US-CERT Bulletin (SB22-213):Vulnerability Summary for the Week of July 25, 2022
Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
High Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
There were no high vulnerabilities recorded this week. |
Medium Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
There were no medium vulnerabilities recorded this week. |
Low Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
There were no low vulnerabilities recorded this week. |
Severity Not Yet Assigned
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
@ianwalter/merge — @ianwalter/merge |
All versions of package @ianwalter/merge are vulnerable to Prototype Pollution via the main (merge) function. Maintainer suggests using @generates/merger instead. | 2022-07-25 | not yet calculated | CVE-2021-23397 CONFIRM |
adobe — acrobat_reader | Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 20.005.30334 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-27 | not yet calculated | CVE-2022-35669 MISC |
adobe — acrobat_reader | Adobe Acrobat Reader version 22.001.20085 (and earlier), 20.005.30314 (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-27 | not yet calculated | CVE-2022-35672 MISC |
advantech — iview | The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized attacker to disclose information | 2022-07-22 | not yet calculated | CVE-2022-2137 MISC |
advantech — iview | The affected product is vulnerable to directory traversal, which may allow an attacker to access unauthorized files and execute arbitrary code. | 2022-07-22 | not yet calculated | CVE-2022-2139 MISC |
advantech — iview | The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition. | 2022-07-22 | not yet calculated | CVE-2022-2138 MISC |
advantech — iview | The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information. | 2022-07-22 | not yet calculated | CVE-2022-2136 MISC |
advantech — iview | The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose information. | 2022-07-22 | not yet calculated | CVE-2022-2142 MISC |
advantech — iview | The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information. | 2022-07-22 | not yet calculated | CVE-2022-2135 MISC |
advantech — iview | The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code. | 2022-07-22 | not yet calculated | CVE-2022-2143 MISC |
amazon — amazon_workspaces | When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM (Man in the Middle) between a zero client and AWS session provisioner in the network. This issue is only applicable when connecting to an Amazon Workspace from a PCoIP Zero Client. | 2022-07-28 | not yet calculated | CVE-2022-1805 MISC |
anvsoft — pdfmate_pdf_converter_pro | A vulnerability has been found in Anvsoft PDFMate PDF Converter Pro 1.7.5.0 and classified as critical. The manipulation leads to memory corruption. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-24 | not yet calculated | CVE-2017-20144 MISC MISC |
apache — calcite_avatica_jdbc_driver |
Apache Calcite Avatica JDBC driver creates HTTP client instances based on class names provided via `httpclient_impl` connection property; however, the driver does not verify if the class implements the expected interface before instantiating it, which can lead to code execution loaded via arbitrary classes and in rare cases remote code execution. To exploit the vulnerability: 1) the attacker needs to have privileges to control JDBC connection parameters; 2) and there should be a vulnerable class (constructor with URL parameter and ability to execute code) in the classpath. From Apache Calcite Avatica 1.22.0 onwards, it will be verified that the class implements the expected interface before invoking its constructor. | 2022-07-28 | not yet calculated | CVE-2022-36364 MISC MLIST |
apache — mxnet |
A regular expression used in Apache MXNet (incubating) is vulnerable to a potential denial-of-service by excessive resource consumption. The bug could be exploited when loading a model in Apache MXNet that has a specially crafted operator name that would cause the regular expression evaluation to use excessive resources to attempt a match. This issue affects Apache MXNet versions prior to 1.9.1. | 2022-07-24 | not yet calculated | CVE-2022-24294 MISC MLIST |
artica — pandora_fms |
In Pandora FMS v7.0NG.761 and below, in the file manager section, the dirname parameter is vulnerable to a Stored Cross Site-Scripting. This vulnerability can be exploited by an attacker with administrator privileges logged in the system. | 2022-07-25 | not yet calculated | CVE-2022-2032 CONFIRM CONFIRM |
artica — pandora_fms |
In Pandora FMS v7.0NG.761 and below, in the agent creation section, the alias parameter is vulnerable to a Stored Cross Site-Scripting. This vulnerability can be exploited by an attacker with administrator privileges logged in the system. | 2022-07-25 | not yet calculated | CVE-2022-2059 MISC |
artica — pandora_fms |
Pandora FMS v7.0NG.760 and below allows a relative path traversal in File Manager where a privileged user could upload a .php file outside the intended images directory which is restricted to execute the .php file. The impact could lead to a Remote Code Execution with running application privilege. | 2022-07-26 | not yet calculated | CVE-2022-1648 CONFIRM CONFIRM |
atlantis — atlantis |
The package github.com/runatlantis/atlantis/server/controllers/events before 0.19.7 are vulnerable to Timing Attack in the webhook event validator code, which does not use a constant-time comparison function to validate the webhook secret. It can allow an attacker to recover this secret as an attacker and then forge webhook events. | 2022-07-29 | not yet calculated | CVE-2022-24912 CONFIRM CONFIRM CONFIRM |
atlassian — confluence_server_and_data_center | The Livesearch macro in Confluence Server and Data Center before version 7.4.5, from version 7.5.0 before 7.6.3, and from version 7.7.0 before version 7.7.4 allows remote attackers with permission to edit a page or blog to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the page excerpt functionality. | 2022-07-26 | not yet calculated | CVE-2020-36290 MISC |
atlassian — jira | Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability in the CSV importing feature of JSM Insight. When running in an environment like Amazon EC2, this flaw may be used to access to a metadata resource that provides access credentials and other potentially confidential information. The affected versions are before version 4.13.20, from version 4.14.0 before 4.20.8, and from version 4.21.0 before 4.22.2. | 2022-07-26 | not yet calculated | CVE-2021-43959 N/A |
atos_unify — openscape | An issue was discovered in Atos Unify OpenScape SBC 9 and 10 before 10R2.2.1, Atos Unify OpenScape Branch 9 and 10 before version 10R2.1.1, and Atos Unify OpenScape BCF 10 before 10R9.12.1. A remote code execution vulnerability may allow an unauthenticated attacker (with network access to the admin interface) to disrupt system availability or potentially compromise the confidentiality and integrity of the system. | 2022-07-25 | not yet calculated | CVE-2022-36444 MISC |
autodesk — autocad_2023 | Parsing a maliciously crafted PRT file can force Autodesk AutoCAD 2023 to read beyond allocated boundaries. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | 2022-07-29 | not yet calculated | CVE-2022-33881 MISC |
autodesk — autodesk_design_review | A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. | 2022-07-29 | not yet calculated | CVE-2022-27864 MISC |
autodesk — autodesk_design_review | A maliciously crafted TIFF file when consumed through DesignReview.exe application can be forced to read beyond allocated boundaries when parsing the TIFF file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | 2022-07-29 | not yet calculated | CVE-2022-27866 MISC |
autodesk — autodesk_design_review | A maliciously crafted TGA or PCX file may be used to write beyond the allocated buffer through DesignReview.exe application while parsing TGA and PCX files. This vulnerability may be exploited to execute arbitrary code. | 2022-07-29 | not yet calculated | CVE-2022-27865 MISC |
autodesk — autodesk_fusion_360_document_parser | An attacker can force the victim’s device to perform arbitrary HTTP requests in WAN through a malicious SVG file being parsed by Autodesk Fusion 360’s document parser. The vulnerability exists in the application’s ‘Insert SVG’ procedure. An attacker can also leverage this vulnerability to obtain victim’s public IP and possibly other sensitive information. | 2022-07-29 | not yet calculated | CVE-2022-27873 MISC |
automattic — automattic/mongoose | Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6. | 2022-07-28 | not yet calculated | CVE-2022-2564 CONFIRM MISC |
aveva — platform_common_services_portal | AVEVA Software Platform Common Services (PCS) Portal versions 4.5.2, 4.5.1, 4.5.0, and 4.4.6 are vulnerable to DLL hijacking through an uncontrolled search path element, which may allow an attacker control to one or more locations in the search path. | 2022-07-27 | not yet calculated | CVE-2021-38410 CONFIRM CONFIRM |
bently_nevada — bently_nevada_2700_series_of_condition_monitoring_equipment | The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented, hardcoded credentials. An attacker capable of connecting to this interface can thus trivially take over its functionality. | 2022-07-26 | not yet calculated | CVE-2022-29953 MISC MISC |
bently_nevada — condition_monitoring_equipment | Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols (60005/TCP, 60007/TCP) for communications between the monitoring controller and System 1 and/or Bently Nevada Monitor Configuration (BNMC) software. These protocols provide configuration management and historical data related functionality. Neither protocol has any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality. | 2022-07-26 | not yet calculated | CVE-2022-29952 MISC MISC |
caddyserver — caddy | An out-of-bounds read in the rewrite function at /modules/caddyhttp/rewrite/rewrite.go in Caddy v2.5.1 allows attackers to cause a Denial of Service (DoS) via a crafted URI. | 2022-07-22 | not yet calculated | CVE-2022-34037 MISC |
ceph — ceph | A flaw was found in Openstack manilla owning a Ceph File system “share”, which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the “volumes” plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2. | 2022-07-25 | not yet calculated | CVE-2022-0670 MISC FEDORA |
cesanta — mjs | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in json_parse_array() in mjs.c. | 2022-07-26 | not yet calculated | CVE-2021-33438 MISC MISC |
cesanta — mjs | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_commit() in mjs.c. | 2022-07-26 | not yet calculated | CVE-2021-33440 MISC MISC |
cesanta — mjs | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_part_get_by_offset() in mjs.c. | 2022-07-26 | not yet calculated | CVE-2021-33449 MISC MISC |
cesanta — mjs | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is Integer overflow in gc_compact_strings() in mjs.c. | 2022-07-26 | not yet calculated | CVE-2021-33439 MISC MISC |
cesanta — mjs | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_print() in mjs.c. | 2022-07-26 | not yet calculated | CVE-2021-33447 MISC MISC |
cesanta — mjs | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_next() in mjs.c. | 2022-07-26 | not yet calculated | CVE-2021-33446 MISC MISC |
cesanta — mjs | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in getprop_builtin_foreign() in mjs.c. | 2022-07-26 | not yet calculated | CVE-2021-33444 MISC MISC |
cesanta — mjs | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_string_char_code_at() in mjs.c. | 2022-07-26 | not yet calculated | CVE-2021-33445 MISC MISC |
cesanta — mjs | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in json_printf() in mjs.c. | 2022-07-26 | not yet calculated | CVE-2021-33442 MISC MISC |
cesanta — mjs | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in exec_expr() in mjs.c. | 2022-07-26 | not yet calculated | CVE-2021-33441 MISC MISC |
cesanta — mjs | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There are memory leaks in frozen_cb() in mjs.c. | 2022-07-26 | not yet calculated | CVE-2021-33437 MISC MISC |
cesanta — mjs | An issue was discovered in mjs(mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow at 0x7fffe9049390. | 2022-07-26 | not yet calculated | CVE-2021-33448 MISC MISC |
cesanta — mjs | An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in mjs_execute() in mjs.c. | 2022-07-26 | not yet calculated | CVE-2021-33443 MISC MISC |
chia_network — cat1_standard | An inflation issue was discovered in Chia Network CAT1 Standard 1.0.0. Previously minted tokens minted on the Chia blockchain using the CAT1 standard can be inflated to an arbitrary extent by any holder of any amount of the token. The total amount of the token can be increased as high as the malicious actor pleases. This is true for every CAT1 on the Chia blockchain regardless of issuance rules. This attack is auditable on chain, so maliciously altered coins can potentially be marked by off-chain observers as malicious. | 2022-07-29 | not yet calculated | CVE-2022-36447 MISC MISC |
cisco — iot_control_center | A vulnerability in the web-based management interface of Cisco IoT Control Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. | 2022-07-22 | not yet calculated | CVE-2022-20916 CISCO |
cisco — multiple_cisco_small_business_routers | Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20903 CISCO |
cisco — multiple_cisco_small_business_routers | Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20892 CISCO |
cisco — multiple_cisco_small_business_routers | Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20899 CISCO |
cisco — multiple_cisco_small_business_routers | Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20896 CISCO |
cisco — multiple_cisco_small_business_routers | Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20894 CISCO |
cisco — multiple_cisco_small_business_routers | Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20912 CISCO |
cisco — multiple_cisco_small_business_routers | Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20911 CISCO |
cisco — multiple_cisco_small_business_routers | Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20910 CISCO |
cisco — multiple_cisco_small_business_routers | Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20897 CISCO |
cisco — multiple_cisco_small_business_routers | Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20893 CISCO |
cisco — multiple_cisco_small_business_routers | Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20904 CISCO |
cisco — multiple_cisco_small_business_routers | Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20900 CISCO |
cisco — multiple_cisco_small_business_routers | Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20898 CISCO |
cisco — multiple_cisco_small_business_routers | Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20901 CISCO |
cisco — multiple_cisco_small_business_routers | Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20895 CISCO |
cisco — multiple_cisco_small_business_routers | Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20902 CISCO |
cisco — nexus_dashboard | Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device. | 2022-07-22 | not yet calculated | CVE-2022-20909 CISCO |
cisco — nexus_dashboard | Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device. | 2022-07-22 | not yet calculated | CVE-2022-20907 CISCO |
cisco — nexus_dashboard | A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to insufficient input validation in the web-based management interface of Cisco Nexus Dashboard. An attacker with Administrator credentials could exploit this vulnerability by uploading a crafted file. A successful exploit could allow the attacker to overwrite arbitrary files on an affected device. | 2022-07-22 | not yet calculated | CVE-2022-20913 CISCO |
cisco — nexus_dashboard | Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device. | 2022-07-22 | not yet calculated | CVE-2022-20906 CISCO |
cisco — nexus_dashboard | Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device. | 2022-07-22 | not yet calculated | CVE-2022-20908 CISCO |
citrix — multiple_products | Unauthenticated redirection to a malicious website | 2022-07-28 | not yet calculated | CVE-2022-27509 MISC |
cloudflare — warp | By using warp-cli subcommands (disable-ethernet, disable-wifi), it was possible for a user without admin privileges to bypass configured Zero Trust security policies (e.g. Secure Web Gateway policies) and features such as ‘Lock WARP switch’. | 2022-07-26 | not yet calculated | CVE-2022-2225 MISC |
clusterlabs — booth | The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster. | 2022-07-28 | not yet calculated | CVE-2022-2553 MISC DEBIAN |
communilink — clink_office | CommuniLink Internet Limited CLink Office v2.0 was discovered to contain multiple SQL injection vulnerabilities via the username and password parameters. | 2022-07-25 | not yet calculated | CVE-2022-29709 MISC MISC MISC |
conf_cfg_ini — conf_cfg_ini |
This affects the package conf-cfg-ini before 1.2.2. If an attacker submits a malicious INI file to an application that parses it with decode, they will pollute the prototype on the application. This can be exploited further depending on the context. | 2022-07-25 | not yet calculated | CVE-2020-28441 CONFIRM CONFIRM |
convert-svg-core_project — convert-svg-core | The package convert-svg-core before 0.6.2 are vulnerable to Remote Code Injection via sending an SVG file containing the payload. | 2022-07-22 | not yet calculated | CVE-2022-25759 CONFIRM CONFIRM CONFIRM CONFIRM |
cuppa_cms — cuppa_cms | Cuppa CMS v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the component /templates/default/html/windows/right.php. | 2022-07-27 | not yet calculated | CVE-2022-34121 MISC MISC |
dataease — dataease | Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId. | 2022-07-22 | not yet calculated | CVE-2022-34115 MISC |
dataease — dataease | An access control issue in the component /api/plugin/uninstall Dataease v1.11.1 allows attackers to arbitrarily uninstall the plugin, a right normally reserved for the administrator. | 2022-07-22 | not yet calculated | CVE-2022-34112 MISC |
dataease — dataease | Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId. | 2022-07-22 | not yet calculated | CVE-2022-34114 MISC |
dataease — dataease | An issue in the component /api/plugin/upload of Dataease v1.11.1 allows attackers to execute arbitrary code via a crafted plugin. | 2022-07-22 | not yet calculated | CVE-2022-34113 MISC |
dedecms — dedecms |
DedeCMS v5.7.95 was discovered to contain a remote code execution (RCE) vulnerability via the component mytag_ main.php. | 2022-07-29 | not yet calculated | CVE-2022-34531 MISC |
deferred-exec_project — deferred-exec | This affects all versions of package deferred-exec. The injection point is located in line 42 in lib/deferred-exec.js | 2022-07-25 | not yet calculated | CVE-2020-28438 CONFIRM |
django-rest-framework — django_rest_framework | Django REST framework (aka django-rest-framework) before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping. | 2022-07-23 | not yet calculated | CVE-2018-25045 MISC MISC MISC |
dlink_global — dsl-3782 | D-Link DSL-3782 v1.03 and below was discovered to contain a command injection vulnerability via the function byte_4C0160. | 2022-07-29 | not yet calculated | CVE-2022-34527 MISC MISC |
dlink_global — dsl-3782 | D-Link DSL-3782 v1.03 and below was discovered to contain a stack overflow via the function getAttrValue. | 2022-07-29 | not yet calculated | CVE-2022-34528 MISC MISC |
dogtag_pki — dogtag_pki | Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests. | 2022-07-29 | not yet calculated | CVE-2022-2414 MISC |
dptech — dptech_vpn | DPTech VPN v8.1.28.0 was discovered to contain an arbitrary file read vulnerability. | 2022-07-28 | not yet calculated | CVE-2022-34593 MISC |
emarketdesign — request_a_quote | The Request a Quote WordPress plugin through 2.3.7 does not sanitise and escape some of its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 2022-07-25 | not yet calculated | CVE-2022-2239 MISC |
emarketdesign — request_a_quote | The Request a Quote WordPress plugin through 2.3.7 does not validate uploaded CSV files, allowing unauthenticated users to attach a malicious CSV file to a quote, which could lead to a CSV injection once an admin download and open it | 2022-07-25 | not yet calculated | CVE-2022-2240 MISC |
emerson — emerson_deltav_distributed_control_system | The Emerson DeltaV Distributed Control System (DCS) through 2022-04-29 mishandles authentication. It utilizes several proprietary protocols for a wide variety of functionality. These protocols include Firmware upgrade (18508/TCP, 18518/TCP); Plug-and-Play (18510/UDP); Hawk services (18507/UDP); Management (18519/TCP); Cold restart (18512/UDP); SIS communications (12345/TCP); and Wireless Gateway Protocol (18515/UDP). None of these protocols have any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality. | 2022-07-26 | not yet calculated | CVE-2022-29957 MISC MISC |
emerson — emerson_openbsi | Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for the ControlWave and Bristol Babcock line of RTUs. DES with hardcoded cryptographic keys is used for protection of certain system credentials, engineering files, and sensitive utilities. | 2022-07-26 | not yet calculated | CVE-2022-29960 MISC MISC |
emerson – emerson_deltav_distributed_control_system_controllers_and_io_cards |
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. FTP has hardcoded credentials (but may often be disabled in production). This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350. | 2022-07-26 | not yet calculated | CVE-2022-29962 MISC MISC |
emerson – emerson_deltav_distributed_control_system_controllers_and_io_cards |
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. WIOC SSH provides access to a shell as root, DeltaV, or backup via hardcoded credentials. NOTE: this is different from CVE-2014-2350. | 2022-07-26 | not yet calculated | CVE-2022-29964 MISC MISC |
emerson – emerson_deltav_distributed_control_system_controllers_and_io_cards |
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. TELNET on port 18550 provides access to a root shell via hardcoded credentials. This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350. | 2022-07-26 | not yet calculated | CVE-2022-29963 MISC MISC |
emerson – emerson_deltav_distributed_control_system_controllers_and_io_cards |
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. Access to privileged operations on the maintenance port TELNET interface (23/TCP) on M-series and SIS (CSLS/LSNB/LSNG) nodes is controlled by means of utility passwords. These passwords are generated using a deterministic, insecure algorithm using a single seed value composed of a day/hour/minute timestamp with less than 16 bits of entropy. The seed value is fed through a lookup table and a series of permutation operations resulting in three different four-character passwords corresponding to different privilege levels. An attacker can easily reconstruct these passwords and thus gain access to privileged maintenance operations. NOTE: this is different from CVE-2014-2350. | 2022-07-26 | not yet calculated | CVE-2022-29965 MISC MISC |
eziod_project — eziod | The eziod package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party. | 2022-07-22 | not yet calculated | CVE-2022-34982 MISC MISC MISC |
f-secure — elements_endpoint_protection | A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aepack.dll component can crash the scanning engine. | 2022-07-22 | not yet calculated | CVE-2022-28879 MISC MISC |
f-secure — elements_endpoint_protection | A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed APK file it is possible that can crash the scanning engine. | 2022-07-22 | not yet calculated | CVE-2022-28878 MISC MISC |
fava_project — fava | The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim. | 2022-07-25 | not yet calculated | CVE-2022-2514 CONFIRM MISC |
fava_project — fava | Cross-site Scripting (XSS) – Reflected in GitHub repository beancount/fava prior to 1.22.2. | 2022-07-25 | not yet calculated | CVE-2022-2523 CONFIRM MISC |
feehi_cms — advertising_management_module |
An arbitrary file upload vulnerability in the Advertising Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary code via a crafted PHP file. | 2022-07-27 | not yet calculated | CVE-2022-34971 MISC |
ffmpeg-sdk_project — ffmpeg-sdk | This affects all versions of package ffmpeg-sdk. The injection point is located in line 9 in index.js. | 2022-07-25 | not yet calculated | CVE-2020-28435 CONFIRM |
filewave — filewave | An authentication bypass vulnerability exists in FileWave before 14.6.3 and 14.7.x before 14.7.2. Exploitation could allow an unauthenticated actor to gain access to the system with the highest authority possible and gain full control over the FileWave platform. | 2022-07-25 | not yet calculated | CVE-2022-34907 MISC MISC |
filewave — filewave | A hard-coded cryptographic key is used in FileWave before 14.6.3 and 14.7.x before 14.7.2. Exploitation could allow an unauthenticated actor to decrypt sensitive information saved in FileWave, and even send crafted requests. | 2022-07-25 | not yet calculated | CVE-2022-34906 MISC MISC |
fossil — xss_payload | Fossil 2.18 on Windows allows attackers to cause a denial of service (daemon crash) via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware. | 2022-07-28 | not yet calculated | CVE-2022-34009 MISC MISC |
framework_team_softwares — tiff_split | A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file. | 2022-07-29 | not yet calculated | CVE-2022-34526 MISC |
freehi — feehi_cms | A stored cross-site scripting (XSS) vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username field. | 2022-07-28 | not yet calculated | CVE-2022-34140 MISC MISC |
fruits_bazar — fruits_bazar | Fruits Bazar v1.0 was discovered to contain a SQL injection vulnerability via the recover_email parameter at user_password_recover.php. | 2022-07-26 | not yet calculated | CVE-2022-34989 MISC |
garage_management_system — garage_management_system | A vulnerability, which was classified as critical, has been found in SourceCodester Garage Management System 1.0. This issue affects some unknown processing of the file /php_action/createUser.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-07-29 | not yet calculated | CVE-2022-2578 MISC MISC |
garage_management_system — garage_management_system | A vulnerability, which was classified as problematic, was found in SourceCodester Garage Management System 1.0. Affected is an unknown function of the file /php_action/createUser.php. The manipulation of the argument userName with the input lala<img src=”” onerror=alert(1)> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2022-07-29 | not yet calculated | CVE-2022-2579 MISC MISC |
garage_management_system — garage_management_system | A vulnerability classified as critical was found in SourceCodester Garage Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument id with the input -2’%20UNION%20select%2011,user(),333,444–+ leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-07-29 | not yet calculated | CVE-2022-2577 MISC MISC |
git_archive — git_archive |
All versions of package git-archive are vulnerable to Command Injection via the exports function. | 2022-07-25 | not yet calculated | CVE-2020-28422 CONFIRM |
gitlab — gitlab |
An issue has been discovered in GitLab affecting all versions starting from 15.0 before 15.0.1. Missing validation of input used in quick actions allowed an attacker to exploit XSS by injecting HTML in contact details. | 2022-07-28 | not yet calculated | CVE-2022-1948 MISC CONFIRM MISC |
gnome — gnome_gdkpixbuf | GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit systems. | 2022-07-24 | not yet calculated | CVE-2021-46829 MISC MISC MISC MISC MISC MLIST MISC |
goanywhere — goanywhere_mft | A path traversal vulnerability exists within GoAnywhere MFT before 6.8.3 that utilize self-registration for the GoAnywhere Web Client. This vulnerability could potentially allow an external user who self-registers with a specific username and/or profile information to gain access to files at a higher directory level than intended. | 2022-07-27 | not yet calculated | CVE-2021-46830 MISC MISC |
google — android | EllieGrid Android Application version 3.4.1 is vulnerable to Code Injection. The application appears to evaluate user input as code (remote). | 2022-07-30 | not yet calculated | CVE-2022-30083 MISC |
google — chrome | Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1500 MISC MISC |
google — chrome | Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1499 MISC MISC |
google — chrome | Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1498 MISC MISC |
google — chrome | Inappropriate implementation in Input in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to spoof the contents of cross-origin websites via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1497 MISC MISC |
google — chrome | Use after free in File Manager in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. | 2022-07-26 | not yet calculated | CVE-2022-1496 MISC MISC |
google — chrome | Incorrect security UI in Downloads in Google Chrome on Android prior to 101.0.4951.41 allowed a remote attacker to spoof the APK downloads dialog via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1495 MISC MISC |
google — chrome | Use after free in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. | 2022-07-26 | not yet calculated | CVE-2022-1493 MISC MISC |
google — chrome | Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1492 MISC MISC |
google — chrome | Use after free in ANGLE in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1479 MISC MISC |
google — chrome | Use after free in Portals in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. | 2022-07-23 | not yet calculated | CVE-2022-1125 MISC MISC |
google — chrome | Inappropriate implementation in Web Contents in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1637 MISC MISC |
google — chrome | Use after free in QR Code Generator in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. | 2022-07-23 | not yet calculated | CVE-2022-1127 MISC MISC |
google — chrome | Use after free in Browser UI in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who had convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific user interactions. | 2022-07-26 | not yet calculated | CVE-2022-1634 MISC MISC |
google — chrome | Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1129 MISC MISC |
google — chrome | Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1364 MISC MISC |
google — chrome | Use after free in Browser Switcher in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1490 MISC MISC |
google — chrome | Inappropriate implementation in iframe in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1501 MISC MISC |
google — chrome | Use after free in Sharesheet in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions. | 2022-07-26 | not yet calculated | CVE-2022-1633 MISC MISC |
google — chrome | Out of bounds memory access in UI Shelf in Google Chrome on Chrome OS, Lacros prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific user interactions. | 2022-07-26 | not yet calculated | CVE-2022-1489 MISC MISC |
google — chrome | Use after free in ANGLE in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1639 MISC MISC |
google — chrome | Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1096 MISC MISC |
google — chrome | Use after free in Sharing in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1640 MISC MISC |
google — chrome | Use after free in Web UI Diagnostics in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interaction. | 2022-07-26 | not yet calculated | CVE-2022-1641 MISC MISC |
google — chrome | Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2008 MISC MISC |
google — chrome | Use after free in Bookmarks in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. | 2022-07-26 | not yet calculated | CVE-2022-1491 MISC MISC |
google — chrome | Use after free in Cast UI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1131 MISC MISC |
google — chrome | Use after free in Performance APIs in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1636 MISC MISC |
google — chrome | Inappropriate implementation in Extensions API in Google Chrome prior to 101.0.4951.41 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. | 2022-07-26 | not yet calculated | CVE-2022-1488 MISC MISC |
google — chrome | Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-22 | not yet calculated | CVE-2022-0978 MISC MISC |
google — chrome | Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions. | 2022-07-22 | not yet calculated | CVE-2022-0980 MISC MISC |
google — chrome | Use after free in Permission Prompts in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions. | 2022-07-26 | not yet calculated | CVE-2022-1635 MISC MISC |
google — chrome | Heap buffer overflow in V8 Internationalization in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1638 MISC MISC |
google — chrome | Insufficient data validation in Trusted Types in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass trusted types policy via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1494 MISC MISC |
google — chrome | Use after free in Vulkan in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1477 MISC MISC |
google — chrome | Use after free in regular expressions in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-25 | not yet calculated | CVE-2022-1310 MISC MISC |
google — chrome | Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 2022-07-25 | not yet calculated | CVE-2022-1309 MISC MISC |
google — chrome | Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | 2022-07-23 | not yet calculated | CVE-2022-1142 MISC MISC |
google — chrome | Use after free in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | 2022-07-23 | not yet calculated | CVE-2022-1144 MISC MISC |
google — chrome | Use after free in WebRTC Perf in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1133 MISC MISC |
google — chrome | Type confusion in V8 in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1134 MISC MISC |
google — chrome | Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | 2022-07-25 | not yet calculated | CVE-2022-1312 MISC MISC |
google — chrome | Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user gesture. | 2022-07-23 | not yet calculated | CVE-2022-1141 MISC MISC |
google — chrome | Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | 2022-07-23 | not yet calculated | CVE-2022-1143 MISC MISC |
google — chrome | Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1137 MISC MISC |
google — chrome | Inappropriate implementation in Resource Timing in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1146 MISC MISC |
google — chrome | Use after free in Shopping Cart in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via standard feature user interaction. | 2022-07-23 | not yet calculated | CVE-2022-1135 MISC MISC |
google — chrome | Use after free in Tab Strip in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific set of user gestures. | 2022-07-23 | not yet calculated | CVE-2022-1136 MISC MISC |
google — chrome | Type confusion in V8 in Google Chrome prior to 100.0.4896.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-25 | not yet calculated | CVE-2022-1232 MISC MISC |
google — chrome | Use after free in SwiftShader in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1478 MISC MISC |
google — chrome | Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1139 MISC MISC |
google — chrome | Use after free in Sharing in Google Chrome on Mac prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1481 MISC MISC |
google — chrome | Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device. | 2022-07-23 | not yet calculated | CVE-2022-1132 MISC MISC |
google — chrome | Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1138 MISC MISC |
google — chrome | Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interaction and profile destruction. | 2022-07-23 | not yet calculated | CVE-2022-1145 MISC MISC |
google — chrome | Use after free in Ozone in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via running a Wayland test. | 2022-07-26 | not yet calculated | CVE-2022-1487 MISC MISC |
google — chrome | Inappropriate implementation in WebGL in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1482 MISC MISC |
google — chrome | Insufficient validation of trust input in WebOTP in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to send arbitrary intents from any app via a malicious app. | 2022-07-23 | not yet calculated | CVE-2022-1130 MISC MISC |
google — chrome | Heap buffer overflow in WebGPU in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1483 MISC MISC |
google — chrome | Heap buffer overflow in Web UI Settings in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1484 MISC MISC |
google — chrome | Type confusion in V8 in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-25 | not yet calculated | CVE-2022-1314 MISC MISC |
google — chrome | Type confusion in V8 in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1486 MISC MISC |
google — chrome | Use after free in File System API in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-26 | not yet calculated | CVE-2022-1485 MISC MISC |
google — chrome | Use after free in BFCache in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-25 | not yet calculated | CVE-2022-1308 MISC MISC |
google — chrome | Inappropriate implementation in full screen in Google Chrome on Android prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 2022-07-25 | not yet calculated | CVE-2022-1307 MISC MISC |
google — chrome | Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 2022-07-25 | not yet calculated | CVE-2022-1306 MISC MISC |
google — chrome | Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-25 | not yet calculated | CVE-2022-1305 MISC MISC |
google — chrome | Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1128 MISC MISC |
google — chrome | Use after free in tab groups in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-25 | not yet calculated | CVE-2022-1313 MISC MISC |
google — chrome | Use after free in shell in Google Chrome on ChromeOS prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-25 | not yet calculated | CVE-2022-1311 MISC MISC |
google — chrome | Use after free in Safe Browsing in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | 2022-07-22 | not yet calculated | CVE-2022-0979 MISC MISC |
google — chrome |
Use after free in Service Worker API in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2480 MISC MISC |
google — chrome |
Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2479 MISC MISC |
google — chrome |
Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2164 MISC MISC FEDORA |
google — chrome |
Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2011 MISC MISC |
google — chrome |
Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2294 MISC MISC FEDORA MLIST FEDORA |
google — chrome |
Insufficient validation of untrusted input in Data Transfer in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass same origin policy via a crafted clipboard content. | 2022-07-27 | not yet calculated | CVE-2022-1867 MISC MISC |
google — chrome |
Inappropriate implementation in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. | 2022-07-27 | not yet calculated | CVE-2022-1868 MISC MISC |
google — chrome |
Heap buffer overflow in WebGL in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2415 MISC MISC |
google — chrome |
Use after free in Guest View in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2477 MISC MISC |
google — chrome |
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user’s local files via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2160 MISC MISC FEDORA |
google — chrome |
Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions. | 2022-07-28 | not yet calculated | CVE-2022-2296 MISC MISC FEDORA |
google — chrome |
Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2295 MISC MISC FEDORA |
google — chrome |
Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | 2022-07-28 | not yet calculated | CVE-2022-2165 MISC MISC FEDORA |
google — chrome |
Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53 allowed a remote attacker to bypass file system access via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2162 MISC MISC FEDORA |
google — chrome |
Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction. | 2022-07-28 | not yet calculated | CVE-2022-2163 MISC MISC FEDORA |
google — chrome |
Use after free in PDF in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2478 MISC MISC |
google — chrome |
Use after free in Views in Google Chrome prior to 103.0.5060.134 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via UI interaction. | 2022-07-28 | not yet calculated | CVE-2022-2481 MISC MISC |
google — chrome |
Use after free in WebApp Provider in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who convinced the user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. | 2022-07-28 | not yet calculated | CVE-2022-2161 MISC MISC FEDORA |
google — chrome |
Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2158 MISC MISC FEDORA |
google — chrome |
Use after free in Interest groups in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2157 MISC MISC FEDORA |
google — chrome |
Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2007 MISC MISC |
google — chrome |
Use after free in WebGPU in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2399 MISC MISC |
google — chrome |
Use after free in Core in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2156 MISC MISC FEDORA |
google — chrome |
Type Confusion in V8 in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-27 | not yet calculated | CVE-2022-1869 MISC MISC |
google — chrome |
Use after free in Tab Groups in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. | 2022-07-27 | not yet calculated | CVE-2022-1863 MISC MISC |
google — chrome |
Out of bounds read in DevTools in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform an out of bounds memory read via specific user interaction. | 2022-07-27 | not yet calculated | CVE-2022-1858 MISC MISC |
google — chrome |
Use after free in Sharing in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific user interaction. | 2022-07-27 | not yet calculated | CVE-2022-1861 MISC MISC |
google — chrome |
Use after free in UI Foundations in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user interactions. | 2022-07-27 | not yet calculated | CVE-2022-1860 MISC MISC |
google — chrome |
Use after free in Performance Manager in Google Chrome prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | 2022-07-27 | not yet calculated | CVE-2022-1859 MISC MISC |
google — chrome |
Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-2010 MISC MISC |
google — chrome |
Use after free in App Service in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. | 2022-07-27 | not yet calculated | CVE-2022-1870 MISC MISC |
google — chrome |
Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. | 2022-07-27 | not yet calculated | CVE-2022-1857 MISC MISC |
google — chrome |
Use after free in User Education in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension or specific user interaction. | 2022-07-27 | not yet calculated | CVE-2022-1856 MISC MISC |
google — chrome |
Use after free in Messaging in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-27 | not yet calculated | CVE-2022-1855 MISC MISC |
google — chrome |
Use after free in ANGLE in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-27 | not yet calculated | CVE-2022-1854 MISC MISC |
google — chrome |
Use after free in Indexed DB in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 2022-07-27 | not yet calculated | CVE-2022-1853 MISC MISC |
google — chrome |
Inappropriate implementation in Extensions in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass profile restrictions via a crafted HTML page. | 2022-07-27 | not yet calculated | CVE-2022-1862 MISC MISC |
google — chrome |
Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page. | 2022-07-27 | not yet calculated | CVE-2022-1872 MISC MISC |
google — chrome |
Use after free in Bookmarks in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. | 2022-07-27 | not yet calculated | CVE-2022-1865 MISC MISC |
google — chrome |
Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions. | 2022-07-27 | not yet calculated | CVE-2022-1866 MISC MISC |
google — chrome |
Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. | 2022-07-27 | not yet calculated | CVE-2022-1864 MISC MISC |
google — chrome |
Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 2022-07-27 | not yet calculated | CVE-2022-1873 MISC MISC |
google — chrome |
Use after free in Codecs in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-28 | not yet calculated | CVE-2022-1919 MISC MISC |
google — chrome |
Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page. | 2022-07-27 | not yet calculated | CVE-2022-1874 MISC MISC |
google — chrome |
Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass file system policy via a crafted HTML page. | 2022-07-27 | not yet calculated | CVE-2022-1871 MISC MISC |
google — chrome |
Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 2022-07-27 | not yet calculated | CVE-2022-1875 MISC MISC |
google — chrome |
Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | 2022-07-27 | not yet calculated | CVE-2022-1876 MISC MISC |
google — google_play_services_sdk_play-services-basement |
Incorrect signature trust exists within Google Play services SDK play-services-basement. A debug version of Google Play services is trusted by the SDK for devices that are non-GMS. We recommend upgrading the SDK past the 2022-05-03 release. | 2022-07-29 | not yet calculated | CVE-2022-1799 MISC |
google-cloudstorage-commands_project — google-cloudstorage-commands | This affects all versions of package google-cloudstorage-commands. | 2022-07-25 | not yet calculated | CVE-2020-28436 CONFIRM CONFIRM |
gpac — gpsa/gpac |
NULL Pointer Dereference in GitHub repository gpac/gpac prior to v2.1.0-DEV. | 2022-07-27 | not yet calculated | CVE-2022-2549 MISC CONFIRM |
grapesjs — grapesjs | The package grapesjs before 0.19.5 are vulnerable to Cross-site Scripting (XSS) due to an improper sanitization of the class name in Selector Manager. | 2022-07-25 | not yet calculated | CVE-2022-21802 MISC MISC MISC MISC MISC |
hallowelt — bluespice | Cross-site Scripting (XSS) vulnerability in “Extension:ExtendedSearch” of Hallo Welt! GmbH BlueSpice allows attacker to inject arbitrary HTML (XSS) on page “Special:SearchCenter”, using the search term in the URL. | 2022-07-22 | not yet calculated | CVE-2022-2510 CONFIRM |
hallowelt — bluespice | Cross-site Scripting (XSS) vulnerability in the “commonuserinterface” component of BlueSpice allows an attacker to inject arbitrary HTML into a page using the title parameter of the call URL. | 2022-07-22 | not yet calculated | CVE-2022-2511 CONFIRM |
hashicorp — vault/vault_enterprise |
HashiCorp Vault and Vault Enterprise through 2022-07-17 have Incorrect Access Control. | 2022-07-26 | not yet calculated | CVE-2022-36129 MISC MISC |
hcl_commerce — remote_store_server |
HCL Commerce’s Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website. | 2022-07-30 | not yet calculated | CVE-2021-27785 MISC |
hestiacp – hestiacp/hestiacp |
OS Command Injection in GitHub repository hestiacp/hestiacp prior to 1.6.5. | 2022-07-27 | not yet calculated | CVE-2022-2550 MISC CONFIRM |
hiby — hiby_r3_pro |
Hiby R3 PRO firmware v1.5 to v1.7 was discovered to contain a file upload vulnerability via the file upload feature. | 2022-07-29 | not yet calculated | CVE-2022-34496 MISC MISC |
hitachi_energy — hitachi_energy_msm |
A vulnerability exists in the http web interface where the web interface does not validate data in an HTTP header. This causes a possible HTTP response splitting, which if exploited could lead an attacker to channel down harmful code into the user’s web browser, such as to steal the session cookies. Thus, an attacker who successfully makes an MSM user who has already established a session to MSM web interface clicks a forged link to the MSM web interface, e.g., the link is sent per E-Mail, could trick the user into downloading malicious software onto his computer. This issue affects: Hitachi Energy MSM V2.2 and prior versions. | 2022-07-25 | not yet calculated | CVE-2021-40336 CONFIRM |
hitachi_energy — hitachi_energy_msm |
A vulnerability exists in the HTTP web interface where the web interface does not sufficiently verify if a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. This cause a Cross Site Request Forgery (CSRF), which if exploited could lead an attacker to gain unauthorized access to the web application and perform an unwanted operation on it without the knowledge of the legitimate user. An attacker, who successfully makes an MSM user who has already established a session to MSM web interface clicks a forged link to the MSM web interface, e.g., link is sent per E-Mail, could perform harmful command on MSM through its web server interface. This issue affects: Hitachi Energy MSM V2.2 and prior versions. | 2022-07-25 | not yet calculated | CVE-2021-40335 CONFIRM |
homepage_product_organizer_for_woocommerce_project — homepage_product_organizer_for_woocommerce | Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co’s Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress. | 2022-07-22 | not yet calculated | CVE-2022-30998 CONFIRM CONFIRM |
honeywell — honeywell_experion_pks_safety_manager | Honeywell Experion PKS Safety Manager (SM and FSC) through 2022-05-06 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0053, there is a Honeywell Experion PKS Safety Manager insufficient logic security controls issue. The affected components are characterized as: Honeywell FSC runtime (FSC-CPU, QPP), Honeywell Safety Builder. The potential impact is: Remote Code Execution, Denial of Service. The Honeywell Experion PKS Safety Manager family of safety controllers utilize the unauthenticated Safety Builder protocol (FSCT-2022-0051) for engineering purposes, including downloading projects and control logic to the controller. Control logic is downloaded to the controller on a block-by-block basis. The logic that is downloaded consists of FLD code compiled to native machine code for the CPU module (which applies to both the Safety Manager and FSC families). Since this logic does not seem to be cryptographically authenticated, it allows an attacker capable of triggering a logic download to execute arbitrary machine code on the controller’s CPU module in the context of the runtime. While the researchers could not verify this in detail, the researchers believe that the microprocessor underpinning the FSC and Safety Manager CPU modules is incapable of offering memory protection or privilege separation capabilities which would give an attacker full control of the CPU module. There is no authentication on control logic downloaded to the controller. Memory protection and privilege separation capabilities for the runtime are possibly lacking. The researchers confirmed the issues in question on Safety Manager R145.1 and R152.2 but suspect the issue affects all FSC and SM controllers and associated Safety Builder versions regardless of software or firmware revision. An attacker who can communicate with a Safety Manager controller via the Safety Builder protocol can execute arbitrary code without restrictions on the CPU module, allowing for covert manipulation of control operations and implanting capabilities similar to the TRITON malware (MITRE ATT&CK software ID S1009). A mitigating factor with regards to some, but not all, of the above functionality is that these require the Safety Manager physical keyswitch to be in the right position. | 2022-07-28 | not yet calculated | CVE-2022-30315 MISC MISC |
honeywell — honeywell_experion_pks_safety_manager |
Honeywell Experion PKS Safety Manager through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0051, there is a Honeywell Experion PKS Safety Manager multiple proprietary protocols with unauthenticated functionality issue. The affected components are characterized as: Honeywell Experion TCP (51000/TCP), Safety Builder (51010/TCP). The potential impact is: Manipulate controller state, Manipulate controller configuration, Manipulate controller logic, Manipulate controller files, Manipulate IO. The Honeywell Experion PKS Distributed Control System (DCS) Safety Manager utilizes several proprietary protocols for a wide variety of functionality, including process data acquisition, controller steering and configuration management. These protocols include: Experion TCP (51000/TCP) and Safety Builder (51010/TCP). None of these protocols have any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality. There is no authentication functionality on the protocols in question. An attacker capable of invoking the protocols’ functionalities could achieve a wide range of adverse impacts, including (but not limited to), the following: for Experion TCP (51000/TCP): Issue IO manipulation commands, Issue file read/write commands; and for Safety Builder (51010/TCP): Issue controller start/stop commands, Issue logic download/upload commands, Issue file read commands, Issue system time change commands. A mitigating factor with regards to some, but not all, of the above functionality is that these require the Safety Manager physical keyswitch to be in the right position. | 2022-07-28 | not yet calculated | CVE-2022-30313 MISC MISC |
honeywell — honeywell_experion_pks_safety_manager |
Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The potential impact is: Firmware manipulation. The Honeywell Experion PKS Safety Manager utilizes the DCOM-232/485 communication FTA serial interface and Enea POLO bootloader for firmware management purposes. An engineering workstation running the Safety Builder software communicates via serial or serial-over-ethernet link with the DCOM-232/485 interface. Firmware images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks. Firmware images are unsigned. An attacker with access to the serial interface (either through physical access, a compromised EWS or an exposed serial-to-ethernet gateway) can utilize hardcoded credentials (see FSCT-2022-0052) for the POLO bootloader to control the boot process and push malicious firmware images to the controller allowing for firmware manipulation, remote code execution and denial of service impacts. A mitigating factor is that in order for a firmware update to be initiated, the Safety Manager has to be rebooted which is typically done by means of physical controls on the Safety Manager itself. As such, an attacker would have to either lay dormant until a legitimate reboot occurs or possibly attempt to force a reboot through a secondary vulnerability. | 2022-07-28 | not yet calculated | CVE-2022-30316 MISC MISC |
honeywell — honeywell_experion_pks_safety_manager |
Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The Honeywell Experion PKS Safety Manager utilizes the DCOM-232/485 serial interface for firmware management purposes. When booting, the Safety Manager exposes the Enea POLO bootloader via this interface. Access to the boot configuration is controlled by means of credentials hardcoded in the Safety Manager firmware. The credentials for the bootloader are hardcoded in the firmware. An attacker with access to the serial interface (either through physical access, a compromised EWS or an exposed serial-to-ethernet gateway) can utilize these credentials to control the boot process and manipulate the unauthenticated firmware image (see FSCT-2022-0054). | 2022-07-28 | not yet calculated | CVE-2022-30314 MISC MISC |
honeywell — saia_burgess_controls_pcd |
Saia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm. According to FSCT-2022-0063, there is a Saia Burgess Controls (SBC) PCD S-Bus weak credential hashing scheme issue. The affected components are characterized as: S-Bus (5050/UDP) authentication. The potential impact is: Authentication bypass. The Saia Burgess Controls (SBC) PCD controllers utilize the S-Bus protocol (5050/UDP) for a variety of engineering purposes. It is possible to configure a password in order to restrict access to sensitive engineering functionality. Authentication is done by using the S-Bus ‘write byte’ message to a specific address and supplying a hashed version of the password. The hashing algorithm used is based on CRC-16 and as such not cryptographically secure. An insecure hashing algorithm is used. An attacker capable of passively observing traffic can intercept the hashed credentials and trivially find collisions allowing for authentication without having to bruteforce a keyspace defined by the actual strength of the password. This allows the attacker access to sensitive engineering functionality such as uploading/downloading control logic and manipulating controller configuration. | 2022-07-28 | not yet calculated | CVE-2022-30320 MISC MISC |
honeywell — saia_burgess_controls_pcd |
Saia Burgess Controls (SBC) PCD through 2022-05-06 allows Authentication bypass. According to FSCT-2022-0062, there is a Saia Burgess Controls (SBC) PCD S-Bus authentication bypass issue. The affected components are characterized as: S-Bus (5050/UDP) authentication. The potential impact is: Authentication bypass. The Saia Burgess Controls (SBC) PCD controllers utilize the S-Bus protocol (5050/UDP) for a variety of engineering purposes. It is possible to configure a password in order to restrict access to sensitive engineering functionality. Authentication functions on the basis of a MAC/IP whitelist with inactivity timeout to which an authenticated client’s MAC/IP is stored. UDP traffic can be spoofed to bypass the whitelist-based access control. Since UDP is stateless, an attacker capable of passively observing traffic can spoof arbitrary messages using the MAC/IP of an authenticated client. This allows the attacker access to sensitive engineering functionality such as uploading/downloading control logic and manipulating controller configuration. | 2022-07-28 | not yet calculated | CVE-2022-30319 MISC MISC |
horde_groupware — horde_groupware_webmail_edition |
Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects. | 2022-07-28 | not yet calculated | CVE-2022-30287 MISC MISC |
ibm — ibm_robotic_process_automation |
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user with access to the local host (client machine) to obtain a login access token. IBM X-Force ID: 223019. | 2022-07-26 | not yet calculated | CVE-2022-22412 CONFIRM XF |
ibm — powervm_vios | IBM PowerVM VIOS 3.1 could allow a remote attacker to tamper with system configuration or cause a denial of service. IBM X-Force ID: 230956. | 2022-07-29 | not yet calculated | CVE-2022-35643 CONFIRM XF |
ibm — qradar_siem |
IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege escalation if this could be combined with other unknown vulnerabilities then privilege escalation could be performed. IBM X-Force ID: 216111. | 2022-07-28 | not yet calculated | CVE-2021-39088 CONFIRM XF |
ibm — security_verify_information_queue | IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 230812. | 2022-07-25 | not yet calculated | CVE-2022-35285 CONFIRM XF |
ibm — security_verify_information_queue | IBM Security Verify Information Queue 10.0.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 230817. | 2022-07-25 | not yet calculated | CVE-2022-35287 XF CONFIRM |
ibm — security_verify_information_queue |
IBM Security Verify Information Queue 10.0.2 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 230811. | 2022-07-25 | not yet calculated | CVE-2022-35284 CONFIRM XF |
ibm — security_verify_information_queue |
IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 230814. | 2022-07-26 | not yet calculated | CVE-2022-35286 CONFIRM XF |
ibm — security_verify_information_queue |
IBM Security Verify Information Queue 10.0.2 could allow a user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 230818. | 2022-07-25 | not yet calculated | CVE-2022-35288 XF CONFIRM |
ibm — sterling_partner_engagement_manager | IBM Sterling Partner Engagement Manager 6.1, 6.2, and Cloud 22.2 do not limit the length of a connection which could cause the server to become unresponsive. IBM X-Force ID: 230932. | 2022-07-26 | not yet calculated | CVE-2022-35639 CONFIRM XF |
inavitas — inavitas_solar_log | Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability. | 2022-07-29 | not yet calculated | CVE-2022-1277 CONFIRM |
inductive_automation — inductive_automation_ignition | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ZIP files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17115. | 2022-07-25 | not yet calculated | CVE-2022-35872 MISC MISC |
inductive_automation — inductive_automation_ignition | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within com.inductiveautomation.metro.impl. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17265. | 2022-07-25 | not yet calculated | CVE-2022-35870 MISC MISC |
inductive_automation — inductive_automation_ignition |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of ZIP files. Crafted data in a ZIP file can cause the application to execute arbitrary Python scripts. The user interface fails to provide sufficient indication of the hazard. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-16949. | 2022-07-25 | not yet calculated | CVE-2022-35873 MISC MISC |
inductive_automation — inductive_automation_ignition |
This vulnerability allows remote attackers to bypass authentication on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). Authentication is not required to exploit this vulnerability. The specific flaw exists within com.inductiveautomation.ignition.gateway.web.pages. The issue results from the lack of proper authentication prior to access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-17211. | 2022-07-25 | not yet calculated | CVE-2022-35869 MISC MISC |
inductive_automation — inductive_automation_ignition |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). Authentication is not required to exploit this vulnerability. The specific flaw exists within the authenticateAdSso method. The issue results from the lack of authentication prior to allowing the execution of python code. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17206. | 2022-07-25 | not yet calculated | CVE-2022-35871 MISC MISC |
inmailx — inmailx_outlook | InMailX Outlook Plugin < 3.22.0101 is vulnerable to Cross Site Scripting (XSS). InMailX Connection names are not sanitzed in the Outlook tab, which allows a local user or network administrator to execute HTML / Javascript in the Outlook of users. | 2022-07-26 | not yet calculated | CVE-2022-27105 MISC MISC |
inoutscripts — blockchain_altexchanger | Inout Blockchain AltExchanger v1.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/js. | 2022-07-26 | not yet calculated | CVE-2022-34988 MISC |
ion_parser — ion_parser |
This affects all versions of package ion-parser. If an attacker submits a malicious INI file to an application that parses it with parse , they will pollute the prototype on the application. This can be exploited further depending on the context. | 2022-07-25 | not yet calculated | CVE-2020-28462 CONFIRM |
itech — movie_portal_script | A vulnerability classified as critical was found in Itech Movie Portal Script 7.36. This vulnerability affects unknown code of the file /artist-display.php. The manipulation of the argument act leads to sql injection (Union). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-07-22 | not yet calculated | CVE-2017-20142 N/A N/A |
itech — movie_portal_script | A vulnerability, which was classified as critical, has been found in Itech Movie Portal Script 7.36. This issue affects some unknown processing of the file /film-rating.php. The manipulation of the argument v leads to sql injection (Error). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-07-22 | not yet calculated | CVE-2017-20143 N/A N/A |
itech — movie_portal_script | A vulnerability classified as critical has been found in Itech Movie Portal Script 7.36. This affects an unknown part of the file /movie.php. The manipulation of the argument f leads to sql injection (Union). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2022-07-22 | not yet calculated | CVE-2017-20141 N/A N/A |
itech — movie_portal_script | A vulnerability was found in Itech Movie Portal Script 7.36. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /show_news.php. The manipulation of the argument id with the input AND (SELECT 1222 FROM(SELECT COUNT(*),CONCAT(0x71786b7a71,(SELECT (ELT(1222=1222,1))),0x717a627871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) leads to sql injection (Error). The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-22 | not yet calculated | CVE-2017-20139 N/A N/A |
itech — movie_portal_script | A vulnerability was found in Itech Movie Portal Script 7.36. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /movie.php. The manipulation of the argument f with the input <img src=i onerror=prompt(1)> leads to basic cross site scripting (Reflected). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-22 | not yet calculated | CVE-2017-20140 N/A N/A |
itsourcecode — advance_management_system | Advanced School Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the address parameter at ip/school/index.php. | 2022-07-28 | not yet calculated | CVE-2022-34580 MISC |
itsourcecode — barangay_management_system | Barangay Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the module editing function at /pages/activity/activity.php. | 2022-07-27 | not yet calculated | CVE-2022-34120 MISC |
itsourcecode — advanced_school_management_system | Advanced School Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component ip/school/moudel/update_subject.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit Subject text field. | 2022-07-27 | not yet calculated | CVE-2022-34594 MISC |
itsourcecode — barangay_management_system | Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /pages/permit/permit.php. | 2022-07-28 | not yet calculated | CVE-2022-34557 MISC |
izrip — izrip | An issue was discovered in lrzip version 0.641. There are memory leaks in fill_buffer() in stream.c. | 2022-07-26 | not yet calculated | CVE-2021-33451 MISC MISC |
izrip — izrip | An issue was discovered in lrzip version 0.641. There is a use-after-free in ucompthread() in stream.c:1538. | 2022-07-26 | not yet calculated | CVE-2021-33453 MISC MISC |
jenkins — buckminster | Jenkins Buckminster Plugin 1.1.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | 2022-07-27 | not yet calculated | CVE-2022-36918 CONFIRM MLIST |
jenkins — clif_performance_testing | An arbitrary file write vulnerability in Jenkins CLIF Performance Testing Plugin 64.vc0d66de1dfb_f and earlier allows attackers with Overall/Read permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content. | 2022-07-27 | not yet calculated | CVE-2022-36894 CONFIRM MLIST |
jenkins — compuware_ispw_operations | Jenkins Compuware ISPW Operations Plugin 1.0.8 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties. | 2022-07-27 | not yet calculated | CVE-2022-36899 CONFIRM MLIST |
jenkins — compuware_ispw_operations | A missing permission check in Jenkins Compuware ISPW Operations Plugin 1.0.8 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins. | 2022-07-27 | not yet calculated | CVE-2022-36898 CONFIRM MLIST |
jenkins — compuware_source_code_download | A missing permission check in Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin 2.0.12 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins. | 2022-07-27 | not yet calculated | CVE-2022-36896 CONFIRM MLIST |
jenkins — compuware_topaz_utilities | A missing permission check in Jenkins Compuware Topaz Utilities Plugin 1.0.8 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins. | 2022-07-27 | not yet calculated | CVE-2022-36895 CONFIRM MLIST |
jenkins — compuware_xpediter_code_coverage | A missing permission check in Jenkins Compuware Xpediter Code Coverage Plugin 1.0.7 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins. | 2022-07-27 | not yet calculated | CVE-2022-36897 CONFIRM MLIST |
jenkins — coverity | A cross-site request forgery (CSRF) vulnerability in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 2022-07-27 | not yet calculated | CVE-2022-36920 CONFIRM MLIST |
jenkins — coverity | A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 2022-07-27 | not yet calculated | CVE-2022-36919 CONFIRM MLIST |
jenkins — coverity | A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 2022-07-27 | not yet calculated | CVE-2022-36921 CONFIRM MLIST |
jenkins — deployer_framework | Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier does not restrict the application path of the applications when configuring a deployment, allowing attackers with Item/Configure permission to upload arbitrary files from the Jenkins controller file system to the selected service. | 2022-07-27 | not yet calculated | CVE-2022-36889 CONFIRM MLIST |
jenkins — deployer_framework | A missing permission check in Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier allows attackers with Item/Read permission but without Deploy Now/Deploy permission to read deployment logs. | 2022-07-27 | not yet calculated | CVE-2022-36891 CONFIRM MLIST |
jenkins — deployer_framework | Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier does not restrict the name of files in methods implementing form validation, allowing attackers with Item/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | 2022-07-27 | not yet calculated | CVE-2022-36890 CONFIRM MLIST |
jenkins — external_monitor_job_type | A cross-site request forgery (CSRF) vulnerability in Jenkins External Monitor Job Type Plugin 191.v363d0d1efdf8 and earlier allows attackers to create runs of an external job. | 2022-07-27 | not yet calculated | CVE-2022-36886 CONFIRM MLIST |
jenkins — git | The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository. | 2022-07-27 | not yet calculated | CVE-2022-36884 CONFIRM MLIST |
jenkins — git |
A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit. | 2022-07-27 | not yet calculated | CVE-2022-36883 CONFIRM MLIST |
jenkins — git |
A cross-site request forgery (CSRF) vulnerability in Jenkins Git Plugin 4.11.3 and earlier allows attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit. | 2022-07-27 | not yet calculated | CVE-2022-36882 CONFIRM MLIST |
jenkins — git_client | Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks. | 2022-07-27 | not yet calculated | CVE-2022-36881 CONFIRM MLIST |
jenkins — github |
Jenkins GitHub Plugin 1.34.4 and earlier uses a non-constant time comparison function when checking whether the provided and computed webhook signatures are equal, allowing attackers to use statistical methods to obtain a valid webhook signature. | 2022-07-27 | not yet calculated | CVE-2022-36885 CONFIRM MLIST |
jenkins — google_cloud_backup | A missing permission check in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers with Overall/Read permission to request a manual backup. | 2022-07-27 | not yet calculated | CVE-2022-36917 CONFIRM MLIST |
jenkins — google_cloud_backup |
A cross-site request forgery (CSRF) vulnerability in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers to request a manual backup. | 2022-07-27 | not yet calculated | CVE-2022-36916 CONFIRM MLIST |
jenkins — job_configuration_history | A cross-site request forgery (CSRF) vulnerability in Jenkins Job Configuration History Plugin 1155.v28a_46a_cc06a_5 and earlier allows attackers to delete entries from job, agent, and system configuration history, or restore older versions of job, agent, and system configurations. | 2022-07-27 | not yet calculated | CVE-2022-36887 CONFIRM MLIST |
jenkins — lucene_search | Jenkins Lucene-Search Plugin 370.v62a5f618cd3a and earlier does not escape the search query parameter displayed on the ‘search’ result page, resulting in a reflected cross-site scripting (XSS) vulnerability. | 2022-07-27 | not yet calculated | CVE-2022-36922 CONFIRM MLIST |
jenkins — openshift_deployer | A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system to an attacker-specified URL. | 2022-07-27 | not yet calculated | CVE-2022-36909 CONFIRM MLIST |
jenkins — rhnpush-plugin | Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace contents. | 2022-07-27 | not yet calculated | CVE-2022-36892 CONFIRM MLIST |
jenkins –android_signing | Jenkins Android Signing Plugin 2.2.5 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace contents. | 2022-07-27 | not yet calculated | CVE-2022-36915 CONFIRM MLIST |
jenkins –compuware_zadviser_api | Jenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties. | 2022-07-27 | not yet calculated | CVE-2022-36900 CONFIRM MLIST |
jenkins –files_found_trigger | Jenkins Files Found Trigger Plugin 1.5 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | 2022-07-27 | not yet calculated | CVE-2022-36914 CONFIRM MLIST |
jenkins –http_request | Jenkins HTTP Request Plugin 1.15 and earlier stores HTTP Request passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. | 2022-07-27 | not yet calculated | CVE-2022-36901 CONFIRM MLIST |
jenkins –lucene_search | Jenkins Lucene-Search Plugin 370.v62a5f618cd3a and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to reindex the database and to obtain information about jobs otherwise inaccessible to them. | 2022-07-27 | not yet calculated | CVE-2022-36910 CONFIRM MLIST |
jenkins –maven_metadata | Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.2 and earlier does not perform URL validation for the Repository Base URL of List maven artifact versions parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-07-27 | not yet calculated | CVE-2022-36905 CONFIRM MLIST |
jenkins –openshift_deployer | A cross-site request forgery (CSRF) vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password. | 2022-07-27 | not yet calculated | CVE-2022-36906 CONFIRM MLIST |
jenkins –openshift_deployer | A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password. | 2022-07-27 | not yet calculated | CVE-2022-36907 CONFIRM MLIST |
jenkins –openshift_deployer | A cross-site request forgery (CSRF) vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system to an attacker-specified URL. | 2022-07-27 | not yet calculated | CVE-2022-36908 CONFIRM MLIST |
jenkins –openstack_heat | Jenkins Openstack Heat Plugin 1.5 and earlier does not perform permission checks in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | 2022-07-27 | not yet calculated | CVE-2022-36913 CONFIRM MLIST |
jenkins –openstack_heat | A cross-site request forgery (CSRF) vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL. | 2022-07-27 | not yet calculated | CVE-2022-36911 CONFIRM MLIST |
jenkins –openstack_heat | A missing permission check in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. | 2022-07-27 | not yet calculated | CVE-2022-36912 CONFIRM MLIST |
jenkins –repository_connector | Jenkins Repository Connector Plugin 2.2.0 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | 2022-07-27 | not yet calculated | CVE-2022-36904 CONFIRM MLIST |
jenkins –repository_connector | A missing permission check in Jenkins Repository Connector Plugin 2.2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 2022-07-27 | not yet calculated | CVE-2022-36903 CONFIRM MLIST |
jenkins — dynamic_extended_choice | Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape several fields of Moded Extended Choice parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-07-27 | not yet calculated | CVE-2022-36902 CONFIRM MLIST |
jenkins — hashicorp_vault |
A missing permission check in Jenkins HashiCorp Vault Plugin 354.vdb_858fd6b_f48 and earlier allows attackers with Overall/Read permission to obtain credentials stored in Vault with attacker-specified path and keys. | 2022-07-27 | not yet calculated | CVE-2022-36888 CONFIRM MLIST |
jenkins — rpmsign-plugin |
Jenkins rpmsign-plugin Plugin 0.5.0 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace contents. | 2022-07-27 | not yet calculated | CVE-2022-36893 CONFIRM MLIST |
jetbrains — intellij_idea |
In JetBrains IntelliJ IDEA before 2022.2 email address validation in the “Git User Name Is Not Defined” dialog was missed | 2022-07-28 | not yet calculated | CVE-2022-37010 MISC |
johnsoncontrols — metasys_open_application_server | Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.2 and enumerate users. | 2022-07-22 | not yet calculated | CVE-2021-36200 CONFIRM CERT |
joplin — joplin |
Joplin v2.8.8 allows attackers to execute arbitrary commands via a crafted payload injected into the Node titles. | 2022-07-25 | not yet calculated | CVE-2022-35131 MISC MISC MISC |
js_ini — js_ini | This affects the package js-ini before 1.3.0. If an attacker submits a malicious INI file to an application that parses it with parse , they will pollute the prototype on the application. This can be exploited further depending on the context. | 2022-07-25 | not yet calculated | CVE-2020-28461 CONFIRM CONFIRM |
jtekt — jtekt_toyopuc_plc | JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP protocol (configurable on ports 1024-65534 on either TCP or UDP) for a wide variety of engineering purposes such as starting and stopping the PLC, downloading and uploading projects, and changing configuration settings. This protocol does not have any authentication features, allowing any attacker capable of communicating with the port in question to invoke (a subset of) desired functionality. | 2022-07-26 | not yet calculated | CVE-2022-29951 MISC MISC |
jtekt — jtekt_toyopuc_plc | JTEKT TOYOPUC PLCs through 2022-04-29 do not ensure data integrity. They utilize the unauthenticated CMPLink/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. Control logic is downloaded to the PLC on a block-by-block basis with a given memory address and a blob of machine code. The logic that is downloaded to the PLC is not cryptographically authenticated, allowing an attacker to execute arbitrary machine code on the PLC’s CPU module in the context of the runtime. In the case of the PC10G-CPU, and likely for other CPU modules of the TOYOPUC family, a processor without MPU or MMU is used and this no memory protection or privilege-separation capabilities are available, giving an attacker full control over the CPU. | 2022-07-26 | not yet calculated | CVE-2022-29958 MISC MISC |
kippo-graph — kippo-graph | In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in xss_clean() in class/KippoInput.class.php. | 2022-07-28 | not yet calculated | CVE-2016-2138 MISC MISC |
kippo-graph — kippo-graph | In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in $file_link in class/KippoInput.class.php. | 2022-07-28 | not yet calculated | CVE-2016-2139 MISC MISC |
libxml — libxml | Possible cross-site scripting vulnerability in libxml after commit 960f0e2. | 2022-07-28 | not yet calculated | CVE-2016-3709 MISC |
linux — linux_kernel | The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges. | 2022-07-29 | not yet calculated | CVE-2022-36123 MISC MISC MISC CONFIRM CONFIRM |
linux — linux_kernel | A memory leak flaw was found in the Linux kernel in acrn_dev_ioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. This flaw allows a local privileged attacker to leak unauthorized kernel information, causing a denial of service. | 2022-07-26 | not yet calculated | CVE-2022-1651 MISC |
linux — linux_kernel | nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. | 2022-07-27 | not yet calculated | CVE-2022-36946 MISC |
linux — linux_kernel | An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. | 2022-07-27 | not yet calculated | CVE-2022-36879 MISC MISC |
linux — linux_kernel | io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859 | 2022-07-22 | not yet calculated | CVE-2022-2327 CONFIRM CONFIRM |
linux — linux_kernel |
A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information. | 2022-07-26 | not yet calculated | CVE-2022-1671 MISC |
mageni — student_management_syetem | A stored cross-site scripting (XSS) vulnerability in /nav_bar_action.php of Student Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat box. | 2022-07-28 | not yet calculated | CVE-2021-33371 MISC |
markdown_it_decorate — markdown_it_decorate | This affects all versions of package markdown-it-decorate. An attacker can add an event handler or use javascript:xxx for the link. | 2022-07-25 | not yet calculated | CVE-2020-28459 CONFIRM |
markdown_it_toc — markdown_it_toc | This affects all versions of package markdown-it-toc. The title of the generated toc and the contents of the header are not escaped. | 2022-07-25 | not yet calculated | CVE-2020-28455 CONFIRM |
mcafee — mcafee_agent | A DLL hijacking vulnerability in the MA Smart Installer for Windows prior to 5.7.7, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL into the folder from where the Smart installer is being executed. | 2022-07-27 | not yet calculated | CVE-2022-2313 CONFIRM |
microweber — microweber | Cross-site Scripting (XSS) – Reflected in GitHub repository microweber/microweber prior to 1.2.21. | 2022-07-22 | not yet calculated | CVE-2022-2470 CONFIRM MISC |
microweber — microweber | Cross-site Scripting (XSS) – Stored in GitHub repository microweber/microweber prior to 1.2.21. | 2022-07-22 | not yet calculated | CVE-2022-2495 CONFIRM MISC |
midori-global — better_pdf_exporter | The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page. | 2022-07-22 | not yet calculated | CVE-2022-36131 MISC MISC |
mistune — mistune | In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic backtracking. | 2022-07-25 | not yet calculated | CVE-2022-34749 MISC MISC |
moodle — moodle | A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user’s browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks. | 2022-07-25 | not yet calculated | CVE-2022-35651 MISC MISC MISC FEDORA FEDORA |
moodle — moodle | A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user’s browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks. This vulnerability does not impact authenticated users. | 2022-07-25 | not yet calculated | CVE-2022-35653 MISC MISC MISC FEDORA FEDORA |
moodle — moodle |
The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. This insufficient path checks results in arbitrary file read risk. This vulnerability allows a remote attacker to perform directory traversal attacks. The capability to access this feature is only available to teachers, managers and admins by default. | 2022-07-25 | not yet calculated | CVE-2022-35650 MISC MISC MISC FEDORA FEDORA |
moodle — moodle |
An open redirect issue was found in Moodle due to improper sanitization of user-supplied data in mobile auto-login feature. A remote attacker can create a link that leads to a trusted website, however, when clicked, it redirects the victims to arbitrary URL/domain. Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information. | 2022-07-25 | not yet calculated | CVE-2022-35652 MISC MISC MISC FEDORA FEDORA |
moodle — moodle |
The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. | 2022-07-25 | not yet calculated | CVE-2022-35649 MISC MISC MISC FEDORA FEDORA |
motorola — moscad_and_ace_rtu | The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MDLC) networks (potentially over a variety of serial, RF and/or Ethernet links) and TCP/IP networks. Communication with RTUs behind the gateway is done by means of the proprietary IPGW protocol (5001/TCP). This protocol does not have any authentication features, allowing any attacker capable of communicating with the port in question to invoke (a subset of) desired functionality. | 2022-07-26 | not yet calculated | CVE-2022-30276 MISC MISC |
motorola — motorola_ace1000_rtu |
The Motorola ACE1000 RTU through 2022-05-02 mishandles firmware integrity. It utilizes either the STS software suite or ACE1000 Easy Configurator for performing firmware updates. In case of the Easy Configurator, firmware updates are performed through access to the Web UI where file system, kernel, package, bundle, or application images can be installed. Firmware updates for the Front End Processor (FEP) module are performed via access to the SSH interface (22/TCP), where a .hex file image is transferred and a bootloader script invoked. File system, kernel, package, and bundle updates are supplied as RPM (RPM Package Manager) files while FEP updates are supplied as S-rec files. In all cases, firmware images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks. | 2022-07-26 | not yet calculated | CVE-2022-30272 MISC MISC |
motorola — motorola_ace1000_rtu |
The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption mode, traffic is encrypted via the Tiny Encryption Algorithm (TEA) block-cipher in ECB mode. This mode of operation does not offer message integrity and offers reduced confidentiality above the block level, as demonstrated by an ECB Penguin attack against any block ciphers. | 2022-07-26 | not yet calculated | CVE-2022-30273 MISC MISC MISC |
motorola — motorola_ace1000_rtu |
The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations that are part of engineering software functionality. Access to this interface is controlled by 5 preconfigured accounts (root, abuilder, acelogin, cappl, ace), all of which come with default credentials. Although the ACE1000 documentation mentions the root, abuilder and acelogin accounts and instructs users to change the default credentials, the cappl and ace accounts remain undocumented and thus are unlikely to have their credentials changed. | 2022-07-26 | not yet calculated | CVE-2022-30270 MISC MISC |
motorola — motorola_ace1000_rtu |
Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom application installation via either STS software, the C toolkit, or the ACE1000 Easy Configurator. In the case of the Easy Configurator, application images (as PLX/DAT/APP/CRC files) are uploaded via the Web UI. In case of the C toolkit, they are transferred and installed using SFTP/SSH. In each case, application images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks. | 2022-07-26 | not yet calculated | CVE-2022-30269 MISC MISC |
motorola — motorola_ace1000_rtu |
The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with an XRT LAN-to-radio gateway by means of an embedded client. Credentials for accessing this gateway are stored after being encrypted with the Tiny Encryption Algorithm (TEA) in ECB mode using a hardcoded key. Similarly, the ACE1000 RTU can route MDLC traffic over Extended Command and Management Protocol (XCMP) and Network Layer (XNL) networks via the MDLC driver. Authentication to the XNL port is protected by TEA in ECB mode using a hardcoded key. | 2022-07-26 | not yet calculated | CVE-2022-30274 MISC MISC |
motorola — motorola_ace1000_rtu |
The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts (such as /etc/init.d/sshd_service) only generate a new key if no private-key file exists. Thus, this hardcoded key is likely to be used by default. | 2022-07-26 | not yet calculated | CVE-2022-30271 MISC MISC |
motorola — motorola_moscad_toolbox_software | The Motorola MOSCAD Toolbox software through 2022-05-02 relies on a cleartext password. It utilizes an MDLC driver to communicate with MOSCAD/ACE RTUs for engineering purposes. Access to these communications is protected by a password stored in cleartext in the wmdlcdrv.ini driver configuration file. In addition, this password is used for access control to MOSCAD/STS projects protected with the Legacy Password feature. In this case, an insecure CRC of the password is present in the project file: this CRC is validated against the password in the driver configuration file. | 2022-07-26 | not yet calculated | CVE-2022-30275 MISC MISC |
multisafepay — multisafepay_for_woocommerce | Unauthenticated Arbitrary File Read vulnerability in MultiSafepay plugin for WooCommerce plugin <= 4.13.1 at WordPress. | 2022-07-22 | not yet calculated | CVE-2022-33901 CONFIRM CONFIRM |
nasm — nasm | An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_malloc() in nasmlib/alloc.c. | 2022-07-26 | not yet calculated | CVE-2021-33452 MISC MISC |
nasm — nasm | An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_calloc() in nasmlib/alloc.c. | 2022-07-26 | not yet calculated | CVE-2021-33450 MISC MISC |
nodepdf — nodepdf |
Input passed to the Pdf() function is shell escaped and passed to child_process.exec() during PDF rendering. However, the shell escape does not properly encode all special characters, namely, semicolon and curly braces. This can be abused to achieve command execution. This problem affects nodepdf 1.3.0. | 2022-07-28 | not yet calculated | CVE-2016-4991 MISC |
npm_help — npm_help | This affects all versions of package npm-help. The injection point is located in line 13 in index.js file in export.latestVersion() function. | 2022-07-25 | not yet calculated | CVE-2020-28445 CONFIRM |
ntesseract_project — ntesseract | The package ntesseract before 0.2.9 are vulnerable to Command Injection via lib/tesseract.js. | 2022-07-25 | not yet calculated | CVE-2020-28446 CONFIRM CONFIRM |
obsidian — obsidian | Obsidian 0.14.x and 0.15.x before 0.15.5 allows obsidian://hook-get-address remote code execution because window.open is used without checking the URL. | 2022-07-25 | not yet calculated | CVE-2022-36450 MISC |
odoo — open_source_point_of_sale | Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page. | 2022-07-28 | not yet calculated | CVE-2022-34578 MISC |
omron — plcs | In Omron CS series, CJ series, and CP series PLCs through 2022-05-18, the password for access to the Web UI is stored in memory area D1449…D1452 and can be read out using the Omron FINS protocol without any further authentication. | 2022-07-26 | not yet calculated | CVE-2022-31205 MISC MISC |
omron — plcs | Omron CS series, CJ series, and CP series PLCs through 2022-05-18 use cleartext passwords. They feature a UM Protection setting that allows users or system integrators to configure a password in order to restrict sensitive engineering operations (such as project/logic uploads and downloads). This password is set using the OMRON FINS command Program Area Protect and unset using the command Program Area Protect Clear, both of which are transmitted in cleartext. | 2022-07-26 | not yet calculated | CVE-2022-31204 MISC MISC |
omron — plcs |
The Omron SYSMAC Cx product family PLCs (CS series, CJ series, and CP series) through 2022-05-18 lack cryptographic authentication. They utilize the Omron FINS (9600/TCP) protocol for engineering purposes, including downloading projects and control logic to the PLC. This protocol has authentication flaws as reported in FSCT-2022-0057. Control logic is downloaded to PLC volatile memory using the FINS Program Area Read and Program Area Write commands or to non-volatile memory using other commands from where it can be loaded into volatile memory for execution. The logic that is loaded into and executed from the user program area exists in compiled object code form. Upon execution, these object codes are first passed to a dedicated ASIC that determines whether the object code is to be executed by the ASIC or the microprocessor. In the former case, the object code is interpreted by the ASIC whereas in the latter case the object code is passed to the microprocessor for object code interpretation by a ROM interpreter. In the abnormal case where the object code cannot be handled by either, an abnormal condition is triggered and the PLC is halted. The logic that is downloaded to the PLC does not seem to be cryptographically authenticated, thus allowing an attacker to manipulate transmitted object code to the PLC and either execute arbitrary object code commands on the ASIC or on the microprocessor interpreter. | 2022-07-26 | not yet calculated | CVE-2022-31207 MISC MISC |
omron — plcs |
The Omron SYSMAC Nx product family PLCs (NJ series, NY series, NX series, and PMAC series) through 2022-005-18 lack cryptographic authentication. These PLCs are programmed using the SYMAC Studio engineering software (which compiles IEC 61131-3 conformant POU code to native machine code for execution by the PLC’s runtime). The resulting machine code is executed by a runtime, typically controlled by a real-time operating system. The logic that is downloaded to the PLC does not seem to be cryptographically authenticated, allowing an attacker to manipulate transmitted object code to the PLC and execute arbitrary machine code on the processor of the PLC’s CPU module in the context of the runtime. In the case of at least the NJ series, an RTOS and hardware combination is used that would potentially allow for memory protection and privilege separation and thus limit the impact of code execution. However, it was not confirmed whether these sufficiently segment the runtime from the rest of the RTOS. | 2022-07-26 | not yet calculated | CVE-2022-31206 MISC MISC |
online_fire_reporting_system — online_fire_reporting_system |
A cross-site scripting (XSS) vulnerability in /index.php/?p=report of Online Fire Reporting System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the “Contac #” text field. | 2022-07-27 | not yet calculated | CVE-2022-34611 MISC MISC MISC |
online_fire_reporting_system_project — online_fire_reporting_system_1.0 | Online Fire Reporting System 1.0 is vulnerable to SQL Injection via the date parameter. | 2022-07-26 | not yet calculated | CVE-2022-31879 MISC |
open_xchange — oc_app_suite | OX App Suite through 7.10.6 allows XSS by forcing block-wise read. | 2022-07-27 | not yet calculated | CVE-2022-23099 CONFIRM MISC |
open_xchange — ox_app_suite | OX App Suite through 7.10.6 allows OS Command Injection via a serialized Java class to the Documentconverter API. | 2022-07-27 | not yet calculated | CVE-2022-24405 CONFIRM MISC |
open_xchange — ox_app_suite | OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable, and this can lead to injection into internal Documentconverter API calls. | 2022-07-27 | not yet calculated | CVE-2022-24406 CONFIRM MISC |
open_xchange — ox_app_suite | OX App Suite through 7.10.6 allows XSS via appHandler in a deep link in an e-mail message. | 2022-07-27 | not yet calculated | CVE-2022-23101 CONFIRM MISC |
open_xchange — ox_app_suite | OX App Suite through 7.10.6 allows OS Command Injection via Documentconverter (e.g., through an email attachment). | 2022-07-27 | not yet calculated | CVE-2022-23100 CONFIRM MISC |
openemr — openemr | Data Access from Outside Expected Data Manager Component in GitHub repository openemr/openemr prior to 7.0.0. | 2022-07-22 | not yet calculated | CVE-2022-2493 MISC CONFIRM |
openemr — openemr | Cross-site Scripting (XSS) – Stored in GitHub repository openemr/openemr prior to 7.0.0. | 2022-07-22 | not yet calculated | CVE-2022-2494 CONFIRM MISC |
openkm — openkm_community_edition | OpenKM Community Edition in its 6.3.10 version and before was using XMLReader parser in XMLTextExtractor.java file without the required security flags, allowing an attacker to perform a XML external entity injection attack. | 2022-07-25 | not yet calculated | CVE-2022-2131 CONFIRM |
openteknik — open_source_social_network | OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the News Feed module. | 2022-07-25 | not yet calculated | CVE-2022-34963 MISC MISC MISC MISC MISC |
openteknik — open_source_social_network | OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the SitePages module. | 2022-07-25 | not yet calculated | CVE-2022-34964 MISC MISC MISC MISC |
openteknik — open_source_social_network | OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Users Timeline module. | 2022-07-25 | not yet calculated | CVE-2022-34961 MISC MISC MISC MISC MISC |
openteknik — open_source_social_network |
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an arbitrary file upload vulnerability via the component /ossn/administrator/com_installer. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. | 2022-07-25 | not yet calculated | CVE-2022-34965 MISC MISC MISC MISC |
openteknik — open_source_social_network |
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an HTML injection vulnerability via the location parameter at http://ip_address/:port/ossn/home. | 2022-07-25 | not yet calculated | CVE-2022-34966 MISC MISC MISC MISC |
openteknik — open_source_social_network |
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Group Timeline module. | 2022-07-25 | not yet calculated | CVE-2022-34962 MISC MISC MISC MISC MISC |
orange_station — orange_station |
Orange Station 1.0 was discovered to contain a SQL injection vulnerability via the username parameter. | 2022-07-26 | not yet calculated | CVE-2022-36161 MISC |
oretnom23– online_railway_reservation_system | The QQ application 8.7.1 for Android and iOS does not enforce the permission requirements (e.g., android.permission.ACCESS_FINE_LOCATION) for determining the device’s physical location. An attacker can use qq.createMapContext to create a MapContext object, use MapContext.moveToLocation to move the center of the map to the device’s location, and use MapContext.getCenterLocation to get the latitude and longitude of the current map center. | 2022-07-26 | not yet calculated | CVE-2021-33057 MISC MISC |
otp-generator — otp-generator | The package otp-generator before 3.0.0 are vulnerable to Insecure Randomness due to insecure generation of random one-time passwords, which may allow a brute-force attack. | 2022-07-25 | not yet calculated | CVE-2021-23451 CONFIRM CONFIRM CONFIRM |
ovarro — tbox | An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system. | 2022-07-28 | not yet calculated | CVE-2021-22642 CONFIRM |
ovarro — tbox | An attacker can decrypt the Ovarro TBox login password by communication capture and brute force attacks. | 2022-07-28 | not yet calculated | CVE-2021-22640 CONFIRM |
ovarro — tbox_twinsoft | An attacker may use TWinSoft and a malicious source project file (TPG) to extract files on machine executing Ovarro TWinSoft, which could lead to code execution. | 2022-07-28 | not yet calculated | CVE-2021-22650 CONFIRM |
ovarro — tbox_twinsoft | Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key. | 2022-07-28 | not yet calculated | CVE-2021-22644 CONFIRM |
ovarro — tbox_twinsoft | The “ipk” package containing the configuration created by TWinSoft can be uploaded, extracted, and executed in Ovarro TBox, allowing malicious code execution. | 2022-07-28 | not yet calculated | CVE-2021-22646 CONFIRM |
ovarro– tbox | Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete the configuration file. | 2022-07-28 | not yet calculated | CVE-2021-22648 CONFIRM |
patlite — nh-fb_series_devices | On Patlite NH-FB series devices through 1.46, remote attackers can cause a denial of service by omitting the query string. | 2022-07-27 | not yet calculated | CVE-2022-35911 MISC MISC MISC |
pegasystems – pega_infinity | Password authentication bypass vulnerability for local accounts can be used to bypass local authentication checks. | 2022-07-25 | not yet calculated | CVE-2022-24083 MISC |
php_group — php_versions | In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as finfo_buffer, due to incorrect patch applied to the third party code from libmagic, incorrect function may be used to free allocated memory, which may lead to heap corruption. | 2022-07-28 | not yet calculated | CVE-2022-31627 MISC |
pico_project — picoc | PicoC v3.2.2 was discovered to contain a NULL pointer dereference at variable.c. | 2022-07-28 | not yet calculated | CVE-2022-34556 MISC MISC |
plugins-market — wp_visitor_statistics | Multiple Unauthenticated SQL Injection (SQLi) vulnerabilities in Osamaesh WP Visitor Statistics plugin <= 5.7 at WordPress. | 2022-07-25 | not yet calculated | CVE-2022-33965 CONFIRM CONFIRM |
png2webp — png2webp | png2webp v1.0.4 was discovered to contain an out-of-bounds write via the function w2p. This vulnerability is exploitable via a crafted png file. | 2022-07-28 | not yet calculated | CVE-2022-36752 MISC MISC |
prestashop — prestashop | PrestaShop 1.6.0.10 through 1.7.x before 1.7.8.7 allows remote attackers to execute arbitrary code, aka a “previously unknown vulnerability chain” related to SQL injection and MySQL Smarty cache storage injection, as exploited in the wild in July 2022. | 2022-07-22 | not yet calculated | CVE-2022-36408 MISC |
properties_reader — properties_reader | This affects the package properties-reader before 2.2.0. | 2022-07-25 | not yet calculated | CVE-2020-28471 CONFIRM CONFIRM CONFIRM |
pycrowdtangle_project — pycrowdtangle | The PyCrowdTangle package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party. | 2022-07-22 | not yet calculated | CVE-2022-34981 MISC MISC MISC |
pypi — pypi | The bin-collection package in PyPI before v0.1 included a code execution backdoor inserted by a third party. | 2022-07-22 | not yet calculated | CVE-2022-34501 MISC MISC MISC |
pypi — pypi | The bin-collect package in PyPI before v0.1 included a code execution backdoor inserted by a third party. | 2022-07-22 | not yet calculated | CVE-2022-34500 MISC MISC MISC |
pypi_project –wmagent_and_global_workqueue | WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package. | 2022-07-28 | not yet calculated | CVE-2022-34558 MISC |
qpdf_project — qpdf | QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | 2022-07-22 | not yet calculated | CVE-2022-34503 MISC |
qr_code_generator — qr_code_generator | A vulnerability in the component process.php of QR Code Generator v5.2.7 allows attackers to perform directory traversal. | 2022-07-25 | not yet calculated | CVE-2022-24992 MISC MISC MISC |
radare — radare2 | Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary file. | 2022-07-22 | not yet calculated | CVE-2022-34502 MISC |
radare — radare2 | Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service (DOS) via a crafted binary file. | 2022-07-22 | not yet calculated | CVE-2022-34520 MISC |
rainloop — rainloop_email_viewer | The Email Viewer in RainLoop through 1.6.0 allows XSS via a crafted email message. | 2022-07-28 | not yet calculated | CVE-2022-29360 MISC MISC |
rapid — velociraptor | Due to a bug in the handling of the communication between the client and server, it was possible for one client, already registered with their own client ID, to send messages to the server claiming to come from another client ID. This issue was resolved in Velociraptor 0.6.5-2. | 2022-07-29 | not yet calculated | CVE-2022-35629 CONFIRM |
rapid — velociraptor | A cross-site scripting (XSS) issue in generating a collection report made it possible for malicious clients to inject JavaScript code into the static HTML file. This issue was resolved in Velociraptor 0.6.5-2. | 2022-07-29 | not yet calculated | CVE-2022-35630 CONFIRM |
rapid — velociraptor_client | On MacOS and Linux, it may be possible to perform a symlink attack by replacing this predictable file name with a symlink to another file and have the Velociraptor client overwrite the other file. This issue was resolved in Velociraptor 0.6.5-2. | 2022-07-29 | not yet calculated | CVE-2022-35631 CONFIRM |
rapid — velociraptor_gui | The Velociraptor GUI contains an editor suggestion feature that can display the description field of a VQL function, plugin or artifact. This field was not properly sanitized and can lead to cross-site scripting (XSS). This issue was resolved in Velociraptor 0.6.5-2. | 2022-07-29 | not yet calculated | CVE-2022-35632 CONFIRM |
realtek — rtl819x-sdk | Realtek rtl819x-SDK before v3.6.1 allows command injection over the web interface. | 2022-07-28 | not yet calculated | CVE-2022-29558 MISC MISC |
redhat — openstack | An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and integrity. | 2022-07-22 | not yet calculated | CVE-2022-1655 MISC |
revmakx — infinitewp_client | A vulnerability was found in InfiniteWP Client Plugin 1.5.1.3/1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to injection. The attack can be launched remotely. Upgrading to version 1.6.1.1 is able to address this issue. It is recommended to upgrade the affected component. | 2022-07-23 | not yet calculated | CVE-2016-15004 MISC MISC MISC |
rizin — rizin | Rizin v0.4.0 and below was discovered to contain an integer overflow via the function get_long_object(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary. | 2022-07-27 | not yet calculated | CVE-2022-34612 MISC MISC |
rockwell_automation — multiple_products | The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage its control flow during execution, creating an infinite loop. This may allow an attacker to send specially crafted CIP packet requests to a controller, which may cause denial-of-service conditions in communications with other products. | 2022-07-27 | not yet calculated | CVE-2020-6998 CONFIRM CONFIRM |
sap_successfactors — sap_successfactors_attachment_api | Due to misconfigured application endpoints, SAP SuccessFactors attachment APIs allow attackers with user privileges to perform activities with admin privileges over the network. These APIs were consumed in the SF Mobile application for Time Off, Time Sheet, EC Workflow, and Benefits. On successful exploitation, the attacker can read/write attachments. Thus, compromising the confidentiality and integrity of the application | 2022-07-27 | not yet calculated | CVE-2022-35291 MISC MISC |
scu-captcha_project — scu-captcha | The scu-captcha package in PyPI v0.0.1 to v0.0.4 included a code execution backdoor inserted by a third party. | 2022-07-22 | not yet calculated | CVE-2022-34983 MISC MISC MISC |
sdl — sdl | SDL v1.2 was discovered to contain a use-after-free via the XFree function at /src/video/x11/SDL_x11yuv.c. | 2022-07-28 | not yet calculated | CVE-2022-34568 MISC |
set-deep-prop — set-deep-prop | All versions of package set-deep-prop are vulnerable to Prototype Pollution via the main functionality. | 2022-07-25 | not yet calculated | CVE-2021-23373 CONFIRM |
simplenetwork — simplenetwork_tcp_server | SimpleNetwork TCP Server commit 29bc615f0d9910eb2f59aa8dff1f54f0e3af4496 was discovered to contain a double free vulnerability which is exploited via crafted TCP packets. | 2022-07-28 | not yet calculated | CVE-2022-36234 MISC |
sims_software — sims | Sims v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /uploadServlet. This vulnerability allows attackers to escalate privileges and execute arbitrary commands via a crafted file. | 2022-07-27 | not yet calculated | CVE-2022-34549 MISC MISC |
sims_software — sims | Sims v1.0 was discovered to allow path traversal when downloading attachments. | 2022-07-27 | not yet calculated | CVE-2022-34551 MISC MISC |
skyhigh — skyhigh_swg | An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x prior to 9.2.23, 8.x prior to 8.2.28, and controlled release 11.x prior to 11.2.1 allows a remote attacker to bypass authentication into the administration User Interface. This is possible because of SWG incorrectly whitelisting authentication bypass methods and using a weak crypto password. This can lead to the attacker logging into the SWG admin interface, without valid credentials, as the super user with complete control over the SWG. | 2022-07-27 | not yet calculated | CVE-2022-2310 CONFIRM |
slack_morphism_project — slack_morphism | Slack Morphism is an async client library for Rust. Prior to 0.41.0, it was possible for Slack OAuth client information to leak in application debug logs. Stricter and more secure debug formatting was introduced in v0.41.0 for OAuth secret types to reduce the possibility of printing sensitive information in application logs. As a workaround, do not print/output requests and responses for OAuth and client configurations in logs. | 2022-07-22 | not yet calculated | CVE-2022-31162 CONFIRM MISC |
snyk — node-import | This affects all versions of package node-import. The “params” argument of module function can be controlled by users without any sanitization.b. This is then provided to the “eval” function located in line 79 in the index file “index.js”. | 2022-07-25 | not yet calculated | CVE-2020-7678 CONFIRM CONFIRM |
snyk — snyk-broker | This affects the package snyk-broker before 4.73.0. It allows arbitrary file reads for users with access to Snyk’s internal network via directory traversal. | 2022-07-25 | not yet calculated | CVE-2020-7649 CONFIRM CONFIRM CONFIRM |
sonar_wrapper — sonar_wrapper | This affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js. | 2022-07-25 | not yet calculated | CVE-2020-28443 CONFIRM |
sonicwall — sonicwall_hosted_email_security | Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. This vulnerability impacts 10.0.17.7319 and earlier versions | 2022-07-29 | not yet calculated | CVE-2022-2324 CONFIRM |
sonicwall — sonicwall_switch | Improper neutralization of special elements used in a user input allows an authenticated malicious user to perform remote code execution in the host system. This vulnerability impacts SonicWall Switch 1.1.1.0-2s and earlier versions | 2022-07-29 | not yet calculated | CVE-2022-2323 CONFIRM |
sonicwall – sonicwall_gms | Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and earlier versions. | 2022-07-29 | not yet calculated | CVE-2022-22280 CONFIRM |
squirrel — sqclass.cp | sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to Code Execution. If a victim executes an attacker-controlled squirrel script, it is possible for the attacker to break out of the squirrel script sandbox even if all dangerous functionality such as File System functions has been disabled. An attacker might abuse this bug to target (for example) Cloud services that allow customization via SquirrelScripts, or distribute malware through video games that embed a Squirrel Engine. | 2022-07-28 | not yet calculated | CVE-2021-41556 MISC MISC MISC |
student_information_management_system_project — student_information_management_system | Sims v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /addNotifyServlet. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the notifyInfo parameter. | 2022-07-27 | not yet calculated | CVE-2022-34550 MISC MISC |
supsystic — social_share_buttons | Multiple Broken Access Control vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. | 2022-07-22 | not yet calculated | CVE-2022-27235 CONFIRM CONFIRM |
supsystic — social_share_buttons | Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. | 2022-07-22 | not yet calculated | CVE-2022-33960 CONFIRM CONFIRM |
sygnoos — popup_builder | Cross-Site Request Forgery (CSRF) vulnerability in Sygnoos Popup Builder plugin <= 4.1.11 at WordPress allows an attacker to update plugin settings. | 2022-07-22 | not yet calculated | CVE-2022-29495 CONFIRM CONFIRM |
synology — synology_audio_station | Buffer copy without checking size of input (‘Classic Buffer Overflow’) vulnerability in cgi component in Synology Audio Station before 6.5.4-3367 allows remote attackers to execute arbitrary commands via unspecified vectors. | 2022-07-28 | not yet calculated | CVE-2022-27612 CONFIRM |
synology — synology_audio_station | Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in webapi component in Synology Audio Station before 6.5.4-3367 allows remote authenticated users to delete arbitrary files via unspecified vectors. | 2022-07-28 | not yet calculated | CVE-2022-27611 CONFIRM |
synology — synology_calendar | Cross-Site Request Forgery (CSRF) vulnerability in webapi component in Synology Calendar before 2.3.4-0631 allows remote authenticated users to hijack the authentication of administrators via unspecified vectors. | 2022-07-26 | not yet calculated | CVE-2022-22686 CONFIRM |
synology — synology_carddav_server | Improper neutralization of special elements used in an SQL command (‘SQL Injection’) vulnerability in webapi component in Synology CardDAV Server before 6.0.10-0153 allows remote authenticated users to inject SQL commands via unspecified vectors. | 2022-07-28 | not yet calculated | CVE-2022-27613 CONFIRM |
synology — synology_diskstation_manager | Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6.2.3-25423 allows remote authenticated users to delete arbitrary files via unspecified vectors. | 2022-07-27 | not yet calculated | CVE-2022-27610 CONFIRM |
synology — synology_diskstation_manager |
Improper neutralization of special elements used in an OS command (‘OS Command Injection’) vulnerability in task management component in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows remote authenticated users to execute arbitrary commands via unspecified vectors. | 2022-07-28 | not yet calculated | CVE-2022-22684 CONFIRM |
synology — synology_media_server | Buffer copy without checking size of input (‘Classic Buffer Overflow’) vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary code via unspecified vectors. | 2022-07-28 | not yet calculated | CVE-2022-22683 CONFIRM |
synology — synology_webdav_server | Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in webapi component in Synology WebDAV Server before 2.4.0-0062 allows remote authenticated users to delete arbitrary files via unspecified vectors. | 2022-07-28 | not yet calculated | CVE-2022-22685 CONFIRM |
synology – synology_dns_server | Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in cgi component in Synology DNS Server before 2.2.2-5027 allows remote authenticated users to delete arbitrary files via unspecified vectors. | 2022-07-28 | not yet calculated | CVE-2022-27615 CONFIRM |
synology – synology_media_server | Exposure of sensitive information to an unauthorized actor vulnerability in web server in Synology Media Server before 1.8.1-2876 allows remote attackers to obtain sensitive information via unspecified vectors. | 2022-07-28 | not yet calculated | CVE-2022-27614 CONFIRM |
techvill — paymoney | Paymoney v3.3 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities via the first_name and last_name parameters. | 2022-07-26 | not yet calculated | CVE-2022-34991 MISC |
tecrail — responsive_filemanger | A vulnerability was found in Tecrail Responsive Filemanger up to 9.10.x and classified as critical. The manipulation leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 9.11.0 is able to address this issue. It is recommended to upgrade the affected component. | 2022-07-25 | not yet calculated | CVE-2017-20145 MISC MISC |
testimonials_project — testimonials | Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Chinmoy Paul’s Testimonials plugin <= 3.0.1 at WordPress. | 2022-07-22 | not yet calculated | CVE-2022-33191 CONFIRM CONFIRM |
the_document_foundation — libreoffice | LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which weakens the security of the encryption making them vulnerable if an attacker has access to the user’s configuration data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1. | 2022-07-25 | not yet calculated | CVE-2022-26306 MISC |
the_document_foundation — libreoffice | An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only matching the serial number and issuer string of the used certificate with that of a trusted certificate. This is not sufficient to verify that the macro was actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a serial number and an issuer string identical to a trusted certificate which LibreOffice would present as belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1. | 2022-07-25 | not yet calculated | CVE-2022-26305 MISC |
the_document_foundation — libreoffice | LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making the stored passwords vulerable to a brute force attack if an attacker has access to the users stored config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.3. | 2022-07-25 | not yet calculated | CVE-2022-26307 MISC |
the_eclipse_foundation – eclipse_californium | In Eclipse Californium version 2.0.0 to 2.7.2 and 3.0.0-3.5.0 a DTLS resumption handshake falls back to a DTLS full handshake on a parameter mismatch without using a HelloVerifyRequest. Especially, if used with certificate based cipher suites, that results in message amplification (DDoS other peers) and high CPU load (DoS own peer). The misbehavior occurs only with DTLS_VERIFY_PEERS_ON_RESUMPTION_THRESHOLD values larger than 0. | 2022-07-29 | not yet calculated | CVE-2022-2576 CONFIRM |
thenify — thenify | This affects the package thenify before 3.3.1. The name argument provided to the package can be controlled by users without any sanitization, and this is provided to the eval function without any sanitization. | 2022-07-25 | not yet calculated | CVE-2020-7677 CONFIRM CONFIRM CONFIRM CONFIRM |
tipsandtricks-hq — wp_video_lightbox | The WP Video Lightbox WordPress plugin before 1.9.5 does not escape the $_SERVER[‘REQUEST_URI’] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers | 2022-07-25 | not yet calculated | CVE-2022-2189 MISC |
tortall — yasm | An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in find_cc() in modules/preprocs/nasm/nasm-pp.c. | 2022-07-26 | not yet calculated | CVE-2021-33458 MISC MISC |
tovyblox — tovy | Tovy is a a staff management system for Roblox groups. A vulnerability in versions prior to 0.7.51 allows users to log in as other users, including privileged users such as the other of the instance. The problem has been patched in version 0.7.51. | 2022-07-22 | not yet calculated | CVE-2022-31164 MISC CONFIRM |
tplink — tl-r473g | TP-LINK TL-R473G 2.0.1 Build 220529 Rel.65574n was discovered to contain a remote code execution vulnerability which is exploited via a crafted packet. | 2022-07-28 | not yet calculated | CVE-2022-34555 MISC |
trend_micro — trend_micro_apex_one | A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local attacker to escalate privileges on affected installations. The resolution for this issue has been deployed automatically via ActiveUpdate to customers in an updated Spyware pattern. Customers who are up-to-date on detection patterns are not required to take any additional steps to mitigate this issue. | 2022-07-30 | not yet calculated | CVE-2022-36336 MISC MISC |
trend_micro — trend_micro_security | Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. | 2022-07-30 | not yet calculated | CVE-2022-35234 MISC MISC |
trend_micro_inc — vpn_proxy_pro | Trend Micro VPN Proxy Pro version 5.2.1026 and below contains a vulnerability involving some overly permissive folders in a key directory which could allow a local attacker to obtain privilege escalation on an affected system. | 2022-07-30 | not yet calculated | CVE-2022-33158 MISC MISC |
twinkle_toes_software — booked | Open redirect vulnerability in Booked versions prior to 3.3 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL. | 2022-07-26 | not yet calculated | CVE-2022-30706 MISC MISC |
untangle — untangle | untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts XML external entity references. By exploiting this vulnerability, a remote unauthenticated attacker may read the contents of local files. | 2022-07-26 | not yet calculated | CVE-2022-31471 MISC MISC MISC |
untangle — untangle | untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts recursive entity references in DTDs. By exploiting this vulnerability, a remote unauthenticated attacker may cause a denial-of-service (DoS) condition on the server where the product is running. | 2022-07-26 | not yet calculated | CVE-2022-33977 MISC MISC MISC |
veritas — netbackup | An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path on a NetBackup Primary server. | 2022-07-28 | not yet calculated | CVE-2022-36991 MISC |
veritas — netbackup | An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server. | 2022-07-28 | not yet calculated | CVE-2022-36990 MISC |
veritas — netbackup | An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily create directories on a NetBackup Primary server. | 2022-07-28 | not yet calculated | CVE-2022-36995 MISC |
veritas — netbackup | An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges. | 2022-07-28 | not yet calculated | CVE-2022-36985 MISC |
veritas — netbackup | An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server. | 2022-07-28 | not yet calculated | CVE-2022-36987 MISC |
veritas — netbackup | An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server. | 2022-07-28 | not yet calculated | CVE-2022-36999 MISC |
veritas — netbackup | An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server. | 2022-07-28 | not yet calculated | CVE-2022-36988 MISC |
veritas — netbackup | An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server. | 2022-07-28 | not yet calculated | CVE-2022-36989 MISC |
veritas — netbackup | An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with access to a NetBackup Client could remotely gather information about any host known to a NetBackup Primary server. | 2022-07-28 | not yet calculated | CVE-2022-36996 MISC |
veritas — netbackup | An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server. | 2022-07-28 | not yet calculated | CVE-2022-36984 MISC |
veritas — netbackup | In Veritas NetBackup, the NetBackup Client allows arbitrary command execution from any remote host that has access to a valid host-id NetBackup certificate/private key from the same domain. The affects 9.0.x through 9.0.0.1 and 9.1.x through 9.1.0.1. | 2022-07-27 | not yet calculated | CVE-2022-36956 MISC |
veritas — netbackup | An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server (in specific notify conditions). | 2022-07-28 | not yet calculated | CVE-2022-36992 MISC |
veritas — netbackup | An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server. | 2022-07-28 | not yet calculated | CVE-2022-37000 MISC |
veritas — netbackup |
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server. | 2022-07-28 | not yet calculated | CVE-2022-36986 MISC |
veritas — netbackup |
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger impacts that include arbitrary file read, Server-Side Request Forgery (SSRF), and denial of service. | 2022-07-28 | not yet calculated | CVE-2022-36997 MISC |
veritas — netbackup |
In JetBrains IntelliJ IDEA before 2022.2 local code execution via a Vagrant executable was possible | 2022-07-28 | not yet calculated | CVE-2022-37009 MISC |
veritas — netbackup |
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily read files from a NetBackup Primary server. | 2022-07-28 | not yet calculated | CVE-2022-36994 MISC |
veritas — netbackup |
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server. | 2022-07-28 | not yet calculated | CVE-2022-36993 MISC |
veritas — netbackup |
In Veritas NetBackup, an attacker with unprivileged local access to a NetBackup Client may send specific commands to escalate their privileges. This affects 8.0 through 8.1.2, 8.2, 8.3 through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1. | 2022-07-27 | not yet calculated | CVE-2022-36955 MISC |
veritas — netbackup |
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a stack-based buffer overflow on the NetBackup Primary server, resulting in a denial of service. | 2022-07-28 | not yet calculated | CVE-2022-36998 MISC |
veritas — netbackup_opscenter | In Veritas NetBackup OpsCenter, an unauthenticated remote attacker may be able to perform remote command execution through a Java classloader manipulation. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10. | 2022-07-27 | not yet calculated | CVE-2022-36950 MISC |
veritas — netbackup_opscenter | In Veritas NetBackup OpsCenter, under specific conditions, an authenticated remote attacker may be able to create or modify OpsCenter user accounts. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10. | 2022-07-27 | not yet calculated | CVE-2022-36954 MISC |
veritas — netbackup_opscenter |
In Veritas NetBackup OpsCenter, a DOM XSS attack can occur. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10. | 2022-07-27 | not yet calculated | CVE-2022-36948 MISC |
veritas — netbackup_opscenter |
In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10. | 2022-07-27 | not yet calculated | CVE-2022-36952 MISC |
veritas — netbackup_opscenter |
In Veritas NetBackup OpsCenter, an attacker with local access to a NetBackup OpsCenter server could potentially escalate their privileges. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10. | 2022-07-27 | not yet calculated | CVE-2022-36949 MISC |
veritas — netbackup_opscenter |
In Veritas NetBackup OpsCenter, certain endpoints could allow an unauthenticated remote attacker to gain sensitive information. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10. | 2022-07-27 | not yet calculated | CVE-2022-36953 MISC |
veritas — netbackup_opscenter |
In Veritas NetBackup OpsCenter, an unauthenticated remote attacker may compromise the host by exploiting an incorrectly patched vulnerability. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10. | 2022-07-27 | not yet calculated | CVE-2022-36951 MISC |
vim — vim | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0060. | 2022-07-25 | not yet calculated | CVE-2022-2522 MISC CONFIRM |
visam — visam_vbase | VISAM VBASE version 11.6.0.6 is vulnerable to improper access control via the web-remote endpoint, which may allow an unauthenticated user viewing access to folders and files in the directory listing. | 2022-07-27 | not yet calculated | CVE-2021-38417 CONFIRM |
visam – visam_vbase | VISAM VBASE version 11.6.0.6 does not neutralize or incorrectly neutralizes user-controllable input before the data is placed in output used as a public-facing webpage. | 2022-07-27 | not yet calculated | CVE-2021-42535 CONFIRM |
visam – visam_vbase | VISAM VBASE version 11.6.0.6 processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output. | 2022-07-27 | not yet calculated | CVE-2021-42537 CONFIRM |
w-dalil_project — w-dalil | The W-DALIL WordPress plugin through 2.0 does not sanitise and escape some of its fields, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup) | 2022-07-25 | not yet calculated | CVE-2022-2340 MISC MISC |
warehouse_management_system_project – warehouse_management_system_1.0 |
Warehouse Management System v1.0 was discovered to contain a SQL injection vulnerability via the cari parameter. | 2022-07-26 | not yet calculated | CVE-2022-34067 MISC |
wasm3_labs — wasm3 | WASM3 v0.5.0 was discovered to contain a segmentation fault via the component Compile_Memory_CopyFill. | 2022-07-27 | not yet calculated | CVE-2022-34529 MISC |
wavlink — wavlink_firmware | WAVLINK WN579 X3 M79X3.V5030.191012/M79X3.V5030.191012 contains an information leak which allows attackers to obtain the key information via accessing the messages.txt page. | 2022-07-25 | not yet calculated | CVE-2022-34570 MISC MISC |
wavlink — wavlink_firmware | A vulnerability in adm.cgi of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request. | 2022-07-25 | not yet calculated | CVE-2022-34577 MISC MISC |
wavlink — wavlink_firmware | A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request. | 2022-07-25 | not yet calculated | CVE-2022-34576 MISC |
wavlink — wifi_repeater | An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the system key information and execute arbitrary commands via accessing the page syslog.shtml. | 2022-07-25 | not yet calculated | CVE-2022-34571 MISC MISC |
wavlink — wifi_repeater |
An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the key information of the device via accessing Tftpd32.ini. | 2022-07-25 | not yet calculated | CVE-2022-34574 MISC MISC |
wavlink — wifi_repeater |
An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to arbitrarily configure device settings via accessing the page mb_wifibasic.shtml. | 2022-07-25 | not yet calculated | CVE-2022-34573 MISC MISC |
wavlink — wifi_repeater |
An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the telnet password via accessing the page tftp.txt. | 2022-07-25 | not yet calculated | CVE-2022-34572 MISC MISC |
wavlink — wifi_repeater |
An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the key information of the device via accessing fctest.shtml. | 2022-07-25 | not yet calculated | CVE-2022-34575 MISC MISC |
webmin — webmin | The Read Mail module in Webmin 1.995 and Usermin through 1.850 allows XSS via a crafted HTML e-mail message. | 2022-07-27 | not yet calculated | CVE-2022-36880 MISC |
webmin — webmin | software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command. | 2022-07-25 | not yet calculated | CVE-2022-36446 MISC MISC |
wechat — wechat | In the WeChat application 8.0.10 for Android and iOS, a mini program can obtain sensitive information from a user’s address book via wx.searchContacts. | 2022-07-26 | not yet calculated | CVE-2021-40180 MISC MISC MISC |
western_digital — sweet_b_library | When computing a shared secret or point multiplication on the NIST P-256 curve that results in an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The resulting output may cause an error when used in other operations. This may be leveraged by an attacker to cause an error scenario or incorrect choice of session key in applications which use the library, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components. | 2022-07-29 | not yet calculated | CVE-2022-23003 MISC |
western_digital — sweet_b_library | When compressing or decompressing elliptic curve points using the Sweet B library, an incorrect choice of sign bit is used. An attacker with user level privileges and no other user’s assistance can exploit this vulnerability with only knowledge of the public key and the library. The resulting output may cause an error when used in other operations; for instance, verification of a valid signature under a decompressed public key may fail. This may be leveraged by an attacker to cause an error scenario in applications which use the library, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components. | 2022-07-29 | not yet calculated | CVE-2022-23001 MISC |
western_digital — sweet_b_library | When compressing or decompressing a point on the NIST P-256 elliptic curve with an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The resulting output will cause an error when used in other operations. This may be leveraged by an attacker to cause an error scenario in applications which use the library, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components. | 2022-07-29 | not yet calculated | CVE-2022-23002 MISC |
western_digital — sweet_b_library |
When computing a shared secret or point multiplication on the NIST P-256 curve using a public key with an X coordinate of zero, an error is returned from the library, and an invalid unreduced value is written to the output buffer. This may be leveraged by an attacker to cause an error scenario, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components. | 2022-07-29 | not yet calculated | CVE-2022-23004 MISC |
western_digital – western_digital_my_cloud | The Western Digital My Cloud Web App [https://os5.mycloud.com/] uses a weak SSLContext when attempting to configure port forwarding rules. This was enabled to maintain compatibility with old or outdated home routers. By using an “SSL” context instead of “TLS” or specifying stronger validation, deprecated or insecure protocols are permitted. As a result, a local user with no privileges can exploit this vulnerability and jeopardize the integrity, confidentiality and authenticity of information transmitted. The scope of impact cannot extend to other components and no user input is required to exploit this vulnerability. | 2022-07-25 | not yet calculated | CVE-2022-23000 MISC |
western_digital – western_digital_my_cloud | Western Digital My Cloud devices are vulnerable to a cross side scripting vulnerability that can allow a malicious user with elevated privileges access to drives being backed up to construct and inject JavaScript payloads into an authenticated user’s browser. As a result, it may be possible to gain control over the authenticated session, steal data, modify settings, or redirect the user to malicious websites. The scope of impact can extend to other components. | 2022-07-25 | not yet calculated | CVE-2022-22999 MISC |
wikifaces_project — wikifaces | The wikifaces package in PyPI v1.0 included a code execution backdoor inserted by a third party. | 2022-07-22 | not yet calculated | CVE-2022-34509 MISC MISC MISC |
wordpress — wordpress | The Popup Anything WordPress plugin before 2.1.7 does not sanitise and escape a parameter before outputting it back in a frontend page, leading to a Reflected Cross-Site Scripting | 2022-07-25 | not yet calculated | CVE-2022-2115 MISC |
wordpress — wordpress | The Unyson WordPress plugin before 2.7.27 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting | 2022-07-25 | not yet calculated | CVE-2022-2219 MISC |
wordpress — wordpress | Authentication Bypass vulnerability in CodexShaper’s WP OAuth2 Server plugin <= 1.0.1 at WordPress. | 2022-07-22 | not yet calculated | CVE-2022-34839 CONFIRM CONFIRM |
wordpress — wordpress | The Simple Page Transition WordPress plugin through 1.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup) | 2022-07-25 | not yet calculated | CVE-2022-2341 MISC MISC |
wordpress — wordpress | Authenticated (contributor or higher user role) Cross-Site Scripting (XSS) vulnerability in Nico Amarilla’s BxSlider WP plugin <= 2.0.0 at WordPress. | 2022-07-27 | not yet calculated | CVE-2022-33943 CONFIRM CONFIRM |
wordpress — wordpress | The Allow SVG Files WordPress plugin through 1.1 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads | 2022-07-25 | not yet calculated | CVE-2022-2299 MISC |
wordpress — wordpress | Authenticated WordPress Options Change vulnerability in Biplob Adhikari’s Flipbox plugin <= 2.6.0 at WordPress. | 2022-07-25 | not yet calculated | CVE-2022-33969 CONFIRM CONFIRM |
wordpress — wordpress | The Name Directory WordPress plugin before 1.25.4 does not have CSRF check when importing names, and is also lacking sanitisation as well as escaping in some of the imported data, which could allow attackers to make a logged in admin import arbitrary names with XSS payloads in them. | 2022-07-25 | not yet calculated | CVE-2022-2071 MISC |
wordpress — wordpress | The Professional Social Sharing Buttons, Icons & Related Posts WordPress plugin before 9.7.6 does not have proper authorisation check in one of the AJAX action, available to unauthenticated (in v < 9.7.5) and author+ (in v9.7.5) users, allowing them to call it and retrieve various information such as the list of active plugins, various version like PHP, cURL, WP etc. | 2022-07-25 | not yet calculated | CVE-2022-0594 MISC |
wordpress — wordpress | The Exports and Reports WordPress plugin before 0.9.2 does not sanitize and validate data when generating the CSV to export, which could lead to a CSV injection, by the use of Microsoft Excel DDE function, or to leak data via maliciously injected hyperlinks. | 2022-07-25 | not yet calculated | CVE-2022-1539 MISC |
wordpress — wordpress | The SP Project & Document Manager WordPress plugin through 4.57 uses an easily guessable path to store user files, bad actors could use that to access other users’ sensitive files. | 2022-07-25 | not yet calculated | CVE-2022-1551 MISC |
wordpress — wordpress | The Header Footer Code Manager WordPress plugin before 1.1.24 does not escape generated URLs before outputting them back in attributes in an admin page, leading to a Reflected Cross-Site Scripting. | 2022-07-25 | not yet calculated | CVE-2022-0899 MISC |
wordpress — wordpress | The Name Directory WordPress plugin before 1.25.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting. Furthermore, as the payload is also saved into the database after the request, it leads to a Stored XSS as well | 2022-07-25 | not yet calculated | CVE-2022-2072 MISC |
wordpress — wordpress |
Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in GS Plugins GS Testimonial Slider plugin <= 1.9.1 at WordPress. | 2022-07-28 | not yet calculated | CVE-2022-35882 CONFIRM CONFIRM |
wordpress — wordpress |
Authenticated (high role user) WordPress Options Change vulnerability in Biplob Adhikari’s Tabs plugin <= 3.6.0 at WordPress. | 2022-07-25 | not yet calculated | CVE-2022-36375 CONFIRM CONFIRM |
wordpress — wordpress |
Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in PluginlySpeaking Floating Div plugin <= 3.0 at WordPress. | 2022-07-29 | not yet calculated | CVE-2022-36378 CONFIRM CONFIRM |
wordpress — wordpress |
WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files is prone to multiple vulnerabilities, including open proxy and security bypass vulnerabilities because it fails to properly verify user-supplied input. An attacker may leverage these issues to hide attacks directed at a target site from behind vulnerable website or to perform otherwise restricted actions and subsequently download files with the extension mp3, mp4a, wav and ogg from anywhere the web server application has read access to the system. WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files version 1.7.6 is vulnerable; prior versions may also be affected. | 2022-07-28 | not yet calculated | CVE-2016-0796 MISC MISC |
wordpress — wordpress |
The Gutenberg plugin through 13.7.3 for WordPress allows stored XSS by the Contributor role via an SVG document to the “Insert from URL” feature. NOTE: the XSS payload does not execute in the context of the WordPress instance’s domain; however, analogous attempts by low-privileged users to reference SVG documents are blocked by some similar products, and this behavioral difference might have security relevance to some WordPress site administrators. | 2022-07-30 | not yet calculated | CVE-2022-33994 MISC |
wordpress — wordpress |
Authenticated WordPress Options Change vulnerability in Biplob018 Shortcode Addons plugin <= 3.1.2 at WordPress. | 2022-07-27 | not yet calculated | CVE-2022-33970 CONFIRM CONFIRM |
wpwax — team | Multiple Authenticated (contributor or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress. | 2022-07-22 | not yet calculated | CVE-2022-34853 CONFIRM CONFIRM |
wpwax — team | Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress. | 2022-07-22 | not yet calculated | CVE-2022-34650 CONFIRM CONFIRM |
xen — tlp_flush | insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / value between old and new code positions. The now wrong use of the variable did lead to a wrong TLB flush condition, omitting flushes where such are necessary. | 2022-07-26 | not yet calculated | CVE-2022-33745 MISC CONFIRM MLIST MLIST FEDORA |
xiaomi — smarthome | information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information. | 2022-07-22 | not yet calculated | CVE-2020-14114 MISC |
xiaomi — sound | Information leakage vulnerability exists in the Mi Sound APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information. | 2022-07-22 | not yet calculated | CVE-2020-14126 MISC |
xopen — xopen | This affects all versions of package xopen. The injection point is located in line 14 in index.js in the exported function xopen(filepath) | 2022-07-25 | not yet calculated | CVE-2020-28447 CONFIRM |
yasm — yasm | An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expand_mmacro() in modules/preprocs/nasm/nasm-pp.c. | 2022-07-26 | not yet calculated | CVE-2021-33465 MISC MISC |
yasm — yasm | An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in nasm_parser_directive() in modules/parsers/nasm/nasm-parse.c. | 2022-07-26 | not yet calculated | CVE-2021-33459 MISC MISC |
yasm — yasm | An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasm_expr__copy_except() in libyasm/expr.c. | 2022-07-26 | not yet calculated | CVE-2021-33463 MISC MISC |
yasm — yasm | An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expand_mmac_params() in modules/preprocs/nasm/nasm-pp.c. | 2022-07-26 | not yet calculated | CVE-2021-33457 MISC MISC |
yasm — yasm | An issue was discovered in yasm version 1.3.0. There is a heap-buffer-overflow in inc_fopen() in modules/preprocs/nasm/nasm-pp.c. | 2022-07-26 | not yet calculated | CVE-2021-33464 MISC MISC |
yasm — yasm | An issue was discovered in yasm version 1.3.0. There is a use-after-free in yasm_intnum_destroy() in libyasm/intnum.c. | 2022-07-26 | not yet calculated | CVE-2021-33461 MISC MISC |
yasm — yasm | An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in do_directive() in modules/preprocs/nasm/nasm-pp.c. | 2022-07-26 | not yet calculated | CVE-2021-33455 MISC MISC |
yasm — yasm | An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasm_expr_get_intnum() in libyasm/expr.c. | 2022-07-26 | not yet calculated | CVE-2021-33454 MISC MISC |
yasm — yasm | An issue was discovered in yasm version 1.3.0. There is a use-after-free in expr_traverse_nodes_post() in libyasm/expr.c. | 2022-07-26 | not yet calculated | CVE-2021-33462 MISC MISC |
yasm — yasm | An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expand_smacro() in modules/preprocs/nasm/nasm-pp.c. | 2022-07-26 | not yet calculated | CVE-2021-33466 MISC MISC |
yasm — yasm | An issue was discovered in yasm version 1.3.0. There is a use-after-free in pp_getline() in modules/preprocs/nasm/nasm-pp.c. | 2022-07-26 | not yet calculated | CVE-2021-33467 MISC MISC |
yasm — yasm | An issue was discovered in yasm version 1.3.0. There is a use-after-free in error() in modules/preprocs/nasm/nasm-pp.c. | 2022-07-26 | not yet calculated | CVE-2021-33468 MISC MISC |
yasm — yasm | An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in if_condition() in modules/preprocs/nasm/nasm-pp.c. | 2022-07-26 | not yet calculated | CVE-2021-33460 MISC MISC |
yasm — yasm | An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in hash() in modules/preprocs/nasm/nasm-pp.c. | 2022-07-26 | not yet calculated | CVE-2021-33456 MISC MISC |
zephyr — zephyr | In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning. | 2022-07-26 | not yet calculated | CVE-2022-1041 MISC |
zephyr — zephyr | In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning. | 2022-07-26 | not yet calculated | CVE-2022-1042 MISC |
zoho — manageengine_supportcenter_plus | In Zoho ManageEngine SupportCenter Plus before 11023, V3 API requests are vulnerable to authentication bypass. (An API request may, in effect, be executed with the credentials of a user who authenticated in the past.) | 2022-07-26 | not yet calculated | CVE-2022-36412 MISC |
zulip — zulip | Zulip is an open source team chat tool. Due to an incorrect authorization check in Zulip Server 5.4 and earlier, a member of an organization could craft an API call that grants organization administrator privileges to one of their bots. The vulnerability is fixed in Zulip Server 5.5. Members who don’t own any bots, and lack permission to create them, can’t exploit the vulnerability. As a workaround for the vulnerability, an organization administrator can restrict the `Who can create bots` permission to administrators only, and change the ownership of existing bots. | 2022-07-22 | not yet calculated | CVE-2022-31168 MISC MISC CONFIRM |
zulip — zulip |
In zulip before 1.3.12, deactivated users could access messages if SSO was enabled. | 2022-07-28 | not yet calculated | CVE-2016-4427 MISC |
zulip — zulip |
In zulip before 1.3.12, bot API keys were accessible to other users in the same realm. | 2022-07-28 | not yet calculated | CVE-2016-4426 MISC |
This product is provided subject to this Notification and this Privacy & Use policy.
Please share your thoughts.
CISA recently updated an anonymous product survey;they’d welcome your feedback.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon using the button below
To keep up to date follow us on the below channels.