vulnerability. A malicious actor with SSH access to an NSX-Edge appliance can execute arbitrary commands on the operating system as root. | 2022-02-16 | not yet calculated | CVE-2022-22945 MISC |
vscode-xml — vscode-xml |
A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF or DoS via a large file. | 2022-02-18 | not yet calculated | CVE-2022-0671 MISC MISC |
wago — firmware |
WAGO 750-8212 PFC200 G2 2ETH RS Firmware version 03.05.10(17) is affected by a privilege escalation vulnerability. Improper handling of user cookies leads to escalating privileges to administrative account of the router. | 2022-02-16 | not yet calculated | CVE-2021-46388 MISC |
wasmtime — wasmtime |
Wasmtime is an open source runtime for WebAssembly & WASI. Prior to versions 0.34.1 and 0.33.1, there exists a bug in the pooling instance allocator in Wasmtime’s runtime where a failure to instantiate an instance for a module that defines an `externref` global will result in an invalid drop of a `VMExternRef` via an uninitialized pointer. A number of conditions listed in the GitHub Security Advisory must be true in order for an instance to be vulnerable to this issue. Maintainers believe that the effective impact of this bug is relatively small because the usage of `externref` is still uncommon and without a resource limiter configured on the `Store`, which is not the default configuration, it is only possible to trigger the bug from an error returned by `mprotect` or `VirtualAlloc`. Note that on Linux with the `uffd` feature enabled, it is only possible to trigger the bug from a resource limiter as the call to `mprotect` is skipped. The bug has been fixed in 0.34.1 and 0.33.1 and users are encouraged to upgrade as soon as possible. If it is not possible to upgrade to version 0.34.1 or 0.33.1 of the `wasmtime` crate, it is recommend that support for the reference types proposal be disabled by passing `false` to `Config::wasm_reference_types`. Doing so will prevent modules that use `externref` from being loaded entirely. | 2022-02-16 | not yet calculated | CVE-2022-23636 CONFIRM MISC |
wikidocs — wikidocs | WikiDocs version 0.1.18 has multiple reflected XSS vulnerabilities on different pages. | 2022-02-19 | not yet calculated | CVE-2022-23376 MISC MISC MISC MISC |
wikidocs — wikidocs |
WikiDocs version 0.1.18 has an authenticated remote code execution vulnerability. An attacker can upload a malicious file using the image upload form through index.php. | 2022-02-19 | not yet calculated | CVE-2022-23375 MISC MISC MISC MISC |
wireguard — wireguard |
Netmaker is a platform for creating and managing virtual overlay networks using WireGuard. Prior to versions 0.8.5, 0.9.4, and 010.0, there is a hard-coded cryptographic key in the code base which can be exploited to run admin commands on a remote server if the exploiter know the address and username of the admin. This effects the server (netmaker) component, and not clients. This has been patched in Netmaker v0.8.5, v0.9.4, and v0.10.0. There are currently no known workarounds. | 2022-02-18 | not yet calculated | CVE-2022-23650 MISC MISC MISC CONFIRM |
wireshark — wireshark | Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file | 2022-02-14 | not yet calculated | CVE-2022-0583 CONFIRM MISC MISC |
wireshark — wireshark | Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file | 2022-02-14 | not yet calculated | CVE-2022-0582 MISC MISC CONFIRM |
wireshark — wireshark | Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file | 2022-02-14 | not yet calculated | CVE-2022-0581 MISC MISC CONFIRM |
wireshark — wireshark | Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file | 2022-02-18 | not yet calculated | CVE-2022-0585 CONFIRM MISC |
wireshark — wireshark |
Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file | 2022-02-14 | not yet calculated | CVE-2022-0586 MISC MISC CONFIRM |
wordpress_newsletter — wordpress_newsletter |
The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue | 2022-02-14 | not yet calculated | CVE-2021-25033 CONFIRM MISC |
wp_statistics — wp_statistics |
The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the exclusion_reason parameter found in the ~/includes/class-wp-statistics-exclusion.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain sensitive information, in versions up to and including 13.1.4. This requires the “Record Exclusions” option to be enabled on the vulnerable site. | 2022-02-16 | not yet calculated | CVE-2022-0513 MISC MISC |
xerox — phaser |
Xerox Phaser 4622 v35.013.01.000 was discovered to contain a buffer overflow in the function sub_3226AC via the TIMEZONE variable. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | 2022-02-15 | not yet calculated | CVE-2021-37354 MISC |
zerof — web_server |
ZEROF Web Server 2.0 allows /HandleEvent SQL Injection. | 2022-02-18 | not yet calculated | CVE-2022-25322 MISC MISC |
zerof — web_server |
ZEROF Web Server 2.0 allows /admin.back XSS. | 2022-02-18 | not yet calculated | CVE-2022-25323 MISC MISC |
zsh — zsh |
In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion. | 2022-02-14 | not yet calculated | CVE-2021-45444 MISC MISC FEDORA DEBIAN MLIST |
zzcms — zzcms |
An Incorrect Access Control vulnerability exists in zzcms 8.2, which lets a malicious user bypass authentication by changing the user name in the cookie to use any password. | 2022-02-14 | not yet calculated | CVE-2021-45347 MISC |
This product is provided subject to this Notification and this Privacy & Use policy.
Please share your thoughts.
CISA recently updated an anonymous product survey;they’d welcome your feedback.