US-CERT Bulletin (SB22-073):Vulnerability Summary for the Week of March 7, 2022

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

High: vulnerabilities with a CVSS base score of 7.0–10.0
Medium: vulnerabilities with a CVSS base score of 4.0–6.9
Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
a3rev — page_view_count	The Page View Count WordPress plugin before 2.4.15 does not sanitise and escape the post_ids parameter before using it in a SQL statement via a REST endpoint, available to both unauthenticated and authenticated users. As a result, unauthenticated attackers could perform SQL injection attacks	2022-03-07	7.5	CVE-2022-0434 MISC
bitdefender — antivirus_plus	Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.3.146.	2022-03-07	7.2	CVE-2021-4199 CONFIRM MISC
calibre-web_project — calibre-web	Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17.	2022-03-07	7.5	CVE-2022-0766 CONFIRM MISC
dlink — dir-859_firmware	D-Link DIR-859 v1.05 was discovered to contain a stack-based buffer overflow via the function genacgi_main. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.	2022-03-04	7.1	CVE-2022-25106 MISC MISC MISC
genieacs — genieacs	In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument (lib/ui/api.ts and lib/ping.ts). The vulnerability arises from insufficient input validation combined with a missing authorization check.	2022-03-06	7.5	CVE-2021-46704 MISC MISC
linux — linux_kernel	A flaw was found in the way the “flags” member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.	2022-03-10	7.2	CVE-2022-0847 MISC MISC MISC MISC MISC
linux — linux_kernel	A flaw was found in the KVM’s AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the “virt_ext” field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.	2022-03-04	7.2	CVE-2021-3656 MISC MISC MISC MISC
mendix — forgot_password	A vulnerability has been identified in Mendix Forgot Password Appstore module (All versions >= V3.3.0 < V3.5.1), Mendix Forgot Password Appstore module (Mendix 7 compatible) (All versions < V3.2.2). Initial passwords are generated in an insecure manner. This could allow an unauthenticated remote attacker to efficiently brute force passwords in specific situations.	2022-03-08	7.5	CVE-2022-26314 CONFIRM
mi — ax3600_firmware	A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code.	2022-03-10	7.2	CVE-2020-14111 MISC
mi — ax3600_firmware	A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code.	2022-03-10	10	CVE-2020-14115 MISC
mingsoft — mcms	https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: RCE. The impact is: execute arbitrary code (remote). The attack vector is: ${“freemarker.template.utility.Execute”?new()(“calc”)}. ¶¶ MCMS has a pre-auth RCE vulnerability through which allows unauthenticated attacker with network access via http to compromise MCMS. Successful attacks of this vulnerability can result in takeover of MCMS.	2022-03-04	7.5	CVE-2021-46384 MISC
network_block_device_project — network_block_device	In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBD_OPT_INFO or NBD_OPT_GO message with an large value as the length of the name.	2022-03-06	7.5	CVE-2022-26496 MISC MISC MISC
network_block_device_project — network_block_device	In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists for the NBD_OPT_INFO, NBD_OPT_GO, and NBD_OPT_EXPORT_NAME messages.	2022-03-06	7.5	CVE-2022-26495 MISC MISC MLIST
part-db_project — part-db	OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11.	2022-03-04	10	CVE-2022-0848 CONFIRM MISC MISC
pytorchlightning — pytorch_lightning	Code Injection in GitHub repository pytorchlightning/pytorch-lightning prior to 1.6.0.	2022-03-05	10	CVE-2022-0845 CONFIRM MISC
secomea — gatemanager	This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Improper Limitation of a Pathname to restricted directory, allows logged in GateManager admin to delete system Files or Directories.	2022-03-04	8.5	CVE-2021-32008 MISC
siemens — ruggedcom_ros	A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < V5.6.0), RUGGEDCOM ROS RST2228 (All versions < V5.6.0), RUGGEDCOM ROS RST2228P (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < V5.6.0), RUGGEDCOM ROS RST916P (All versions < V5.6.0), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). Within a third-party component, the process to allocate partition size fails to check memory boundaries. Therefore, if a large amount is requested by an attacker, due to an integer-wrap around, it could result in a small size being allocated instead.	2022-03-08	7.5	CVE-2021-42019 CONFIRM
siemens — ruggedcom_ros	A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < V5.6.0), RUGGEDCOM ROS RST2228 (All versions < V5.6.0), RUGGEDCOM ROS RST2228P (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < V5.6.0), RUGGEDCOM ROS RST916P (All versions < V5.6.0), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). Within a third-party component, whenever memory allocation is requested, the out of bound size is not checked. Therefore, if size exceeding the expected allocation is assigned, it could allocate a smaller buffer instead. If an attacker were to exploit this, they could cause a heap overflow.	2022-03-08	7.5	CVE-2021-42018 CONFIRM
siemens — sinumerik_mc_firmware	A vulnerability has been identified in SINUMERIK MC (All versions < V1.15 SP1), SINUMERIK ONE (All versions < V6.15 SP1). The sc SUID binary on affected devices provides several commands that are used to execute system commands or modify system files. A specific set of operations using sc could allow local attackers to escalate their privileges to root.	2022-03-08	7.2	CVE-2022-24408 CONFIRM
stylemixthemes — masterstudy_lms	The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin	2022-03-07	7.5	CVE-2022-0441 CONFIRM MISC
symantec — management_agent	The Symantec Management Agent is susceptible to a privilege escalation vulnerability. A low privilege local account can be elevated to the SYSTEM level through registry manipulations.	2022-03-04	7.2	CVE-2022-25623 MISC
tenda — ax1806_firmware	Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetProvince. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ProvinceCode parameter.	2022-03-10	7.8	CVE-2022-25558 MISC
tenda — ax1806_firmware	Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter.	2022-03-10	7.8	CVE-2022-25566 MISC
tenda — ax1806_firmware	Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the urls parameter.	2022-03-10	7.8	CVE-2022-25557 MISC
tenda — ax1806_firmware	Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the serverName parameter.	2022-03-10	7.8	CVE-2022-25548 MISC
tenda — ax1806_firmware	Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the deviceId parameter.	2022-03-10	7.8	CVE-2022-25554 MISC
tenda — ax1806_firmware	Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsPwd parameter.	2022-03-10	7.8	CVE-2022-25553 MISC
tenda — ax1806_firmware	Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ssid parameter.	2022-03-10	7.8	CVE-2022-25552 MISC
tenda — ax1806_firmware	Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsDomain parameter.	2022-03-10	7.8	CVE-2022-25551 MISC
tenda — ax1806_firmware	Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsUser parameter.	2022-03-10	7.8	CVE-2022-25546 MISC
tenda — ax1806_firmware	Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter.	2022-03-10	7.8	CVE-2022-25547 MISC
tenda — ax1806_firmware	Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the deviceName parameter.	2022-03-10	7.8	CVE-2022-25550 MISC
tenda — ax1806_firmware	Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ntpServer parameter.	2022-03-10	7.8	CVE-2022-25555 MISC
tenda — ax1806_firmware	Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsEn parameter.	2022-03-10	7.8	CVE-2022-25549 MISC
tenda — ax3_firmware	There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10_CN. The v10 variable is directly retrieved from the http request parameter startIp. Then v10 will be splice to stack by function sscanf without any security check,which causes stack overflow. By POSTing the page /goform/SetPptpServerCfg with proper startIp, the attacker can easily perform remote code execution with carefully crafted overflow data.	2022-03-04	7.5	CVE-2021-46393 MISC
tenda — ax3_firmware	There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10_CN. The v13 variable is directly retrieved from the http request parameter startIp. Then v13 will be splice to stack by function sscanf without any security check, which causes stack overflow. By POSTing the page /goform/SetPptpServerCfg with proper startIp, the attacker can easily perform remote code execution with carefully crafted overflow data.	2022-03-04	7.5	CVE-2021-46394 MISC
tp-link — tl-wr886n_firmware	A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/check_reg_verify_code function which could let a remove malicious user execute arbitrary code via a crafted post request.	2022-03-10	10	CVE-2021-44622 MISC
tp-link — tl-wr886n_firmware	A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 via the /cloud_config/router_post/check_reset_pwd_verify_code interface.	2022-03-10	10	CVE-2021-44623 MISC
tp-link — tl-wr886n_firmware	A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in /cloud_config/cloud_device/info interface, which allows a malicious user to executee arbitrary code on the system via a crafted post request.	2022-03-10	10	CVE-2021-44625 MISC
tp-link — tl-wr886n_firmware	A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/get_reg_verify_code feature, which allows malicious users to execute arbitrary code on the system via a crafted post request.	2022-03-10	10	CVE-2021-44626 MISC
tp-link — tl-wr886n_firmware	A Buffer Overflow vulnerabilitiy exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/register feature, which allows malicious users to execute arbitrary code on the system via a crafted post request.	2022-03-10	10	CVE-2021-44629 MISC
tp-link — tl-wr886n_firmware	A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/get_reset_pwd_veirfy_code feature, which allows malicious users to execute arbitrary code on the system via a crafted post request.	2022-03-10	10	CVE-2021-44627 MISC
tp-link — tl-wr886n_firmware	A Buffer Overflow vulnerabiltiy exists in TP-LINK WR-886N 20190826 2.3.8 in thee /cloud_config/router_post/login feature, which allows malicious users to execute arbitrary code on the system via a crafted post request.	2022-03-10	10	CVE-2021-44628 MISC
tp-link — tl-wr886n_firmware	A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/modify_account_pwd feature, which allows malicious users to execute arbitrary code on the system via a crafted post request.	2022-03-10	10	CVE-2021-44630 MISC
tp-link — tl-wr886n_firmware	A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/reset_cloud_pwd feature, which allows malicous users to execute arbitrary code on the system via a crafted post request.	2022-03-10	10	CVE-2021-44631 MISC
tp-link — tl-wr886n_firmware	A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/upgrade_info feature, which allows malicious users to execute arbitrary code on the system via a crafted post request.	2022-03-10	10	CVE-2021-44632 MISC
victor_cms_project — victor_cms	Victor CMS v1.0 was discovered to contain a SQL injection vulnerability.	2022-03-04	7.5	CVE-2022-26201 MISC MISC
wpdeveloper — notificationx	The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nx_id parameter before using it in a SQL statement, leading to an Unauthenticated Blind SQL Injection	2022-03-07	7.5	CVE-2022-0349 MISC

Medium Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
abcm2ps_project — abcm2ps	abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at draw.c.	2022-03-10	4.3	CVE-2021-32434 MISC MISC
abcm2ps_project — abcm2ps	An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors.	2022-03-10	4.3	CVE-2021-32436 MISC MISC
abcm2ps_project — abcm2ps	Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors.	2022-03-10	4.3	CVE-2021-32435 MISC MISC
adrotate_project — adrotate	The AdRotate WordPress plugin before 5.8.22 does not sanitise and escape the adrotate_action before using it in a SQL statement via the adrotate_request_action function available to admins, leading to a SQL injection	2022-03-07	6.5	CVE-2022-0267 MISC
alfresco — alfresco	Cross Site Scripting (XSS) vulnerability exists in Alfresco Alfresco Community Edition v5.2.0 via the action parameter in the alfresco/s/admin/admin-nodebrowser API. Fixed in v6.2	2022-03-04	4.3	CVE-2020-18327 MISC MISC
apache — any23	An XML external entity (XXE) injection vulnerability was discovered in the Any23 RDFa XSLTStylesheet extractor and is known to affect Any23 versions < 2.7. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application’s processing of XML data. It often allows an attacker to view files on the application server filesystem, and to interact with any back-end or external systems that the application itself can access. This issue is fixed in Apache Any23 2.7.	2022-03-05	6.4	CVE-2022-25312 MISC MLIST
archivy_project — archivy	Open Redirect in GitHub repository archivy/archivy prior to 1.7.0.	2022-03-06	5.8	CVE-2022-0697 CONFIRM MISC
ayecode — userswp	The UsersWP WordPress plugin before 1.2.3.1 is missing access controls when updating a user avatar, and does not make sure file names for user avatars are unique, allowing a logged in user to overwrite another users avatar.	2022-03-07	4	CVE-2022-0442 MISC
catchplugins — catch_themes_demo_import	The Catch Themes Demo Import WordPress plugin before 2.1.1 does not validate one of the file to be imported, which could allow high privivilege admin to upload an arbitrary PHP file and gain RCE even in the case of an hardened blog (ie DISALLOW_UNFILTERED_HTML, DISALLOW_FILE_EDIT and DISALLOW_FILE_MODS constants set to true)	2022-03-07	6.5	CVE-2022-0440 MISC
cerber — wp_cerber_security\,_anti-spam_\&_malware_scan	The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 8.9.6 does not sanitise the $url variable before using it in an attribute in the Activity tab in the plugins dashboard, leading to an unauthenticated stored Cross-Site Scripting vulnerability.	2022-03-07	4.3	CVE-2022-0429 MISC
correosexpress_project — correosexpress	The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly accessible, and contain sensitive information such as sender/receiver names, phone numbers, physical and email addresses	2022-03-07	5	CVE-2021-25009 MISC
custom_content_shortcode_project — custom_content_shortcode	The Custom Content Shortcode WordPress plugin before 4.0.2 does not validate the data passed to its load shortcode, which could allow Contributor+ (v < 4.0.1) or Admin+ (v < 4.0.2) users to display arbitrary files from the filesystem (such as logs, .htaccess etc), as well as perform Local File Inclusion attacks as PHP files will be executed. Please note that such attack is still possible by admin+ in single site blogs by default (but won’t be when either the unfiltered_html or file_edit is disallowed)	2022-03-07	4	CVE-2021-24825 MISC
custom_content_shortcode_project — custom_content_shortcode	The [field] shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1, allows authenticated users with a role as low as contributor, to access arbitrary post metadata. This could lead to sensitive data disclosure, for example when used in combination with WooCommerce, the email address of orders can be retrieved	2022-03-07	4	CVE-2021-24824 MISC
devowl — wordpress_real_cookie_banner	The WordPress Real Cookie Banner: GDPR (DSGVO) & ePrivacy Cookie Consent WordPress plugin before 2.14.2 does not have CSRF checks in place when resetting its settings, allowing attackers to make a logged in admin reset them via a CSRF attack	2022-03-07	4.3	CVE-2022-0445 MISC
dlink — dir-x1860_firmware	An information disclosure in web interface in D-Link DIR-X1860 before 1.03 RevA1 allows a remote unauthenticated attacker to send a specially crafted HTTP request and gain knowledge of different absolute paths that are being used by the web application.	2022-03-04	5	CVE-2021-46353 MISC MISC
ericsson — network_manager	Ericsson Network Manager (ENM) before 21.2 has incorrect access-control behavior (that only affects the level of access available to persons who were already granted a highly privileged role). Users in the same AMOS authorization group can retrieve managed-network that was not set to be accessible to the entire group (i.e., was only set to be accessible to a subset of that group).	2022-03-10	4	CVE-2021-28488 MISC MISC MISC
espruino — espruino	Espruino 2v11 release was discovered to contain a stack buffer overflow via src/jsvar.c in jsvGetNextSibling.	2022-03-05	6.8	CVE-2022-25465 MISC
espruino — espruino	Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString.	2022-03-05	6.8	CVE-2022-25044 MISC MISC
f-secure — safe	A vulnerability affecting F-Secure SAFE browser was discovered whereby browsers loads images automatically this vulnerability can be exploited remotely by an attacker to execute the JavaScript can be used to trigger universal cross-site scripting through the browser. User interaction is required prior to exploitation, such as entering a malicious website to trigger the vulnerability.	2022-03-06	4.3	CVE-2021-44748 MISC
f-secure — safe	A vulnerability affecting F-Secure SAFE browser protection was discovered improper URL handling can be triggered to cause universal cross-site scripting through browsing protection in a SAFE web browser. User interaction is required prior to exploitation. A successful exploitation may lead to arbitrary code execution.	2022-03-06	4.3	CVE-2021-44749 MISC
fatcatapps — easy_pricing_tables	The Pricing Tables WordPress Plugin WordPress plugin before 3.1.3 does not verify the CSRF nonce when removing posts, allowing attackers to make a logged in admin remove arbitrary posts from the blog via a CSRF attack, which will be put in the trash	2022-03-07	4.3	CVE-2021-25098 MISC
framasoft — peertube	Insecure Storage of Sensitive Information in GitHub repository chocobozzz/peertube prior to 4.1.1.	2022-03-09	4	CVE-2022-0881 MISC CONFIRM
golang — go	regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression.	2022-03-05	5	CVE-2022-24921 CONFIRM
google — android	When the device is in factory state, it can be access the shell without adb authentication process. The LG ID is LVE-SMP-210010.	2022-03-04	6.9	CVE-2022-23729 MISC
hcltech — bigfix_compliance	“TLS-RSA cipher suites are not disabled in BigFix Compliance up to v2.0.5. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it.”	2022-03-04	4.3	CVE-2021-27756 MISC
hcltech — bigfix_insights	” Insecure password storage issue.The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.Since the information is stored in cleartext, attackers could potentially read it and gain access to sensitive information.”	2022-03-04	5	CVE-2021-27757 MISC
hestiacp — control_panel	Cross-site Scripting (XSS) – Generic in GitHub repository hestiacp/hestiacp prior to 1.5.9.	2022-03-04	4.3	CVE-2022-0752 MISC CONFIRM
hestiacp — control_panel	Cross-site Scripting (XSS) – Reflected in GitHub repository hestiacp/hestiacp prior to 1.5.10.	2022-03-04	4.3	CVE-2022-0838 MISC CONFIRM
hotscot — contact_form	The view submission functionality in the Hotscot Contact Form WordPress plugin before 1.3 makes a get request with the sub_id parameter which not sanitised, escaped or validated before inserting to a SQL statement, leading to an SQL injection.	2022-03-07	6.5	CVE-2021-24777 MISC
icegram — email_subscribers_\&_newsletters	The Email Subscribers & Newsletters WordPress plugin before 5.3.2 does not correctly escape the `order` and `orderby` parameters to the `ajax_fetch_report_list` action, making it vulnerable to blind SQL injection attacks by users with roles as low as Subscriber. Further, it does not have any CSRF protection in place for the action, allowing an attacker to trick any logged in user to perform the action by clicking a link.	2022-03-07	6.5	CVE-2022-0439 MISC
intelliants — subrion_cms	Multilple Cross Site Scripting (XSS) vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration panel.	2022-03-04	4.3	CVE-2020-18325 MISC MISC MISC
intelliants — subrion_cms	Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user.	2022-03-04	6.8	CVE-2020-18326 MISC MISC MISC
intelliants — subrion_cms	Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.1 via the q parameter in the Kickstart template.	2022-03-04	4.3	CVE-2020-18324 MISC MISC MISC
libming — ming	Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service.	2022-03-10	4.3	CVE-2021-34341 MISC MISC
libming — ming	Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c which causes a huge information leak.	2022-03-10	4.3	CVE-2021-34342 MISC MISC
libming — ming	Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.	2022-03-10	4.3	CVE-2021-34340 MISC MISC
libming — ming	Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.	2022-03-10	4.3	CVE-2021-34339 MISC MISC
libming — ming	Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.	2022-03-10	4.3	CVE-2021-34338 MISC MISC
libsixel_project — libsixel	saitoha libsixel v1.8.6 was discovered to contain a double free via the component sixel_chunk_destroy at /root/libsixel/src/chunk.c.	2022-03-10	6.8	CVE-2020-36123 MISC
linux — linux_kernel	st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.	2022-03-06	4.6	CVE-2022-26490 MISC
linux — linux_kernel	A flaw was found in the Linux kernel. A denial of service problem is identified if an extent tree is corrupted in a crafted ext4 filesystem in fs/ext4/extents.c in ext4_es_cache_extent. Fabricating an integer overflow, A local attacker with a special user privilege may cause a system crash problem which can lead to an availability threat.	2022-03-04	4.9	CVE-2021-3428 MISC MISC MISC
marktext — marktext	Mark Text v0.16.3 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability which allows attackers to perform remote code execution (RCE) via injecting a crafted payload into /lib/contentState/pasteCtrl.js.	2022-03-05	6.8	CVE-2022-25069 MISC MISC
mendix — forgot_password	A vulnerability has been identified in Mendix Forgot Password Appstore module (All versions >= V3.3.0 < V3.5.1). In certain configurations of the affected product, a threat actor could use the sign up flow to hijack arbitrary user accounts.	2022-03-08	6.8	CVE-2022-26313 CONFIRM
mendix — mendix	A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.29). When returning the result of a completed Microflow execution call the affected framework does not correctly verify, if the request was initially made by the user requesting the result. Together with predictable identifiers for Microflow execution calls, this could allow a malicious attacker to retrieve information about arbitrary Microflow execution calls made by users within the affected system.	2022-03-08	4	CVE-2022-26317 CONFIRM
mendix — mendix	A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.29), Mendix Applications using Mendix 8 (All versions < V8.18.16), Mendix Applications using Mendix 9 (All versions). If an entity has an association readable by the user, then in some cases, Mendix Runtime may not apply checks for XPath constraints that parse said associations, within apps running on affected versions. A malicious user could use this to dump and manipulate sensitive data.	2022-03-08	5.5	CVE-2022-24309 CONFIRM
metagauss — registrationmagic	The RegistrationMagic WordPress plugin before 5.0.2.2 does not sanitise and escape the rm_form_id parameter before using it in a SQL statement in the Automation admin dashboard, allowing high privilege users to perform SQL injection attacks	2022-03-07	6.5	CVE-2022-0420 MISC CONFIRM
metaphorcreations — ditty	The Ditty (formerly Ditty News Ticker) WordPress plugin before 3.0.15 is affected by a Reflected Cross-Site Scripting (XSS) vulnerability.	2022-03-07	4.3	CVE-2022-0533 CONFIRM MISC
mi — ax6000_firmware	Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by incorrect routing configuration. Attackers can exploit this vulnerability to download part of the files in Xiaomi Router AX6000.	2022-03-10	5	CVE-2020-14112 MISC
microweber — microweber	Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository microweber/microweber prior to 1.3.	2022-03-09	6.8	CVE-2022-0896 CONFIRM MISC
mini-inventory-and-sales-management-system_project — mini-inventory-and-sales-management-system	Mini-Inventory-and-Sales-Management-System is affected by Cross Site Request Forgery (CSRF), where an attacker can update/delete items in the inventory. The attacker must be logged into the application create a malicious file for updating the inventory details and items.	2022-03-04	4.3	CVE-2021-44321 MISC MISC
mybb — mybb	MyBB is a free and open source forum software. In affected versions the Admin CP’s Settings management module does not validate setting types correctly on insertion and update, making it possible to add settings of supported type `php` with PHP code, executed on on _Change Settings_ pages. This results in a Remote Code Execution (RCE) vulnerability. The vulnerable module requires Admin CP access with the `Can manage settings?` permission. MyBB’s Settings module, which allows administrators to add, edit, and delete non-default settings, stores setting data in an options code string ($options_code; mybb_settings.optionscode database column) that identifies the setting type and its options, separated by a new line character (\n). In MyBB 1.2.0, support for setting type php was added, for which the remaining part of the options code is PHP code executed on Change Settings pages (reserved for plugins and internal use). MyBB 1.8.30 resolves this issue. There are no known workarounds.	2022-03-09	6.5	CVE-2022-24734 MISC MISC CONFIRM MISC
netapp — storagegrid	StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could allow disabled, expired, or locked external user accounts to access S3 data to which they previously had access. StorageGRID 11.6.0 obtains the user account status from Active Directory or Azure and will block S3 access for disabled user accounts during the subsequent background synchronization. User accounts that are expired or locked for Active Directory or Azure, or user accounts that are disabled, expired, or locked in identity sources other than Active Directory or Azure must be manually removed from group memberships or have their S3 keys manually removed from Tenant Manager in all versions of StorageGRID (formerly StorageGRID Webscale).	2022-03-04	4	CVE-2022-23232 MISC
netapp — storagegrid	StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS) of the Local Distribution Router (LDR) service.	2022-03-04	5	CVE-2022-23233 MISC
netgear — wac120_ac_firmware	Unauthenticated cross-site scripting (XSS) in Netgear WAC120 AC Access Point may lead to mulitple attacks like session hijacking even clipboard hijacking.	2022-03-04	4.3	CVE-2021-46382 MISC MISC
obtaininfotech — multisite_content_copier\/updater	The WordPress Multisite Content Copier/Updater WordPress plugin before 2.1.0 does not sanitise and escape the wmcc_content_type, wmcc_source_blog and wmcc_record_per_page parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues	2022-03-07	4.3	CVE-2021-25039 MISC
obtaininfotech — multisite_user_sync\/unsync	The WordPress Multisite User Sync/Unsync WordPress plugin before 2.1.2 does not sanitise and escape the wmus_source_blog and wmus_record_per_page parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues	2022-03-07	4.3	CVE-2021-25038 MISC
openexr — openexr	A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, leading to an out-of-bounds write on the heap. The greatest impact of this flaw is to application availability, with some potential impact to data integrity as well.	2022-03-04	5.8	CVE-2021-20303 MISC MISC MISC
paloaltonetworks — pan-os	Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal (non-FIPS-CC) operational mode. An attacker must have access to the account password hashes to take advantage of this weakness and can acquire those hashes if they are able to gain access to the PAN-OS software configuration. Fixed versions of PAN-OS software use a secure cryptographic algorithm for account password hashes. This issue does not impact Prisma Access firewalls. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.21; All versions of PAN-OS 9.0; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11; PAN-OS 10.0 versions earlier than PAN-OS 10.0.7.	2022-03-09	4.6	CVE-2022-0022 CONFIRM
phpmyadmin — phpmyadmin	PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pma_parameter, and the cookie section.	2022-03-10	5	CVE-2022-0813 CONFIRM CONFIRM
plugins-market — wp_visitor_statistics	The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.6 does not sanitise and escape the id parameter before using it in a SQL statement via the refUrlDetails AJAX action, available to any authenticated user, leading to a SQL injection	2022-03-07	6.5	CVE-2022-0410 MISC
radare — radare2	Use After Free in r_reg_get_name_idx in GitHub repository radareorg/radare2 prior to 5.6.6.	2022-03-05	4.3	CVE-2022-0849 MISC CONFIRM
readdle — spark	Apache Spark supports end-to-end encryption of RPC connections via “spark.authenticate” and “spark.network.crypto.enabled”. In versions 3.1.2 and earlier, it uses a bespoke mutual authentication protocol that allows for full encryption key recovery. After an initial interactive attack, this would allow someone to decrypt plaintext traffic offline. Note that this does not affect security mechanisms controlled by “spark.authenticate.enableSaslEncryption”, “spark.io.encryption.enabled”, “spark.ssl”, “spark.ui.strictTransportSecurity”. Update to Apache Spark 3.1.3 or later	2022-03-10	5	CVE-2021-38296 CONFIRM
readymedia_project — readymedia	A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files.	2022-03-06	4.3	CVE-2022-26505 MISC MISC MLIST
redhat — coreos-installer	An improper signature verification vulnerability was found in coreos-installer. A specially crafted gzip installation image can bypass the image signature verification and as a consequence can lead to the installation of unsigned content. An attacker able to modify the original installation image can write arbitrary data, and achieve full access to the node being installed.	2022-03-04	6.8	CVE-2021-20319 MISC MISC MISC
rednao — smart_forms	The Smart Forms WordPress plugin before 2.6.71 does not have authorisation in its rednao_smart_forms_entries_list AJAX action, allowing any authenticated users, such as subscriber, to download arbitrary form’s data, which could include sensitive information such as PII depending on the form.	2022-03-07	4	CVE-2022-0163 MISC
salesagility — suitecrm	Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.12.5.	2022-03-07	4	CVE-2022-0755 MISC CONFIRM
salesagility — suitecrm	SQL Injection in GitHub repository salesagility/suitecrm prior to 7.12.5.	2022-03-07	4	CVE-2022-0754 CONFIRM MISC
salesagility — suitecrm	Improper Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5.	2022-03-07	4	CVE-2022-0756 MISC CONFIRM
schneider-electric — ecostruxure_control_expert	A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software, when an attacker is able to intercept and manipulate specific Modbus response data. Affected Product: EcoStruxure Process Expert (V2021 and prior), EcoStruxure Control Expert (V15.0 SP1 and prior)	2022-03-09	4.3	CVE-2022-24323 CONFIRM
schneider-electric — ecostruxure_control_expert	A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software when an attacker is able to intercept and manipulate specific Modbus response data. Affected Product: EcoStruxure Control Expert (V15.0 SP1 and prior)	2022-03-09	4.3	CVE-2022-24322 CONFIRM
schneider-electric — ritto_wiser_door	A CWE-200: Information Exposure vulnerability exists which could allow a session hijack when the door panel is communicating with the door. Affected Product: Ritto Wiser Door (All versions)	2022-03-09	4.8	CVE-2021-22783 CONFIRM
servmask — one-stop_wp_migration	The All-in-One WP Migration WordPress plugin before 7.41 does not validate uploaded files’ extension, which allows administrators to upload PHP files on their site, even on multisite installations.	2022-03-07	6.5	CVE-2021-24216 MISC CONFIRM
siemens — climatix_pol909_firmware	A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44), Climatix POL909 (AWM module) (All versions < V11.36). The Group Management page of affected devices is vulnerable to cross-site scripting (XSS). The vulnerability allows an attacker to send malicious JavaScript code which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser action.	2022-03-08	4.3	CVE-2021-41541 CONFIRM
siemens — climatix_pol909_firmware	A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44), Climatix POL909 (AWM module) (All versions < V11.36). The User Management page of affected devices is vulnerable to cross-site scripting (XSS). The vulnerability allows an attacker to send malicious JavaScript code which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser action.	2022-03-08	4.3	CVE-2021-41542 CONFIRM
siemens — climatix_pol909_firmware	A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44), Climatix POL909 (AWM module) (All versions < V11.36). The handling of log files in the web application of affected devices contains an information disclosure vulnerability which could allow logged in users to access sensitive files.	2022-03-08	4	CVE-2021-41543 CONFIRM
siemens — polarion_subversion_webclient	A vulnerability has been identified in Polarion Subversion Webclient (V21 R1). A cross-site scripting is present due to improper neutralization of data sent to the web page through the SVN WebClient in the affected product. An attacker could exploit this to execute arbitrary code and extract sensitive information by sending a specially crafted link to users with administrator privileges.	2022-03-08	4.3	CVE-2021-44478 CONFIRM
siemens — ruggedcom_ros	A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions), RUGGEDCOM ROS RSG2300 (All versions), RUGGEDCOM ROS RSG2300P (All versions), RUGGEDCOM ROS RSG2488 (All versions), RUGGEDCOM ROS RSG907R (All versions), RUGGEDCOM ROS RSG908C (All versions), RUGGEDCOM ROS RSG909R (All versions), RUGGEDCOM ROS RSG910C (All versions), RUGGEDCOM ROS RSG920P (All versions), RUGGEDCOM ROS RSL910 (All versions), RUGGEDCOM ROS RST2228 (All versions), RUGGEDCOM ROS RST2228P (All versions), RUGGEDCOM ROS RST916C (All versions), RUGGEDCOM ROS RST916P (All versions), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). Unencrypted storage of passwords in the client configuration files and during network transmission could allow an attacker in a privileged position to obtain access passwords.	2022-03-08	4	CVE-2021-37209 CONFIRM
siemens — ruggedcom_ros	A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < V5.6.0), RUGGEDCOM ROS RST2228 (All versions < V5.6.0), RUGGEDCOM ROS RST2228P (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < V5.6.0), RUGGEDCOM ROS RST916P (All versions < V5.6.0), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). A timing attack, in a third-party component, could make the retrieval of the private key possible, used for encryption of sensitive data. If a threat actor were to exploit this, the data integrity and security could be compromised.	2022-03-08	5	CVE-2021-42016 CONFIRM
siemens — ruggedcom_ros	A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < V5.6.0), RUGGEDCOM ROS RST2228 (All versions < V5.6.0), RUGGEDCOM ROS RST2228P (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < V5.6.0), RUGGEDCOM ROS RST916P (All versions < V5.6.0), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). A new variant of the POODLE attack has left a third-party component vulnerable due to the implementation flaws of the CBC encryption mode in TLS 1.0 to 1.2. If an attacker were to exploit this, they could act as a man-in-the-middle and eavesdrop on encrypted communications.	2022-03-08	4.3	CVE-2021-42017 CONFIRM
siemens — ruggedcom_ros	A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < V5.6.0), RUGGEDCOM ROS RST2228 (All versions < V5.6.0), RUGGEDCOM ROS RST2228P (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < V5.6.0), RUGGEDCOM ROS RST916P (All versions < V5.6.0), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). The third-party component, in its TFTP functionality fails to check for null terminations in file names. If an attacker were to exploit this, it could result in data corruption, and possibly a hard-fault of the application.	2022-03-08	5	CVE-2021-42020 CONFIRM
siemens — simcenter_star-ccm\+_viewer	A vulnerability has been identified in Simcenter STAR-CCM+ Viewer (All versions < V2022.1). The starview+.exe contains a memory corruption vulnerability while parsing specially crafted .SCE files. This could allow an attacker to execute code in the context of the current process.	2022-03-08	6.8	CVE-2022-24661 CONFIRM
siemens — sinec_network_management_syste	A vulnerability has been identified in SINEC NMS (All versions). A privileged authenticated attacker could execute arbitrary commands in the local database by sending specially crafted requests to the webserver of the affected application.	2022-03-08	6.5	CVE-2022-24281 CONFIRM
siemens — sinec_network_management_system	A vulnerability has been identified in SINEC NMS (All versions). The affected software do not properly check privileges between users during the same web browser session, creating an unintended sphere of control. This could allow an authenticated low privileged user to achieve privilege escalation.	2022-03-08	6.5	CVE-2022-25311 CONFIRM
siemens — sinec_network_management_system	A vulnerability has been identified in SINEC NMS (All versions). The affected system allows to upload JSON objects that are deserialized to Java objects. Due to insecure deserialization of user-supplied content by the affected software, a privileged attacker could exploit this vulnerability by sending a maliciously crafted serialized Java object. This could allow the attacker to execute arbitrary code on the device with root privileges.	2022-03-08	6.5	CVE-2022-24282 CONFIRM
spirit-project — spirit	Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3.	2022-03-06	5.8	CVE-2022-0869 CONFIRM MISC
stripe — stripe_cli	Stripe CLI is a command-line tool for the Stripe eCommerce platform. A vulnerability in Stripe CLI exists on Windows when certain commands are run in a directory where an attacker has planted files. The commands are `stripe login`, `stripe config -e`, `stripe community`, and `stripe open`. MacOS and Linux are unaffected. An attacker who successfully exploits the vulnerability can run arbitrary code in the context of the current user. The update addresses the vulnerability by throwing an error in these situations before the code can run.Users are advised to upgrade to version 1.7.13. There are no known workarounds for this issue.	2022-03-09	4.4	CVE-2022-24753 MISC CONFIRM
tatvic — conversios.io	The Conversios.io WordPress plugin before 4.6.2 does not sanitise, validate and escape the sync_progressive_data parameter for the tvcajax_product_sync_bantch_wise AJAX action before using it in a SQL statement, allowing any authenticated user to perform SQL injection attacks.	2022-03-07	6.5	CVE-2021-24952 MISC
tinywebgallery — advanced_iframe	The Advanced iFrame WordPress plugin before 2022 does not sanitise and escape the ai_config_id parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue	2022-03-07	4.3	CVE-2021-24953 MISC
uclouvain — openjpeg	A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.	2022-03-04	6.8	CVE-2021-3575 MISC MISC MISC
uri.js_project — uri.js	Open Redirect in GitHub repository medialize/uri.js prior to 1.19.10.	2022-03-06	5.8	CVE-2022-0868 CONFIRM MISC
veritas — infoscale_operations_manager	An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via Directory Traversal. By manipulating the resource name in GET requests referring to files with absolute paths, it is possible to access arbitrary files stored on the filesystem, including application source code, configuration files, and critical system files.	2022-03-04	6.8	CVE-2022-26484 MISC
video_conferencing_with_zoom_project — video_conferencing_with_zoom	The Video Conferencing with Zoom WordPress plugin before 3.8.17 does not have authorisation in its vczapi_get_wp_users AJAX action, allowing any authenticated users, such as subscriber to download the list of email addresses registered on the blog	2022-03-07	4	CVE-2022-0384 MISC CONFIRM
videousermanuals — white_label_cms	The White Label CMS WordPress plugin before 2.2.9 does not sanitise and validate the wlcms[_login_custom_js] parameter before outputting it back in the response while previewing, leading to a Reflected Cross-Site Scripting issue	2022-03-07	4.3	CVE-2022-0422 MISC CONFIRM
weblate — weblate	The package weblate from 0 and before 4.11.1 are vulnerable to Remote Code Execution (RCE) via argument injection when using git or mercurial repositories. Authenticated users, can change the behavior of the application in an unintended way, leading to command execution.	2022-03-04	6.5	CVE-2022-23915 CONFIRM CONFIRM CONFIRM CONFIRM
weblate — weblate	Weblate is a web based localization tool with tight version control integration. Prior to version 4.11.1, Weblate didn’t properly sanitize some arguments passed to Git and Mercurial, allowing them to change their behavior in an unintended way. Instances where untrusted users cannot create new components are not affected. The issues were fixed in the 4.11.1 release.	2022-03-04	6.5	CVE-2022-24727 MISC CONFIRM MISC
wpaffiliatefeed — tradetracker-store	The test parameter of the xmlfeed in the Tradetracker-Store WordPress plugin before 4.6.60 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.	2022-03-07	6.5	CVE-2021-24778 MISC
wpbrigade — loginpress	The LoginPress \| Custom Login Page Customizer WordPress plugin before 1.5.12 does not escape the redirect-page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting	2022-03-07	4.3	CVE-2022-0347 MISC
wpdownloadmanager — wordpress_download_manager	The Download Manager WordPress plugin before 3.2.35 does not have any authorisation checks in some of the REST API endpoints, allowing unauthenticated attackers to call them, which could lead to sensitive information disclosure, such as posts passwords (fixed in 3.2.24) and files Master Keys (fixed in 3.2.25).	2022-03-07	5	CVE-2021-25087 MISC

Low Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
adtribes — product_feed_pro_for_woocommerce	The Product Feed PRO for WooCommerce WordPress plugin before 11.2.3 does not escape the rowCount parameter before outputting it back in an attribute via the woosea_categories_dropdown AJAX action (available to any authenticated user), leading to a Reflected Cross-Site Scripting	2022-03-07	3.5	CVE-2022-0426 MISC CONFIRM
apasionados — customize_login_image	A cross-site scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user’s browser and can use an application as the vehicle for the attack. The XSS payload given in the “Custom logo link” executes whenever the user opens the Settings Page of the “Customize Login Image” Plugin.	2022-03-10	3.5	CVE-2021-33851 MISC
bitdefender — antivirus_plus	A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Endpoint Security Tools versions prior to 7.2.2.92. Bitdefender VPN Standalone versions prior to 25.5.0.48.	2022-03-07	3.6	CVE-2021-4198 CONFIRM MISC
bookstackapp — bookstack	Cross-site Scripting (XSS) – Stored in GitHub repository bookstackapp/bookstack prior to v22.02.3.	2022-03-08	3.5	CVE-2022-0877 MISC CONFIRM
codepeople — wp_time_slots_booking_form	The WP Time Slots Booking Form WordPress plugin before 1.1.63 does not sanitise and escape Calendar names, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.	2022-03-07	3.5	CVE-2022-0389 MISC
custom_content_shortcode_project — custom_content_shortcode	The Custom Content Shortcode WordPress plugin before 4.0.2 does not escape custom fields before outputting them, which could allow Contributor+ (v < 4.0.1) or Admin+ (v < 4.0.2) users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed. Please note that such attack is still possible by admin+ in single site blogs by default (but won’t be when the unfiltered_html is disallowed)	2022-03-07	3.5	CVE-2021-24826 MISC
dell — enterprise_storage_analytics	Dell EMC Enterprise Storage Analytics for vRealize Operations, versions 4.0.1 to 6.2.1, contain a Plain-text password storage vulnerability. A local high privileged malicious user may potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.	2022-03-04	3.6	CVE-2021-43590 MISC
dwbooster — cp_blocks	The CP Blocks WordPress plugin before 1.0.15 does not sanitise and escape its “License ID” settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed.	2022-03-07	3.5	CVE-2022-0448 MISC
e2pdf — e2pdf	The E2Pdf WordPress plugin before 1.16.45 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed	2022-03-07	3.5	CVE-2022-0535 MISC CONFIRM
iptanus — wordpress_file_upload	The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 allows users with a role as low as Contributor to configure the upload form in a way that allows uploading of SVG files, which could be then be used for Cross-Site Scripting attacks	2022-03-07	3.5	CVE-2021-24960 MISC CONFIRM
iptanus — wordpress_file_upload	The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 does not escape some of its shortcode argument, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks	2022-03-07	3.5	CVE-2021-24961 MISC CONFIRM
linux — linux_kernel	A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.	2022-03-04	2.1	CVE-2021-3744 MISC MISC MISC MISC MLIST DEBIAN
linux — linux_kernel	An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.	2022-03-04	3.6	CVE-2021-3743 MISC MISC MISC MISC MISC MISC
metaphorcreations — post_duplicator	A cross-site scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user’s browser and can use an application as the vehicle for the attack. The XSS payload given in the “Duplicate Title” text box executes whenever the user opens the Settings Page of the Post Duplicator Plugin or the application root page after duplicating any of the existing posts.	2022-03-10	3.5	CVE-2021-33852 MISC
nextcloud — talk	Nextcloud talk is a self hosting messaging service. In versions prior to 12.3.0 the Nextcloud Android Talk application did not properly detect the lockscreen state when a call was incoming. If an attacker got physical access to the locked phone, and the victim received a phone call the attacker could gain access to the chat messages and files of the user. It is recommended that the Nextcloud Android Talk App is upgraded to 12.3.0. There are no known workarounds.	2022-03-08	2.1	CVE-2021-41181 CONFIRM MISC
nicdark — cost_calculator	The Cost Calculator WordPress plugin before 1.6 allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the Description fields of a Cost Calculator > Price Settings (which gets injected on the edit page as well as any page that embeds the calculator using the shortcode), as well as the Text Preview field of a Project (injected on the edit project page)	2022-03-07	3.5	CVE-2021-24821 MISC
pimcore — pimcore	Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.3.3.	2022-03-04	3.5	CVE-2022-0831 CONFIRM MISC
pimcore — pimcore	Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.3.3.	2022-03-04	3.5	CVE-2022-0832 MISC CONFIRM
secomea — sitemanager_1129_firmware	Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store javascript for later execution. This issue affects: Secomea SiteManager Version 9.6.621421014 and all prior versions.	2022-03-10	3.5	CVE-2021-32005 MISC
siemens — ruggedcom_ros	A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < V5.6.0), RUGGEDCOM ROS RST2228 (All versions < V5.6.0), RUGGEDCOM ROS RST2228P (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < V5.6.0), RUGGEDCOM ROS RST916P (All versions < V5.6.0), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). Improper neutralization of special characters on the web server configuration page could allow an attacker, in a privileged position, to retrieve sensitive information via cross-site scripting.	2022-03-08	3.5	CVE-2021-37208 CONFIRM
sophos — ssl_vpn_client	A local attacker can overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss, in all versions of Sophos SSL VPN client.	2022-03-08	3.6	CVE-2021-36809 CONFIRM
st — j-safe3_firmware	STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to obtain information on cryptographic secrets. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed configuration and J-SIGN (when signature verification is activated) but not for J-SAFE3 EPASS BAC and EAC products. It might also impact other products based on the J-SAFE-3 Java Card platform.	2022-03-04	1.9	CVE-2021-43392 MISC MISC
st — stsafe-j_firmware	STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed configuration and J-SIGN (when signature verification is activated) but not for J-SAFE3 EPASS BAC and EAC products. It might also impact other products based on the J-SAFE-3 Java Card platform.	2022-03-04	1.9	CVE-2021-43393 MISC MISC
veritas — infoscale_operations_manager	An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting (XSS) vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP GET parameter (which reflect the user input without sanitization).	2022-03-04	3.5	CVE-2022-26483 MISC
wp-eventmanager — wp_event_manager	The WP Event Manager WordPress plugin before 3.1.23 does not escape some of its Field Editor settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed	2022-03-07	3.5	CVE-2021-24810 MISC
yop-poll — yop-poll	The YOP Poll WordPress plugin before 6.3.5 does not sanitise and escape some of the settings (available to users with a role as low as author) before outputting them, leading to a Stored Cross-Site Scripting issue	2022-03-07	3.5	CVE-2022-0205 MISC

Severity Not Yet Assigned

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
/dsadatatest — /dsadatatest	It was discovered that the /DsaDataTest endpoint is susceptible to Cross-site scripting (XSS) attack. It was noted that the Metric parameter does not have any input checks on the user input that allows an attacker to craft its own malicious payload to trigger a XSS vulnerability.	2022-03-10	not yet calculated	CVE-2021-42856 CONFIRM
microsoft — vp9_video_extensions	VP9 Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24501.	2022-03-09	not yet calculated	CVE-2022-24451 N/A
apc_smart-ups_family — apc_smart-ups_family	A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected Product: APC Smart-UPS Family: SMT Series (SMT Series ID=18: UPS 09.8 and prior / SMT Series ID=1040: UPS 01.2 and prior / SMT Series ID=1031: UPS 03.1 and prior), SMC Series (SMC Series ID=1005: UPS 14.1 and prior / SMC Series ID=1007: UPS 11.0 and prior / SMC Series ID=1041: UPS 01.1 and prior), SCL Series (SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior), SMX Series (SMX Series ID=20: UPS 10.2 and prior / SMX Series ID=23: UPS 07.0 and prior), SRT Series (SRT Series ID=1010/1019/1025: UPS 08.3 and prior / SRT Series ID=1024: UPS 01.0 and prior / SRT Series ID=1020: UPS 10.4 and prior / SRT Series ID=1021: UPS 12.2 and prior / SRT Series ID=1001/1013: UPS 05.1 and prior / SRT Series ID=1002/1014: UPSa05.2 and prior), APC SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)	2022-03-09	not yet calculated	CVE-2022-0715 CONFIRM
linux — linux_kernel_bpf	A NULL pointer dereference flaw was found in the Linux kernel’s BPF subsystem in the way a user triggers the map_get_next_key function of the BPF bloom filter. This flaw allows a local user to crash the system. This flaw affects Linux kernel versions prior to 5.17-rc1.	2022-03-10	not yet calculated	CVE-2022-0433 MISC MISC MISC
easyappointments — easyappointments	Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidis/easyappointments prior to 1.4.3.	2022-03-09	not yet calculated	CVE-2022-0482 CONFIRM MISC
pandora_fms — pandora_api	Found a potential security vulnerability inside the Pandora API. Affected Pandora FMS version range: all versions of NG version, up to OUM 759. This vulnerability could allow an attacker with authenticated IP to inject SQL.	2022-03-10	not yet calculated	CVE-2022-0507 CONFIRM CONFIRM
linux — linux_kernel	A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4.	2022-03-10	not yet calculated	CVE-2022-0516 MISC DEBIAN MISC
apple — swift-nio-http2	A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This vulnerability is caused by a logical error when parsing a HTTP/2 HEADERS or HTTP/2 PUSH_PROMISE frame where the frame contains padding information without any other data. This logical error caused confusion about the size of the frame, leading to a parsing error. This parsing error immediately crashes the entire process. Sending a HEADERS frame or PUSH_PROMISE frame with HTTP/2 padding information does not require any special permission, so any HTTP/2 connection peer may send such a frame. For clients, this means any server to which they connect may launch this attack. For servers, anyone they allow to connect to them may launch such an attack. The attack is low-effort: it takes very little resources to send an appropriately crafted frame. The impact on availability is high: receiving the frame immediately crashes the server, dropping all in-flight connections and causing the service to need to restart. It is straightforward for an attacker to repeatedly send appropriately crafted frames, so attackers require very few resources to achieve a substantial denial of service. The attack does not have any confidentiality or integrity risks in and of itself: swift-nio-http2 is parsing the frame in memory-safe code, so the crash is safe. However, sudden process crashes can lead to violations of invariants in services, so it is possible that this attack can be used to trigger an error condition that has confidentiality or integrity risks. The risk can be mitigated if untrusted peers can be prevented from communicating with the service. This mitigation is not available to many services. The issue is fixed by rewriting the parsing code to correctly handle the condition. The issue was found by automated fuzzing by oss-fuzz.	2022-03-10	not yet calculated	CVE-2022-0618 MISC
calibre_web — calibre_web	Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17.	2022-03-07	not yet calculated	CVE-2022-0767 MISC CONFIRM
keepass — keepass	A flaw was found in KeePass. The vulnerability occurs due to logging the plain text passwords in the system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs.	2022-03-10	not yet calculated	CVE-2022-0725 MISC
bluez — bluez	A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.	2022-03-10	not yet calculated	CVE-2022-0204 MISC MISC
mcafee — mcafee_webadvisor_chrome	Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up to 8.1.0.1895 allows a remote attacker to gain access to McAfee WebAdvisor settings and other details about the user’s system. This could lead to unexpected behaviors including; settings being changed, fingerprinting of the system leading to targeted scams, and not triggering the malicious software if McAfee software is detected.	2022-03-10	not yet calculated	CVE-2022-0815 MISC
shopware — shopware	Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In affected versions user sessions are not logged out if the password is reset via password recovery. This issue has been resolved in version 6.4.8.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin.	2022-03-09	not yet calculated	CVE-2022-24744 CONFIRM
nextcloud — nextcloud	Nextcloud server is an open source, self hosted cloud style services platform. In affected versions an attacker can cause a denial of service by uploading specially crafted files which will cause the server to allocate too much memory / CPU. It is recommended that the Nextcloud Server is upgraded to 21.0.8 , 22.2.4 or 23.0.1. Users unable to upgrade should disable preview generation with the `’enable_previews’` config flag.	2022-03-09	not yet calculated	CVE-2022-24741 MISC CONFIRM MISC
alltube — alltube	alltube is an html front end for youtube-dl. On releases prior to 3.0.3, an attacker could craft a special HTML page to trigger either an open redirect attack or a Server-Side Request Forgery attack (depending on how AllTube is configured). The impact is mitigated by the fact the SSRF attack is only possible when the `stream` option is enabled in the configuration. (This option is disabled by default.) 3.0.3 contains a fix for this vulnerability.	2022-03-08	not yet calculated	CVE-2022-24739 MISC CONFIRM MISC MISC
microsoft — microsoft	Point-to-Point Tunneling Protocol Denial of Service Vulnerability.	2022-03-09	not yet calculated	CVE-2022-23253 N/A
mcafee — mcafee_total_protection	A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary file delete. This could lead to sensitive files being deleted and potentially cause denial of service. This attack exploits the way symlinks are created and how the product works with them.	2022-03-10	not yet calculated	CVE-2022-0280 MISC
intel — intel	Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.	2022-03-11	not yet calculated	CVE-2022-0001 MISC
intel — intel	Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.	2022-03-11	not yet calculated	CVE-2022-0002 MISC
microsoft — microsoft	Remote Desktop Protocol Client Information Disclosure Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24503 N/A
frontend — frontend	An authenticated user can create a link with reflected Javascript code inside it for graphs’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.	2022-03-09	not yet calculated	CVE-2022-24919 CONFIRM
frontend — frontend	An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.	2022-03-09	not yet calculated	CVE-2022-24917 CONFIRM
frontend — frontend	The absence of filters when loading some sections in the web application of the vulnerable device allows attackers to inject malicious code that will be interpreted when a legitimate user accesses the web section where the information is displayed. Injection can be done on specific parameters. The injected code is executed when a legitimate user attempts to upload, copy, download, or delete an existing configuration (Administrative Services).	2022-03-10	not yet calculated	CVE-2022-24915 MISC
parse_community — parse_server	Parse Server is an open source http web server backend. In versions prior to 4.10.7 there is a Remote Code Execution (RCE) vulnerability in Parse Server. This vulnerability affects Parse Server in the default configuration with MongoDB. The main weakness that leads to RCE is the Prototype Pollution vulnerable code in the file `DatabaseController.js`, so it is likely to affect Postgres and any other database backend as well. This vulnerability has been confirmed on Linux (Ubuntu) and Windows. Users are advised to upgrade as soon as possible. The only known workaround is to manually patch your installation with code referenced at the source GHSA-p6h4-93qp-jhcm.	2022-03-12	not yet calculated	CVE-2022-24760 CONFIRM MISC
pjsip — pjsip_project	PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials (credentials with data_type `PJSIP_CRED_DATA_DIGEST`). This issue has been patched in the master branch of the PJSIP repository and will be included with the next release. Users unable to upgrade need to check that the hashed digest data length must be equal to `PJSIP_MD5STRLEN` before passing to PJSIP.	2022-03-11	not yet calculated	CVE-2022-24754 MISC CONFIRM
ultravnc — ultravnc	UltraVNC is a free and open source remote pc access software. A vulnerability has been found in versions prior to 1.3.8.0 in which the DSM plugin module, which allows a local authenticated user to achieve local privilege escalation (LPE) on a vulnerable system. The vulnerability has been fixed to allow loading of plugins from the installed directory. Affected users should upgrade their UltraVNC to 1.3.8.0. Users unable to upgrade should not install and run UltraVNC server as a service. It is advisable to create a scheduled task on a low privilege account to launch WinVNC.exe instead. There are no known workarounds if wincnc needs to be started as a service.	2022-03-10	not yet calculated	CVE-2022-24750 CONFIRM MISC MISC
microsft — remote_desktop_client	Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21990.	2022-03-09	not yet calculated	CVE-2022-23285 N/A
evmos — evmos	Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. In versions of evmos prior to 2.0.1 attackers are able to drain unclaimed funds from user addresses. To do this an attacker must create a new chain which does not enforce signature verification and connects it to the target evmos instance. The attacker can use this joined chain to transfer unclaimed funds. Users are advised to upgrade. There are no known workarounds for this issue.	2022-03-07	not yet calculated	CVE-2022-24738 CONFIRM MISC MISC
shopware — core	Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In versions prior to 6.4.8.2 it is possible to modify customers and to create orders without App Permission. This issue is a result of improper api route checking. Users are advised to upgrade to version 6.4.8.2. There are no known workarounds.	2022-03-09	not yet calculated	CVE-2022-24748 CONFIRM MISC
shopware — core	Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. Affected versions of shopware do no properly set sensitive HTTP headers to be non-cacheable. If there is an HTTP cache between the server and client then headers may be exposed via HTTP caches. This issue has been resolved in version 6.4.8.2. There are no known workarounds.	2022-03-09	not yet calculated	CVE-2022-24747 MISC MISC CONFIRM
shopware — core	Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In affected versions it is possible to inject code via the voucher code form. This issue has been patched in version 6.4.8.1. There are no known workarounds for this issue.	2022-03-09	not yet calculated	CVE-2022-24746 MISC CONFIRM MISC
shopware — core	Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In affected versions guest sessions are shared between customers when HTTP cache is enabled. This can lead to inconsistent experiences for guest users. Setups with Varnish are not affected by this issue. This issue has been resolved in version 6.4.8.2. Users unable to upgrade should disable the HTTP Cache.	2022-03-09	not yet calculated	CVE-2022-24745 CONFIRM
antaris — razorengine	UNSUPPORTED WHEN ASSIGNED In the IsolatedRazorEngine component of Antaris RazorEngine through 4.5.1-alpha001, an attacker can execute arbitrary .NET code in a sandboxed environment (if users can externally control template contents). NOTE: This vulnerability only affects products that are no longer supported by the maintainer.	2022-03-06	not yet calculated	CVE-2021-46703 MISC
npmjs — npmjs	The swagger-ui-dist package before 4.1.3 for Node.js could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim’s click actions and possibly launch further attacks against the victim.	2022-03-11	not yet calculated	CVE-2021-46708 MISC MISC
libcaca — libcaca	libcaca is affected by a Divide By Zero issue via img2txt, which allows a remote malicious user to cause a Denial of Service	2022-03-10	not yet calculated	CVE-2022-0856 MISC
httpie — httpie	HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. Before 3.1.0, HTTPie didnâ€˜t distinguish between cookies and hosts they belonged. This behavior resulted in the exposure of some cookies when there are redirects originating from the actual host to a third party website. Users are advised to upgrade. There are no known workarounds.	2022-03-07	not yet calculated	CVE-2022-24737 MISC MISC CONFIRM
samsung_mobile_security — applock	Unprotected Activity in AppLock prior to SMR Mar-2022 Release 1 allows attacker to change the list of locked app without authentication.	2022-03-10	not yet calculated	CVE-2022-24929 MISC
mediatek — btif	In btif, there is a possible memory corruption due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06271186; Issue ID: ALPS06271186.	2022-03-10	not yet calculated	CVE-2022-20057 MISC
mediatek — connsyslogger	In connsyslogger, there is a possible symbolic link following due to improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06335038; Issue ID: ALPS06335038.	2022-03-10	not yet calculated	CVE-2022-20050 MISC
mediatek — ims_service	In ims service, there is a possible unexpected application behavior due to incorrect privilege assignment. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219127; Issue ID: ALPS06219127.	2022-03-10	not yet calculated	CVE-2022-20051 MISC
mediatek — ims_service	In ims service, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219097; Issue ID: ALPS06219097.	2022-03-10	not yet calculated	CVE-2022-20053 MISC
mediatek — ims_service	In ims service, there is a possible AT command injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219083; Issue ID: ALPS06219083.	2022-03-10	not yet calculated	CVE-2022-20054 MISC
mediatek — preloader	In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160830.	2022-03-10	not yet calculated	CVE-2022-20055 MISC
mediatek — preloader	In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160820.	2022-03-10	not yet calculated	CVE-2022-20056 MISC
mediatek — preloader	In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160485.	2022-03-10	not yet calculated	CVE-2022-20058 MISC
mediatek — video_decoder	In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917502; Issue ID: ALPS05917502.	2022-03-10	not yet calculated	CVE-2022-20048 MISC
mediatek — preloader	In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160781.	2022-03-10	not yet calculated	CVE-2022-20059 MISC
mediatek — preloader	In preloader (usb), there is a possible permission bypass due to a missing proper image authentication. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06137462.	2022-03-10	not yet calculated	CVE-2022-20060 MISC
madiant — hevc_video_extensions	HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456.	2022-03-09	not yet calculated	CVE-2022-22007 N/A MISC
ipdio — web_interface	Persistent cross-site scripting in the web interface of ipDIO allows an unauthenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into a specific parameter. The XSS payload will be executed when a legitimate user attempts to review history.	2022-03-10	not yet calculated	CVE-2022-21146 MISC
marktext — marktext	A stored cross-site scripting vulnerability in marktext versions prior to v0.17.0 due to improper handling of the link (with javascript: scheme) inside the document may allow an attacker to execute an arbitrary script on the PC of the user using marktext.	2022-03-10	not yet calculated	CVE-2022-21158 MISC MISC
madiant — hevc_video_extensions	HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456.	2022-03-09	not yet calculated	CVE-2022-22006 N/A MISC
mediatek — vpu	In vpu, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05954679; Issue ID: ALPS05954679.	2022-03-10	not yet calculated	CVE-2022-20049 MISC
mediatek — video_decoder	In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917489; Issue ID: ALPS05917489.	2022-03-10	not yet calculated	CVE-2022-20047 MISC
linux — linux_pv	Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn’t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042	2022-03-10	not yet calculated	CVE-2022-23042 MISC
ipcomm — ipdio	The absence of filters when loading some sections in the web application of the vulnerable device allows attackers to inject malicious code that will be interpreted when a legitimate user accesses the specific web section where the information is displayed. Injection can be done on specific parameters. The injected code is executed when a legitimate user attempts to review history.	2022-03-10	not yet calculated	CVE-2022-22985 MISC
linux — linux_pv	Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn’t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042	2022-03-10	not yet calculated	CVE-2022-23041 MISC
linux — linux_pv	Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn’t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042	2022-03-10	not yet calculated	CVE-2022-23040 MISC
linux — linux_pv	Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn’t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042	2022-03-10	not yet calculated	CVE-2022-23039 MISC
linux — linux_pv	Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn’t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042	2022-03-10	not yet calculated	CVE-2022-23038 MISC
linux — linux_pv	Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn’t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042	2022-03-10	not yet calculated	CVE-2022-23037 MISC
linux — linux_pv	Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn’t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042	2022-03-10	not yet calculated	CVE-2022-23036 MISC
microsoft — hevc_video_extensions	HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-23301, CVE-2022-24453, CVE-2022-24456.	2022-03-09	not yet calculated	CVE-2022-24452 N/A
microsoft — media_foundation_information_disclosure	Media Foundation Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21977.	2022-03-09	not yet calculated	CVE-2022-22010 N/A
schneider-electric — smartconnect_family	A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)	2022-03-09	not yet calculated	CVE-2022-22806 CONFIRM
schneider-electric — smartconnect_family	A CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)	2022-03-09	not yet calculated	CVE-2022-22805 CONFIRM
signiant-manager_agents — signiant-manager_agents	Signiant – Manager+Agents XML External Entity (XXE) – Extract internal files of the affected machine An attacker can read all the system files, the product is running with root on Linux systems and nt/authority on windows systems, which allows him to access and extract any file on the systems, such as passwd, shadow, hosts and so on. By gaining access to these files, attackers can steal sensitive information from the victims machine.	2022-03-10	not yet calculated	CVE-2022-22795 MISC
zz.inc — keymouse_windows	ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability during an unauthenticated update. To exploit this vulnerability, a user must trigger an update of an affected installation of KeyMouse.	2022-03-10	not yet calculated	CVE-2022-24644 MISC MISC
heindal — heimdal_premium_security	Heimdal.Wizard.exe installer in Heimdal Premium Security 2.5.395 and earlier has insecure permissions, which allows unprivileged local users to elevate privileges to SYSTEM via the “Browse For Folder” window accessible by triggering a “Repair” on the MSI package located in C:\Windows\Installer.	2022-03-10	not yet calculated	CVE-2022-24618 MISC MISC
wago — wago	Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks. An authorized attacker with user privileges may use this to gain access to confidential information on a PC that connects to the WBM after it has been compromised.	2022-03-09	not yet calculated	CVE-2022-22511 CONFIRM
ibm — aix	IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged trusted host user to exploit a vulnerability in the nimsh daemon to cause a denial of service in the nimsh daemon on another trusted host. IBM X-Force ID: 220396	2022-03-07	not yet calculated	CVE-2022-22351 XF CONFIRM
samsung_mobile_security — kernel	Security misconfiguration of RKP in kernel prior to SMR Mar-2022 Release 1 allows a system not to be protected by RKP.	2022-03-10	not yet calculated	CVE-2022-24928 MISC
zabbix — zabbix	An authenticated user can create a link with reflected Javascript code inside it for items’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.	2022-03-09	not yet calculated	CVE-2022-24918 CONFIRM
samsung_mobile_security — stretailmodereceiver	An Improper access control vulnerability in StRetailModeReceiver in Wear OS 3.0 prior to Firmware update MAR-2022 Release allows untrusted applications to reset default app settings without a proper permission	2022-03-10	not yet calculated	CVE-2022-24930 MISC
hp — bios	Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.	2022-03-11	not yet calculated	CVE-2022-23930 MISC
lg — lg	The public API error causes for the attacker to be able to bypass API access control.	2022-03-11	not yet calculated	CVE-2022-23730 MISC
lg — v8_javascript_engine	V8 javascript engine (heap vulnerability) can cause privilege escalation ,which can impact on some webOS TV models.	2022-03-11	not yet calculated	CVE-2022-23731 MISC
hp — bios	Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.	2022-03-11	not yet calculated	CVE-2022-23924 MISC
hp — bios	Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.	2022-03-11	not yet calculated	CVE-2022-23925 MISC
hp — bios	Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.	2022-03-11	not yet calculated	CVE-2022-23926 MISC
hp — bios	Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.	2022-03-11	not yet calculated	CVE-2022-23927 MISC
hp — bios	Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.	2022-03-11	not yet calculated	CVE-2022-23928 MISC
hp — bios	Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.	2022-03-11	not yet calculated	CVE-2022-23929 MISC
hp — bios	Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.	2022-03-11	not yet calculated	CVE-2022-23931 MISC
microsoft — raw_image_extension	Raw Image Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23295.	2022-03-09	not yet calculated	CVE-2022-23300 N/A
hp — bios	Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.	2022-03-11	not yet calculated	CVE-2022-23932 MISC
hp — bios	Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.	2022-03-11	not yet calculated	CVE-2022-23933 MISC
hp — bios	Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.	2022-03-11	not yet calculated	CVE-2022-23934 MISC
samsung_mobile_security — apkinstaller	Improper access control vulnerability in dynamic receiver in ApkInstaller prior to SMR MAR-2022 Release allows unauthorized attackers to execute arbitrary activity without a proper permission	2022-03-10	not yet calculated	CVE-2022-24931 MISC
zabbix — zabbix_frontend	An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim. This attack can be implemented with the help of social engineering and expiration of a number of factors – an attacker should have authorized access to the Zabbix Frontend and allowed network connection between a malicious server and victim’s computer, understand attacked infrastructure, be recognized by the victim as a trustee and use trusted communication channel.	2022-03-09	not yet calculated	CVE-2022-24349 CONFIRM
mandiant — heif_image_extensions	HEIF Image Extensions Remote Code Execution Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24457 N/A MISC
microsoft — hevc_video_extensions	HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453.	2022-03-09	not yet calculated	CVE-2022-24456 N/A MISC
microsoft — hevc_video_extensions	HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24456.	2022-03-09	not yet calculated	CVE-2022-24453 N/A MISC
microsoft — hevc_video_extensions	HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456.	2022-03-09	not yet calculated	CVE-2022-23301 N/A
microsft — remote_desktop_client	Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23285.	2022-03-09	not yet calculated	CVE-2022-21990 N/A
microsoft — raw_image_extension	Raw Image Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23300.	2022-03-09	not yet calculated	CVE-2022-23295 N/A
suletm — pdftron_sdk	A use after free vulnerability was discovered in PDFTron SDK version 9.2.0. A crafted PDF can overwrite RIP with data previously allocated on the heap. This issue affects: PDFTron PDFTron SDK 9.2.0 on OSX; 9.2.0 on Linux; 9.2.0 on Windows.	2022-03-10	not yet calculated	CVE-2022-24960 MISC MISC
tenda — tenda_ax3	Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter.	2022-03-10	not yet calculated	CVE-2022-24995 MISC
printix — printix_secure_cloud_print_management	Printix Secure Cloud Print Management through 1.3.1106.0 creates a temporary temp.ini file in a directory with insecure permissions, leading to privilege escalation because of a race condition.	2022-03-10	not yet calculated	CVE-2022-25090 MISC MISC MISC MISC
foxit — foxit_pdf_reader_and_editor	Foxit PDF Reader and Editor before 11.2.1 and PhantomPDF before 10.1.7 allow a NULL pointer dereference during PDF parsing because the pointer is used without proper validation.	2022-03-10	not yet calculated	CVE-2022-25108 MISC
tenable — phicomm_k2	Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. The same port exposes an unauthenticated Das U-Boot BIOS shell.	2022-03-10	not yet calculated	CVE-2022-25213 MISC
tenable — phicomm_k2	Improper access control on the LocalClientList.asp interface allows an unauthenticated remote attacker to obtain sensitive information concerning devices on the local area network, including IP and MAC addresses. Improper access control on the wirelesssetup.asp interface allows an unauthenticated remote attacker to obtain the WPA passphrases for the 2.4GHz and 5.0GHz wireless networks. This is particularly dangerous given that the K2G setup wizard presents the user with the option of using the same password for the 2.4Ghz network and the administrative interface, by clicking a checkbox. When Remote Managment is enabled, these endpoints are exposed to the WAN.	2022-03-10	not yet calculated	CVE-2022-25214 MISC
tenable — dvdfab_12	An absolute path traversal vulnerability allows a remote attacker to download any file on the Windows file system for which the user account running DVDFab 12 Player (recently renamed PlayerFab) has read-access, by means of an HTTP GET request to http://<IP_ADDRESS>:32080/download/<URL_ENCODED_PATH>.	2022-03-11	not yet calculated	CVE-2022-25216 MISC
tenable — localmacconfi.asp	Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) client MAC addresses to (or from) a list of banned hosts. Clients with those MAC addresses are then prevented from accessing either the WAN or the router itself.	2022-03-10	not yet calculated	CVE-2022-25215 MISC
tenable — telnetd_startup	Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on the local area network to obtain a root shell on the device over telnet. The builds of telnetd_startup included in the version 22.5.9.163 of the K2 firmware, and version 32.1.15.93 of the K3C firmware (possibly amongst many other releases) included both the private and public RSA keys. The remaining versions cited here redacted the private key, but left the public key unchanged. An attacker in possession of the leaked private key may, through a scripted exchange of UDP packets, instruct telnetd_startup to spawn an unauthenticated telnet shell as root, by means of which they can then obtain complete control of the device. A consequence of the limited availablility of firmware images for testing is that models and versions not listed here may share this vulnerability.	2022-03-10	not yet calculated	CVE-2022-25217 MISC
tenable — telnetd_startup	The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetd_startup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control over the “plaintext” to which an arbitrary blob of ciphertext will be decrypted by OpenSSL’s RSA_public_decrypt() function. This weakness allows the attacker to manipulate the various iterations of the telnetd startup state machine and eventually obtain a root shell on the device, by means of an exchange of crafted UDP packets. In all versions but K2 22.5.9.163 and K3C 32.1.15.93 a successful attack also requires the exploitation of a null-byte interaction error (CVE-2022-25219).	2022-03-10	not yet calculated	CVE-2022-25218 MISC
tenable — telnetd_startup	A null byte interaction error has been discovered in the code that the telnetd_startup daemon uses to construct a pair of ephemeral passwords that allow a user to spawn a telnet service on the router, and to ensure that the telnet service persists upon reboot. By means of a crafted exchange of UDP packets, an unauthenticated attacker on the local network can leverage this null byte interaction error in such a way as to make those ephemeral passwords predictable (with 1-in-94 odds). Since the attacker must manipulate data processed by the OpenSSL function RSA_public_decrypt(), successful exploitation of this vulnerability depends on the use of an unpadded RSA cipher (CVE-2022-25218).	2022-03-10	not yet calculated	CVE-2022-25219 MISC
microsoft — vp9_video_extensions	VP9 Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24451.	2022-03-09	not yet calculated	CVE-2022-24501 N/A
samsung_mobile_security — setup_wizard	Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard.	2022-03-10	not yet calculated	CVE-2022-24932 MISC
abantecart — abantecart	Abantecart through 1.3.2 allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Catalog>Media Manager>Images settings can be changed by an administrator (e.g., by configuring .php to be a valid image file type).	2022-03-10	not yet calculated	CVE-2022-26521 MISC
ace2 — coloros11	In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting in user information disclosure.	2022-03-11	not yet calculated	CVE-2021-23246 MISC
acer — care_center	Acer Care Center 4.00.30xx before 4.00.3042 contains a local privilege escalation vulnerability. The user process communicates with a service of system authority called ACCsvc through a named pipe. In this case, the Named Pipe is also given Read and Write rights to the general user. In addition, the service program does not verify the user when communicating. A thread may exist with a specific command. When the path of the program to be executed is sent, there is a local privilege escalation in which the service program executes the path with system privileges.	2022-03-10	not yet calculated	CVE-2022-24285 MISC
acer — quickaccess	Acer QuickAccess 2.01.300x before 2.01.3030 and 3.00.30xx before 3.00.3038 contains a local privilege escalation vulnerability. The user process communicates with a service of system authority through a named pipe. In this case, the Named Pipe is also given Read and Write rights to the general user. In addition, the service program does not verify the user when communicating. A thread may exist with a specific command. When the path of the program to be executed is sent, there is a local privilege escalation in which the service program executes the path with system privileges.	2022-03-10	not yet calculated	CVE-2022-24286 MISC
adobe — after_effects	Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-03-11	not yet calculated	CVE-2022-24095 MISC
adobe — after_effects	Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-03-11	not yet calculated	CVE-2022-24094 MISC
adobe — after_effects	Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-03-11	not yet calculated	CVE-2022-24097 MISC
adobe — after_effects	Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by an Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-03-11	not yet calculated	CVE-2022-24096 MISC
adobe — illustrator	Adobe Illustrator version 26.0.3 (and earlier) is affected by a buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in Illustrator.	2022-03-11	not yet calculated	CVE-2022-23187 MISC
adobe — photoshop	Adobe Photoshop versions 23.1.1 (and earlier) and 22.5.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-03-11	not yet calculated	CVE-2022-24090 MISC
alist — alist	Alist v2.1.0 and below was discovered to contain a cross-site scripting (XSS) vulnerability via /i/:data/ipa.plist.	2022-03-12	not yet calculated	CVE-2022-26533 MISC
amd — cpus	LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.	2022-03-11	not yet calculated	CVE-2021-26401 MISC
amd — cpus	Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.	2022-03-11	not yet calculated	CVE-2021-26341 MISC
atlassian — jira_server_and_data_center	This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Server and Data Center allowed remote attackers with system administrator permissions to execute arbitrary code via Template Injection leading to Remote Code Execution (RCE) in the Email Templates feature. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3.	2022-03-08	not yet calculated	CVE-2021-43944 N/A
atune — atune	atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file. Authentication is not forcibly enabled in the default configuration.	2022-03-11	not yet calculated	CVE-2021-33658 CONFIRM
casaos — casaos	CasaOS before v0.2.7 was discovered to contain a command injection vulnerability via the component leave or join zerotier api.	2022-03-10	not yet calculated	CVE-2022-24193 MISC MISC MISC MISC
cgi-bin/ej.cgi — cgi-bin/ej.cgi	A cross-site scripting (XSS) vulnerability in the component cgi-bin/ej.cgi of Ex libris ALEPH 500 v18.1 and v20 allows attackers to execute arbitrary web scripts or HTML.	2022-03-10	not yet calculated	CVE-2022-24177 MISC
citrix — federated_authentication_service	Citrix Federated Authentication Service (FAS) 7.17 – 10.6 causes deployments that have been configured to store a registration authority certificate’s private key in a Trusted Platform Module (TPM) to incorrectly store that key in the Microsoft Software Key Storage Provider (MSKSP). This issue only occurs if PowerShell was used when configuring FAS to store the registration authority certificate’s private key in the TPM. It does not occur if the TPM was not selected for use or if the FAS administration console was used for configuration.	2022-03-10	not yet calculated	CVE-2022-26355 MISC
cobbler — cobbler	Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.	2022-03-11	not yet calculated	CVE-2022-0860 CONFIRM MISC
cockpit — cockpit	A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon (SSSD). This flaw allows client certificates to authenticate successfully, regardless of the Certificate Revocation List (CRL) configuration or the certificate status. The highest threat from this vulnerability is to confidentiality.	2022-03-10	not yet calculated	CVE-2021-3698 MISC
cockpit — cockpit	Cockpit (and its plugins) do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an <iFrame> HTML entry. This may be used by a malicious website in clickjacking or similar attacks.	2022-03-10	not yet calculated	CVE-2021-3660 MISC MISC MISC
contact_form_x — contact_form_x	Reflected Cross-Site Scripting (XSS) vulnerability affecting parameter &tab discovered in Contact Form X WordPress plugin (versions <= 2.4).	2022-03-11	not yet calculated	CVE-2022-25601 CONFIRM CONFIRM
couchbase_operator — couchbase_operator	Couchbase Operator 2.2.x before 2.2.3 exposes Sensitive Information to an Unauthorized Actor. Secrets are not redacted in logs collected from Kubernetes environments.	2022-03-10	not yet calculated	CVE-2022-26311 CONFIRM MISC
croogo — croogo	A Remote Code Execution (RCE) vulnerability exists in Croogo 3.0.2via admin/file-manager/attachments, which lets a malicoius user upload a web shell script.	2022-03-10	not yet calculated	CVE-2021-44673 MISC
cx-programmer — cx-programmer	Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25325.	2022-03-10	not yet calculated	CVE-2022-25230 MISC
cx-programmer — cx-programmer	Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25230.	2022-03-10	not yet calculated	CVE-2022-25325 MISC
cx-programmer — cx-programmer	Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25234.	2022-03-10	not yet calculated	CVE-2022-21124 MISC
cx-programmer — cx-programmer	Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-21124.	2022-03-10	not yet calculated	CVE-2022-25234 MISC
cx-programmer — cx-programmer	Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file.	2022-03-10	not yet calculated	CVE-2022-21219 MISC
dell — bios	Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.	2022-03-11	not yet calculated	CVE-2022-24416 MISC
dell — bios	Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.	2022-03-11	not yet calculated	CVE-2022-24419 MISC
dell — bios	Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.	2022-03-11	not yet calculated	CVE-2022-24420 MISC
dell — bios	Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.	2022-03-11	not yet calculated	CVE-2022-24421 MISC
dell — bios	Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.	2022-03-11	not yet calculated	CVE-2022-24415 MISC
f-secure — support_tool	An arbitrary code execution vulnerability was found in the F-Secure Support Tool. A standard user can craft a special configuration file, which when run by administrator can execute any commands.	2022-03-10	not yet calculated	CVE-2021-44750 MISC MISC
fedora — fedora	A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read this file and leak kernel internal information from a previous panic. The highest threat from this vulnerability is to confidentiality. This flaw affects kexec-tools shipped by Fedora versions prior to 2.0.21-8 and RHEL versions prior to 2.0.20-47.	2022-03-10	not yet calculated	CVE-2021-20269 MISC
fiori — launchpad	Fiori launchpad – versions 754, 755, 756, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.	2022-03-10	not yet calculated	CVE-2022-26101 MISC MISC
freetakserver — freetakserver	FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows attackers to create crafted cookies to bypass authentication or escalate privileges.	2022-03-11	not yet calculated	CVE-2022-25510 MISC
freetakserver — freetakserver	An access control issue in the component /ManageRoute/postRoute of FreeTAKServer v1.9.8 allows unauthenticated attackers to cause a Denial of Service (DoS) via an unusually large amount of created routes, or create unsafe or false routes for legitimate users.	2022-03-11	not yet calculated	CVE-2022-25508 MISC
freetakserver-ui — freetakserver-ui	An issue in the ?filename= argument of the route /DataPackageTable in FreeTAKServer-UI v1.9.8 allows attackers to place arbitrary files anywhere on the system.	2022-03-11	not yet calculated	CVE-2022-25511 MISC
freetakserver-ui — freetakserver-ui	FreeTAKServer-UI v1.9.8 was discovered to contain a SQL injection vulnerability via the API endpoint /AuthenticateUser.	2022-03-11	not yet calculated	CVE-2022-25506 MISC
freetakserver-ui — freetakserver-ui	FreeTAKServer-UI v1.9.8 was discovered to leak sensitive API and Websocket keys.	2022-03-11	not yet calculated	CVE-2022-25512 MISC
freetakserver-ui — freetakserver-ui	FreeTAKServer-UI v1.9.8 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Callsign parameter.	2022-03-11	not yet calculated	CVE-2022-25507 MISC
gerapy — gerapy	An Access Control vunerabiity exists in Gerapy v 0.9.7 via the spider parameter in project_configure function.	2022-03-10	not yet calculated	CVE-2021-44597 MISC
go-gitea — gitea	Improper Authorization in GitHub repository go-gitea/gitea prior to 1.16.4.	2022-03-10	not yet calculated	CVE-2022-0905 CONFIRM MISC
gogs — gogs	Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5.	2022-03-11	not yet calculated	CVE-2022-0870 MISC CONFIRM
gogs — gogs	Improper Authorization in GitHub repository gogs/gogs prior to 0.12.5.	2022-03-11	not yet calculated	CVE-2022-0871 MISC CONFIRM
gpac — gpac	GPAC 2.0 allows a heap-based buffer overflow in gf_base64_encode. It can be triggered via MP4Box.	2022-03-12	not yet calculated	CVE-2022-26967 MISC
grub2 — grub2	A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue, as those users can eventually read any encrypted passwords present in grub.cfg. This flaw affects grub2 2.06 and previous versions. This issue has been fixed in grub upstream but no version with the fix is currently released.	2022-03-10	not yet calculated	CVE-2021-3981 MISC FEDORA
hitachi — aab_power_grids_ellipse_enterprise_asset_management	An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code that would then be run by the web browser. This can result in the compromise of confidential information, or even the takeover of the user’s session.	2022-03-11	not yet calculated	CVE-2021-27416 CONFIRM CONFIRM
hitachi — aab_power_grids_ellipse_enterprise_asset_management	An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials.	2022-03-11	not yet calculated	CVE-2021-27414 CONFIRM CONFIRM
horde — mime_viewer	lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. This occurs after XSLT rendering.	2022-03-11	not yet calculated	CVE-2022-26874 MISC MISC
huawei — devices	There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system stability.	2022-03-10	not yet calculated	CVE-2021-40064 MISC MISC
huawei — devices	There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization.	2022-03-10	not yet calculated	CVE-2021-40049 MISC MISC
huawei — devices	There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality.	2022-03-10	not yet calculated	CVE-2021-40051 MISC MISC
huawei — devices	There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability.	2022-03-10	not yet calculated	CVE-2021-40048 MISC MISC
huawei — devices	There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.	2022-03-10	not yet calculated	CVE-2021-40052 MISC
huawei — devices	There is a permission control vulnerability in the Nearby module. Successful exploitation of this vulnerability will affect availability and integrity.	2022-03-10	not yet calculated	CVE-2021-40053 MISC
huawei — devices	There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity.	2022-03-10	not yet calculated	CVE-2021-40054 MISC
huawei — devices	There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity.	2022-03-10	not yet calculated	CVE-2021-40055 MISC MISC
huawei — devices	There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.	2022-03-10	not yet calculated	CVE-2021-40056 MISC
huawei — devices	There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.	2022-03-10	not yet calculated	CVE-2021-40057 MISC
huawei — devices	There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.	2022-03-10	not yet calculated	CVE-2021-40058 MISC
huawei — devices	There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect confidentiality.	2022-03-10	not yet calculated	CVE-2021-40059 MISC
huawei — devices	There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.	2022-03-10	not yet calculated	CVE-2021-40060 MISC
huawei — devices	There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module. Successful exploitation of this vulnerability may affect integrity.	2022-03-10	not yet calculated	CVE-2021-40061 MISC MISC
huawei — devices	There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.	2022-03-10	not yet calculated	CVE-2021-40062 MISC
huawei — devices	There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality.	2022-03-10	not yet calculated	CVE-2021-40063 MISC MISC
huawei — devices	There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow.	2022-03-10	not yet calculated	CVE-2021-40050 MISC MISC
huawei — devices	There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity.	2022-03-10	not yet calculated	CVE-2021-40047 MISC MISC
ibm — aix_and_vios	IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 212950.	2022-03-07	not yet calculated	CVE-2021-38988 XF CONFIRM
ibm — aix_and_vios	IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 212951.	2022-03-07	not yet calculated	CVE-2021-38989 XF CONFIRM
ibm — datapower_gateway	IBM DataPower Gateway V10CD, 10.0.1, and 2108.4.1 could allow a remote attacker to bypass security restrictions, caused by the improper validation of input. By sending a specially crafted JSON message, an attacker could exploit this vulnerability to modify structure and fields. IBM X-Force ID: 209824.	2022-03-10	not yet calculated	CVE-2021-38910 CONFIRM XF
ibm — guardium_data_encryption	IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by spreadsheet software. IBM X-Force ID: 213858.	2022-03-10	not yet calculated	CVE-2021-39022 CONFIRM XF
ibm — guardium_data_encryption	IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 could disclose internal IP address information when the web backend is down. IBM X-Force 213863.	2022-03-10	not yet calculated	CVE-2021-39025 XF CONFIRM
icinga_web_2 — icinga_web_2	Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including `icingaweb2` configuration files with database credentials. This issue has been resolved in versions 2.9.6 and 2.10 of Icinga Web 2. Database credentials should be rotated.	2022-03-08	not yet calculated	CVE-2022-24716 CONFIRM MISC
icinga_web_2 — icinga_web_2	Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbitrary code. This issue has been resolved in versions 2.8.6, 2.9.6 and 2.10 of Icinga Web 2. Users unable to upgrade should limit access to the Icinga Web 2 configuration.	2022-03-08	not yet calculated	CVE-2022-24715 CONFIRM MISC
icinga_web_2 — icinga_web_2	Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Installations of Icinga 2 with the IDO writer enabled are affected. If you use service custom variables in role restrictions, and you regularly decommission service objects, users with said roles may still have access to a collection of content. Note that this only applies if a role has implicitly permitted access to hosts, due to permitted access to at least one of their services. If access to a host is permitted by other means, no sensible information has been disclosed to unauthorized users. This issue has been resolved in versions 2.8.6, 2.9.6 and 2.10 of Icinga Web 2.	2022-03-08	not yet calculated	CVE-2022-24714 CONFIRM MISC
ifilter_ver — ifilter_ver	Improper check for certificate revocation in i-FILTER Ver.10.45R01 and earlier, i-FILTER Ver.9.50R10 and earlier, i-FILTER Browser & Cloud MultiAgent for Windows Ver.4.93R04 and earlier, and D-SPA (Ver.3 / Ver.4) using i-FILTER allows a remote unauthenticated attacker to conduct a man-in-the-middle attack and eavesdrop on an encrypted communication.	2022-03-10	not yet calculated	CVE-2022-21170 MISC MISC MISC MISC MISC MISC
intel — sgx	The pointer-validation logic in util/mem_util.rs in Occlum before 0.26.0 for Intel SGX acts as a confused deputy that allows a local attacker to access unauthorized information via side-channel analysis.	2022-03-10	not yet calculated	CVE-2021-44421 CONFIRM MISC CONFIRM MISC
intel — trace_hub	Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.	2022-03-11	not yet calculated	CVE-2021-33150 MISC
ipdio — ipdio	Persistent cross-site scripting (XSS) in the web interface of ipDIO allows an authenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into specific fields. The XSS payload will be executed when a legitimate user attempts to upload, copy, download, or delete an existing configuration (Administrative Services).	2022-03-10	not yet calculated	CVE-2022-24432 MISC
istio — istio	Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, istiod, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing when the validating webhook for a cluster is exposed publicly. This endpoint is served over TLS port 15017, but does not require any authentication from the attacker. For simple installations, Istiod is typically only reachable from within the cluster, limiting the blast radius. However, for some deployments, especially [external istiod](https://istio.io/latest/docs/setup/install/external-controlplane/) topologies, this port is exposed over the public internet. This issue has been patched in versions 1.13.2, 1.12.5 and 1.11.8. Users are advised to upgrade. Users unable to upgrade should disable access to a validating webhook that is exposed to the public internet or restrict the set of IP addresses that can query it to a set of known, trusted entities.	2022-03-10	not yet calculated	CVE-2022-24726 MISC MISC CONFIRM
jackson-databind — jackson-databind	jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.	2022-03-11	not yet calculated	CVE-2020-36518 MISC
jboss-client — jboss-client	A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability.	2022-03-11	not yet calculated	CVE-2022-0853 MISC MISC
jeecg-boot — jceeg-boot	A Cross Site Scripting (XSS) vulnerabilitiy exits in jeecg-boot 3.0 in /jeecg-boot/jmreport/view with a mouseover event.	2022-03-10	not yet calculated	CVE-2021-44585 MISC
jetson — linux	NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU configuration may allow an unprivileged attacker with physical access to the board direct read/write access to the entire system address space through the PCI bus. Such an attack could result in denial of service, code execution, escalation of privileges, and impact to data integrity and confidentiality. The scope impact may extend to other components.	2022-03-11	not yet calculated	CVE-2022-21819 MISC
libtiff — libtiff	Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa.	2022-03-11	not yet calculated	CVE-2022-0909 MISC MISC CONFIRM
libtiff — libtiff	Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.	2022-03-11	not yet calculated	CVE-2022-0908 CONFIRM MISC MISC
libtiff — libtiff	Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2.	2022-03-11	not yet calculated	CVE-2022-0907 MISC CONFIRM MISC
libtiff — libtiff	Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.	2022-03-11	not yet calculated	CVE-2022-0924 MISC CONFIRM MISC
libtiff — libtiff	Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045.	2022-03-10	not yet calculated	CVE-2022-0865 MISC MISC CONFIRM
libtiff — libtiff	A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact	2022-03-10	not yet calculated	CVE-2022-0891 CONFIRM MISC MISC MISC
linux — linux_kernel	drivers/bluetooth/virtio_bt.c in the Linux kernel before 5.16.3 has a memory leak (socket buffers have memory allocated but not freed).	2022-03-11	not yet calculated	CVE-2022-26878 MISC MISC MISC MISC MLIST
linux — linux_kernel	A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attacker to crash the system or leak kernel internal information. The highest threat from this vulnerability is to system availability.	2022-03-10	not yet calculated	CVE-2021-3739 MISC MISC MISC MISC MISC
linux — linux_kernel	An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device.	2022-03-12	not yet calculated	CVE-2022-26966 MISC MISC
linux — linux_kernel	A flaw was found in the io-workqueue implementation in the Linux kernel versions prior to 5.15-rc1. The kernel can panic when an improper cancellation operation triggers the submission of new io-uring operations during a shortage of free space. This flaw allows a local user with permissions to execute io-uring requests to possibly crash the system.	2022-03-10	not yet calculated	CVE-2021-4023 MISC
linux — linux_kernel	A security issue was found in Linux kernel’s OverlayFS subsystem where a local attacker who has the ability to mount the TmpFS filesystem with OverlayFS can abuse a logic bug in the overlayfs code which can inadvertently reveal files hidden in the original mount.	2022-03-10	not yet calculated	CVE-2021-3732 MISC MISC MISC MISC
linux — linux_kernel	A NULL pointer dereference was found in the Linux kernel’s KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVM_XEN_HVM_SET_ATTR ioctl. This flaw affects Linux kernel versions prior to 5.17-rc1.	2022-03-10	not yet calculated	CVE-2021-4095 MISC MLIST
luocms — luocms	Luocms v2.0 is affected by SQL Injection in /admin/link/link_mod.php.	2022-03-10	not yet calculated	CVE-2022-24604 MISC
luocms — luocms	Luocms v2.0 is affected by Cross Site Scripting (XSS) in /admin/news/sort_add.php and /inc/function.php.	2022-03-10	not yet calculated	CVE-2022-24608 MISC
luocms — luocms	Luocms v2.0 is affected by SQL Injection in /admin/news/news_mod.php.	2022-03-10	not yet calculated	CVE-2022-24602 MISC
luocms — luocms	Luocms v2.0 is affected by SQL Injection in /admin/manager/admin_mod.php. An attacker can obtain sensitive information through SQL injection statements.	2022-03-10	not yet calculated	CVE-2022-24601 MISC
luocms — luocms	Luocms v2.0 is affected by SQL Injection in /admin/news/sort_mod.php.	2022-03-10	not yet calculated	CVE-2022-24603 MISC
luocms — luocms	Luocms v2.0 is affected by SQL Injection in /admin/link/link_ok.php.	2022-03-10	not yet calculated	CVE-2022-24605 MISC
luocms — luocms	Luocms v2.0 is affected by SQL Injection in /admin/news/sort_ok.php.	2022-03-10	not yet calculated	CVE-2022-24606 MISC
luocms — luocms	Luocms v2.0 is affected by SQL Injection in /admin/news/news_ok.php.	2022-03-10	not yet calculated	CVE-2022-24607 MISC
luocms — luocms	Luocms v2.0 is affected by an incorrect access control vulnerability. Through /admin/templates/template_manage.php, an attacker can write an arbitrary shell file.	2022-03-10	not yet calculated	CVE-2022-24609 MISC
luocms — luocms	Luocms v2.0 is affected by SQL Injection through /admin/login.php. An attacker can log in to the background through SQL injection statements.	2022-03-10	not yet calculated	CVE-2022-24600 MISC
maddy — mail_server	Maddy Mail Server is an open source SMTP compatible email server. Versions of maddy prior to 0.5.4 do not implement password expiry or account expiry checking when authenticating using PAM. Users are advised to upgrade. Users unable to upgrade should manually remove expired accounts via existing filtering mechanisms.	2022-03-09	not yet calculated	CVE-2022-24732 MISC CONFIRM
mattermost — server	A stack overflow bug in the document extractor in Mattermost Server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted Apple Pages document.	2022-03-10	not yet calculated	CVE-2022-0904 MISC
mattermost — server	A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted POST body.	2022-03-10	not yet calculated	CVE-2022-0903 MISC
microsoft — .net_and_visual_studio	.NET and Visual Studio Remote Code Execution Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24512 N/A
microsoft — .net_and_visual_studio	.NET and Visual Studio Denial of Service Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24464 N/A
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24469, CVE-2022-24506, CVE-2022-24515, CVE-2022-24518.	2022-03-09	not yet calculated	CVE-2022-24519 N/A
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24469, CVE-2022-24506, CVE-2022-24515, CVE-2022-24519.	2022-03-09	not yet calculated	CVE-2022-24518 N/A
microsoft — azure	Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24468, CVE-2022-24470, CVE-2022-24471, CVE-2022-24520.	2022-03-09	not yet calculated	CVE-2022-24517 N/A
microsoft — azure	Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24468, CVE-2022-24471, CVE-2022-24517, CVE-2022-24520.	2022-03-09	not yet calculated	CVE-2022-24470 N/A
microsoft — azure	Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24468, CVE-2022-24470, CVE-2022-24471, CVE-2022-24517.	2022-03-09	not yet calculated	CVE-2022-24520 N/A
microsoft — azure	Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24468, CVE-2022-24470, CVE-2022-24517, CVE-2022-24520.	2022-03-09	not yet calculated	CVE-2022-24471 N/A
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24506, CVE-2022-24515, CVE-2022-24518, CVE-2022-24519.	2022-03-09	not yet calculated	CVE-2022-24469 N/A
microsoft — azure	Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24470, CVE-2022-24471, CVE-2022-24517, CVE-2022-24520.	2022-03-09	not yet calculated	CVE-2022-24468 N/A
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24469, CVE-2022-24515, CVE-2022-24518, CVE-2022-24519.	2022-03-09	not yet calculated	CVE-2022-24506 N/A
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24469, CVE-2022-24506, CVE-2022-24518, CVE-2022-24519.	2022-03-09	not yet calculated	CVE-2022-24515 N/A
microsoft — azure	Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24468, CVE-2022-24470, CVE-2022-24471, CVE-2022-24517, CVE-2022-24520.	2022-03-09	not yet calculated	CVE-2022-24467 N/A
microsoft — defender	Microsoft Defender for IoT Elevation of Privilege Vulnerability.	2022-03-09	not yet calculated	CVE-2022-23266 N/A
microsoft — defender	Microsoft Defender for IoT Remote Code Execution Vulnerability.	2022-03-09	not yet calculated	CVE-2022-23265 N/A
microsoft — defender	Microsoft Defender for Endpoint Spoofing Vulnerability.	2022-03-09	not yet calculated	CVE-2022-23278 N/A
microsoft — exchange	Microsoft Exchange Server Remote Code Execution Vulnerability.	2022-03-09	not yet calculated	CVE-2022-23277 N/A
microsoft — exchange_server	Microsoft Exchange Server Spoofing Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24463 N/A
microsoft — intune_portal	Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24465 N/A
microsoft — media_foundation	Media Foundation Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22010.	2022-03-09	not yet calculated	CVE-2022-21977 N/A
microsoft — office	Microsoft Office Word Tampering Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24511 N/A
microsoft — office_visio	Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24461, CVE-2022-24509.	2022-03-09	not yet calculated	CVE-2022-24510 N/A
microsoft — office_visio	Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24461, CVE-2022-24510.	2022-03-09	not yet calculated	CVE-2022-24509 N/A
microsoft — office_visio	Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24509, CVE-2022-24510.	2022-03-09	not yet calculated	CVE-2022-24461 N/A
microsoft — pint_3d	Paint 3D Remote Code Execution Vulnerability.	2022-03-09	not yet calculated	CVE-2022-23282 N/A
microsoft — skype	Skype Extension for Chrome Information Disclosure Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24522 N/A
microsoft — visual_studio	Visual Studio Code Spoofing Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24526 N/A
microsoft — windows	Windows CD-ROM Driver Elevation of Privilege Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24455 N/A
microsoft — windows	Windows Fax and Scan Service Elevation of Privilege Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24459 N/A
microsoft — windows	Tablet Windows User Interface Application Elevation of Privilege Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24460 N/A
microsoft — windows	Windows HTML Platforms Security Feature Bypass Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24502 N/A
microsoft — windows	Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23283, CVE-2022-23287.	2022-03-09	not yet calculated	CVE-2022-24505 N/A
microsoft — windows	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24507 N/A
microsoft — windows	Windows SMBv3 Client/Server Remote Code Execution Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24508 N/A
microsoft — windows	Microsoft Word Security Feature Bypass Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24462 N/A
microsoft — windows	Windows Fast FAT File System Driver Elevation of Privilege Vulnerability.	2022-03-09	not yet calculated	CVE-2022-23293 N/A
microsoft — windows	Windows Event Tracing Remote Code Execution Vulnerability.	2022-03-09	not yet calculated	CVE-2022-23294 N/A
microsoft — windows	Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability.	2022-03-09	not yet calculated	CVE-2022-23297 N/A
microsoft — windows	Windows Print Spooler Elevation of Privilege Vulnerability.	2022-03-09	not yet calculated	CVE-2022-23284 N/A
microsoft — windows	Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23283, CVE-2022-24505.	2022-03-09	not yet calculated	CVE-2022-23287 N/A
microsoft — windows	Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23291.	2022-03-09	not yet calculated	CVE-2022-23288 N/A
microsoft — windows	Windows Inking COM Elevation of Privilege Vulnerability.	2022-03-09	not yet calculated	CVE-2022-23290 N/A
microsoft — windows	Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23288.	2022-03-09	not yet calculated	CVE-2022-23291 N/A
microsoft — windows	Windows Installer Elevation of Privilege Vulnerability.	2022-03-09	not yet calculated	CVE-2022-23296 N/A MISC
microsoft — windows	Windows PDEV Elevation of Privilege Vulnerability.	2022-03-09	not yet calculated	CVE-2022-23299 N/A
microsoft — windows	Windows NT OS Kernel Elevation of Privilege Vulnerability.	2022-03-09	not yet calculated	CVE-2022-23298 N/A
microsoft — windows	Windows Hyper-V Denial of Service Vulnerability.	2022-03-09	not yet calculated	CVE-2022-21975 N/A
microsoft — windows	Windows Common Log File System Driver Information Disclosure Vulnerability.	2022-03-09	not yet calculated	CVE-2022-23281 N/A
microsoft — windows	Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23287, CVE-2022-24505.	2022-03-09	not yet calculated	CVE-2022-23283 N/A
microsoft — windows	Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability.	2022-03-09	not yet calculated	CVE-2022-23286 N/A
microsoft — windows	Windows Update Stack Elevation of Privilege Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24525 N/A
microsoft — windows	Windows Security Support Provider Interface Elevation of Privilege Vulnerability.	2022-03-09	not yet calculated	CVE-2022-24454 N/A
microsoft — windows_media_center	Windows Media Center Update Denial of Service Vulnerability.	2022-03-09	not yet calculated	CVE-2022-21973 N/A
microsoft — wps_office_for_windows	The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the service program is installed.	2022-03-09	not yet calculated	CVE-2022-25943 CONFIRM MISC JVN
microsoft — xbox_live	Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability.	2022-03-09	not yet calculated	CVE-2022-21967 N/A
microweber — microweber	XSS on dynamic_text module in GitHub repository microweber/microweber prior to 1.2.11.	2022-03-12	not yet calculated	CVE-2022-0929 MISC CONFIRM
microweber — microweber	Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.2.11.	2022-03-11	not yet calculated	CVE-2022-0912 MISC CONFIRM
microweber — microweber	Integer Overflow or Wraparound in GitHub repository microweber/microweber prior to 1.3.	2022-03-11	not yet calculated	CVE-2022-0913 CONFIRM MISC
microweber — microweber	Abusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber prior to 1.2.12.	2022-03-11	not yet calculated	CVE-2022-0921 MISC CONFIRM
microweber — microweber	File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.	2022-03-12	not yet calculated	CVE-2022-0926 MISC CONFIRM
microweber — microweber	File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.	2022-03-12	not yet calculated	CVE-2022-0930 MISC CONFIRM
microweber — microweber	Unrestricted file upload leads to stored XSS in GitHub repository microweber/microweber prior to 1.1.12.	2022-03-10	not yet calculated	CVE-2022-0906 CONFIRM MISC
microweber — microweber	Cross-site Scripting (XSS) – Stored in GitHub repository microweber/microweber prior to 1.2.12.	2022-03-11	not yet calculated	CVE-2022-0928 MISC CONFIRM
microweber — microweber	Static Code Injection in GitHub repository microweber/microweber prior to 1.3.	2022-03-10	not yet calculated	CVE-2022-0895 CONFIRM MISC
mitel — micollab	The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). This was exploited in the wild in February and March 2022 for the TP240PhoneHome DDoS attack.	2022-03-10	not yet calculated	CVE-2022-26143 MISC MISC MISC MISC MISC MISC MISC
moodle — moodle	An SQL injection risk existed on sites with MNet enabled and configured, via an XML-RPC call from the connected peer host. Note that this required site administrator access or access to the keypair. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected.	2022-03-11	not yet calculated	CVE-2021-32474 MISC
moodle — moodle	The redirect URI in the LTI authorization endpoint required extra sanitizing to prevent reflected XSS and open redirect risks. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8 and earlier unsupported versions are affected.	2022-03-11	not yet calculated	CVE-2021-32478 MISC
moodle — moodle	ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected.	2022-03-11	not yet calculated	CVE-2021-32475 MISC
moodle — moodle	The last time a user accessed the mobile app is displayed on their profile page, but should be restricted to users with the relevant capability (site administrators by default). Moodle versions 3.10 to 3.10.3 are affected.	2022-03-11	not yet calculated	CVE-2021-32477 MISC
moodle — moodle	Teachers exporting a forum in CSV format could receive a CSV of forums from all courses in some circumstances. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6 and 3.8 to 3.8.8 are affected.	2022-03-11	not yet calculated	CVE-2021-32472 MISC
moodle — moodle	It was possible for a student to view their quiz grade before it had been released, using a quiz web service. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected	2022-03-11	not yet calculated	CVE-2021-32473 MISC
moodle — moodle	A denial-of-service risk was identified in the draft files area, due to it not respecting user file upload limits. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected.	2022-03-11	not yet calculated	CVE-2021-32476 MISC
mruby — mruby	NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2.	2022-03-10	not yet calculated	CVE-2022-0890 MISC CONFIRM
myasus — myasus	The System Diagnosis service of MyASUS before 3.1.2.0 allows privilege escalation.	2022-03-10	not yet calculated	CVE-2022-22814 MISC
nabu_casa — home_assistant_operating_system	An information leak in Nabu Casa Home Assistant Operating System and Home Assistant Supervised 2022.03 allows a DNS operator to gain knowledge about internal network resources via the hardcoded DNS resolver configuration.	2022-03-10	not yet calculated	CVE-2020-36517 MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC
nacos — nacos	A Cross Site Scripting (XSS) vulnerability exists in Nacos 2.0.3 in auth/users via the (1) pageSize and (2) pageNo parameters.	2022-03-11	not yet calculated	CVE-2021-44667 MISC
nats — nats-server	NATS nats-server before 2.7.4 allows Directory Traversal (with write access) via an element in a ZIP archive for JetStream streams. nats-streaming-server before 0.24.3 is also affected.	2022-03-10	not yet calculated	CVE-2022-26652 CONFIRM MISC CONFIRM MLIST
network_olympus — network_olympus	Network Olympus version 1.8.0 allows an authenticated admin user to inject SQL queries in ‘/api/eventinstance’ via the ‘sqlparameter’ JSON parameter. It is also possible to achieve remote code execution in the default installation (PostgreSQL) by exploiting this issue.	2022-03-10	not yet calculated	CVE-2022-25225 MISC MISC
nextcloud — server	Nextcloud server is a self hosted system designed to provide cloud style services. The groupfolders application for Nextcloud allows sharing a folder with a group of people. In addition, it allows setting “advanced permissions” on subfolders, for example, a user could be granted access to the groupfolder but not specific subfolders. Due to a lacking permission check in affected versions, a user could still access these subfolders by copying the groupfolder to another location. It is recommended that the Nextcloud Server is upgraded to 20.0.14, 21.0.6 or 22.2.1. Users unable to upgrade should disable the “groupfolders” application in the admin settings.	2022-03-08	not yet calculated	CVE-2021-41241 CONFIRM MISC MISC
nextcloud — server	Nextcloud server is a self hosted system designed to provide cloud style services. In affected versions the User Status API did not consider the user enumeration settings by the administrator. This allowed a user to enumerate other users on the instance, even when user listings where disabled. It is recommended that the Nextcloud Server is upgraded to 20.0.14, 21.0.6 or 22.2.1. There are no known workarounds.	2022-03-08	not yet calculated	CVE-2021-41239 CONFIRM MISC MISC
nextcloud — talk	Nextcloud talk is a self hosting messaging service. In versions prior 12.1.2 an attacker is able to control the link of a geolocation preview in the Nextcloud Talk application due to a lack of validation on the link. This could result in an open-redirect, but required user interaction. This only affected users of the Android Talk client. It is recommended that the Nextcloud Talk App is upgraded to 12.1.2. There are no known workarounds.	2022-03-08	not yet calculated	CVE-2021-41180 CONFIRM MISC MISC
nextcloud — text	Nextcloud text is a collaborative document editing using Markdown built for the nextcloud server. Due to an issue with the Nextcloud Text application, which is by default shipped with Nextcloud Server, an attacker is able to access the folder names of “File Drop”. For successful exploitation an attacker requires knowledge of the sharing link. It is recommended that users upgrade their Nextcloud Server to 20.0.14, 21.0.6 or 22.2.1. Users unable to upgrade should disable the Nextcloud Text application in the application settings.	2022-03-10	not yet calculated	CVE-2021-41233 MISC CONFIRM
northern.tech — cfengine_enterprise	Northern.tech CFEngine Enterprise before 3.15.5 and 3.18.x before 3.18.1 has Insecure Permissions that may allow unauthorized local users to access the Apache and Mission Portal log files.	2022-03-10	not yet calculated	CVE-2021-44216 MISC MISC
northern.tech — cfengine_enterprise	Northern.tech CFEngine Enterprise 3.15.4 before 3.15.5 has Insecure Permissions that may allow unauthorized local users to have an unspecified impact.	2022-03-10	not yet calculated	CVE-2021-44215 MISC MISC
nystudio107 — seomatic	A Server-side Template Injection (SSTI) vulnerability exists in Nystudio107 Seomatic 3.4.12 in src/helpers/UrlHelper.php via the host header.	2022-03-11	not yet calculated	CVE-2021-44618 MISC MISC
onenav — onenav	An issue in index.php of OneNav v0.9.14 allows attackers to perform directory traversal.	2022-03-12	not yet calculated	CVE-2022-26276 MISC
opensuse — opensuse	A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build service allowed attackers to present users with a expected login form that then sends the clear text credentials to an attacker specified server. This issue affects: openSUSE Build service login-proxy-scripts versions prior to dc000cdfe9b9b715fb92195b1a57559362f689ef.	2022-03-09	not yet calculated	CVE-2021-36777 CONFIRM
orchardcms — orchardcore	Cross-site Scripting (XSS) – Stored in GitHub repository orchardcms/orchardcore prior to 1.3.0.	2022-03-11	not yet calculated	CVE-2022-0820 CONFIRM MISC
orchardcms — orchardcore	Cross-site Scripting (XSS) – Reflected in GitHub repository orchardcms/orchardcore prior to 1.3.0.	2022-03-11	not yet calculated	CVE-2022-0822 CONFIRM MISC
orchardcms — orchardcore	Improper Authorization in GitHub repository orchardcms/orchardcore prior to 1.3.0.	2022-03-11	not yet calculated	CVE-2022-0821 CONFIRM MISC
otris — update_manager	otris Update Manager 1.2.1.0 allows local users to achieve SYSTEM access via unauthenticated calls to exposed interfaces over a .NET named pipe. A remote attack may be possible as well, by leveraging WsHTTPBinding for HTTP traffic on TCP port 9000.	2022-03-10	not yet calculated	CVE-2021-40376 MISC MISC MISC
overit_geocall — overit_geocall	An issue was discovered in OverIT Geocall before 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XSLT Injection vulnerability. Attackers could exploit this issue to achieve remote code execution.	2022-03-10	not yet calculated	CVE-2022-22834 MISC MISC
overit_geocall — overit_geocall	An issue was discovered in OverIT Geocall before version 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XXE vulnerability to read arbitrary files from the filesystem.	2022-03-10	not yet calculated	CVE-2022-22835 MISC MISC
panorama_tools — libpano	Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-bounds read in the function panoParserFindOLine() in parser.c.	2022-03-10	not yet calculated	CVE-2021-33293 MISC MISC
pgjdbc — pgjdbc	DISPUTED In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat web root. NOTE: the vendor’s position is that there is no pgjdbc vulnerability; instead, it is a vulnerability for any application to use the pgjdbc driver with untrusted connection properties.	2022-03-10	not yet calculated	CVE-2022-26520 MISC MISC MISC MISC
power_line_communications — plc4trucks	Power Line Communications PLC4TRUCKS J2497 trailer receivers are susceptible to remote RF induced signals.	2022-03-10	not yet calculated	CVE-2022-26131 CONFIRM
power_line_communications — plt4trucks	Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions.	2022-03-10	not yet calculated	CVE-2022-25922 CONFIRM
proofpoint — insider_threat_management_agent_for_windows	Proofpoint Insider Threat Management Agent for Windows relies on an inherently dangerous function that could enable an unprivileged local Windows user to run arbitrary code with SYSTEM privileges. All versions prior to 7.12.1 are affected. Agents for MacOS and Linux and Cloud are unaffected. Proofpoint has released fixed software version 7.12.1. The fixed software versions are available through the customer support portal.	2022-03-10	not yet calculated	CVE-2022-25294 MISC
python — python	A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.	2022-03-04	not yet calculated	CVE-2021-3737 MISC MISC MISC MISC MISC MISC
python — python	In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2.	2022-03-10	not yet calculated	CVE-2022-26488 MISC
qnx_software_development_platform — qnx_software_development_platform	An elevation of privilege vulnerability in the QNX Neutrino Kernel of affected versions of QNX Software Development Platform version(s) 6.4.0 to 7.0, QNX Momentics all 6.3.x versions, QNX OS for Safety versions 1.0.0 to 1.0.2, QNX OS for Safety versions 2.0.0 to 2.0.1, QNX for Medical versions 1.0.0 to 1.1.1, and QNX OS for Medical version 2.0.0 could allow an attacker to potentially access data, modify behavior, or permanently crash the system.	2022-03-10	not yet calculated	CVE-2021-32025 MISC
quicklert_for_digium — quickler_for_digium	An arbitrary file upload vulnerability exists in albumimages.jsp in Quicklert for Digium 10.0.0 (1043) via a .mp3;.jsp filename for a file that begins with audio data bytes. It allows an authenticated (low privileged) attacker to execute remote code on the target server within the context of application’s permissions (SYSTEM).	2022-03-10	not yet calculated	CVE-2021-43970 MISC MISC
quicklert_for_digium — quickler_for_digium	The login.jsp page of Quicklert for Digium 10.0.0 (1043) is affected by both Blind SQL Injection with Out-of-Band Interaction (DNS) and Blind Time-Based SQL Injections. Exploitation can be used to disclose all data within the database (up to and including the administrative accounts’ login IDs and passwords) via the login.jsp uname parameter.	2022-03-10	not yet calculated	CVE-2021-43969 MISC MISC
regex — regex	regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it’s considered part of the crate’s API. Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it’s possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes. All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5. All users accepting user-controlled regexes are recommended to upgrade immediately to the latest version of the regex crate. Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, it us not recommend to deny known problematic regexes.	2022-03-08	not yet calculated	CVE-2022-24713 CONFIRM MISC MISC
rockcarry — ffjpeg	The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference.	2022-03-10	not yet calculated	CVE-2021-34122 MISC MISC
saleor– saleor	Improper Authorization in GitHub repository saleor/saleor prior to 3.1.2.	2022-03-11	not yet calculated	CVE-2022-0932 CONFIRM MISC
samsung — acount	Improper access control vulnerability in Samsung Account prior to version 13.1.0.1 allows attackers to access to the authcode for sign-in.	2022-03-10	not yet calculated	CVE-2022-25825 MISC
samsung — bixbytouch	Improper access control vulnerability in BixbyTouch prior to version 2.2.00.6 in China models allows untrusted applications to load arbitrary URL and local files in webview.	2022-03-10	not yet calculated	CVE-2022-25824 MISC
samsung — galaxy_watch_plugin	Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741 allows attackers to access user information in log.	2022-03-10	not yet calculated	CVE-2022-25823 MISC
samsung — galaxy_watch_plugin	Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows attacker to access password information of connected WiFiAp in the log	2022-03-10	not yet calculated	CVE-2022-25827 MISC
samsung — smr	Improper authentication in One UI Home prior to SMR Mar-2022 Release 1 allows attacker to generate pinned-shortcut without user consent.	2022-03-10	not yet calculated	CVE-2022-25817 MISC
samsung — smr	Improper boundary check in UWB stack prior to SMR Mar-2022 Release 1 allows arbitrary code execution.	2022-03-10	not yet calculated	CVE-2022-25818 MISC
samsung — smr	PendingIntent hijacking vulnerability in Weather application prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.	2022-03-10	not yet calculated	CVE-2022-25815 MISC
samsung — smr	OOB read vulnerability in hdcp2 device node prior to SMR Mar-2022 Release 1 allow an attacker to view Kernel stack memory.	2022-03-10	not yet calculated	CVE-2022-25819 MISC
samsung — smr	PendingIntent hijacking vulnerability in Wearable Manager Installer prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.	2022-03-10	not yet calculated	CVE-2022-25814 MISC
samsung — smr	Improper authentication in Samsung Lock and mask apps setting prior to SMR Mar-2022 Release 1 allows attacker to change enable/disable without authentication	2022-03-10	not yet calculated	CVE-2022-25816 MISC
samsung — smr	An use after free vulnerability in sdp driver prior to SMR Mar-2022 Release 1 allows kernel crash.	2022-03-10	not yet calculated	CVE-2022-25822 MISC
samsung — smr	Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB read.	2022-03-10	not yet calculated	CVE-2022-25821 MISC
samsung — smr	A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows physical attackers to perform brute force attack on screen lock password.	2022-03-10	not yet calculated	CVE-2022-25820 MISC
samsung — watch_active2_plugin	Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751 allows attacker to access password information of connected WiFiAp in the log	2022-03-10	not yet calculated	CVE-2022-25829 MISC
samsung — watch_active_plugin	Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows attacker to access password information of connected WiFiAp in the log	2022-03-10	not yet calculated	CVE-2022-25828 MISC
samsung– galaxy_watch3_plugin	Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751 allows attacker to access password information of connected WiFiAp in the log	2022-03-10	not yet calculated	CVE-2022-25830 MISC
sap — business_objects_business_intelligence_platform	Under certain conditions SAP Business Objects Business Intelligence Platform – versions 420, 430, allows an authenticated attacker to access information which would otherwise be restricted.	2022-03-10	not yet calculated	CVE-2022-24398 MISC MISC
sap — financial_consolidation	SAP Financial Consolidation – version 10.1, does not perform necessary authorization checks for updating homepage messages, resulting for an unauthorized user to alter the maintenance system message.	2022-03-10	not yet calculated	CVE-2022-26104 MISC MISC
sap — focused_run	The SAP Focused Run (Real User Monitoring) – versions 200, 300, REST service does not sufficiently sanitize the input name of the file using multipart/form-data, resulting in Cross-Site Scripting (XSS) vulnerability.	2022-03-10	not yet calculated	CVE-2022-24399 MISC MISC
sap — netweaver	Under certain conditions, SAP NetWeaver (Real Time Messaging Framework) – version 7.50, allows an attacker to access information which could lead to information gathering for further exploits and attacks.	2022-03-10	not yet calculated	CVE-2022-26103 MISC MISC
sap — netweaver_application_server_for_abap	Due to missing authorization check, SAP NetWeaver Application Server for ABAP – versions 700, 701, 702, 731, allows an authenticated attacker, to access content on the start screen of any transaction that is available with in the same SAP system even if he/she isn’t authorized for that transaction. A successful exploitation could expose information and in worst case manipulate data before the start screen is executed, resulting in limited impact on confidentiality and integrity of the application.	2022-03-10	not yet calculated	CVE-2022-26102 MISC MISC
sap — netweaver_enterprise_portal	SAP NetWeaver Enterprise Portal – versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.	2022-03-10	not yet calculated	CVE-2022-24395 MISC MISC
sap — netweaver_enterprise_portal	SAP NetWeaver Enterprise Portal – versions 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.This reflected cross-site scripting attack can be used to non-permanently deface or modify displayed content of portal Website. The execution of the script content by a victim registered on the portal could compromise the confidentiality and integrity of victim’s web browser.	2022-03-10	not yet calculated	CVE-2022-24397 MISC MISC
sapcar — sapcar	SAPCAR – version 7.22, does not contain sufficient input validation on the SAPCAR archive. As a result, the SAPCAR process may crash, and the attacker may obtain privileged access to the system.	2022-03-10	not yet calculated	CVE-2022-26100 MISC MISC
sas — logon_manager	SAS Logon Manager v9.4 was discovered to contain a vulnerability in the web UI which would allow an attacker to conduct a clickjacking attack.	2022-03-10	not yet calculated	CVE-2021-42186 MISC MISC MISC
sasung — galaxy_s3_plugin	Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows attacker to access password information of connected WiFiAp in the log	2022-03-10	not yet calculated	CVE-2022-25826 MISC
secomea — gatemanager	Cross-site Scripting (XSS) vulnerability in firmware section of Secomea GateManager allows logged in user to inject javascript in browser session. This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions.	2022-03-11	not yet calculated	CVE-2021-32009 MISC
secomea — gatemanager	This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Permission Issues vulnerability in LinkManager web portal of Secomea GateManager allows logged in LinkManager user to access stored SiteManager backup files.	2022-03-10	not yet calculated	CVE-2021-32006 MISC
sentcms — sentcms	sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload.	2022-03-10	not yet calculated	CVE-2022-24652 MISC
sentcms — sentcms	sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload.	2022-03-10	not yet calculated	CVE-2022-24651 MISC
simowireless — luna_simo	An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It sends the following Personally Identifiable Information (PII) in plaintext using HTTP to servers located in China: user’s list of installed apps and device International Mobile Equipment Identity (IMEI). This PII is transmitted to log.skyroam.com.cn using HTTP, independent of whether the user uses the Simo software.	2022-03-11	not yet calculated	CVE-2021-41849 MISC MISC MISC MISC
simowireless — luna_simo	An issue was discovered in Luna Simo PPR1.180610.011/202001031830. A pre-installed app with a package name of com.skyroam.silverhelper writes three IMEI values to system properties at system startup. The system property values can be obtained via getprop by all third-party applications co-located on the device, even those with no permissions granted, exposing the IMEI values to processes without enforcing any access control.	2022-03-11	not yet calculated	CVE-2021-41850 MISC MISC MISC MISC
simowireless — luna_simo	An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It mishandles software updates such that local third-party apps can provide a spoofed software update file that contains an arbitrary shell script and arbitrary ARM binary, where both will be executed as the root user with an SELinux domain named osi. To exploit this vulnerability, a local third-party app needs to have write access to external storage to write the spoofed update at the expected path. The vulnerable system binary (i.e., /system/bin/osi_bin) does not perform any authentication of the update file beyond ensuring that it is encrypted with an AES key (that is hard-coded in the vulnerable system binary). Processes executing with the osi SELinux domain can programmatically perform the following actions: install apps, grant runtime permissions to apps (including permissions with protection levels of dangerous and development), access extensive Personally Identifiable Information (PII) using the programmatically grant permissions, uninstall apps, set the default launcher app to a malicious launcher app that spoofs other apps, set a network proxy to intercept network traffic, unload kernel modules, set the default keyboard to a keyboard that has keylogging functionality, examine notification contents, send text messages, and more. The spoofed update can optionally contain an arbitrary ARM binary that will be locally stored in internal storage and executed at system startup to achieve persistent code execution as the root user with the osi SELinux domain. This ARM binary will continue to execute at startup even if the app that provided the spoofed update is uninstalled.	2022-03-11	not yet calculated	CVE-2021-41848 MISC MISC MISC MISC
simple-git — simple-git	The package simple-git before 3.3.0 are vulnerable to Command Injection via argument injection. When calling the .fetch(remote, branch, handlerFn) function, both the remote and branch parameters are passed to the git fetch subcommand. By injecting some git options it was possible to get arbitrary command execution.	2022-03-11	not yet calculated	CVE-2022-24433 MISC MISC MISC MISC
simple_diagnostics_agent — simple_diagnostics_agent	Simple Diagnostics Agent – versions 1.0 (up to version 1.57.), allows an attacker to access information which would otherwise be restricted via a random port 9000-65535. This allows information gathering which could be used exploit future open-source security exploits.	2022-03-10	not yet calculated	CVE-2022-22547 MISC MISC
simple_diagnostics_agent — simple_diagnostics_agent	The Simple Diagnostics Agent – versions 1.0 up to version 1.57, does not perform any authentication checks for functionalities that can be accessed via localhost on http port 3005. Due to lack of authentication checks, an attacker could access administrative or other privileged functionalities and read, modify, or delete sensitive information and configurations.	2022-03-10	not yet calculated	CVE-2022-24396 MISC MISC
smartbear — codecollaborator	SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI which would allow an attacker to conduct a clickjacking attack.	2022-03-10	not yet calculated	CVE-2021-41657 MISC MISC MISC
softing_opc — ua_c++_sdk	An issue was discovered in Softing OPC UA C++ SDK before 5.70. A malformed OPC/UA message abort packet makes the client crash with a NULL pointer dereference.	2022-03-11	not yet calculated	CVE-2021-42577 MISC MISC
softing_opc — ua_c++_sdk	An issue was discovered in Softing OPC UA C++ SDK before 5.70. An invalid XML element in the type dictionary makes the OPC/UA client crash due to an out-of-memory condition.	2022-03-11	not yet calculated	CVE-2021-42262 MISC MISC
solarwinds — solarwinds	Sensitive information could be displayed when a detailed technical error message is posted. This information could disclose environmental details about the Web Help Desk installation.	2022-03-10	not yet calculated	CVE-2021-35251 MISC MISC
spectre_bhb — spectre_bhb	Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim’s hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which can then be used to infer information that should be protected.	2022-03-10	not yet calculated	CVE-2022-25368 MISC MISC CONFIRM
spip — spip	SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated editors to execute arbitrary code.	2022-03-10	not yet calculated	CVE-2022-26846 MISC MISC MISC
spip — spip	SPIP before 3.2.14 and 4.x before 4.0.5 allows unauthenticated access to information about editorial objects.	2022-03-10	not yet calculated	CVE-2022-26847 MISC MISC MISC
star7th — showdoc	Cross-site Scripting (XSS) – Stored in GitHub repository star7th/showdoc prior to 2.10.2.	2022-03-12	not yet calculated	CVE-2022-0880 MISC CONFIRM
steelcentral_appinternals_dynamic_sampling_agent — steelcentral_appinternals_dynamic_sampling_agent	It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent’s (DSA) AgentConfigurationServlet has directory traversal vulnerabilities at the “/api/appInternals/1.0/agent/configuration” API. The affected endpoint does not have any input validation of the user’s input that allows a malicious payload to be injected.	2022-03-10	not yet calculated	CVE-2021-42787 CONFIRM
steelcentral_appinternals_dynamic_sampling_agent — steelcentral_appinternals_dynamic_sampling_agent	It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the “.debug_command.config” file to store a json string that contains a list of IDs and pre-configured commands. The config file is subsequently used by the “/api/appInternals/1.0/agent/configuration” API to map the corresponding ID to a command to be executed.	2022-03-10	not yet calculated	CVE-2021-42855 CONFIRM
steelcentral_appinternals_dynamic_sampling_agent — steelcentral_appinternals_dynamic_sampling_agent	It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent’s (DSA) PluginServlet has directory traversal vulnerabilities at the “/api/appInternals/1.0/plugin/pmx” API. The affected endpoint does not have any input validation of the user’s input that allows a malicious payload to be injected.	2022-03-10	not yet calculated	CVE-2021-42854 CONFIRM
steelcentral_appinternals_dynamic_sampling_agent — steelcentral_appinternals_dynamic_sampling_agent	It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent’s (DSA) AgentDiagnosticServlet has directory traversal vulnerability at the “/api/appInternals/1.0/agent/diagnostic/logs” API. The affected endpoint does not have any input validation of the user’s input that allows a malicious payload to be injected.	2022-03-10	not yet calculated	CVE-2021-42853 CONFIRM
steelcentral_appinternals_dynamic_sampling_agent — steelcentral_appinternals_dynamic_sampling_agent	It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code Execution vulnerabilities in multiple instances of the API requests. The affected endpoints do not have any input validation of the user’s input that allowed a malicious payload to be injected.	2022-03-10	not yet calculated	CVE-2021-42786 CONFIRM
steelcentral_appinternals_dynamic_sampling_agent — steelcentral_appinternals_dynamic_sampling_agent	It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent’s (DSA) AgentDaServlet has directory traversal vulnerabilities at the “/api/appInternals/1.0/agent/da/pcf” API. The affected endpoint does not have any validation of the user’s input that allows a malicious payload to be injected.	2022-03-10	not yet calculated	CVE-2021-42857 CONFIRM
suitecrm — suitecrm	SuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution. Authenticated users with access to the Scheduled Reports module can achieve this by leveraging PHP deserialization in the email_recipients property. By using a crafted request, they can create a malicious report, containing a PHP-deserialization payload in the email_recipients field. Once someone accesses this report, the backend will deserialize the content of the email_recipients field and the payload gets executed. Project dependencies include a number of interesting PHP deserialization gadgets (e.g., Monolog/RCE1 from phpggc) that can be used for Code Execution.	2022-03-10	not yet calculated	CVE-2022-23940 MISC MISC
swagger_ui — swagger_ui	Swagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions.	2022-03-11	not yet calculated	CVE-2018-25031 MISC MISC MISC
tenda — ax12	Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_4327CC. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.	2022-03-10	not yet calculated	CVE-2022-25560 MISC
tenda — ax12	Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42E328. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.	2022-03-10	not yet calculated	CVE-2022-25556 MISC
tenda — ax12	Tenda AX12 v22.03.01.21 was discovered to contain a stack buffer overflow in the function sub_422CE4. This vulnerability allows attackers to cause a Denial of Service (DoS) via the strcpy parameter.	2022-03-10	not yet calculated	CVE-2021-46408 MISC
tenda — ax12	Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42DE00. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.	2022-03-10	not yet calculated	CVE-2022-25561 MISC
totolink — a3100r	A Command Injection vulnerability exits in TOTOLINK A3100R <=V4.1.2cu.5050_B20200504 in adm/ntm.asp via the hosTime parameters.	2022-03-11	not yet calculated	CVE-2021-44620 MISC MISC MISC
tp-link — omada_sdn_software_controller	TP-Link Omada SDN Software Controller before 5.0.15 does not check if the authentication method specified in a connection request is allowed. An attacker can bypass the captive portal authentication process by using the downgraded “no authentication” method, and access the protected network. For example, the attacker can simply set window.authType=0 in client-side JavaScript.	2022-03-10	not yet calculated	CVE-2021-44032 MISC MISC MISC
tp-link — tapo_c200_ip_camera	TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera.	2022-03-10	not yet calculated	CVE-2021-4045 CONFIRM
trend_micro — password_manager	Trend Micro Password Manager (Consumer) installer version 5.0.0.1262 and below is vulnerable to an Uncontrolled Search Path Element vulnerability that could allow an attacker to use a specially crafted file to exploit the vulnerability and escalate local privileges on the affected machine.	2022-03-08	not yet calculated	CVE-2022-26337 N/A
trend_micro — portable_security	An installer search patch element vulnerability in Trend Micro Portable Security 3.0 Pro, 3.0 and 2.0 could allow a local attacker to place an arbitrarily generated DLL file in an installer folder to elevate local privileges. Please note: an attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.	2022-03-08	not yet calculated	CVE-2022-26319 N/A
tryton_application_platform — tryton_application_platform	An XXE issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An authenticated user can make the server parse a crafted XML SEPA file to access arbitrary files on the system.	2022-03-10	not yet calculated	CVE-2022-26661 MISC MISC MLIST MLIST DEBIAN DEBIAN
tryton_application_platform — tryton_application_platform	An XML Entity Expansion (XEE) issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An unauthenticated user can send a crafted XML-RPC message to consume all the resources of the server.	2022-03-10	not yet calculated	CVE-2022-26662 MISC MISC MLIST MLIST DEBIAN DEBIAN
univerge_wa — univerge_wa	UNIVERGE WA 1020 Ver8.2.11 and prior, UNIVERGE WA 1510 Ver8.2.11 and prior, UNIVERGE WA 1511 Ver8.2.11 and prior, UNIVERGE WA 1512 Ver8.2.11 and prior, UNIVERGE WA 2020 Ver8.2.11 and prior, UNIVERGE WA 2021 Ver8.2.11 and prior, UNIVERGE WA 2610-AP Ver8.2.11 and prior, UNIVERGE WA 2611-AP Ver8.2.11 and prior, UNIVERGE WA 2611E-AP Ver8.2.11 and prior, UNIVERGE WA WA2612-AP Ver8.2.11 and prior allows a remote attacker to execute arbitrary OS commands.	2022-03-11	not yet calculated	CVE-2022-25621 MISC
url-js — url-js	The package url-js before 2.1.0 are vulnerable to Improper Input Validation due to improper parsing, which makes it is possible for the hostname to be spoofed. http://\\\\\\\\localhost and http://localhost are the same URL. However, the hostname is not parsed as localhost, and the backslash is reflected as it is.	2022-03-11	not yet calculated	CVE-2022-25839 CONFIRM CONFIRM
urlib — abstractbasicauthhandler	There’s a flaw in urllib’s AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability.	2022-03-10	not yet calculated	CVE-2021-3733 MISC MISC MISC MISC MISC
vault_enterprise — vault_enterprise	“Vault and Vault Enterprise 1.8.0 through 1.8.8, and 1.9.3 allowed the PKI secrets engine under certain configurations to issue wildcard certificates to authorized users for a specified domain, even if the PKI role policy attribute allow_subdomains is set to false. Fixed in Vault Enterprise 1.8.9 and 1.9.4.	2022-03-10	not yet calculated	CVE-2022-25243 MISC MISC
vault_enterprise — vault_enterprise	Vault Enterprise clusters using the tokenization transform feature can expose the tokenization key through the tokenization key configuration endpoint to authorized operators with `read` permissions on this endpoint. Fixed in Vault Enterprise 1.9.4, 1.8.9 and 1.7.10.	2022-03-10	not yet calculated	CVE-2022-25244 MISC MISC
veritas_system_recovery — veritas_system_recovery	Veritas System Recovery (VSR) 18 and 21 stores a network destination password in the Windows registry during configuration of the backup configuration. This could allow a Windows user (who has sufficient privileges) to access a network file system that they were not authorized to access.	2022-03-10	not yet calculated	CVE-2022-26778 MISC
watchguard — firebox_and_xtm	On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.	2022-03-04	not yet calculated	CVE-2022-26318 CONFIRM
wavpack — wavpack	An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. This issue triggered in function WavpackPackSamples of file src/pack_utils.c, tainted variable cnt is too large, that makes pointer sptr read beyond heap bound.	2022-03-10	not yet calculated	CVE-2021-44269 MISC
wire-ios — wire-ios	Wire-ios is a messaging application using the wire protocol on apple’s ios platform. In versions prior to 3.95 malformed resource identifiers may render the iOS Wire Client completely unusable by causing it to repeatedly crash on launch. These malformed resource identifiers can be generated and sent between Wire users. The root cause lies in [wireapp/wire-ios-transport](https://github.com/wireapp/wire-ios-transport), where code responsible for removing sensible tokens before logging may fail and lead to a crash (Swift exception) of the application. This causes undesirable behavior, however the (greater) Wire system is still functional. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.	2022-03-11	not yet calculated	CVE-2022-23625 MISC MISC CONFIRM
wireguard — wireguard	Directory traversal vulnerability in pfSense-pkg-WireGuard pfSense-pkg-WireGuard 0.1.5 versions prior to 0.1.5_4 and pfSense-pkg-WireGuard 0.1.6 versions prior to 0.1.6_1 allows a remote authenticated attacker to lead a pfSense user to view a file outside the public folder.	2022-03-10	not yet calculated	CVE-2022-21132 MISC MISC
wp_google_map — wp_google_map	Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and Copy Map functions in WP Google Map plugin (versions <= 4.2.3).	2022-03-11	not yet calculated	CVE-2022-25600 CONFIRM CONFIRM
yokogawa_electric — multiple_product	The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00.	2022-03-11	not yet calculated	CVE-2022-21194 CONFIRM
yokogawa_electric — multiple_product	Path traversal vulnerability exists in CAMS for HIS Server contained in the following Yokogawa Electric products: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00.	2022-03-11	not yet calculated	CVE-2022-21808 CONFIRM
yokogawa_electric — multiple_products	CAMS for HIS Log Server contained in the following Yokogawa Electric products fails to properly neutralize log outputs: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, and Exaopc versions from R3.72.00 to R3.79.00.	2022-03-11	not yet calculated	CVE-2022-22151 CONFIRM
yokogawa_electric — multiple_products	‘Root Service’ service implemented in the following Yokogawa Electric products creates some named pipe with improper ACL configuration. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00.	2022-03-11	not yet calculated	CVE-2022-22148 CONFIRM
yokogawa_electric — multiple_products	CAMS for HIS Log Server contained in the following Yokogawa Electric products is vulnerable to uncontrolled resource consumption. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00.	2022-03-11	not yet calculated	CVE-2022-22145 CONFIRM
yokogawa_electric — multiple_products	‘Long-term Data Archive Package’ service implemented in the following Yokogawa Electric products creates some named pipe with imporper ACL configuration. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00.	2022-03-11	not yet calculated	CVE-2022-22141 CONFIRM
yokogawa_electric — multiple_products	The following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00	2022-03-11	not yet calculated	CVE-2022-23402 CONFIRM
yokogawa_electric — multiple_products	There is a path traversal vulnerability in CAMS for HIS Log Server contained in the following Yokogawa Electric products: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, andfrom R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00.	2022-03-11	not yet calculated	CVE-2022-21177 CONFIRM
yokogawa_electric — multiple_products	CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate the receiving packets. The authentication may be bypassed via some crafted packets: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, and Exaopc versions from R3.72.00 to R3.79.00.	2022-03-11	not yet calculated	CVE-2022-22729 CONFIRM
yokogawa_electric — multiple_products	The following Yokogawa Electric products contain insecure DLL loading issues. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00.	2022-03-11	not yet calculated	CVE-2022-23401 CONFIRM
yxmcms — yzmcms	YzmCMS v6.3 is affected by broken access control. Without login, unauthorized access to the user’s personal home page can be realized. It is necessary to judge the user’s login status before accessing the personal home page, but the vulnerability can access other users’ home pages through the non login status because real authentication is not carried out.	2022-03-10	not yet calculated	CVE-2022-23383 MISC MISC MISC

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

CISA recently updated an anonymous product survey;they’d welcome your feedback.

US-CERT Bulletin (SB22-073):Vulnerability Summary for the Week of March 7, 2022

High Vulnerabilities

Medium Vulnerabilities

Low Vulnerabilities

Severity Not Yet Assigned

[BIANLIAN] – Ransomware Victim: Silverback Exploration

[FOG] – Ransomware Victim: Fifteenfortyseven Critical Systems Realty (1547realty[.]com)

[BIANLIAN] – Ransomware Victim: Kellerhals Ferguson Kroblin PLLC

[FOG] – Ransomware Victim: Hogan Mfg (hoganmfg[.]com)

[QILIN] – Ransomware Victim: DMF Lighting

High Vulnerabilities

Medium Vulnerabilities

Low Vulnerabilities

Severity Not Yet Assigned

You may have missed

[BIANLIAN] – Ransomware Victim: Silverback Exploration

[FOG] – Ransomware Victim: Fifteenfortyseven Critical Systems Realty (1547realty[.]com)

[BIANLIAN] – Ransomware Victim: Kellerhals Ferguson Kroblin PLLC

[FOG] – Ransomware Victim: Hogan Mfg (hoganmfg[.]com)

[QILIN] – Ransomware Victim: DMF Lighting