US-CERT Bulletin (SB22-178):Vulnerability Summary for the Week of June 20, 2022
Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
High Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
There were no high vulnerabilities recorded this week. |
Medium Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
There were no medium vulnerabilities recorded this week. |
Low Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
There were no low vulnerabilities recorded this week. |
Severity Not Yet Assigned
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
Rails::Html::Sanitizer — Rails::Html::Sanitizer |
# Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3## ImpactA possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer’s allowed tags to allow both `select` and `style` elements.Code is only impacted if allowed tags are being overridden. This may be done via application configuration:“`ruby# In config/application.rbconfig.action_view.sanitized_allowed_tags = [“select”, “style”]“`see https://guides.rubyonrails.org/configuring.html#configuring-action-viewOr it may be done with a `:tags` option to the Action View helper `sanitize`:“`<%= sanitize @comment.body, tags: [“select”, “style”] %>“`see https://api.rubyonrails.org/classes/ActionView/Helpers/SanitizeHelper.html#method-i-sanitizeOr it may be done with Rails::Html::SafeListSanitizer directly:“`ruby# class-level optionRails::Html::SafeListSanitizer.allowed_tags = [“select”, “style”]“`or“`ruby# instance-level optionRails::Html::SafeListSanitizer.new.sanitize(@article.body, tags: [“select”, “style”])“`All users overriding the allowed tags by any of the above mechanisms to include both “select” and “style” should either upgrade or use one of the workarounds immediately.## ReleasesThe FIXED releases are available at the normal locations.## WorkaroundsRemove either `select` or `style` from the overridden allowed tags.## CreditsThis vulnerability was responsibly reported by [windshock](https://hackerone.com/windshock?type=user). | 2022-06-24 | not yet calculated | CVE-2022-32209 MISC |
abb — multiple_products |
Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node. | 2022-06-21 | not yet calculated | CVE-2022-1596 MISC |
adminer_login — adminer_login |
A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper access controls. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | 2022-06-20 | not yet calculated | CVE-2017-20066 N/A N/A N/A |
aio-libs — aiohttp |
** DISPUTED ** AIOHTTP 3.8.1 can report a “ValueError: Invalid IPv6 URL” outcome, which can lead to a Denial of Service (DoS). NOTE: multiple third parties dispute this issue because there is no example of a context in which denial of service would occur, and many common contexts have exception handing in the calling application. | 2022-06-23 | not yet calculated | CVE-2022-33124 MISC |
algo_communication_products — 8373_ip_zone_paging_adapter_firmware |
Algo Communication Products Ltd. 8373 IP Zone Paging Adapter Firmware 1.7.6 allows attackers to perform a directory traversal via a web request sent to /fm-data.lua. | 2022-06-23 | not yet calculated | CVE-2022-31395 MISC |
apache — multiple_products |
Apache Sling Commons Log <= 5.4.0 and Apache Sling API <= 2.25.0 are vulnerable to log injection. The ability to forge logs may allow an attacker to cover tracks by injecting fake logs and potentially corrupt log files. | 2022-06-22 | not yet calculated | CVE-2022-32549 CONFIRM |
apache — tomcat |
In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability. | 2022-06-23 | not yet calculated | CVE-2022-34305 CONFIRM MLIST |
apache — www-data |
The www-data (Apache web server) account is configured to run sudo with no password for many commands (including /bin/sh and /bin/bash). | 2022-06-24 | not yet calculated | CVE-2022-2104 MISC |
apple — iphone |
** DISPUTED ** A vulnerability was found in Apple iPhone up to 12.4.1. It has been declared as critical. Affected by this vulnerability is Siri. Playing an audio or video file might be able to initiate Siri on the same device which makes it possible to execute commands remotely. Exploit details have been disclosed to the public. The existence and implications of this vulnerability are doubted by Apple even though multiple public videos demonstrating the attack exist. Upgrading to version 13.0 migt be able to address this issue. It is recommended to upgrade affected devices. | 2022-06-25 | not yet calculated | CVE-2019-25071 N/A N/A N/A |
argoproj — argo-cd |
Argo CD is a declarative continuous deployment for Kubernetes. Argo CD versions v0.7.0 and later are vulnerable to an uncontrolled memory consumption bug, allowing an authorized malicious user to crash the repo-server service, resulting in a Denial of Service. The attacker must be an authenticated Argo CD user authorized to deploy Applications from a repository which contains (or can be made to contain) a large file. The fix for this vulnerability is available in versions 2.3.5, 2.2.10, 2.1.16, and later. There are no known workarounds. Users are recommended to upgrade. | 2022-06-25 | not yet calculated | CVE-2022-31016 CONFIRM |
atlasvpn — atlasvpn |
AtlasVPN – Privilege Escalation Lack of proper security controls on named pipe messages can allow an attacker with low privileges to send a malicious payload and gain SYSTEM permissions on a windows computer where the AtlasVPN client is installed. | 2022-06-21 | not yet calculated | CVE-2022-23171 MISC |
autodesk — autocad |
A maliciously crafted JT file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution. | 2022-06-21 | not yet calculated | CVE-2022-27867 MISC |
autodesk — autocad |
Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code. | 2022-06-21 | not yet calculated | CVE-2022-27871 MISC |
autodesk — autocad |
A maliciously crafted TGA file in Autodesk AutoCAD 2023 may be used to write beyond the allocated buffer while parsing TGA file. This vulnerability may be exploited to execute arbitrary code. | 2022-06-21 | not yet calculated | CVE-2022-27870 MISC |
autodesk — autocad |
A maliciously crafted TIFF file in Autodesk AutoCAD 2023 can be forced to read and write beyond allocated boundaries when parsing the TIFF file. This vulnerability can be exploited to execute arbitrary code. | 2022-06-21 | not yet calculated | CVE-2022-27869 MISC |
autodesk — autocad |
A maliciously crafted CAT file in Autodesk AutoCAD 2023 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution. | 2022-06-21 | not yet calculated | CVE-2022-27868 MISC |
autodesk — navisworks |
A maliciously crafted PDF file may be used to dereference a pointer for read or write operation while parsing PDF files in Autodesk Navisworks 2022. The vulnerability exists because the application fails to handle a crafted PDF file, which causes an unhandled exception. An attacker can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code. | 2022-06-21 | not yet calculated | CVE-2022-27872 MISC |
bosch — ethernet_switch_pra-es8p2s |
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch. | 2022-06-23 | not yet calculated | CVE-2022-32535 CONFIRM |
bosch — ethernet_switch_pra-es8p2s |
The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights. | 2022-06-23 | not yet calculated | CVE-2022-32536 CONFIRM |
bosch — ethernet_switch_pra-es8p2s |
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands. | 2022-06-23 | not yet calculated | CVE-2022-32534 CONFIRM |
c_rehash — multiple_products |
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze). | 2022-06-21 | not yet calculated | CVE-2022-2068 CONFIRM CONFIRM CONFIRM CONFIRM |
campcodes — simple_bakery_shop_management_system |
Multiple cross-site scripting (XSS) vulnerabilities in /bsms/?page=manage_account of Simple Bakery Shop Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username or Full Name fields. | 2022-06-23 | not yet calculated | CVE-2022-32987 MISC MISC |
cisco — adaptive_security_device_manager_(asdm) |
A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. Cisco ADSM must be deployed in a shared workstation environment for this issue to be exploited. This vulnerability is due to the storage of unencrypted credentials in certain logs. An attacker could exploit this vulnerability by accessing the logs on an affected system. A successful exploit could allow the attacker to view the credentials of other users of the shared device. | 2022-06-22 | not yet calculated | CVE-2022-20651 CISCO |
cisco — adaptive_security_device_manager_(asdm) |
A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software. This vulnerability is due to insufficient validation of the authenticity of an ASDM image during its installation on a device that is running Cisco ASA Software. An attacker could exploit this vulnerability by installing a crafted ASDM image on the device that is running Cisco ASA Software and then waiting for a targeted user to access that device using ASDM. A successful exploit could allow the attacker to execute arbitrary code on the machine of the targeted user with the privileges of that user on that machine. Notes: To successfully exploit this vulnerability, the attacker must have administrative privileges on the device that is running Cisco ASA Software. Potential targets are limited to users who manage the same device that is running Cisco ASA Software using ASDM. Cisco has released and will release software updates that address this vulnerability. | 2022-06-24 | not yet calculated | CVE-2022-20829 CISCO |
cisco — catalyst_2940_series_switches |
** Unsupported When Assigned ** Cisco Catalyst 2940 Series Switches provided by Cisco Systems, Inc. contain a reflected cross-site scripting vulnerability regarding error page generation. An arbitrary script may be executed on the web browser of the user who is using the product. The affected firmware is prior to 12.2(50)SY released in 2011, and Cisco Catalyst 2940 Series Switches have been retired since January 2015. | 2022-06-20 | not yet calculated | CVE-2022-31734 MISC MISC |
cisco — firepower_software_for_adptive_security_appliancew_(asa)_firepower_module |
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco ASA that is hosting the ASA FirePOWER module. Note: To exploit this vulnerability, the attacker must have administrative access to the Cisco ASA. A user who has administrative access to a particular Cisco ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco ASA. | 2022-06-24 | not yet calculated | CVE-2022-20828 CISCO |
cloudflare — warp_for_windows |
Cloudflare Warp for Windows from version 2022.2.95.0 contained an unquoted service path which enables arbitrary code execution leading to privilege escalation. The fix was released in version 2022.3.186.0. | 2022-06-23 | not yet calculated | CVE-2022-2147 CONFIRM |
codesys — gateway_server |
In CODESYS Gateway Server V2 for versions prior to V2.3.9.38 only a part of the the specified password is been compared to the real CODESYS Gateway password. An attacker may perform authentication by specifying a small password that matches the corresponding part of the longer real CODESYS Gateway password. | 2022-06-24 | not yet calculated | CVE-2022-31802 CONFIRM |
codesys — gateway_server |
The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected limits. An unauthenticated attacker may allocate an arbitrary amount of memory, which may lead to a crash of the Gateway due to an out-of-memory condition. | 2022-06-24 | not yet calculated | CVE-2022-31804 CONFIRM |
codesys — gateway_server |
In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connections are not affected and therefore remain intact. | 2022-06-24 | not yet calculated | CVE-2022-31803 CONFIRM |
codesys — multiple_products | Multiple CODESYS Products are prone to a buffer over read. A low privileged remote attacker may craft a request with an invalid offset, which can cause an internal buffer over-read, resulting in a denial-of-service condition. User interaction is not required. | 2022-06-24 | not yet calculated | CVE-2022-32141 CONFIRM |
codesys — multiple_products |
In multiple CODESYS products, a low privileged remote attacker may craft a request that cause a read access to an uninitialized pointer, resulting in a denial-of-service. User interaction is not required. | 2022-06-24 | not yet calculated | CVE-2022-32136 CONFIRM |
codesys — multiple_products |
In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the controller. | 2022-06-24 | not yet calculated | CVE-2022-31806 CONFIRM |
codesys — multiple_products |
Multiple products of CODESYS implement a improper error handling. A low privilege remote attacker may craft a request, which is not properly processed by the error handling. In consequence, the file referenced by the request could be deleted. User interaction is not required. | 2022-06-24 | not yet calculated | CVE-2022-1965 CONFIRM |
codesys — multiple_products |
In multiple CODESYS products, a low privileged remote attacker may craft a request, which may cause a heap-based buffer overflow, resulting in a denial-of-service condition or memory overwrite. User interaction is not required. | 2022-06-24 | not yet calculated | CVE-2022-32137 CONFIRM |
codesys — multiple_products |
In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected. | 2022-06-24 | not yet calculated | CVE-2022-31805 CONFIRM |
codesys — multiple_products |
Multiple CODESYS products are affected to a buffer overflow.A low privileged remote attacker may craft a request, which can cause a buffer copy without checking the size of the service, resulting in a denial-of-service condition. User Interaction is not required. | 2022-06-24 | not yet calculated | CVE-2022-32140 CONFIRM |
codesys — multiple_products |
Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a change of local files. User interaction is not required. | 2022-06-24 | not yet calculated | CVE-2022-32142 CONFIRM |
codesys — multiple_products |
In multiple CODESYS products, file download and upload function allows access to internal files in the working directory e.g. firmware files of the PLC. All requests are processed on the controller only if no level 1 password is configured on the controller or if remote attacker has previously successfully authenticated himself to the controller. A successful Attack may lead to a denial of service, change of local files, or drain of confidential Information. User interaction is not required | 2022-06-24 | not yet calculated | CVE-2022-32143 CONFIRM |
codesys — multiple_products |
In multiple CODESYS products, a remote attacker may craft a request which may cause an unexpected sign extension, resulting in a denial-of-service condition or memory overwrite. | 2022-06-24 | not yet calculated | CVE-2022-32138 CONFIRM |
codesys — multiple_products |
In multiple CODESYS products, a low privileged remote attacker may craft a request, which cause an out-of-bounds read, resulting in a denial-of-service condition. User Interaction is not required. | 2022-06-24 | not yet calculated | CVE-2022-32139 CONFIRM |
comodo — antivirus |
Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privileged attacker can use an NTFS directory junction to restore a malicious DLL from quarantine into the System32 folder. | 2022-06-21 | not yet calculated | CVE-2022-34008 MISC MISC |
concretecms — concrete |
Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 allow traversal in /index.php/ccm/system/file/upload which could result in an Arbitrary File Delete exploit. This was remediated by sanitizing /index.php/ccm/system/file/upload to ensure Concrete doesn’t allow traversal and by changing isFullChunkFilePresent to have an early false return when input doesn’t match expectations.Concrete CMS Security team ranked this 5.8 with CVSS v3.1 vector AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H. Credit to Siebene for reporting. | 2022-06-24 | not yet calculated | CVE-2022-30117 MISC MISC MISC |
concretecms — concretecms |
Title for CVE: XSS in /dashboard/system/express/entities/forms/save_control/[GUID]: old browsers only.Description: When using Internet Explorer with the XSS protection disabled, editing a form control in an express entities form for Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 can allow XSS. This cannot be exploited in modern-day web browsers due to an automatic input escape mechanism. Concrete CMS Security team ranked this vulnerability 2 with CVSS v3.1 Vector AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N. Thanks zeroinside for reporting. | 2022-06-24 | not yet calculated | CVE-2022-30118 MISC MISC MISC |
concretecms — concretecms |
XSS in /dashboard/reports/logs/view – old browsers only. When using Internet Explorer with the XSS protection disabled, insufficient sanitation where built urls are outputted can be exploited for Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2. This cannot be exploited in modern-day web browsers due to an automatic input escape mechanism. Concrete CMS Security team ranked this vulnerability 2 with CVSS v3.1 Vector AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N. Thanks zeroinside for reporting. | 2022-06-24 | not yet calculated | CVE-2022-30119 MISC MISC MISC |
concretecms — concretecms |
XSS in /dashboard/blocks/stacks/view_details/ – old browsers only. When using an older browser with built-in XSS protection disabled, insufficient sanitation where built urls are outputted can be exploited for Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 to allow XSS. This cannot be exploited in modern-day web browsers due to an automatic input escape mechanism. Concrete CMS Security team ranked this vulnerability 3.1with CVSS v3.1 Vector AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N. Sanitation has been added where built urls are output. Credit to Credit to Bogdan Tiron from FORTBRIDGE (https://www.fortbridge.co.uk/ ) for reporting | 2022-06-24 | not yet calculated | CVE-2022-30120 MISC MISC MISC |
concretecms — concretecms |
Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concrete_secure’ instead of ‘concrete’. Concrete now only makes requests over https even a request comes in via http. Concrete CMS security team ranked this 8 with CVSS v3.1 vector: AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H Credit goes to Anna for reporting HackerOne 1482520. | 2022-06-24 | not yet calculated | CVE-2022-21829 MISC MISC MISC |
deep-get-set — deep-get-set | All versions of package deep-get-set are vulnerable to Prototype Pollution via the ‘deep’ function. **Note:** This vulnerability derives from an incomplete fix of [CVE-2020-7715](https://security.snyk.io/vuln/SNYK-JS-DEEPGETSET-598666) | 2022-06-24 | not yet calculated | CVE-2022-21231 CONFIRM |
dell — bios |
Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM. | 2022-06-23 | not yet calculated | CVE-2022-26864 MISC |
dell — bios |
Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM. | 2022-06-23 | not yet calculated | CVE-2022-26863 MISC |
dell — bios |
Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM. | 2022-06-23 | not yet calculated | CVE-2022-26862 MISC |
dell — wms |
Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. | 2022-06-24 | not yet calculated | CVE-2022-29097 CONFIRM |
dell — wyse_management_suite |
Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in saveGroupConfigurations page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user’s web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. | 2022-06-24 | not yet calculated | CVE-2022-29096 CONFIRM |
devolutions — remote_desktop_manager |
A path traversal issue in entry attachments in Devolutions Remote Desktop Manager before 2022.2 allows attackers to create or overwrite files in an arbitrary location. | 2022-06-21 | not yet calculated | CVE-2022-33995 MISC |
diffy — diffy |
The function that calls the diff tool in Diffy 3.4.1 does not properly handle double quotes in a filename when run in a windows environment. This allows attackers to execute arbitrary commands via a crafted string. | 2022-06-23 | not yet calculated | CVE-2022-33127 MISC MISC |
discourse — discourse_chat_plugin |
discourse-chat is a chat plugin for the Discourse application. Versions prior to 0.4 are vulnerable to an exposure of sensitive information, where an attacker who knows the message ID for a channel they do not have access to can view that message using the chat message lookup endpoint, primarily affecting direct message channels. There are no known workarounds for this issue, and users are advised to update the plugin. | 2022-06-21 | not yet calculated | CVE-2022-31095 CONFIRM |
django-navbar-client — django-navbar-client | The django-navbar-client package of v0.9.50 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-32996 MISC MISC MISC |
dominion — dominion_voting_systems_imagecast_x | The tested version of Dominion Voting Systems ImageCast X does not validate application signatures to a trusted root certificate. Use of a trusted root certificate ensures software installed on a device is traceable to, or verifiable against, a cryptographic key provided by the manufacturer to detect tampering. An attacker could leverage this vulnerability to install malicious code, which could also be spread to other vulnerable ImageCast X devices via removable media. | 2022-06-24 | not yet calculated | CVE-2022-1739 MISC |
dominion — dominion_voting_systems_imagecast_x |
The authentication mechanism used by voters to activate a voting session on the tested version of Dominion Voting Systems ImageCast X is susceptible to forgery. An attacker could leverage this vulnerability to print an arbitrary number of ballots without authorization. | 2022-06-24 | not yet calculated | CVE-2022-1747 MISC |
dominion — dominion_voting_systems_imagecast_x |
The tested version of Dominion Voting Systems ImageCast X has a Terminal Emulator application which could be leveraged by an attacker to gain elevated privileges on a device and/or install malicious code. | 2022-06-24 | not yet calculated | CVE-2022-1741 MISC |
dominion — dominion_voting_systems_imagecast_x |
The tested version of Dominion Voting Systems ImageCast X’s on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. An attacker could leverage this vulnerability to disguise malicious applications on a device. | 2022-06-24 | not yet calculated | CVE-2022-1740 MISC |
dominion — dominion_voting_systems_imagecast_x |
The authentication mechanism used by poll workers to administer voting using the tested version of Dominion Voting Systems ImageCast X can expose cryptographic secrets used to protect election information. An attacker could leverage this vulnerability to gain access to sensitive information and perform privileged actions, potentially affecting other election equipment. | 2022-06-24 | not yet calculated | CVE-2022-1746 MISC |
dominion — dominion_voting_systems_imagecast_x |
The tested version of Dominion Voting System ImageCast X can be manipulated to cause arbitrary code execution by specially crafted election definition files. An attacker could leverage this vulnerability to spread malicious code to ImageCast X devices from the EMS. | 2022-06-24 | not yet calculated | CVE-2022-1743 MISC |
dominion — dominion_voting_systems_imagecast_x |
The tested version of Dominion Voting Systems ImageCast X allows for rebooting into Android Safe Mode, which allows an attacker to directly access the operating system. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code. | 2022-06-24 | not yet calculated | CVE-2022-1742 MISC |
dominion — dominion_voting_systems_imagecast_x |
The authentication mechanism used by technicians on the tested version of Dominion Voting Systems ImageCast X is susceptible to forgery. An attacker with physical access may use this to gain administrative privileges on a device and install malicious code or perform arbitrary administrative actions. | 2022-06-24 | not yet calculated | CVE-2022-1745 MISC |
dominion — dominion_voting_systems_imagecast_x |
Applications on the tested version of Dominion Voting Systems ImageCast X can execute code with elevated privileges by exploiting a system level service. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code. | 2022-06-24 | not yet calculated | CVE-2022-1744 MISC |
dradispro — dradis_professional_edition | Dradis Professional Edition before 4.3.0 allows attackers to change an account password via reusing a password reset token. | 2022-06-24 | not yet calculated | CVE-2022-30028 MISC |
eagleget — downloader |
A local privilege escalation vulnerability was identified within the “luminati_net_updater_win_eagleget_com” service in EagleGet Downloader version 2.1.5.20 Stable. This issue allows authenticated non-administrative user to escalate their privilege and conduct code execution as a SYSTEM privilege. | 2022-06-24 | not yet calculated | CVE-2020-21046 MISC MISC |
eg350_eg_rgos |
RG-EG series gateway EG350 EG_RGOS 11.1(6) was discovered to contain a SQL injection vulnerability via the function get_alarmAction at /alarm_pi/alarmService.php. | 2022-06-25 | not yet calculated | CVE-2022-33128 MISC |
elefantcms — elefantcms |
A vulnerability was found in Elefant CMS 1.3.12-RC. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /designer/add/layout. The manipulation leads to code injection. The attack can be launched remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | 2022-06-20 | not yet calculated | CVE-2017-20064 MISC MISC |
elefantcms — elefantcms |
A vulnerability was found in Elefant CMS 1.3.12-RC and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | 2022-06-20 | not yet calculated | CVE-2017-20062 MISC MISC |
elefantcms — elefantcms |
A vulnerability has been found in Elefant CMS 1.3.12-RC and classified as problematic. This vulnerability affects unknown code of the file /admin/extended. The manipulation of the argument name with the input %3Cimg%20src=no%20onerror=alert(1)%3E leads to basic cross site scripting (Reflected). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | 2022-06-20 | not yet calculated | CVE-2017-20061 MISC MISC |
elefantcms — elefantcms |
A vulnerability, which was classified as problematic, was found in Elefant CMS 1.3.12-RC. This affects an unknown part of the component Blog Post Handler. The manipulation leads to basic cross site scripting (Persistent). It is possible to initiate the attack remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | 2022-06-20 | not yet calculated | CVE-2017-20060 MISC MISC |
elefantcms — elefantcms |
A vulnerability, which was classified as problematic, has been found in Elefant CMS 1.3.12-RC. Affected by this issue is some unknown functionality of the component Title Handler. The manipulation with the input </title><img src=no onerror=alert(1)> leads to basic cross site scripting (Persistent). The attack may be launched remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | 2022-06-20 | not yet calculated | CVE-2017-20059 MISC MISC |
elefantcms — elefantcms |
A vulnerability classified as problematic was found in Elefant CMS 1.3.12-RC. Affected by this vulnerability is an unknown functionality of the component Version Comparison. The manipulation leads to basic cross site scripting (Persistent). The attack can be launched remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | 2022-06-20 | not yet calculated | CVE-2017-20058 MISC MISC |
elefantcms — elefantcms |
A vulnerability classified as problematic has been found in Elefant CMS 1.3.12-RC. Affected is an unknown function. The manipulation of the argument username leads to basic cross site scripting (Persistent). It is possible to launch the attack remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | 2022-06-20 | not yet calculated | CVE-2017-20057 MISC MISC |
elefantcms — elefantcms |
A vulnerability was found in Elefant CMS 1.3.12-RC. It has been classified as critical. Affected is an unknown function of the file /filemanager/upload/drop of the component File Upload. The manipulation leads to improper privilege management. It is possible to launch the attack remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | 2022-06-20 | not yet calculated | CVE-2017-20063 MISC MISC |
erpnext — erpnext |
In ERPNext, versions v13.0.0-beta.13 through v13.30.0 are vulnerable to Stored XSS at the Patient History page which allows a low privilege user to conduct an account takeover attack. | 2022-06-22 | not yet calculated | CVE-2022-23056 MISC MISC |
erpnext — erpnext |
ERPNext in versions v12.0.9-v13.0.3 are affected by a stored XSS vulnerability that allows low privileged users to store malicious scripts in the ‘username’ field in ‘my settings’ which can lead to full account takeover. | 2022-06-22 | not yet calculated | CVE-2022-23058 MISC MISC |
erpnext — erpnext |
In ERPNext, versions v11.0.0-beta through v13.0.2 are vulnerable to Missing Authorization, in the chat rooms functionality. A low privileged attacker can send a direct message or a group message to any member or group, impersonating themselves as the administrator. The attacker can also read chat messages of groups that they do not belong to, and of other users. | 2022-06-22 | not yet calculated | CVE-2022-23055 MISC MISC |
erpnext — erpnext |
In ERPNext, versions v12.0.9–v13.0.3 are vulnerable to Stored Cross-Site-Scripting (XSS), due to user input not being validated properly. A low privileged attacker could inject arbitrary code into input fields when editing his profile. | 2022-06-22 | not yet calculated | CVE-2022-23057 MISC MISC |
espressif — bluetooth_meth_sdk |
ESP-IDF is the official development framework for Espressif SoCs. In Espressif’s Bluetooth Mesh SDK (`ESP-BLE-MESH`), a memory corruption vulnerability can be triggered during provisioning, because there is no check for the `SegN` field of the Transaction Start PDU. This can result in memory corruption related attacks and potentially attacker gaining control of the entire system. Patch commits are available on the 4.1, 4.2, 4.3 and 4.4 branches and users are recommended to upgrade. The upgrade is applicable for all applications and users of `ESP-BLE-MESH` component from `ESP-IDF`. As it is implemented in the Bluetooth Mesh stack, there is no workaround for the user to fix the application layer without upgrading the underlying firmware. | 2022-06-25 | not yet calculated | CVE-2022-24893 CONFIRM |
ethereum — solidity | Ethereum Solidity v0.8.14 contains an assertion failure via SMTEncoder::indexOrMemberAssignment() at SMTEncoder.cpp. | 2022-06-23 | not yet calculated | CVE-2022-33069 MISC |
excellium — raytion | Raytion 7.2.0 allows reflected Cross-site Scripting (XSS). | 2022-06-25 | not yet calculated | CVE-2022-29931 MISC |
eyoucms — eyoucms |
A stored cross-site scripting (XSS) vulnerability in eyoucms v1.5.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL field under the login page. | 2022-06-24 | not yet calculated | CVE-2022-33122 MISC |
ffmpeg — ffmpeg | A vulnerability classified as critical has been found in FFmpeg 2.0. Affected is the function read_var_block_data. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | 2022-06-18 | not yet calculated | CVE-2014-125015 MISC MISC |
ffmpeg — ffmpeg | A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function output_frame of the file libavcodec/h264.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. | 2022-06-18 | not yet calculated | CVE-2014-125006 MISC MISC |
ffmpeg — ffmpeg |
A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is an unknown functionality of the component HEVC Video Decoder. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. | 2022-06-18 | not yet calculated | CVE-2014-125014 MISC MISC |
ffmpeg — ffmpeg |
A vulnerability classified as critical was found in FFmpeg 2.0. This vulnerability affects the function rpza_decode_stream. The manipulation leads to memory corruption. The attack can be initiated remotely. The name of the patch is Fixes Invalid Writes. It is recommended to apply a patch to fix this issue. | 2022-06-18 | not yet calculated | CVE-2014-125017 MISC MISC |
ffmpeg — ffmpeg |
A vulnerability was found in FFmpeg 2.0. It has been rated as problematic. This issue affects the function ff_init_buffer_info of the file utils.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. | 2022-06-18 | not yet calculated | CVE-2014-125016 MISC MISC |
ffmpeg — ffmpeg |
A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_nal_unit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. | 2022-06-19 | not yet calculated | CVE-2014-125019 N/A N/A |
ffmpeg — ffmpeg |
A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function msrle_decode_frame of the file libavcodec/msrle.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. | 2022-06-18 | not yet calculated | CVE-2014-125013 MISC MISC |
ffmpeg — ffmpeg |
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an unknown function of the file libavcodec/dxtroy.c. The manipulation leads to integer coercion error. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | 2022-06-18 | not yet calculated | CVE-2014-125012 MISC MISC |
ffmpeg — ffmpeg |
A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. | 2022-06-19 | not yet calculated | CVE-2014-125020 N/A N/A |
ffmpeg — ffmpeg |
A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. | 2022-06-18 | not yet calculated | CVE-2014-125011 MISC MISC |
ffmpeg — ffmpeg |
A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function cmv_process_header. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. | 2022-06-19 | not yet calculated | CVE-2014-125021 N/A N/A |
ffmpeg — ffmpeg |
A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function add_yblock of the file libavcodec/snow.h. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. | 2022-06-18 | not yet calculated | CVE-2014-125009 MISC MISC |
ffmpeg — ffmpeg |
A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function decode_slice_header of the file libavcodec/h64.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. | 2022-06-18 | not yet calculated | CVE-2014-125010 MISC MISC |
ffmpeg — ffmpeg |
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function shorten_decode_frame of the component Bitstream Buffer. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | 2022-06-19 | not yet calculated | CVE-2014-125022 N/A N/A |
ffmpeg — ffmpeg |
A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function truemotion1_decode_header of the component Truemotion1 Handler. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. | 2022-06-19 | not yet calculated | CVE-2014-125023 N/A N/A |
ffmpeg — ffmpeg |
A vulnerability classified as problematic has been found in FFmpeg 2.0. Affected is the function vorbis_header of the file libavformat/oggparsevorbis.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | 2022-06-18 | not yet calculated | CVE-2014-125008 MISC MISC |
ffmpeg — ffmpeg |
A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function lag_decode_frame. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. | 2022-06-19 | not yet calculated | CVE-2014-125024 N/A N/A |
ffmpeg — ffmpeg |
A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is the function intra_pred of the file libavcodec/hevcpred_template.c. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. | 2022-06-18 | not yet calculated | CVE-2014-125007 MISC MISC |
ffmpeg — ffmpeg |
A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_vol_header of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. | 2022-06-18 | not yet calculated | CVE-2014-125005 MISC MISC |
ffmpeg — ffmpeg |
A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. | 2022-06-18 | not yet calculated | CVE-2014-125004 MISC MISC |
ffmpeg — ffmpeg |
A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function decode_pulses. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. | 2022-06-19 | not yet calculated | CVE-2014-125025 N/A N/A |
ffmpeg — ffmpeg |
A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function get_siz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. | 2022-06-18 | not yet calculated | CVE-2014-125003 MISC MISC |
ffmpeg — ffmpeg |
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | 2022-06-18 | not yet calculated | CVE-2014-125002 MISC MISC |
ffmpeg — ffmpeg |
A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function decode_slice_header. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. | 2022-06-19 | not yet calculated | CVE-2014-125018 N/A N/A |
flatpress — flatpress |
A stored cross-site scripting (XSS) vulnerability exists in FlatPress 1.2.1 that allows for arbitrary execution of JavaScript commands through blog content. | 2022-06-23 | not yet calculated | CVE-2021-41432 MISC |
fujitsu — eternus_centricstor_cs8000 |
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hw_view.php. An attacker is able to influence the unitName POST parameter and inject special characters such as semicolons, backticks, or command-substitution sequences in order to force the application to execute arbitrary commands. | 2022-06-20 | not yet calculated | CVE-2022-31794 MISC MISC MISC |
fujitsu — eternus_centricstor_cs8000 |
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the grel_finfo function in grel.php. An attacker is able to influence the username (user), password (pw), and file-name (file) parameters and inject special characters such as semicolons, backticks, or command-substitution sequences in order to force the application to execute arbitrary commands. | 2022-06-20 | not yet calculated | CVE-2022-31795 MISC MISC MISC |
gitee — oneblog |
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the parameter entryUrls. | 2022-06-23 | not yet calculated | CVE-2022-34011 MISC |
gitee — oneblog |
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the Logo parameter under the Link module. | 2022-06-23 | not yet calculated | CVE-2022-34013 MISC |
gitee — oneblog |
Insecure permissions in OneBlog v2.3.4 allows low-level administrators to reset the passwords of high-level administrators who hold greater privileges. | 2022-06-23 | not yet calculated | CVE-2022-34012 MISC |
glpi — glp-inventory-plugin |
### Impact A plugin public script can be used to read content of system files. ### Patches Upgrade to version 1.0.2. ### Workarounds `b/deploy/index.php` file can be deleted if deploy feature is not used. | 2022-06-20 | not yet calculated | CVE-2022-31062 CONFIRM |
gmbh — multiple_products |
An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device. | 2022-06-21 | not yet calculated | CVE-2022-31800 CONFIRM |
gmbh — multiple_products |
An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device. | 2022-06-21 | not yet calculated | CVE-2022-31801 CONFIRM |
gnome — gimp |
An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS). | 2022-06-24 | not yet calculated | CVE-2022-32990 MISC |
google — go |
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible. | 2022-06-23 | not yet calculated | CVE-2022-29526 MISC MISC MISC |
got — got |
The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket. | 2022-06-18 | not yet calculated | CVE-2022-33987 MISC MISC MISC |
habitica — habitica |
In habitica versions v4.119.0 through v4.232.2 are vulnerable to DOM XSS via the login page. | 2022-06-22 | not yet calculated | CVE-2022-23077 CONFIRM MISC |
habitica — habitica |
In habitica versions v4.119.0 through v4.232.2 are vulnerable to open redirect via the login page. | 2022-06-22 | not yet calculated | CVE-2022-23078 CONFIRM MISC |
harfbuzz — harfbuzz |
An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors. | 2022-06-23 | not yet calculated | CVE-2022-33068 MISC MISC |
hindu_matrimonial_script — hindu_matrimonial_script | A vulnerability classified as critical has been found in Hindu Matrimonial Script. This affects an unknown part of the file /admin/countrymanagement.php. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2022-06-21 | not yet calculated | CVE-2017-20069 N/A N/A |
hindu_matrimonial_script — hindu_matrimonial_script | A vulnerability was found in Hindu Matrimonial Script. It has been classified as critical. This affects an unknown part of the file /admin/payment.php. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2022-06-21 | not yet calculated | CVE-2017-20075 N/A N/A |
hindu_matrimonial_script — hindu_matrimonial_script | A vulnerability, which was classified as critical, was found in Hindu Matrimonial Script. This affects an unknown part of the file /admin/reports.php. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2022-06-21 | not yet calculated | CVE-2017-20081 N/A N/A |
hindu_matrimonial_script — hindu_matrimonial_script | A vulnerability classified as critical was found in Hindu Matrimonial Script. Affected by this vulnerability is an unknown functionality of the file /admin/photo.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-06-21 | not yet calculated | CVE-2017-20079 N/A N/A |
hindu_matrimonial_script — hindu_matrimonial_script | A vulnerability classified as critical has been found in Hindu Matrimonial Script. Affected is an unknown function of the file /admin/featured.php. The manipulation leads to improper privilege management. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2022-06-21 | not yet calculated | CVE-2017-20078 N/A N/A |
hindu_matrimonial_script — hindu_matrimonial_script |
A vulnerability, which was classified as critical, has been found in Hindu Matrimonial Script. This issue affects some unknown processing of the file /admin/renewaldue.php. The manipulation leads to improper privilege management. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-06-21 | not yet calculated | CVE-2017-20071 N/A N/A |
hindu_matrimonial_script — hindu_matrimonial_script |
A vulnerability was found in Hindu Matrimonial Script and classified as critical. Affected by this issue is some unknown functionality of the file /admin/newsletter1.php. The manipulation leads to improper privilege management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-06-21 | not yet calculated | CVE-2017-20074 N/A N/A |
hindu_matrimonial_script — hindu_matrimonial_script |
A vulnerability was found in Hindu Matrimonial Script. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument username/password with the input ‘or”=’ leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-06-21 | not yet calculated | CVE-2017-20067 N/A N/A |
hindu_matrimonial_script — hindu_matrimonial_script |
A vulnerability was found in Hindu Matrimonial Script. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/usermanagement.php. The manipulation leads to improper privilege management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-06-21 | not yet calculated | CVE-2017-20068 N/A N/A |
hindu_matrimonial_script — hindu_matrimonial_script |
A vulnerability classified as critical was found in Hindu Matrimonial Script. This vulnerability affects unknown code of the file /admin/communitymanagement.php. The manipulation leads to improper privilege management. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-06-21 | not yet calculated | CVE-2017-20070 N/A N/A |
hindu_matrimonial_script — hindu_matrimonial_script |
A vulnerability, which was classified as critical, has been found in Hindu Matrimonial Script. Affected by this issue is some unknown functionality of the file /admin/googleads.php. The manipulation leads to improper privilege management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-06-21 | not yet calculated | CVE-2017-20080 N/A N/A |
hindu_matrimonial_script — hindu_matrimonial_script |
A vulnerability, which was classified as critical, was found in Hindu Matrimonial Script. Affected is an unknown function of the file /admin/generalsettings.php. The manipulation leads to improper privilege management. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2022-06-21 | not yet calculated | CVE-2017-20072 N/A N/A |
hindu_matrimonial_script — hindu_matrimonial_script |
A vulnerability has been found in Hindu Matrimonial Script and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/cms.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-06-21 | not yet calculated | CVE-2017-20073 N/A N/A |
hindu_matrimonial_script — hindu_matrimonial_script |
A vulnerability was found in Hindu Matrimonial Script. It has been rated as critical. This issue affects some unknown processing of the file /admin/success_story.php. The manipulation leads to improper privilege management. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-06-21 | not yet calculated | CVE-2017-20077 N/A N/A |
hindu_matrimonial_script — hindu_matrimonial_script |
A vulnerability was found in Hindu Matrimonial Script. It has been declared as critical. This vulnerability affects unknown code of the file /admin/searchview.php. The manipulation leads to improper privilege management. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-06-21 | not yet calculated | CVE-2017-20076 N/A N/A |
hpe — multiple_products |
A remote authentication bypass vulnerability was discovered in HPE Cray Legacy Shasta System Solutions; HPE Slingshot; and HPE Cray EX supercomputers versions: Prior to node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware associated with HPE Cray EX liquid cooled cabinets prior to 1.6.27/1.5.33/1.4.27; All Slingshot versions prior to 1.7.2; All versions of node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware associated with HPE Cray EX liquid cooled cabinets prior to 1.6.27/1.5.33/1.4.27. HPE has provided a software update to resolve this vulnerability in HPE Cray Legacy Shasta System Solutions, HPE Slingshot, and HPE Cray EX Supercomputers. | 2022-06-24 | not yet calculated | CVE-2022-28620 MISC |
hpe — version_control_repository_manager |
A potential security vulnerability has been identified in the installer of HPE Version Control Repository Manager. The vulnerability could allow local escalation of privilege. HPE has made the following software update to resolve the vulnerability in HPE Version Control Repository Manager installer 7.6.14.0. | 2022-06-24 | not yet calculated | CVE-2022-28619 MISC |
hyland — onbase_application_server |
The Hyland Onbase Application Server releases prior to 20.3.58.1000 and OnBase releases 21.1.1.1000 through 21.1.15.1000 are vulnerable to a username enumeration vulnerability. An attacker can obtain valid users based on the response returned for invalid and valid users by sending a POST login request to the /mobilebroker/ServiceToBroker.svc/Json/Connect endpoint. This can lead to user enumeration against the underlying Active Directory integrated systems. | 2022-06-21 | not yet calculated | CVE-2022-23342 MISC MISC |
ibm — cognos_analytics |
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a low level user to obtain sensitive information from the details of the ‘Cloud Storage’ page for which they should not have access. IBM X-Force ID: 202682. | 2022-06-24 | not yet calculated | CVE-2021-29768 CONFIRM XF |
ibm — cognos_analytics |
IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 could allow a remote attacker to upload arbitrary files, caused by improper content validation. IBM X-Force ID: 211238. | 2022-06-24 | not yet calculated | CVE-2021-38945 CONFIRM XF |
ibm — curam_social_program_management |
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 218281. | 2022-06-20 | not yet calculated | CVE-2022-22317 CONFIRM XF |
ibm — curam_social_program_management |
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. | 2022-06-20 | not yet calculated | CVE-2022-22318 CONFIRM XF |
ibm — jazz_team_server | IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208345. | 2022-06-24 | not yet calculated | CVE-2021-38871 XF CONFIRM |
ibm — jazz_team_server |
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim’s click actions and possibly launch further attacks against the victim. IBM X-Force ID: 206091. | 2022-06-24 | not yet calculated | CVE-2021-29865 XF CONFIRM |
ibm — jazz_team_server |
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 194891. | 2022-06-24 | not yet calculated | CVE-2021-20355 XF CONFIRM |
ibm — jazz_team_server |
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 209057. | 2022-06-24 | not yet calculated | CVE-2021-38879 CONFIRM XF |
ibm — jazz_team_server |
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 199149. | 2022-06-24 | not yet calculated | CVE-2021-20551 CONFIRM XF |
ibm — jazz_team_server |
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 198931. | 2022-06-24 | not yet calculated | CVE-2021-20544 XF CONFIRM |
ibm — jazz_team_server |
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim’s Web browser within the security context of the hosting site. IBM X-Force ID: 198929. | 2022-06-24 | not yet calculated | CVE-2021-20543 XF CONFIRM |
ibm — jazz_team_server |
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. | 2022-06-24 | not yet calculated | CVE-2021-20421 CONFIRM XF |
ibm — multiple_products | IBM CICS TX Standard and Advanced 11.1 could allow a remote attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 227980. | 2022-06-24 | not yet calculated | CVE-2022-31767 CONFIRM CONFIRM XF |
ibm — multiple_products | IBM Planning Analytics 2.0 and IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214349. | 2022-06-24 | not yet calculated | CVE-2021-39047 XF CONFIRM CONFIRM |
ibm — multiple_products |
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740. | 2022-06-24 | not yet calculated | CVE-2022-22389 XF CONFIRM |
ibm — multiple_products |
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. IBM X-Force ID: 221973. | 2022-06-24 | not yet calculated | CVE-2022-22390 CONFIRM XF |
ibm — qradar_wincollect_agent |
IBM QRadar WinCollect Agent 10.0 and 10.0.1 could allow an attacker to obtain sensitive information due to missing best practices. IBM X-Force ID: 213549. | 2022-06-21 | not yet calculated | CVE-2021-39006 CONFIRM XF |
ibm — robotic_process |
IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected access tokens. IBM X-Force ID: 229198. | 2022-06-24 | not yet calculated | CVE-2022-33953 CONFIRM XF |
ibm — robotic_process_automation |
IBM Robotic Process Automation 21.0.2 could allow a local user to obtain sensitive web service configuration credentials from system memory. IBM X-Force ID: 223026. | 2022-06-20 | not yet calculated | CVE-2022-22414 XF CONFIRM |
ibm — robotic_process_automation |
IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 227124. | 2022-06-24 | not yet calculated | CVE-2022-22502 XF CONFIRM |
ideaco — idealms | IdeaLMS 2022 allows reflected Cross Site Scripting (XSS) via the IdeaLMS/Class/Assessment/ PATH_INFO. | 2022-06-21 | not yet calculated | CVE-2022-31786 MISC |
ideaco — ideatms |
IdeaTMS 2022 is vulnerable to SQL Injection via the PATH_INFO | 2022-06-23 | not yet calculated | CVE-2022-31787 MISC MISC |
illumina — lrm | LRM utilizes elevated privileges. An unauthenticated malicious actor can upload and execute code remotely at the operating system level, which can allow an attacker to change settings, configurations, software, or access sensitive data on the affected produc. An attacker could also exploit this vulnerability to access APIs not intended for general use and interact through the network. | 2022-06-24 | not yet calculated | CVE-2022-1517 MISC |
illumina — lrm |
LRM does not restrict the types of files that can be uploaded to the affected product. A malicious actor can upload any file type, including executable code that allows for a remote code exploit. | 2022-06-24 | not yet calculated | CVE-2022-1519 MISC |
illumina — lrm |
LRM does not implement authentication or authorization by default. A malicious actor can inject, replay, modify, and/or intercept sensitive data. | 2022-06-24 | not yet calculated | CVE-2022-1521 MISC |
illumina — lrm |
LRM version 2.4 and lower does not implement TLS encryption. A malicious actor can MITM attack sensitive data in-transit, including credentials. | 2022-06-24 | not yet calculated | CVE-2022-1524 MISC |
illumina — lrm |
LRM contains a directory traversal vulnerability that can allow a malicious actor to upload outside the intended directory structure. | 2022-06-24 | not yet calculated | CVE-2022-1518 MISC |
instagram — alpine_phototile_for_instagram_plugin |
A vulnerability, which was classified as problematic, has been found in Alpine PhotoTile for Instagram Plugin 1.2.7.7. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. | 2022-06-23 | not yet calculated | CVE-2017-20087 N/A N/A |
inventree — inventree |
Denial of Service in GitHub repository inventree/inventree prior to 0.8.0. | 2022-06-20 | not yet calculated | CVE-2022-2134 CONFIRM MISC |
jenkins — agent_server_parameter_plugin |
Jenkins Agent Server Parameter Plugin 1.1 and earlier does not escape the name and description of Agent Server parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34183 CONFIRM |
jenkins — beaker_builder_plugin |
A cross-site request forgery (CSRF) vulnerability in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers to connect to an attacker-specified URL. | 2022-06-23 | not yet calculated | CVE-2022-34207 CONFIRM |
jenkins — beaker_builder_plugin |
A missing permission check in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. | 2022-06-23 | not yet calculated | CVE-2022-34208 CONFIRM |
jenkins — convertigo_mobile_platform_plugin |
A missing permission check in Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. | 2022-06-23 | not yet calculated | CVE-2022-34201 CONFIRM |
jenkins — convertigo_mobile_platform_plugin |
A cross-site request forgery (CSRF) vulnerability in Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier allows attackers to connect to an attacker-specified URL. | 2022-06-23 | not yet calculated | CVE-2022-34200 CONFIRM |
jenkins — convertigo_mobile_platform_plugin |
Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. | 2022-06-23 | not yet calculated | CVE-2022-34199 CONFIRM |
jenkins — crx_content_package_deployer_plugin | Jenkins CRX Content Package Deployer Plugin 1.9 and earlier does not escape the name and description of CRX Content Package Choice parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34184 CONFIRM |
jenkins — date_parameter_lugin | Jenkins Date Parameter Plugin 0.0.4 and earlier does not escape the name and description of Date parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34185 CONFIRM |
jenkins — dynamic_extended_choice_parameter_plugin | Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape the name and description of Moded Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34186 CONFIRM |
jenkins — eadonly_parameter_plugin | Jenkins Readonly Parameter Plugin 1.0.0 and earlier does not escape the name and description of Readonly String and Readonly Text parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34194 CONFIRM |
jenkins — easyqa_plugin | Jenkins EasyQA Plugin 1.0 and earlier stores user passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. | 2022-06-23 | not yet calculated | CVE-2022-34202 CONFIRM |
jenkins — easyqa_plugin | A cross-site request forgery (CSRF) vulnerability in Jenkins EasyQA Plugin 1.0 and earlier allows attackers to connect to an attacker-specified HTTP server. | 2022-06-23 | not yet calculated | CVE-2022-34203 CONFIRM |
jenkins — easyqa_plugin |
A missing permission check in Jenkins EasyQA Plugin 1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server. | 2022-06-23 | not yet calculated | CVE-2022-34204 CONFIRM |
jenkins — embeddable_build_status_plugin | Jenkins Embeddable Build Status Plugin 2.0.3 allows specifying a ‘link’ query parameter that build status badges will link to, without restricting possible values, resulting in a reflected cross-site scripting (XSS) vulnerability. | 2022-06-23 | not yet calculated | CVE-2022-34178 CONFIRM |
jenkins — embeddable_build_status_plugin |
Jenkins Embeddable Build Status Plugin 2.0.3 and earlier allows specifying a `style` query parameter that is used to choose a different SVG image style without restricting possible values, resulting in a relative path traversal vulnerability that allows attackers without Overall/Read permission to specify paths to other SVG images on the Jenkins controller file system. | 2022-06-23 | not yet calculated | CVE-2022-34179 CONFIRM |
jenkins — embeddable_build_status_plugin |
Jenkins Embeddable Build Status Plugin 2.0.3 and earlier does not correctly perform the ViewStatus permission check in the HTTP endpoint it provides for “unprotected” status badge access, allowing attackers without any permissions to obtain the build status badge icon for any attacker-specified job and/or build. | 2022-06-23 | not yet calculated | CVE-2022-34180 CONFIRM |
jenkins — filesystem_list_paraeter_plugin |
Jenkins Filesystem List Parameter Plugin 0.0.7 and earlier does not escape the name and description of File system objects list parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34187 CONFIRM |
jenkins — hidden_parameter_plugin | Jenkins Hidden Parameter Plugin 0.0.4 and earlier does not escape the name and description of Hidden Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34188 CONFIRM |
jenkins — image_tag_parameter_plugin |
Jenkins Image Tag Parameter Plugin 1.10 and earlier does not escape the name and description of Image Tag parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34189 CONFIRM |
jenkins — jenkins | Jenkins 2.335 through 2.355 (both inclusive) allows attackers in some cases to bypass a protection mechanism, thereby directly accessing some view fragments containing sensitive information, bypassing any permission checks in the corresponding view. | 2022-06-23 | not yet calculated | CVE-2022-34175 CONFIRM |
jenkins — jenkins |
In Jenkins 2.340 through 2.355 (both inclusive) symbol-based icons unescape previously escaped values of ‘tooltip’ parameters, resulting in a cross-site scripting (XSS) vulnerability. | 2022-06-23 | not yet calculated | CVE-2022-34172 CONFIRM |
jenkins — jenkins |
In Jenkins 2.340 through 2.355 (both inclusive) the tooltip of the build button in list views supports HTML without escaping the job display name, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34173 CONFIRM |
jenkins — jianliao_notification_plugin | A missing permission check in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL. | 2022-06-23 | not yet calculated | CVE-2022-34206 CONFIRM |
jenkins — jianliao_notification_plugin |
A cross-site request forgery (CSRF) vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL. | 2022-06-23 | not yet calculated | CVE-2022-34205 CONFIRM |
jenkins — junit_plugin |
Jenkins JUnit Plugin 1119.va_a_5e9068da_d7 and earlier does not escape descriptions of test results, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Run/Update permission. | 2022-06-23 | not yet calculated | CVE-2022-34176 CONFIRM |
jenkins — maven_metadata_plugin_for_jenkins_ci_server_plugin |
Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.1 and earlier does not escape the name and description of List maven artifact versions parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34190 CONFIRM |
jenkins — multiple_products | In Jenkins 2.320 through 2.355 (both inclusive) and LTS 2.332.1 through LTS 2.332.3 (both inclusive) the help icon does not escape the feature name that is part of its tooltip, effectively undoing the fix for SECURITY-1955, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34170 CONFIRM |
jenkins — multiple_products | In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm. | 2022-06-23 | not yet calculated | CVE-2022-34174 CONFIRM |
jenkins — multiple_products |
In Jenkins 2.321 through 2.355 (both inclusive) and LTS 2.332.1 through LTS 2.332.3 (both inclusive) the HTML output generated for new symbol-based SVG icons includes the ‘title’ attribute of ‘l:ionicon’ (until Jenkins 2.334) and ‘alt’ attribute of ‘l:icon’ (since Jenkins 2.335) without further escaping, resulting in a cross-site scripting (XSS) vulnerability. | 2022-06-23 | not yet calculated | CVE-2022-34171 CONFIRM |
jenkins — nested_view_plugin |
Jenkins Nested View Plugin 1.20 through 1.25 (both inclusive) does not escape search parameters, resulting in a reflected cross-site scripting (XSS) vulnerability. | 2022-06-23 | not yet calculated | CVE-2022-34182 CONFIRM |
jenkins — ns-nd_integration_performance_publisher_plugin |
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.77 and earlier does not escape the name of NetStorm Test parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34191 CONFIRM |
jenkins — ontrack_jenkins_plugin | Jenkins ontrack Jenkins Plugin 4.0.0 and earlier does not escape the name of Ontrack: Multi Parameter choice, Ontrack: Parameter choice, and Ontrack: SingleParameter parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34192 CONFIRM |
jenkins — package_version_plugin | Jenkins Package Version Plugin 1.0.1 and earlier does not escape the name of Package version parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34193 CONFIRM |
jenkins — pipeline_input_step_plugin |
Jenkins Pipeline: Input Step Plugin 448.v37cea_9a_10a_70 and earlier archives files uploaded for `file` parameters for Pipeline `input` steps on the controller as part of build metadata, using the parameter name without sanitization as a relative path inside a build-related directory, allowing attackers able to configure Pipelines to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content. | 2022-06-23 | not yet calculated | CVE-2022-34177 CONFIRM |
jenkins — repository_connector_plugin |
Jenkins Repository Connector Plugin 2.2.0 and earlier does not escape the name and description of Maven Repository Artifact parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34195 CONFIRM |
jenkins — rest_list_parameter_plugin | Jenkins REST List Parameter Plugin 1.5.2 and earlier does not escape the name and description of REST list parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34196 CONFIRM |
jenkins — sauce_ondemand_plugin |
Jenkins Sauce OnDemand Plugin 1.204 and earlier does not escape the name and description of Sauce Labs Browsers parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34197 CONFIRM |
jenkins — stash_branch_parameter_plugin |
Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier does not escape the name and description of Stash Branch parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 2022-06-23 | not yet calculated | CVE-2022-34198 CONFIRM |
jenkins — threadfix_plugin | A cross-site request forgery (CSRF) vulnerability in Jenkins ThreadFix Plugin 1.5.4 and earlier allows attackers to connect to an attacker-specified URL. | 2022-06-23 | not yet calculated | CVE-2022-34209 CONFIRM |
jenkins — threadfix_plugin | A missing permission check in Jenkins ThreadFix Plugin 1.5.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. | 2022-06-23 | not yet calculated | CVE-2022-34210 CONFIRM |
jenkins — vrealize_orchestrator_plugin |
A cross-site request forgery (CSRF) vulnerability in Jenkins vRealize Orchestrator Plugin 3.0 and earlier allows attackers to send an HTTP POST request to an attacker-specified URL. | 2022-06-23 | not yet calculated | CVE-2022-34211 CONFIRM |
jenkins — vrealize_orchestrator_plugin |
A missing permission check in Jenkins vRealize Orchestrator Plugin 3.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request to an attacker-specified URL. | 2022-06-23 | not yet calculated | CVE-2022-34212 CONFIRM |
jenkins — xunit_plugin |
Jenkins xUnit Plugin 3.0.8 and earlier implements an agent-to-controller message that creates a user-specified directory if it doesn’t exist, and parsing files inside it as test results, allowing attackers able to control agent processes to create an arbitrary directory on the Jenkins controller or to obtain test results from existing files in an attacker-specified directory. | 2022-06-23 | not yet calculated | CVE-2022-34181 CONFIRM |
jenkins — squash_tm_publisher_(squash4jenkins)_plugin |
Jenkins Squash TM Publisher (Squash4Jenkins) Plugin 1.0.0 and earlier stores passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. | 2022-06-23 | not yet calculated | CVE-2022-34213 CONFIRM |
jerryscript — jerryscript |
There is a stack-overflow at ecma-helpers.c:326 in ecma_get_lex_env_type in JerryScript 2.4.0 | 2022-06-20 | not yet calculated | CVE-2021-41683 MISC |
jerryscript — jerryscript |
There is a heap-use-after-free at ecma-helpers-string.c:1940 in ecma_compare_ecma_non_direct_strings in JerryScript 2.4.0 | 2022-06-20 | not yet calculated | CVE-2021-41682 MISC |
jflyfox — jfinal_cms |
Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module. | 2022-06-23 | not yet calculated | CVE-2022-33113 MISC |
jflyfox — jfinal_cms |
Jfinal CMS v5.1.0 was discovered to contain a SQL injection vulnerability via the attrVal parameter at /jfinal_cms/system/dict/list. | 2022-06-23 | not yet calculated | CVE-2022-33114 MISC |
jung — smart_visu_server |
A vulnerability, which was classified as problematic, has been found in JUNG Smart Visu Server 1.0.804/1.0.830/1.0.832. This issue affects some unknown processing. The manipulation leads to backdoor. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.900 is able to address this issue. It is recommended to upgrade the affected component. | 2022-06-22 | not yet calculated | CVE-2017-20082 N/A N/A |
jung — smart_visu_server |
A vulnerability, which was classified as critical, was found in JUNG Smart Visu Server 1.0.804/1.0.830/1.0.832. Affected is an unknown function of the component SSH Server. The manipulation leads to backdoor. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.900 is able to address this issue. It is recommended to upgrade the affected component. | 2022-06-22 | not yet calculated | CVE-2017-20083 N/A N/A |
jung — smart_visu_server |
A vulnerability has been found in JUNG Smart Visu Server 1.0.804/1.0.830/1.0.832 and classified as critical. Affected by this vulnerability is an unknown functionality of the component KNX Group Address. The manipulation leads to backdoor. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.900 is able to address this issue. It is recommended to upgrade the affected component. | 2022-06-22 | not yet calculated | CVE-2017-20084 N/A N/A |
knot_resolver — knot_resolver | Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters. | 2022-06-20 | not yet calculated | CVE-2022-32983 MISC MISC |
krcert/cc — maxboard |
Stored XSS and SQL injection vulnerability in MaxBoard could lead to occur Remote Code Execution, which could lead to information exposure and privilege escalation. | 2022-06-23 | not yet calculated | CVE-2021-26636 MISC |
laiketui — laiketui |
Laiketui 3.5.0 is affected by an arbitrary file upload vulnerability that can allow an attacker to execute arbitrary code. | 2022-06-23 | not yet calculated | CVE-2021-40954 MISC |
laiketui — laiketui |
LaiKetui v3.5.0 has SQL injection in the background through the menu management function, and sensitive data can be obtained. | 2022-06-23 | not yet calculated | CVE-2021-40956 MISC |
laiketui — laiketui |
SQL injection exists in LaiKetui v3.5.0 the background administrator list. | 2022-06-23 | not yet calculated | CVE-2021-40955 MISC |
libdwarf — libdwarf |
There is a heap-based buffer over-read in libdwarf 0.4.0. This issue is related to dwarf_global_formref_b. | 2022-06-23 | not yet calculated | CVE-2022-34299 MISC MISC |
libjpeg-turbo — libjpeg-turbo |
The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c. | 2022-06-18 | not yet calculated | CVE-2021-46822 MISC MISC |
libjxl — libjxl |
libjxl 0.6.1 has an assertion failure in LowMemoryRenderPipeline::Init() in render_pipeline/low_memory_render_pipeline.cc. | 2022-06-19 | not yet calculated | CVE-2022-34000 MISC |
libredwg — libredwg |
LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c. | 2022-06-23 | not yet calculated | CVE-2022-33034 MISC |
libredwg — libredwg |
There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *’ failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608. | 2022-06-23 | not yet calculated | CVE-2022-33024 MISC |
libredwg — libredwg |
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c. | 2022-06-23 | not yet calculated | CVE-2022-33025 MISC |
libredwg — libredwg |
LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c. | 2022-06-23 | not yet calculated | CVE-2022-33033 MISC |
libredwg — libredwg |
LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c. | 2022-06-23 | not yet calculated | CVE-2022-33032 MISC |
libredwg — libredwg |
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c. | 2022-06-23 | not yet calculated | CVE-2022-33028 MISC |
libredwg — libredwg |
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c. | 2022-06-23 | not yet calculated | CVE-2022-33027 MISC |
libredwg — libredwg |
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. | 2022-06-23 | not yet calculated | CVE-2022-33026 MISC |
linux — kernel |
drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function. | 2022-06-18 | not yet calculated | CVE-2022-33981 MISC MISC MISC MISC |
lrzip — lrzip | Lrzip v0.651 was discovered to contain multiple invalid arithmetic shifts via the functions get_magic in lrzip.c and Predictor::init in libzpaq/libzpaq.cpp. These vulnerabilities allow attackers to cause a Denial of Service via unspecified vectors. | 2022-06-23 | not yet calculated | CVE-2022-33067 MISC |
maccmspro — maccms10 |
maccms10 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Server Group text field. | 2022-06-21 | not yet calculated | CVE-2022-31303 MISC |
maccmspro — maccms8 | maccms8 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Server Group text field. | 2022-06-21 | not yet calculated | CVE-2022-31302 MISC |
mahara — mahara | In Mahara 21.04 before 21.04.6, 21.10 before 21.10.4, and 22.04.2, files can sometimes be downloaded through thumb.php with no permission check. | 2022-06-20 | not yet calculated | CVE-2022-33913 CONFIRM |
mantisbt — mantisbt |
An XSS vulnerability in MantisBT before 2.25.5 allows remote attackers to attach crafted SVG documents to issue reports or bugnotes. When a user or an admin clicks on the attachment, file_download.php opens the SVG document in a browser tab instead of downloading it as a file, causing the JavaScript code to execute. | 2022-06-24 | not yet calculated | CVE-2022-33910 CONFIRM MISC MISC |
mautic — mautic |
A cross-site scripting (XSS) vulnerability in the web tracking component of Mautic before 4.3.0 allows remote attackers to inject executable javascript | 2022-06-20 | not yet calculated | CVE-2022-25772 MISC |
mcafee — consumer_product_removal_tool |
Improper privilege management vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. This could result in the user gaining elevated permissions and being able to execute arbitrary code, through not correctly checking the integrity of the configuration file. | 2022-06-20 | not yet calculated | CVE-2022-1823 CONFIRM |
mcafee — consumer_product_removal_tool |
An uncontrolled search path vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local attacker to perform a sideloading attack by using a specific file name. This could result in the user gaining elevated permissions and being able to execute arbitrary code as there were insufficient checks on the executable being signed by McAfee. | 2022-06-20 | not yet calculated | CVE-2022-1824 CONFIRM |
melag{_ftp_server — melag_ftp_server |
MELAG FTP Server 2.2.0.4 allows an attacker to use the CWD command to break out of the FTP servers root directory and operate on the entire operating system, while the access restrictions of the user running the FTP server apply. | 2022-06-24 | not yet calculated | CVE-2021-41636 MISC |
melag{_ftp_server — melag_ftp_server |
A user enumeration vulnerability in MELAG FTP Server 2.2.0.4 allows an attacker to identify valid FTP usernames. | 2022-06-24 | not yet calculated | CVE-2021-41634 MISC |
melag{_ftp_server — melag_ftp_server |
When installed as Windows service MELAG FTP Server 2.2.0.4 is run as SYSTEM user, which grants remote attackers to abuse misconfigurations or vulnerabilities with administrative access over the entire host system. | 2022-06-24 | not yet calculated | CVE-2021-41635 MISC |
melag{_ftp_server — melag_ftp_server |
MELAG FTP Server 2.2.0.4 stores unencrpyted passwords of FTP users in a local configuration file. | 2022-06-24 | not yet calculated | CVE-2021-41639 MISC |
melag{_ftp_server — melag_ftp_server |
Weak access control permissions in MELAG FTP Server 2.2.0.4 allow the “Everyone” group to read the local FTP configuration file, which includes among other information the unencrypted passwords of all FTP users. | 2022-06-24 | not yet calculated | CVE-2021-41637 MISC |
melag{_ftp_server — melag_ftp_server |
The authentication checks of the MELAG FTP Server in version 2.2.0.4 are incomplete, which allows a remote attacker to access local files only by using a valid username. | 2022-06-24 | not yet calculated | CVE-2021-41638 MISC |
mend – mend |
In openlibrary versions deploy-2016-07-0 through deploy-2021-12-22 are vulnerable to Stored XSS. | 2022-06-22 | not yet calculated | CVE-2022-32159 MISC CONFIRM |
mend — directus |
In directus versions v9.0.0-beta.2 through 9.6.0 are vulnerable to server-side request forgery (SSRF) in the media upload functionality which allows a low privileged user to perform internal network port scans. | 2022-06-22 | not yet calculated | CVE-2022-23080 MISC CONFIRM |
mend — openlibrary |
In openlibrary versions deploy-2016-07-0 through deploy-2021-12-22 are vulnerable to Reflected XSS. | 2022-06-22 | not yet calculated | CVE-2022-23081 MISC CONFIRM |
mend — recipes |
In Recipes, versions 1.0.5 through 1.2.5 are vulnerable to Stored Cross-Site Scripting (XSS), in copy to clipboard functionality. When a victim accesses the food list page, then adds a new Food with a malicious javascript payload in the ‘Name’ parameter and clicks on the clipboard icon, an XSS payload will trigger. A low privileged attacker will have the victim’s API key and can lead to admin’s account takeover. | 2022-06-21 | not yet calculated | CVE-2022-23073 MISC MISC |
mend — recipes |
In Recipes, versions 0.17.0 through 1.2.5 are vulnerable to Stored Cross-Site Scripting (XSS), in the ‘Name’ field of Keyword, Food and Unit components. When a victim accesses the Keyword/Food/Unit endpoints, the XSS payload will trigger. A low privileged attacker will have the victim’s API key and can lead to admin’s account takeover. | 2022-06-21 | not yet calculated | CVE-2022-23074 MISC MISC |
mend — recipes |
In Recipes, versions 1.0.5 through 1.2.5 are vulnerable to Stored Cross-Site Scripting (XSS), in “Add to Cart” functionality. When a victim accesses the food list page, then adds a new Food with a malicious javascript payload in the ‘Name’ parameter and clicks on the Add to Shopping Cart icon, an XSS payload will trigger. A low privileged attacker will have the victim’s API key and can lead to admin’s account takeover. | 2022-06-21 | not yet calculated | CVE-2022-23072 MISC CONFIRM |
mend — recipes |
In Recipes, versions 0.9.1 through 1.2.5 are vulnerable to Server Side Request Forgery (SSRF), in the “Import Recipe” functionality. When an attacker enters the localhost URL, a low privileged attacker can access/read the internal file system to access sensitive information. | 2022-06-19 | not yet calculated | CVE-2022-23071 MISC MISC |
meridian_cooperative — utility_software |
Meridian Cooperative Utility Software versions 22.02 and 22.03 allows remote attackers to obtain sensitive information such as name, address, and daily energy usage. | 2022-06-24 | not yet calculated | CVE-2022-29578 MISC |
mgm — bigbluebutton |
BigBlueButton version 2.4.7 (or earlier) is vulnerable to stored Cross-Site Scripting (XSS) in the private chat functionality. A threat actor could inject JavaScript payload in his/her username. The payload gets executed in the browser of the victim each time the attacker sends a private message to the victim or when notification about the attacker leaving room is displayed. | 2022-06-24 | not yet calculated | CVE-2022-27238 MISC |
microweber — microweber |
Cross-site Scripting (XSS) – Reflected in GitHub repository microweber/microweber prior to 1.2.18. | 2022-06-22 | not yet calculated | CVE-2022-2174 CONFIRM MISC |
microweber — microweber |
Cross-site Scripting (XSS) – Reflected in GitHub repository microweber/microweber prior to 1.2.17. | 2022-06-20 | not yet calculated | CVE-2022-2130 MISC CONFIRM |
minicms — minicms |
A Cross-Site Request Forgery (CSRF) in MiniCMS v1.11 allows attackers to arbitrarily delete local .dat files via clicking on a malicious link. | 2022-06-24 | not yet calculated | CVE-2022-33121 MISC |
motor-admin — motor-admin |
In motor-admin versions 0.0.1 through 0.2.56 are vulnerable to host header injection in the password reset functionality where malicious actor can send fake password reset email to arbitrary victim. | 2022-06-22 | not yet calculated | CVE-2022-23079 MISC CONFIRM |
nginx — njs | Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_convert_to_slow_array at src/njs_array.c. | 2022-06-21 | not yet calculated | CVE-2022-31306 MISC MISC |
nginx — njs |
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_string_offset at src/njs_string.c. | 2022-06-21 | not yet calculated | CVE-2022-31307 MISC MISC |
nginx — njs |
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_vmcode_interpreter at src/njs_vmcode.c. | 2022-06-21 | not yet calculated | CVE-2022-32414 MISC MISC |
nukeviet — nukeviet |
There is a Cross Site Scripting Stored (XSS) vulnerability in NukeViet CMS before 4.5.02. | 2022-06-21 | not yet calculated | CVE-2022-30874 MISC |
nuuo — network_video_recorder_nvrsolo | NUUO Network Video Recorder NVRsolo v03.06.02 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via login.php. | 2022-06-21 | not yet calculated | CVE-2022-33119 MISC |
obda_systems — mastro |
XML eXternal Entity (XXE) in OBDA systems’ Mastro 1.0 allows remote attackers to read system files via custom DTDs. | 2022-06-21 | not yet calculated | CVE-2021-40510 MISC MISC |
obda_systems — mastro |
OBDA systems’ Mastro 1.0 is vulnerable to XML Entity Expansion (aka “billion laughs”) attack allowing denial of service. | 2022-06-21 | not yet calculated | CVE-2021-40511 MISC MISC |
offis — dcmtk |
OFFIS DCMTK’s (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution. | 2022-06-24 | not yet calculated | CVE-2022-2120 MISC |
offis — dcmtk |
OFFIS DCMTK’s (All versions prior to 3.6.7) has a NULL pointer dereference vulnerability while processing DICOM files, which may result in a denial-of-service condition. | 2022-06-24 | not yet calculated | CVE-2022-2121 MISC |
offis — dcmtk |
OFFIS DCMTK’s (All versions prior to 3.6.7) service class provider (SCP) is vulnerable to path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution. | 2022-06-24 | not yet calculated | CVE-2022-2119 MISC |
online_student_rate_system — online_student_rate_system |
Cross Site Scripting (XSS) vulnerability exists in Online Student Rate System 1.0 via the page parameter on the index.php file | 2022-06-24 | not yet calculated | CVE-2021-39408 MISC |
online_student_rate_system — online_student_rate_system |
A vulnerability exists in Online Student Rate System v1.0 that allows any user to register as an administrator without needing to be authenticated. | 2022-06-24 | not yet calculated | CVE-2021-39409 MISC |
open_identity_platfor — openam |
The NT auth module in OpenAM before 14.6.6 allows a “replace Samba username attack.” | 2022-06-23 | not yet calculated | CVE-2022-34298 MISC MISC MISC |
opencart — opencart |
In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed. | 2022-06-24 | not yet calculated | CVE-2013-1891 MISC MISC MISC |
pain_clown — 74cmsse | 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/index. | 2022-06-23 | not yet calculated | CVE-2022-33092 MISC |
pain_clown — 74cmsse |
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the key parameter at /freelance/resume_list. | 2022-06-23 | not yet calculated | CVE-2022-33093 MISC |
pain_clown — 74cmsse |
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/campus/campus_job. | 2022-06-23 | not yet calculated | CVE-2022-33097 MISC |
pain_clown — 74cmsse |
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/resume/index. | 2022-06-23 | not yet calculated | CVE-2022-33096 MISC |
pain_clown — 74cmsse |
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist. | 2022-06-23 | not yet calculated | CVE-2022-33095 MISC |
pain_clown — 74cmsse |
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/map. | 2022-06-23 | not yet calculated | CVE-2022-33094 MISC |
painclown — 74cmsse |
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /job. | 2022-06-23 | not yet calculated | CVE-2022-32125 MISC |
painclown — 74cmsse |
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company. | 2022-06-23 | not yet calculated | CVE-2022-32126 MISC |
painclown — 74cmsse |
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/view_be_browsed/total. | 2022-06-23 | not yet calculated | CVE-2022-32127 MISC |
painclown — 74cmsse |
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/service/increment/add/im. | 2022-06-23 | not yet calculated | CVE-2022-32128 MISC |
painclown — 74cmsse |
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/account/safety/trade. | 2022-06-23 | not yet calculated | CVE-2022-32129 MISC |
painclown — 74cmsse |
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/down_resume/total/nature. | 2022-06-23 | not yet calculated | CVE-2022-32130 MISC |
painclown — 74cmsse |
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /index/notice/show. | 2022-06-23 | not yet calculated | CVE-2022-32131 MISC |
painclown — 74cmsse |
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component /index/jobfairol/show/. | 2022-06-23 | not yet calculated | CVE-2022-32124 MISC |
phabricator — mediawiki |
In the RSS extension for MediaWiki through 1.38.1, when the $wgRSSAllowLinkTag config variable was set to true, and a new RSS feed was created with certain XSS payloads within its description tags and added to the $wgRSSUrlWhitelist config variable, stored XSS could occur via MediaWiki’s template system whenever that feed was loaded via the rss document tag. | 2022-06-25 | not yet calculated | CVE-2022-34491 MISC MISC |
pmb — pmb |
PMB 7.3.10 allows reflected XSS via the id parameter in an lvl=author_see request to index.php. | 2022-06-23 | not yet calculated | CVE-2022-34328 MISC |
polonel — trudesk |
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4. | 2022-06-20 | not yet calculated | CVE-2022-2128 MISC CONFIRM |
polonel — trudesk |
Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4. | 2022-06-20 | not yet calculated | CVE-2022-2023 CONFIRM MISC |
protobuf — protobuf | Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors. | 2022-06-23 | not yet calculated | CVE-2022-33070 MISC MISC |
pure_storage — multiple_products | Pure Storage FlashArray products running Purity//FA 6.2.0 – 6.2.3, 6.1.0 – 6.1.12, 6.0.0 – 6.0.8, 5.3.0 – 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 – 3.2.4, 3.1.0 – 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable to a privilege escalation via the manipulation of environment variables which can be exploited by a logged-in user to escape a restricted shell to an unrestricted shell with root privileges. No other Pure Storage products or services are affected. Remediation is available from Pure Storage via a self-serve “opt-in” patch, manual patch application or a software upgrade to an unaffected version of Purity software. | 2022-06-23 | not yet calculated | CVE-2022-32553 MISC |
pure_storage — multiple_products |
Pure Storage FlashArray products running Purity//FA 6.2.0 – 6.2.3, 6.1.0 – 6.1.12, 6.0.0 – 6.0.8, 5.3.0 – 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 – 3.2.4, 3.1.0 – 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable to possibly exposed credentials for accessing the product’s management interface. The password may be known outside Pure Storage and could be used on an affected system, if reachable, to execute arbitrary instructions with root privileges. No other Pure Storage products or services are affected. Remediation is available from Pure Storage via a self-serve “opt-in” patch, manual patch application or a software upgrade to an unaffected version of Purity software. | 2022-06-23 | not yet calculated | CVE-2022-32554 MISC |
pure_storage — multiple_products |
Pure Storage FlashArray products running Purity//FA 6.2.0 – 6.2.3, 6.1.0 – 6.1.12, 6.0.0 – 6.0.8, 5.3.0 – 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 – 3.2.4, 3.1.0 – 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable to a privilege escalation via the manipulation of Python environment variables which can be exploited by a logged-in user to escape a restricted shell to an unrestricted shell with root privileges. No other Pure Storage products or services are affected. Remediation is available from Pure Storage via a self-serve “opt-in” patch, manual patch application or a software upgrade to an unaffected version of Purity software. | 2022-06-23 | not yet calculated | CVE-2022-32552 MISC |
pypi — pypi | The Togglee package in PyPI version v0.0.8 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-34060 MISC MISC MISC |
pypi — pypi | The Beginner package in PyPI v0.0.2 to v0.0.4 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-33004 MISC MISC MISC |
pypi — pypi | The Scoptrial package in PyPI version v0.0.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-34057 MISC MISC |
pypi — pypi | The cloudlabeling package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-32999 MISC MISC MISC |
pypi — pypi | The Texercise package in PyPI v0.0.1 to v0.0.12 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-34066 MISC MISC MISC |
pypi — pypi | The RootInteractive package in PyPI v0.0.5 to v0.0.19b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-32997 MISC MISC MISC |
pypi — pypi | The drxhello package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-34055 MISC MISC MISC |
pypi — pypi |
The watools package in PyPI v0.0.1 to v0.0.8 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-33003 MISC MISC MISC |
pypi — pypi |
The KGExplore package in PyPI v0.1.1 to v0.1.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-33002 MISC MISC MISC |
pypi — pypi |
The ML-Scanner package in PyPI v0.1.0 to v0.1.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-33000 MISC MISC MISC |
pypi — pypi |
The cryptoasset-data-downloader package in PyPI v1.0.0 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-32998 MISC MISC MISC |
pypi — pypi |
The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-34053 MISC MISC MISC |
pypi — pypi |
The AAmiles package in PyPI v0.1.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-33001 MISC MISC MISC |
pypi — pypi |
The Perdido package in PyPI v0.0.1 to v0.0.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-34054 MISC MISC MISC |
pypi — pypi |
The Zibal package in PyPI v1.0.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-34064 MISC MISC |
pypi — pypi |
The Watertools package in PyPI v0.0.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-34056 MISC MISC MISC |
pypi — pypi |
The Sixfab-Tool in PyPI v0.0.2 to v0.0.3 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-34059 MISC MISC MISC |
pypi — pypi |
The Catly-Translate package in PyPI v0.0.3 to v0.0.5 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-34061 MISC MISC MISC |
pypi — pypi |
The Rondolu-YT-Concate package in PyPI v0.1.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | 2022-06-24 | not yet calculated | CVE-2022-34065 MISC MISC MISC |
pypl — pypl |
** Reserved ** The pyesasky for python, as distributed on PyPI, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 1.2.0-1.4.2. | 2022-06-24 | not yet calculated | CVE-2022-30885 MISC MISC MISC |
python-ldap — python-ldap | python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service (ReDoS) flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition. | 2022-06-18 | not yet calculated | CVE-2021-46823 MISC MISC |
qlik — qlik | The GeoAnalytics feature in Qlik Sense April 2020 patch 4 allows SSRF. | 2022-06-21 | not yet calculated | CVE-2021-36761 MISC |
quectel — rg502q-ea_modem |
The Quectel RG502Q-EA modem before 2022-02-23 allow OS Command Injection. | 2022-06-21 | not yet calculated | CVE-2022-26147 MISC |
realtek — usb_driver |
Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services. | 2022-06-20 | not yet calculated | CVE-2022-21742 MISC |
red_hat — amq_broker_operator |
A flaw was found in AMQ Broker Operator 7.9.4 installed via UI using OperatorHub where a low-privilege user that has access to the namespace where the AMQ Operator is deployed has access to clusterwide edit rights by checking the secrets. The service account used for building the Operator gives more permission than expected and an attacker could benefit from it. This requires at least an already compromised low-privilege account or insider attack. | 2022-06-21 | not yet calculated | CVE-2022-1833 MISC |
red_hat — enterprise linux_for_ibm |
A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it shouldn’t. These kernel builds don’t have the secure boot lockdown patches applied to it and can bypass the secure boot validations, allowing the attacker to load another non-trusted code. | 2022-06-21 | not yet calculated | CVE-2022-1665 MISC |
redis — redis | Redis v7.0 was discovered to contain a memory leak via the component streamGetEdgeID. | 2022-06-23 | not yet calculated | CVE-2022-33105 MISC MISC MISC MISC |
salt — saltstack_salt |
An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously authorized user whose account is locked still run Salt commands when their account is locked. This affects both local shell accounts with an active session and salt-api users that authenticate via PAM eauth. | 2022-06-23 | not yet calculated | CVE-2022-22967 MISC MISC |
schneider_electric — geo_scada_mobile |
A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be misled, hiding alarms, showing the wrong server connection option or the wrong control request when a mobile device has been compromised by a malicious application. Affected Product: Geo SCADA Mobile (Build 222 and prior) | 2022-06-24 | not yet calculated | CVE-2022-32530 CONFIRM |
secheron — SEPCOS Control and Protection Relay | Controls limiting uploads to certain file extensions may be bypassed. This could allow an attacker to intercept the initial file upload page response and modify the associated code. This modified code can be forwarded and used by a script loaded later in the sequence, allowing for arbitrary file upload into a location where PHP scripts may be executed. | 2022-06-24 | not yet calculated | CVE-2022-2102 MISC |
secheron — SEPCOS Control and Protection Relay |
The default password for the web application’s root user (the vendor’s private account) was weak and the MD5 hash was used to crack the password using a widely available open-source tool. | 2022-06-24 | not yet calculated | CVE-2022-1666 MISC |
secheron — SEPCOS Control and Protection Relay |
An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to remotely executable directories. | 2022-06-24 | not yet calculated | CVE-2022-2103 MISC |
secheron — SEPCOS Control and Protection Relay |
Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, including a “root” user level meant only for the vendor. Web server root level access allows for changing of safety critical parameters. | 2022-06-24 | not yet calculated | CVE-2022-2105 MISC |
secheron — SEPCOS Control and Protection Relay |
Client-side JavaScript controls may be bypassed by directly running a JS function to reboot the PLC (e.g., from the browser console) or by loading the corresponding, browser accessible PHP script | 2022-06-24 | not yet calculated | CVE-2022-1667 MISC |
secheron — SEPCOS Control and Protection Relay |
Weak default root user credentials allow remote attackers to easily obtain OS superuser privileges over the open TCP port for SSH. | 2022-06-24 | not yet calculated | CVE-2022-1668 MISC |
securylight — ispyconnet_ispy |
iSpyConnect iSpy v7.2.2.0 is vulnerable to path traversal. | 2022-06-21 | not yet calculated | CVE-2022-29774 MISC MISC |
securylight — ispyconnet_ispy |
iSpyConnect iSpy v7.2.2.0 allows attackers to bypass authentication via a crafted URL. | 2022-06-21 | not yet calculated | CVE-2022-29775 MISC MISC |
shina_systems — sihas_sgw-300 |
There is no account authentication and permission check logic in the firmware and existing apps of SiHAS’s SGW-300, ACM-300, GCM-300, so unauthorized users can remotely control the device. | 2022-06-23 | not yet calculated | CVE-2021-26637 MISC |
siemens — simatic_wincc_oa |
A vulnerability has been identified in SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated. | 2022-06-21 | not yet calculated | CVE-2022-33139 MISC |
solarview_compact — solarview | An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file. | 2022-06-21 | not yet calculated | CVE-2022-31374 MISC |
solarview_compact — solarview |
SolarView Compact v6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Solar_AiConf.php. | 2022-06-21 | not yet calculated | CVE-2022-31373 MISC |
sourcecodester — online_railway_reseration_system |
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/reservations/view_details.php. | 2022-06-21 | not yet calculated | CVE-2022-33048 MISC |
sourcecodester — online_railway_reseration_system |
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/?page=user/manage_user. | 2022-06-21 | not yet calculated | CVE-2022-33049 MISC |
sourcecodester — online_railway_reseration_system |
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/trains/manage_train.php. | 2022-06-21 | not yet calculated | CVE-2022-33055 MISC |
sourcecodester — online_railway_reseration_system |
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/schedules/manage_schedule.php. | 2022-06-21 | not yet calculated | CVE-2022-33056 MISC |
sourcecodester — prison_management_system |
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/prisons/view_prison.php:4 | 2022-06-24 | not yet calculated | CVE-2022-32405 MISC MISC |
sourcecodester — prison_management_system |
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/prisons/manage_prison.php:4 | 2022-06-24 | not yet calculated | CVE-2022-32402 MISC MISC |
sourcecodester — prison_management_system |
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/inmates/manage_record.php:4 | 2022-06-24 | not yet calculated | CVE-2022-32403 MISC MISC |
sourcecodester — prison_management_system |
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/inmates/manage_inmate.php:3 | 2022-06-24 | not yet calculated | CVE-2022-32404 MISC MISC |
sourcecodester — prison_management_system |
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/crimes/view_crime.php:4 | 2022-06-24 | not yet calculated | CVE-2022-32399 MISC MISC |
sourcecodester — prison_management_system |
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/cells/manage_cell.php:4 | 2022-06-24 | not yet calculated | CVE-2022-32398 MISC MISC |
sourcecodester — prison_management_system |
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/visits/view_visit.php:4 | 2022-06-24 | not yet calculated | CVE-2022-32397 MISC MISC |
sourcecodester — prison_management_system |
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/inmates/manage_privilege.php:4 | 2022-06-24 | not yet calculated | CVE-2022-32401 MISC MISC |
sourcecodester — prison_management_system |
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/visits/manage_visit.php:4 | 2022-06-24 | not yet calculated | CVE-2022-32396 MISC MISC |
sourcecodester — prison_management_system |
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/user/manage_user.php:4. | 2022-06-24 | not yet calculated | CVE-2022-32400 MISC MISC |
sourcecodester — prison_management_system |
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/crimes/manage_crime.php:4 | 2022-06-24 | not yet calculated | CVE-2022-32395 MISC MISC |
sourcecodester — prison_management_system |
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/inmates/view_inmate.php:3 | 2022-06-24 | not yet calculated | CVE-2022-32394 MISC MISC |
sourcecodester — prison_management_system |
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/cells/view_cell.php:4 | 2022-06-24 | not yet calculated | CVE-2022-32393 MISC MISC |
sourcecodester — prison_management_system |
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/actions/manage_action.php:4 | 2022-06-24 | not yet calculated | CVE-2022-32392 MISC MISC |
sourcecodester — prison_management_system |
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/actions/view_action.php:4 | 2022-06-24 | not yet calculated | CVE-2022-32391 MISC MISC |
sourcecodester — school_file_management_system |
Cross Site Scripting (XSS) vulnerability in sourcecodester School File Management System 1.0 via the Firtstname parameter to the Update Account form in student_profile.php. | 2022-06-23 | not yet calculated | CVE-2021-29055 MISC MISC |
sourcecodester — school_file_management_system |
Cross Site Scripting (XSS) vulnerability in sourcecodester School File Management System 1.0 via the Lastname parameter to the Update Account form in student_profile.php. | 2022-06-23 | not yet calculated | CVE-2021-46824 MISC MISC MISC |
srsolutions — usertakeover_plugin |
The UserTakeOver plugin before 4.0.1 for ILIAS allows an attacker to list all users via the search function. | 2022-06-21 | not yet calculated | CVE-2022-31478 MISC MISC |
suse — manager_server |
An Uncontrolled Resource Consumption vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37. | 2022-06-22 | not yet calculated | CVE-2022-21952 CONFIRM |
suse — multiple_products |
A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to discover valid usernames. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46-1. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37-1. | 2022-06-22 | not yet calculated | CVE-2022-31248 CONFIRM |
swascan — docebo_community_edition |
** UNSUPPORTED WHEN ASSIGNED ** Docebo Community Edition v4.0.5 and below was discovered to contain an arbitrary file upload vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | 2022-06-23 | not yet calculated | CVE-2022-31362 MISC MISC |
swascan — docebo_community_edition |
** UNSUPPORTED WHEN ASSIGNED ** Docebo Community Edition v4.0.5 and below was discovered to contain a SQL injection vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | 2022-06-23 | not yet calculated | CVE-2022-31361 MISC MISC |
symantec_corporation — smg |
A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory servers that they might not otherwise be authorized to access. | 2022-06-24 | not yet calculated | CVE-2021-30651 MISC |
sysaid — okta_sso |
SysAid – Okta SSO integration – was found vulnerable to XML External Entity Injection vulnerability. Any SysAid environment that uses the Okta SSO integration might be vulnerable. An unauthenticated attacker could exploit the XXE vulnerability by sending a malformed POST request to the identity provider endpoint. An attacker can extract the identity provider endpoint by decoding the SAMLRequest parameter’s value and searching for the AssertionConsumerServiceURL parameter’s value. It often allows an attacker to view files on the application server filesystem and interact with any back-end or external systems that the application can access. In some situations, an attacker can escalate an XXE attack to compromise the underlying server or other back-end infrastructure by leveraging the XXE vulnerability to perform server-side request forgery (SSRF) attacks. | 2022-06-24 | not yet calculated | CVE-2022-23170 MISC |
telesoft — vitalpbx |
Missing access control in the backup system of Telesoft VitalPBX before 3.2.1 allows attackers to access the PJSIP and SIP extension credentials, cryptographic keys and voicemails files via unspecified vectors. | 2022-06-24 | not yet calculated | CVE-2022-29330 MISC MISC |
tenable — tns | An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges. | 2022-06-21 | not yet calculated | CVE-2022-32973 MISC |
tenable — tns |
An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials. | 2022-06-21 | not yet calculated | CVE-2022-32974 MISC |
thales — multiple_products |
Thales Safenet Authentication Client (SAC) for Linux and Windows through 10.7.7 creates insecure temporary hid and lock files allowing a local attacker, through a symlink attack, to overwrite arbitrary files, and potentially achieve arbitrary command execution with high privileges. | 2022-06-24 | not yet calculated | CVE-2021-42056 MISC |
tinyexr — tinyexr |
In tinyexr 1.0.1, there is a heap-based buffer over-read in tinyexr::DecodePixelData. | 2022-06-23 | not yet calculated | CVE-2022-34300 MISC |
titanftp — nextgen |
An issue was discovered in TitanFTP (aka Titan FTP) NextGen before 1.2.1050. There is Remote Code Execution due to a hardcoded password for the sa account on the Microsoft SQL Express 2019 instance installed by default during TitanFTP NextGen installation, aka NX-I674 (sub-issue 1). NOTE: as of 2022-06-21, the 1.2.1050 release corrects this vulnerability in a new installation, but not in an upgrade installation. | 2022-06-19 | not yet calculated | CVE-2022-34005 MISC |
titanftp — nextgen |
An issue was discovered in TitanFTP (aka Titan FTP) NextGen before 1.2.1050. When installing, Microsoft SQL Express 2019 installs by default with an SQL instance running as SYSTEM with BUILTIN\Users as sysadmin, thus enabling unprivileged Windows users to execute commands locally as NT AUTHORITY\SYSTEM, aka NX-I674 (sub-issue 2). NOTE: as of 2022-06-21, the 1.2.1050 release corrects this vulnerability in a new installation, but not in an upgrade installation. | 2022-06-19 | not yet calculated | CVE-2022-34006 MISC |
totd — totd |
totd before 1.5.3 does not properly randomize mesg IDs. | 2022-06-23 | not yet calculated | CVE-2022-34295 MISC MISC MISC MISC |
twcert/cc — asus_control_center |
ASUS Control Center is vulnerable to SQL injection. An authenticated remote attacker with general user privilege can inject SQL command to specific API parameters to acquire database schema or access data. | 2022-06-20 | not yet calculated | CVE-2022-26669 MISC |
twcert/cc — asus_control_center_api |
ASUS Control Center API has a broken access control vulnerability. An unauthenticated remote attacker can call privileged API functions to perform partial system operations or cause partial disrupt of service. | 2022-06-20 | not yet calculated | CVE-2022-26668 MISC |
twcert/cc — twcert/cc |
NHI’s health insurance web service component has insufficient validation for input string length, which can result in heap-based buffer overflow attack. A remote attacker can exploit this vulnerability to flood the memory space reserved for the program, in order to terminate service without authentication, which requires a system restart to recover service. | 2022-06-20 | not yet calculated | CVE-2021-45918 MISC |
underscore-99xp — underscore-99xp |
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in underscore-99xp v1.7.2 when the deepValueSearch function is called. | 2022-06-24 | not yet calculated | CVE-2021-40894 MISC |
union-home — unioncms |
Unioncms v1.0.13 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Default settings. | 2022-06-21 | not yet calculated | CVE-2022-25585 MISC MISC |
validate-color — validate-color |
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in validate-color v2.1.0 when handling crafted invalid rgb(a) strings. | 2022-06-24 | not yet calculated | CVE-2021-40892 MISC |
validate-color — validate-color |
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in validate-data v0.1.1 when validating crafted invalid emails. | 2022-06-24 | not yet calculated | CVE-2021-40893 MISC |
vim — vim |
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | 2022-06-19 | not yet calculated | CVE-2022-2126 MISC CONFIRM MLIST |
vim — vim |
Buffer Over-read in GitHub repository vim/vim prior to 8.2. | 2022-06-19 | not yet calculated | CVE-2022-2124 MISC CONFIRM MLIST |
vim — vim |
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | 2022-06-23 | not yet calculated | CVE-2022-2183 MISC CONFIRM |
vim — vim |
Buffer Over-read in GitHub repository vim/vim prior to 8.2. | 2022-06-23 | not yet calculated | CVE-2022-2175 MISC CONFIRM |
vim — vim |
Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution. | 2022-06-20 | not yet calculated | CVE-2022-1720 MISC CONFIRM MLIST |
vim — vim |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | 2022-06-19 | not yet calculated | CVE-2022-2125 CONFIRM MISC |
vim — vim |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | 2022-06-23 | not yet calculated | CVE-2022-2182 MISC CONFIRM |
vim — vim |
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | 2022-06-19 | not yet calculated | CVE-2022-2129 CONFIRM MISC |
vmware — spring_cloud_function |
In Spring Cloud Function versions prior to 3.2.6, it is possible for a user who directly interacts with framework provided lookup functionality to cause a denial-of-service condition due to the caching issue in the Function Catalog component of the framework. | 2022-06-21 | not yet calculated | CVE-2022-22979 MISC |
vmware — spring_data_mongodb |
A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value binding if the input is not sanitized. | 2022-06-23 | not yet calculated | CVE-2022-22980 MISC |
webkul — krayin_crm |
Webkul krayin crm before 1.2.2 is vulnerable to Cross Site Scripting (XSS). | 2022-06-21 | not yet calculated | CVE-2021-41924 MISC |
wireapp — wire-ios | wire-ios is an iOS client for the Wire secure messaging application. Invalid accent colors of Wire communication partners may render the iOS Wire Client partially unusable by causing it to crash multiple times on launch. These invalid accent colors can be used by and sent between Wire users. The root cause was an unnecessary assert statement when converting an integer value into the corresponding enum value, causing an exception instead of a fallback to a default value. This issue is fixed in [wire-ios](https://github.com/wireapp/wire-ios/commit/caa0e27dbe51f9edfda8c7a9f017d93b8cfddefb) and in Wire for iOS 3.100. There is no workaround available, but users may use other Wire clients (such as the [web app](https://app.wire.com)) to continue using Wire, or upgrade their client. | 2022-06-23 | not yet calculated | CVE-2022-31009 MISC CONFIRM |
wireapp — wire-webapp |
Wire is a secure messaging application. Wire is vulnerable to arbitrary HTML and Javascript execution via insufficient escaping when rendering `@mentions` in the wire-webapp. If a user receives and views a malicious message, arbitrary code is injected and executed in the context of the victim allowing the attacker to fully control the user account. Wire-desktop clients that are connected to a vulnerable wire-webapp version are also vulnerable to this attack. The issue has been fixed in wire-webapp 2022-05-04-production.0 and is already deployed on all Wire managed services. On-premise instances of wire-webapp need to be updated to docker tag 2022-05-04-production.0-v0.29.7-0-a6f2ded or wire-server 2022-05-04 (chart/4.11.0) or later. No known workarounds exist. | 2022-06-25 | not yet calculated | CVE-2022-29168 CONFIRM |
worddpress — inline_google-maps_wordpress_plugin |
The Inline Google Maps WordPress plugin through 5.11 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping | 2022-06-20 | not yet calculated | CVE-2022-1829 MISC |
wordpress — allow_svg_files_wordpress_plugin |
The Allow svg files WordPress plugin before 1.1 does not properly validate uploaded files, which could allow high privilege users such as admin to upload PHP files even when they are not allowed to | 2022-06-20 | not yet calculated | CVE-2022-1939 MISC |
wordpress — better_find_and_replace_wordpress_plugin |
The Better Find and Replace WordPress plugin before 1.3.6 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection | 2022-06-20 | not yet calculated | CVE-2022-1472 MISC |
wordpress — capa_protect_wordpress_plugin |
The CaPa Protect WordPress plugin through 0.5.8.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable the applied protection. | 2022-06-20 | not yet calculated | CVE-2022-1832 MISC |
wordpress — coming_soon_&_maintenance_mode_by_colorlib_wordpress_plugin |
The Coming Soon & Maintenance Mode by Colorlib WordPress plugin before 1.0.99 does not sanitize and escape some settings, allowing high privilege users such as admin to perform Stored Cross-Site Scripting when unfiltered_html is disallowed (for example in multisite setup) | 2022-06-20 | not yet calculated | CVE-2022-1945 MISC |
wordpress — cross-linker_wordpress_plugin | The Cross-Linker WordPress plugin through 3.0.1.9 does not have CSRF check in place when creating Cross-Links, which could allow attackers to make a logged in admin perform such action via a CSRF attack | 2022-06-20 | not yet calculated | CVE-2022-1826 MISC |
wordpress — custom_share_buttons_with_floating_sidear_wordpress_plugin |
The Custom Share Buttons with Floating Sidebar WordPress plugin before 4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed | 2022-06-20 | not yet calculated | CVE-2022-1717 MISC |
wordpress — download_manager_plugin |
A vulnerability, which was classified as problematic, was found in Download Manager Plugin 2.8.99. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. | 2022-06-24 | not yet calculated | CVE-2017-20093 MISC MISC |
wordpress — events_made_easy_wordpress_plugin |
The Events Made Easy WordPress plugin before 2.2.81 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection | 2022-06-20 | not yet calculated | CVE-2022-1905 MISC |
wordpress — file_manager_plugin |
A vulnerability was found in File Manager Plugin 3.0.1. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. | 2022-06-23 | not yet calculated | CVE-2017-20091 N/A N/A |
wordpress — global_content_blocks_plugin |
A vulnerability was found in Global Content Blocks Plugin 2.1.5. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. | 2022-06-23 | not yet calculated | CVE-2017-20090 N/A N/A |
wordpress — google_analytics_dashboard_plugin |
A vulnerability classified as problematic was found in Google Analytics Dashboard Plugin 2.1.1. Affected by this vulnerability is an unknown functionality. The manipulation leads to basic cross site scripting. The attack can be launched remotely. | 2022-06-24 | not yet calculated | CVE-2017-20092 MISC MISC |
wordpress — gwolle_guestbook_plugin |
A vulnerability was found in Gwolle Guestbook Plugin 1.7.4. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to basic cross site scripting. The attack may be initiated remotely. | 2022-06-23 | not yet calculated | CVE-2017-20089 N/A N/A |
wordpress — mail_subscribe_list_wordpress_plugin |
The Mail Subscribe List WordPress plugin before 2.1.4 does not have CSRF check in place when deleting subscribed users, which could allow attackers to make a logged in admin perform such action and delete arbitrary users from the subscribed list | 2022-06-20 | not yet calculated | CVE-2022-1603 MISC |
wordpress — multi-page_toolkit_wordpress_plugin |
The Multi-page Toolkit WordPress plugin through 2.6 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well | 2022-06-20 | not yet calculated | CVE-2022-1818 MISC |
wordpress — newsletter_wordpress_plugin |
The Newsletter WordPress plugin before 7.4.6 does not escape and sanitise the preheader_text setting, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when the unfilteredhtml is disallowed | 2022-06-20 | not yet calculated | CVE-2022-1889 MISC |
wordpress — newstatpress_plugin |
A vulnerability, which was classified as problematic, has been found in NewStatPress Plugin 1.2.4. This issue affects some unknown processing. The manipulation leads to basic cross site scripting (Persistent). The attack may be initiated remotely. Upgrading to version 1.2.5 is able to address this issue. It is recommended to upgrade the affected component. | 2022-06-24 | not yet calculated | CVE-2017-20094 MISC MISC |
wordpress — ocean_extra_wordpress_plugin |
The Ocean Extra WordPress plugin before 1.9.5 does not escape generated links which are then used when the OceanWP is active, leading to a Reflected Cross-Site Scripting issue | 2022-06-20 | not yet calculated | CVE-2021-25104 MISC |
wordpress — pdf24_article_to_pdf_wordpress_plugin |
The PDF24 Article To PDF WordPress plugin through 4.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 2022-06-20 | not yet calculated | CVE-2022-1827 MISC |
wordpress — pdf24_article_to_pdf_wordpress_plugin |
The PDF24 Articles To PDF WordPress plugin through 4.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 2022-06-20 | not yet calculated | CVE-2022-1828 MISC |
wordpress — post_grid,_slider_&_carousel_ultimate_wordpress_plugin | The Post Grid, Slider & Carousel Ultimate WordPress plugin before 1.5.0 does not sanitise and escape the Header Title, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 2022-06-20 | not yet calculated | CVE-2022-1266 MISC |
wordpress — print,_pdf,_email_by_printfriendly_wordpress_plugin |
The Print, PDF, Email by PrintFriendly WordPress plugin before 5.2.3 does not sanitise and escape the Custom Button Text settings, which could allow high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | 2022-06-20 | not yet calculated | CVE-2022-0663 MISC |
wordpress — rating_by_bestwebsoft_wordpress_plugin |
The Rating by BestWebSoft WordPress plugin through 1.5 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service on the post/page when a user submit such rating | 2022-06-20 | not yet calculated | CVE-2021-25121 MISC |
wordpress — seamless_donations_wordpress_plugin |
The Seamless Donations WordPress plugin before 5.1.9 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 2022-06-20 | not yet calculated | CVE-2022-1610 MISC |
wordpress — siple_ads_manager_plugin |
A vulnerability classified as critical was found in Simple Ads Manager Plugin. This vulnerability affects unknown code. The manipulation leads to code injection. The attack can be initiated remotely. | 2022-06-24 | not yet calculated | CVE-2017-20095 MISC MISC |
wordpress — supsystic_popup_plugin | A vulnerability was found in Supsystic Popup Plugin 1.7.6 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-06-20 | not yet calculated | CVE-2017-20065 N/A N/A N/A N/A |
wordpress — underconstruction_wordpress_plugin |
The underConstruction WordPress plugin before 1.20 does not have CSRF check in place when deactivating the construction mode, which could allow attackers to make a logged in admin perform such action via a CSRF attack | 2022-06-20 | not yet calculated | CVE-2022-1895 MISC |
wordpress — underconstructrion_wordpress_plugin |
The underConstruction WordPress plugin before 1.21 does not sanitise or escape the “Display a custom page using your own HTML” setting before outputting it, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiletred_html capability is disallowed. | 2022-06-20 | not yet calculated | CVE-2022-1896 MISC |
wordpress — vaultpress_plugin |
A vulnerability, which was classified as critical, was found in VaultPress Plugin 1.8.4. This affects an unknown part. The manipulation leads to code injection. It is possible to initiate the attack remotely. | 2022-06-23 | not yet calculated | CVE-2017-20086 N/A N/A |
wordpress — very_simple_contact_form_wordpress_plugin |
The Very Simple Contact Form WordPress plugin before 11.6 exposes the solution to the captcha in the rendered contact form, both as hidden input fields and as plain text in the page, making it very easy for bots to bypass the captcha check, rendering the page a likely target for spam bots. | 2022-06-20 | not yet calculated | CVE-2022-1801 MISC |
wordpress — wordpress_plugin_user_photo | In WordPress Plugin User Photo 0.9.4, when a photo is uploaded, it is only partially validated and it is possible to upload a backdoor on the server hosting WordPress. This backdoor can be called (executed) even if the photo has not been yet approved. | 2022-06-24 | not yet calculated | CVE-2013-1916 MISC MISC MISC |
wordpress — wp-emial_wordpress_plugin |
The WP-EMail WordPress plugin before 2.69.0 does not protect its log deletion functionality with nonce checks, allowing attacker to make a logged in admin delete logs via a CSRF attack | 2022-06-20 | not yet calculated | CVE-2022-1630 MISC |
wordpress — wp-filebase_download_manager_plugin |
A vulnerability was found in WP-Filebase Download Manager Plugin 3.4.4. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. | 2022-06-24 | not yet calculated | CVE-2017-20097 MISC MISC |
wordpress — wp-spamfree_anti-spam_plugin |
A vulnerability classified as problematic has been found in WP-SpamFree Anti-Spam Plugin 2.1.1.4. This affects an unknown part. The manipulation leads to basic cross site scripting. It is possible to initiate the attack remotely. | 2022-06-24 | not yet calculated | CVE-2017-20096 MISC MISC |
wordpress — wp-zillow_review_slider_wordpress_plugin |
The WP Zillow Review Slider WordPress plugin before 2.4 does not escape a settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite) | 2022-06-20 | not yet calculated | CVE-2022-1915 MISC |
wordpress — wplite_wordpress_plugin |
The WPlite WordPress plugin through 1.3.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 2022-06-20 | not yet calculated | CVE-2022-1831 MISC |
wordpress — xml_sitemaps_wordpress_plugin |
The XML Sitemaps WordPress plugin before 4.1.3 does not sanitise and escape a settings before outputting it in the Debug page, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 2022-06-20 | not yet calculated | CVE-2021-25088 MISC |
wordpress — athahualpa_theme_wordress_plugin |
A vulnerability classified as problematic has been found in Atahualpa Theme. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. | 2022-06-23 | not yet calculated | CVE-2017-20088 N/A N/A |
wordpress — athahualpa_theme_wordress_plugin |
A vulnerability has been found in Atahualpa Theme and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to basic cross site scripting. The attack can be launched remotely. | 2022-06-23 | not yet calculated | CVE-2017-20085 N/A N/A |
wordprss — amazon_einzeltitlelinks_wordpress_plugin |
The Amazon Einzeltitellinks WordPress plugin through 1.3.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping | 2022-06-20 | not yet calculated | CVE-2022-1830 MISC |
wp-emial_wordpress_plugin |
The WP-EMail WordPress plugin before 2.69.0 prioritizes getting a visitor’s IP from certain HTTP headers over PHP’s REMOTE_ADDR, which makes it possible to bypass IP-based anti-spamming restrictions. | 2022-06-20 | not yet calculated | CVE-2022-1614 MISC |
xi_s&d — smarthomes(smartcare) |
Improper Authentication vulnerability in S&D smarthome(smartcare) application can cause authentication bypass and information exposure. Remote attackers can use this vulerability to take control of the home environment including indoor control. | 2022-06-23 | not yet calculated | CVE-2021-26638 MISC |
zalando — skipper |
In Zalando Skipper before 0.13.218, a query predicate could be bypassed via a prepared request. | 2022-06-23 | not yet calculated | CVE-2022-34296 MISC |
zulip — zulip |
Zulip is an open-source team collaboration tool. Versions 2.1.0 through and including 5.2 are vulnerable to a logic error. A stream configured as private with protected history, where new subscribers should not be allowed to see messages sent before they were subscribed, when edited causes the server to incorrectly send an API event that includes the edited message to all of the stream’s current subscribers. This API event is ignored by official clients, but can be observed by using a modified client or the browser’s developer tools. This bug will be fixed in Zulip Server 5.3. There are no known workarounds. | 2022-06-25 | not yet calculated | CVE-2022-31017 CONFIRM |
This product is provided subject to this Notification and this Privacy & Use policy.
Please share your thoughts.
CISA recently updated an anonymous product survey;they’d welcome your feedback.