US-CERT Bulletin (SB22-073):Vulnerability Summary for the Week of March 7, 2022
Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
High Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
a3rev — page_view_count | The Page View Count WordPress plugin before 2.4.15 does not sanitise and escape the post_ids parameter before using it in a SQL statement via a REST endpoint, available to both unauthenticated and authenticated users. As a result, unauthenticated attackers could perform SQL injection attacks | 2022-03-07 | 7.5 | CVE-2022-0434 MISC |
bitdefender — antivirus_plus | Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.3.146. | 2022-03-07 | 7.2 | CVE-2021-4199 CONFIRM MISC |
calibre-web_project — calibre-web | Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17. | 2022-03-07 | 7.5 | CVE-2022-0766 CONFIRM MISC |
dlink — dir-859_firmware | D-Link DIR-859 v1.05 was discovered to contain a stack-based buffer overflow via the function genacgi_main. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | 2022-03-04 | 7.1 | CVE-2022-25106 MISC MISC MISC |
genieacs — genieacs | In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument (lib/ui/api.ts and lib/ping.ts). The vulnerability arises from insufficient input validation combined with a missing authorization check. | 2022-03-06 | 7.5 | CVE-2021-46704 MISC MISC |
linux — linux_kernel | A flaw was found in the way the “flags” member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system. | 2022-03-10 | 7.2 | CVE-2022-0847 MISC MISC MISC MISC MISC |
linux — linux_kernel | A flaw was found in the KVM’s AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the “virt_ext” field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. | 2022-03-04 | 7.2 | CVE-2021-3656 MISC MISC MISC MISC |
mendix — forgot_password | A vulnerability has been identified in Mendix Forgot Password Appstore module (All versions >= V3.3.0 < V3.5.1), Mendix Forgot Password Appstore module (Mendix 7 compatible) (All versions < V3.2.2). Initial passwords are generated in an insecure manner. This could allow an unauthenticated remote attacker to efficiently brute force passwords in specific situations. | 2022-03-08 | 7.5 | CVE-2022-26314 CONFIRM |
mi — ax3600_firmware | A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code. | 2022-03-10 | 7.2 | CVE-2020-14111 MISC |
mi — ax3600_firmware | A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code. | 2022-03-10 | 10 | CVE-2020-14115 MISC |
mingsoft — mcms | https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: RCE. The impact is: execute arbitrary code (remote). The attack vector is: ${“freemarker.template.utility.Execute”?new()(“calc”)}. ¶¶ MCMS has a pre-auth RCE vulnerability through which allows unauthenticated attacker with network access via http to compromise MCMS. Successful attacks of this vulnerability can result in takeover of MCMS. | 2022-03-04 | 7.5 | CVE-2021-46384 MISC |
network_block_device_project — network_block_device | In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBD_OPT_INFO or NBD_OPT_GO message with an large value as the length of the name. | 2022-03-06 | 7.5 | CVE-2022-26496 MISC MISC MISC |
network_block_device_project — network_block_device | In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists for the NBD_OPT_INFO, NBD_OPT_GO, and NBD_OPT_EXPORT_NAME messages. | 2022-03-06 | 7.5 | CVE-2022-26495 MISC MISC MLIST |
part-db_project — part-db | OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11. | 2022-03-04 | 10 | CVE-2022-0848 CONFIRM MISC MISC |
pytorchlightning — pytorch_lightning | Code Injection in GitHub repository pytorchlightning/pytorch-lightning prior to 1.6.0. | 2022-03-05 | 10 | CVE-2022-0845 CONFIRM MISC |
secomea — gatemanager | This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Improper Limitation of a Pathname to restricted directory, allows logged in GateManager admin to delete system Files or Directories. | 2022-03-04 | 8.5 | CVE-2021-32008 MISC |
siemens — ruggedcom_ros | A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < V5.6.0), RUGGEDCOM ROS RST2228 (All versions < V5.6.0), RUGGEDCOM ROS RST2228P (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < V5.6.0), RUGGEDCOM ROS RST916P (All versions < V5.6.0), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). Within a third-party component, the process to allocate partition size fails to check memory boundaries. Therefore, if a large amount is requested by an attacker, due to an integer-wrap around, it could result in a small size being allocated instead. | 2022-03-08 | 7.5 | CVE-2021-42019 CONFIRM |
siemens — ruggedcom_ros | A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < V5.6.0), RUGGEDCOM ROS RST2228 (All versions < V5.6.0), RUGGEDCOM ROS RST2228P (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < V5.6.0), RUGGEDCOM ROS RST916P (All versions < V5.6.0), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). Within a third-party component, whenever memory allocation is requested, the out of bound size is not checked. Therefore, if size exceeding the expected allocation is assigned, it could allocate a smaller buffer instead. If an attacker were to exploit this, they could cause a heap overflow. | 2022-03-08 | 7.5 | CVE-2021-42018 CONFIRM |
siemens — sinumerik_mc_firmware | A vulnerability has been identified in SINUMERIK MC (All versions < V1.15 SP1), SINUMERIK ONE (All versions < V6.15 SP1). The sc SUID binary on affected devices provides several commands that are used to execute system commands or modify system files. A specific set of operations using sc could allow local attackers to escalate their privileges to root. | 2022-03-08 | 7.2 | CVE-2022-24408 CONFIRM |
stylemixthemes — masterstudy_lms | The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin | 2022-03-07 | 7.5 | CVE-2022-0441 CONFIRM MISC |
symantec — management_agent | The Symantec Management Agent is susceptible to a privilege escalation vulnerability. A low privilege local account can be elevated to the SYSTEM level through registry manipulations. | 2022-03-04 | 7.2 | CVE-2022-25623 MISC |
tenda — ax1806_firmware | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetProvince. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ProvinceCode parameter. | 2022-03-10 | 7.8 | CVE-2022-25558 MISC |
tenda — ax1806_firmware | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter. | 2022-03-10 | 7.8 | CVE-2022-25566 MISC |
tenda — ax1806_firmware | Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the urls parameter. | 2022-03-10 | 7.8 | CVE-2022-25557 MISC |
tenda — ax1806_firmware | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the serverName parameter. | 2022-03-10 | 7.8 | CVE-2022-25548 MISC |
tenda — ax1806_firmware | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the deviceId parameter. | 2022-03-10 | 7.8 | CVE-2022-25554 MISC |
tenda — ax1806_firmware | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsPwd parameter. | 2022-03-10 | 7.8 | CVE-2022-25553 MISC |
tenda — ax1806_firmware | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ssid parameter. | 2022-03-10 | 7.8 | CVE-2022-25552 MISC |
tenda — ax1806_firmware | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsDomain parameter. | 2022-03-10 | 7.8 | CVE-2022-25551 MISC |
tenda — ax1806_firmware | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsUser parameter. | 2022-03-10 | 7.8 | CVE-2022-25546 MISC |
tenda — ax1806_firmware | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter. | 2022-03-10 | 7.8 | CVE-2022-25547 MISC |
tenda — ax1806_firmware | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the deviceName parameter. | 2022-03-10 | 7.8 | CVE-2022-25550 MISC |
tenda — ax1806_firmware | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ntpServer parameter. | 2022-03-10 | 7.8 | CVE-2022-25555 MISC |
tenda — ax1806_firmware | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsEn parameter. | 2022-03-10 | 7.8 | CVE-2022-25549 MISC |
tenda — ax3_firmware | There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10_CN. The v10 variable is directly retrieved from the http request parameter startIp. Then v10 will be splice to stack by function sscanf without any security check,which causes stack overflow. By POSTing the page /goform/SetPptpServerCfg with proper startIp, the attacker can easily perform remote code execution with carefully crafted overflow data. | 2022-03-04 | 7.5 | CVE-2021-46393 MISC |
tenda — ax3_firmware | There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10_CN. The v13 variable is directly retrieved from the http request parameter startIp. Then v13 will be splice to stack by function sscanf without any security check, which causes stack overflow. By POSTing the page /goform/SetPptpServerCfg with proper startIp, the attacker can easily perform remote code execution with carefully crafted overflow data. | 2022-03-04 | 7.5 | CVE-2021-46394 MISC |
tp-link — tl-wr886n_firmware | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/check_reg_verify_code function which could let a remove malicious user execute arbitrary code via a crafted post request. | 2022-03-10 | 10 | CVE-2021-44622 MISC |
tp-link — tl-wr886n_firmware | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 via the /cloud_config/router_post/check_reset_pwd_verify_code interface. | 2022-03-10 | 10 | CVE-2021-44623 MISC |
tp-link — tl-wr886n_firmware | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in /cloud_config/cloud_device/info interface, which allows a malicious user to executee arbitrary code on the system via a crafted post request. | 2022-03-10 | 10 | CVE-2021-44625 MISC |
tp-link — tl-wr886n_firmware | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/get_reg_verify_code feature, which allows malicious users to execute arbitrary code on the system via a crafted post request. | 2022-03-10 | 10 | CVE-2021-44626 MISC |
tp-link — tl-wr886n_firmware | A Buffer Overflow vulnerabilitiy exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/register feature, which allows malicious users to execute arbitrary code on the system via a crafted post request. | 2022-03-10 | 10 | CVE-2021-44629 MISC |
tp-link — tl-wr886n_firmware | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/get_reset_pwd_veirfy_code feature, which allows malicious users to execute arbitrary code on the system via a crafted post request. | 2022-03-10 | 10 | CVE-2021-44627 MISC |
tp-link — tl-wr886n_firmware | A Buffer Overflow vulnerabiltiy exists in TP-LINK WR-886N 20190826 2.3.8 in thee /cloud_config/router_post/login feature, which allows malicious users to execute arbitrary code on the system via a crafted post request. | 2022-03-10 | 10 | CVE-2021-44628 MISC |
tp-link — tl-wr886n_firmware | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/modify_account_pwd feature, which allows malicious users to execute arbitrary code on the system via a crafted post request. | 2022-03-10 | 10 | CVE-2021-44630 MISC |
tp-link — tl-wr886n_firmware | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/reset_cloud_pwd feature, which allows malicous users to execute arbitrary code on the system via a crafted post request. | 2022-03-10 | 10 | CVE-2021-44631 MISC |
tp-link — tl-wr886n_firmware | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/upgrade_info feature, which allows malicious users to execute arbitrary code on the system via a crafted post request. | 2022-03-10 | 10 | CVE-2021-44632 MISC |
victor_cms_project — victor_cms | Victor CMS v1.0 was discovered to contain a SQL injection vulnerability. | 2022-03-04 | 7.5 | CVE-2022-26201 MISC MISC |
wpdeveloper — notificationx | The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nx_id parameter before using it in a SQL statement, leading to an Unauthenticated Blind SQL Injection | 2022-03-07 | 7.5 | CVE-2022-0349 MISC |
Medium Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
abcm2ps_project — abcm2ps | abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at draw.c. | 2022-03-10 | 4.3 | CVE-2021-32434 MISC MISC |
abcm2ps_project — abcm2ps | An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. | 2022-03-10 | 4.3 | CVE-2021-32436 MISC MISC |
abcm2ps_project — abcm2ps | Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. | 2022-03-10 | 4.3 | CVE-2021-32435 MISC MISC |
adrotate_project — adrotate | The AdRotate WordPress plugin before 5.8.22 does not sanitise and escape the adrotate_action before using it in a SQL statement via the adrotate_request_action function available to admins, leading to a SQL injection | 2022-03-07 | 6.5 | CVE-2022-0267 MISC |
alfresco — alfresco | Cross Site Scripting (XSS) vulnerability exists in Alfresco Alfresco Community Edition v5.2.0 via the action parameter in the alfresco/s/admin/admin-nodebrowser API. Fixed in v6.2 | 2022-03-04 | 4.3 | CVE-2020-18327 MISC MISC |
apache — any23 | An XML external entity (XXE) injection vulnerability was discovered in the Any23 RDFa XSLTStylesheet extractor and is known to affect Any23 versions < 2.7. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application’s processing of XML data. It often allows an attacker to view files on the application server filesystem, and to interact with any back-end or external systems that the application itself can access. This issue is fixed in Apache Any23 2.7. | 2022-03-05 | 6.4 | CVE-2022-25312 MISC MLIST |
archivy_project — archivy | Open Redirect in GitHub repository archivy/archivy prior to 1.7.0. | 2022-03-06 | 5.8 | CVE-2022-0697 CONFIRM MISC |
ayecode — userswp | The UsersWP WordPress plugin before 1.2.3.1 is missing access controls when updating a user avatar, and does not make sure file names for user avatars are unique, allowing a logged in user to overwrite another users avatar. | 2022-03-07 | 4 | CVE-2022-0442 MISC |
catchplugins — catch_themes_demo_import | The Catch Themes Demo Import WordPress plugin before 2.1.1 does not validate one of the file to be imported, which could allow high privivilege admin to upload an arbitrary PHP file and gain RCE even in the case of an hardened blog (ie DISALLOW_UNFILTERED_HTML, DISALLOW_FILE_EDIT and DISALLOW_FILE_MODS constants set to true) | 2022-03-07 | 6.5 | CVE-2022-0440 MISC |
cerber — wp_cerber_security\,_anti-spam_\&_malware_scan | The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 8.9.6 does not sanitise the $url variable before using it in an attribute in the Activity tab in the plugins dashboard, leading to an unauthenticated stored Cross-Site Scripting vulnerability. | 2022-03-07 | 4.3 | CVE-2022-0429 MISC |
correosexpress_project — correosexpress | The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly accessible, and contain sensitive information such as sender/receiver names, phone numbers, physical and email addresses | 2022-03-07 | 5 | CVE-2021-25009 MISC |
custom_content_shortcode_project — custom_content_shortcode | The Custom Content Shortcode WordPress plugin before 4.0.2 does not validate the data passed to its load shortcode, which could allow Contributor+ (v < 4.0.1) or Admin+ (v < 4.0.2) users to display arbitrary files from the filesystem (such as logs, .htaccess etc), as well as perform Local File Inclusion attacks as PHP files will be executed. Please note that such attack is still possible by admin+ in single site blogs by default (but won’t be when either the unfiltered_html or file_edit is disallowed) | 2022-03-07 | 4 | CVE-2021-24825 MISC |
custom_content_shortcode_project — custom_content_shortcode | The [field] shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1, allows authenticated users with a role as low as contributor, to access arbitrary post metadata. This could lead to sensitive data disclosure, for example when used in combination with WooCommerce, the email address of orders can be retrieved | 2022-03-07 | 4 | CVE-2021-24824 MISC |
devowl — wordpress_real_cookie_banner | The WordPress Real Cookie Banner: GDPR (DSGVO) & ePrivacy Cookie Consent WordPress plugin before 2.14.2 does not have CSRF checks in place when resetting its settings, allowing attackers to make a logged in admin reset them via a CSRF attack | 2022-03-07 | 4.3 | CVE-2022-0445 MISC |
dlink — dir-x1860_firmware | An information disclosure in web interface in D-Link DIR-X1860 before 1.03 RevA1 allows a remote unauthenticated attacker to send a specially crafted HTTP request and gain knowledge of different absolute paths that are being used by the web application. | 2022-03-04 | 5 | CVE-2021-46353 MISC MISC |
ericsson — network_manager | Ericsson Network Manager (ENM) before 21.2 has incorrect access-control behavior (that only affects the level of access available to persons who were already granted a highly privileged role). Users in the same AMOS authorization group can retrieve managed-network that was not set to be accessible to the entire group (i.e., was only set to be accessible to a subset of that group). | 2022-03-10 | 4 | CVE-2021-28488 MISC MISC MISC |
espruino — espruino | Espruino 2v11 release was discovered to contain a stack buffer overflow via src/jsvar.c in jsvGetNextSibling. | 2022-03-05 | 6.8 | CVE-2022-25465 MISC |
espruino — espruino | Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString. | 2022-03-05 | 6.8 | CVE-2022-25044 MISC MISC |
f-secure — safe | A vulnerability affecting F-Secure SAFE browser was discovered whereby browsers loads images automatically this vulnerability can be exploited remotely by an attacker to execute the JavaScript can be used to trigger universal cross-site scripting through the browser. User interaction is required prior to exploitation, such as entering a malicious website to trigger the vulnerability. | 2022-03-06 | 4.3 | CVE-2021-44748 MISC |
f-secure — safe | A vulnerability affecting F-Secure SAFE browser protection was discovered improper URL handling can be triggered to cause universal cross-site scripting through browsing protection in a SAFE web browser. User interaction is required prior to exploitation. A successful exploitation may lead to arbitrary code execution. | 2022-03-06 | 4.3 | CVE-2021-44749 MISC |
fatcatapps — easy_pricing_tables | The Pricing Tables WordPress Plugin WordPress plugin before 3.1.3 does not verify the CSRF nonce when removing posts, allowing attackers to make a logged in admin remove arbitrary posts from the blog via a CSRF attack, which will be put in the trash | 2022-03-07 | 4.3 | CVE-2021-25098 MISC |
framasoft — peertube | Insecure Storage of Sensitive Information in GitHub repository chocobozzz/peertube prior to 4.1.1. | 2022-03-09 | 4 | CVE-2022-0881 MISC CONFIRM |
golang — go | regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression. | 2022-03-05 | 5 | CVE-2022-24921 CONFIRM |
google — android | When the device is in factory state, it can be access the shell without adb authentication process. The LG ID is LVE-SMP-210010. | 2022-03-04 | 6.9 | CVE-2022-23729 MISC |
hcltech — bigfix_compliance | “TLS-RSA cipher suites are not disabled in BigFix Compliance up to v2.0.5. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it.” | 2022-03-04 | 4.3 | CVE-2021-27756 MISC |
hcltech — bigfix_insights | ” Insecure password storage issue.The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.Since the information is stored in cleartext, attackers could potentially read it and gain access to sensitive information.” | 2022-03-04 | 5 | CVE-2021-27757 MISC |
hestiacp — control_panel | Cross-site Scripting (XSS) – Generic in GitHub repository hestiacp/hestiacp prior to 1.5.9. | 2022-03-04 | 4.3 | CVE-2022-0752 MISC CONFIRM |
hestiacp — control_panel | Cross-site Scripting (XSS) – Reflected in GitHub repository hestiacp/hestiacp prior to 1.5.10. | 2022-03-04 | 4.3 | CVE-2022-0838 MISC CONFIRM |
hotscot — contact_form | The view submission functionality in the Hotscot Contact Form WordPress plugin before 1.3 makes a get request with the sub_id parameter which not sanitised, escaped or validated before inserting to a SQL statement, leading to an SQL injection. | 2022-03-07 | 6.5 | CVE-2021-24777 MISC |
icegram — email_subscribers_\&_newsletters | The Email Subscribers & Newsletters WordPress plugin before 5.3.2 does not correctly escape the `order` and `orderby` parameters to the `ajax_fetch_report_list` action, making it vulnerable to blind SQL injection attacks by users with roles as low as Subscriber. Further, it does not have any CSRF protection in place for the action, allowing an attacker to trick any logged in user to perform the action by clicking a link. | 2022-03-07 | 6.5 | CVE-2022-0439 MISC |
intelliants — subrion_cms | Multilple Cross Site Scripting (XSS) vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration panel. | 2022-03-04 | 4.3 | CVE-2020-18325 MISC MISC MISC |
intelliants — subrion_cms | Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user. | 2022-03-04 | 6.8 | CVE-2020-18326 MISC MISC MISC |
intelliants — subrion_cms | Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.1 via the q parameter in the Kickstart template. | 2022-03-04 | 4.3 | CVE-2020-18324 MISC MISC MISC |
libming — ming | Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service. | 2022-03-10 | 4.3 | CVE-2021-34341 MISC MISC |
libming — ming | Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c which causes a huge information leak. | 2022-03-10 | 4.3 | CVE-2021-34342 MISC MISC |
libming — ming | Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompiler.c file that causes a direct segmentation fault and leads to denial of service. | 2022-03-10 | 4.3 | CVE-2021-34340 MISC MISC |
libming — ming | Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service. | 2022-03-10 | 4.3 | CVE-2021-34339 MISC MISC |
libming — ming | Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service. | 2022-03-10 | 4.3 | CVE-2021-34338 MISC MISC |
libsixel_project — libsixel | saitoha libsixel v1.8.6 was discovered to contain a double free via the component sixel_chunk_destroy at /root/libsixel/src/chunk.c. | 2022-03-10 | 6.8 | CVE-2020-36123 MISC |
linux — linux_kernel | st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. | 2022-03-06 | 4.6 | CVE-2022-26490 MISC |
linux — linux_kernel | A flaw was found in the Linux kernel. A denial of service problem is identified if an extent tree is corrupted in a crafted ext4 filesystem in fs/ext4/extents.c in ext4_es_cache_extent. Fabricating an integer overflow, A local attacker with a special user privilege may cause a system crash problem which can lead to an availability threat. | 2022-03-04 | 4.9 | CVE-2021-3428 MISC MISC MISC |
marktext — marktext | Mark Text v0.16.3 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability which allows attackers to perform remote code execution (RCE) via injecting a crafted payload into /lib/contentState/pasteCtrl.js. | 2022-03-05 | 6.8 | CVE-2022-25069 MISC MISC |
mendix — forgot_password | A vulnerability has been identified in Mendix Forgot Password Appstore module (All versions >= V3.3.0 < V3.5.1). In certain configurations of the affected product, a threat actor could use the sign up flow to hijack arbitrary user accounts. | 2022-03-08 | 6.8 | CVE-2022-26313 CONFIRM |
mendix — mendix | A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.29). When returning the result of a completed Microflow execution call the affected framework does not correctly verify, if the request was initially made by the user requesting the result. Together with predictable identifiers for Microflow execution calls, this could allow a malicious attacker to retrieve information about arbitrary Microflow execution calls made by users within the affected system. | 2022-03-08 | 4 | CVE-2022-26317 CONFIRM |
mendix — mendix | A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.29), Mendix Applications using Mendix 8 (All versions < V8.18.16), Mendix Applications using Mendix 9 (All versions). If an entity has an association readable by the user, then in some cases, Mendix Runtime may not apply checks for XPath constraints that parse said associations, within apps running on affected versions. A malicious user could use this to dump and manipulate sensitive data. | 2022-03-08 | 5.5 | CVE-2022-24309 CONFIRM |
metagauss — registrationmagic | The RegistrationMagic WordPress plugin before 5.0.2.2 does not sanitise and escape the rm_form_id parameter before using it in a SQL statement in the Automation admin dashboard, allowing high privilege users to perform SQL injection attacks | 2022-03-07 | 6.5 | CVE-2022-0420 MISC CONFIRM |
metaphorcreations — ditty | The Ditty (formerly Ditty News Ticker) WordPress plugin before 3.0.15 is affected by a Reflected Cross-Site Scripting (XSS) vulnerability. | 2022-03-07 | 4.3 | CVE-2022-0533 CONFIRM MISC |
mi — ax6000_firmware | Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by incorrect routing configuration. Attackers can exploit this vulnerability to download part of the files in Xiaomi Router AX6000. | 2022-03-10 | 5 | CVE-2020-14112 MISC |
microweber — microweber | Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository microweber/microweber prior to 1.3. | 2022-03-09 | 6.8 | CVE-2022-0896 CONFIRM MISC |
mini-inventory-and-sales-management-system_project — mini-inventory-and-sales-management-system | Mini-Inventory-and-Sales-Management-System is affected by Cross Site Request Forgery (CSRF), where an attacker can update/delete items in the inventory. The attacker must be logged into the application create a malicious file for updating the inventory details and items. | 2022-03-04 | 4.3 | CVE-2021-44321 MISC MISC |
mybb — mybb | MyBB is a free and open source forum software. In affected versions the Admin CP’s Settings management module does not validate setting types correctly on insertion and update, making it possible to add settings of supported type `php` with PHP code, executed on on _Change Settings_ pages. This results in a Remote Code Execution (RCE) vulnerability. The vulnerable module requires Admin CP access with the `Can manage settings?` permission. MyBB’s Settings module, which allows administrators to add, edit, and delete non-default settings, stores setting data in an options code string ($options_code; mybb_settings.optionscode database column) that identifies the setting type and its options, separated by a new line character (\n). In MyBB 1.2.0, support for setting type php was added, for which the remaining part of the options code is PHP code executed on Change Settings pages (reserved for plugins and internal use). MyBB 1.8.30 resolves this issue. There are no known workarounds. | 2022-03-09 | 6.5 | CVE-2022-24734 MISC MISC CONFIRM MISC |
netapp — storagegrid | StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could allow disabled, expired, or locked external user accounts to access S3 data to which they previously had access. StorageGRID 11.6.0 obtains the user account status from Active Directory or Azure and will block S3 access for disabled user accounts during the subsequent background synchronization. User accounts that are expired or locked for Active Directory or Azure, or user accounts that are disabled, expired, or locked in identity sources other than Active Directory or Azure must be manually removed from group memberships or have their S3 keys manually removed from Tenant Manager in all versions of StorageGRID (formerly StorageGRID Webscale). | 2022-03-04 | 4 | CVE-2022-23232 MISC |
netapp — storagegrid | StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS) of the Local Distribution Router (LDR) service. | 2022-03-04 | 5 | CVE-2022-23233 MISC |
netgear — wac120_ac_firmware | Unauthenticated cross-site scripting (XSS) in Netgear WAC120 AC Access Point may lead to mulitple attacks like session hijacking even clipboard hijacking. | 2022-03-04 | 4.3 | CVE-2021-46382 MISC MISC |
obtaininfotech — multisite_content_copier\/updater | The WordPress Multisite Content Copier/Updater WordPress plugin before 2.1.0 does not sanitise and escape the wmcc_content_type, wmcc_source_blog and wmcc_record_per_page parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues | 2022-03-07 | 4.3 | CVE-2021-25039 MISC |
obtaininfotech — multisite_user_sync\/unsync | The WordPress Multisite User Sync/Unsync WordPress plugin before 2.1.2 does not sanitise and escape the wmus_source_blog and wmus_record_per_page parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues | 2022-03-07 | 4.3 | CVE-2021-25038 MISC |
openexr — openexr | A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, leading to an out-of-bounds write on the heap. The greatest impact of this flaw is to application availability, with some potential impact to data integrity as well. | 2022-03-04 | 5.8 | CVE-2021-20303 MISC MISC MISC |
paloaltonetworks — pan-os | Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal (non-FIPS-CC) operational mode. An attacker must have access to the account password hashes to take advantage of this weakness and can acquire those hashes if they are able to gain access to the PAN-OS software configuration. Fixed versions of PAN-OS software use a secure cryptographic algorithm for account password hashes. This issue does not impact Prisma Access firewalls. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.21; All versions of PAN-OS 9.0; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11; PAN-OS 10.0 versions earlier than PAN-OS 10.0.7. | 2022-03-09 | 4.6 | CVE-2022-0022 CONFIRM |
phpmyadmin — phpmyadmin | PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pma_parameter, and the cookie section. | 2022-03-10 | 5 | CVE-2022-0813 CONFIRM CONFIRM |
plugins-market — wp_visitor_statistics | The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.6 does not sanitise and escape the id parameter before using it in a SQL statement via the refUrlDetails AJAX action, available to any authenticated user, leading to a SQL injection | 2022-03-07 | 6.5 | CVE-2022-0410 MISC |
radare — radare2 | Use After Free in r_reg_get_name_idx in GitHub repository radareorg/radare2 prior to 5.6.6. | 2022-03-05 | 4.3 | CVE-2022-0849 MISC CONFIRM |
readdle — spark | Apache Spark supports end-to-end encryption of RPC connections via “spark.authenticate” and “spark.network.crypto.enabled”. In versions 3.1.2 and earlier, it uses a bespoke mutual authentication protocol that allows for full encryption key recovery. After an initial interactive attack, this would allow someone to decrypt plaintext traffic offline. Note that this does not affect security mechanisms controlled by “spark.authenticate.enableSaslEncryption”, “spark.io.encryption.enabled”, “spark.ssl”, “spark.ui.strictTransportSecurity”. Update to Apache Spark 3.1.3 or later | 2022-03-10 | 5 | CVE-2021-38296 CONFIRM |
readymedia_project — readymedia | A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files. | 2022-03-06 | 4.3 | CVE-2022-26505 MISC MISC MLIST |
redhat — coreos-installer | An improper signature verification vulnerability was found in coreos-installer. A specially crafted gzip installation image can bypass the image signature verification and as a consequence can lead to the installation of unsigned content. An attacker able to modify the original installation image can write arbitrary data, and achieve full access to the node being installed. | 2022-03-04 | 6.8 | CVE-2021-20319 MISC MISC MISC |
rednao — smart_forms | The Smart Forms WordPress plugin before 2.6.71 does not have authorisation in its rednao_smart_forms_entries_list AJAX action, allowing any authenticated users, such as subscriber, to download arbitrary form’s data, which could include sensitive information such as PII depending on the form. | 2022-03-07 | 4 | CVE-2022-0163 MISC |
salesagility — suitecrm | Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.12.5. | 2022-03-07 | 4 | CVE-2022-0755 MISC CONFIRM |
salesagility — suitecrm | SQL Injection in GitHub repository salesagility/suitecrm prior to 7.12.5. | 2022-03-07 | 4 | CVE-2022-0754 CONFIRM MISC |
salesagility — suitecrm | Improper Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5. | 2022-03-07 | 4 | CVE-2022-0756 MISC CONFIRM |
schneider-electric — ecostruxure_control_expert | A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software, when an attacker is able to intercept and manipulate specific Modbus response data. Affected Product: EcoStruxure Process Expert (V2021 and prior), EcoStruxure Control Expert (V15.0 SP1 and prior) | 2022-03-09 | 4.3 | CVE-2022-24323 CONFIRM |
schneider-electric — ecostruxure_control_expert | A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software when an attacker is able to intercept and manipulate specific Modbus response data. Affected Product: EcoStruxure Control Expert (V15.0 SP1 and prior) | 2022-03-09 | 4.3 | CVE-2022-24322 CONFIRM |
schneider-electric — ritto_wiser_door | A CWE-200: Information Exposure vulnerability exists which could allow a session hijack when the door panel is communicating with the door. Affected Product: Ritto Wiser Door (All versions) | 2022-03-09 | 4.8 | CVE-2021-22783 CONFIRM |
servmask — one-stop_wp_migration | The All-in-One WP Migration WordPress plugin before 7.41 does not validate uploaded files’ extension, which allows administrators to upload PHP files on their site, even on multisite installations. | 2022-03-07 | 6.5 | CVE-2021-24216 MISC CONFIRM |
siemens — climatix_pol909_firmware | A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44), Climatix POL909 (AWM module) (All versions < V11.36). The Group Management page of affected devices is vulnerable to cross-site scripting (XSS). The vulnerability allows an attacker to send malicious JavaScript code which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser action. | 2022-03-08 | 4.3 | CVE-2021-41541 CONFIRM |
siemens — climatix_pol909_firmware | A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44), Climatix POL909 (AWM module) (All versions < V11.36). The User Management page of affected devices is vulnerable to cross-site scripting (XSS). The vulnerability allows an attacker to send malicious JavaScript code which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser action. | 2022-03-08 | 4.3 | CVE-2021-41542 CONFIRM |
siemens — climatix_pol909_firmware | A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44), Climatix POL909 (AWM module) (All versions < V11.36). The handling of log files in the web application of affected devices contains an information disclosure vulnerability which could allow logged in users to access sensitive files. | 2022-03-08 | 4 | CVE-2021-41543 CONFIRM |
siemens — polarion_subversion_webclient | A vulnerability has been identified in Polarion Subversion Webclient (V21 R1). A cross-site scripting is present due to improper neutralization of data sent to the web page through the SVN WebClient in the affected product. An attacker could exploit this to execute arbitrary code and extract sensitive information by sending a specially crafted link to users with administrator privileges. | 2022-03-08 | 4.3 | CVE-2021-44478 CONFIRM |
siemens — ruggedcom_ros | A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions), RUGGEDCOM ROS RSG2300 (All versions), RUGGEDCOM ROS RSG2300P (All versions), RUGGEDCOM ROS RSG2488 (All versions), RUGGEDCOM ROS RSG907R (All versions), RUGGEDCOM ROS RSG908C (All versions), RUGGEDCOM ROS RSG909R (All versions), RUGGEDCOM ROS RSG910C (All versions), RUGGEDCOM ROS RSG920P (All versions), RUGGEDCOM ROS RSL910 (All versions), RUGGEDCOM ROS RST2228 (All versions), RUGGEDCOM ROS RST2228P (All versions), RUGGEDCOM ROS RST916C (All versions), RUGGEDCOM ROS RST916P (All versions), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). Unencrypted storage of passwords in the client configuration files and during network transmission could allow an attacker in a privileged position to obtain access passwords. | 2022-03-08 | 4 | CVE-2021-37209 CONFIRM |
siemens — ruggedcom_ros | A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < V5.6.0), RUGGEDCOM ROS RST2228 (All versions < V5.6.0), RUGGEDCOM ROS RST2228P (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < V5.6.0), RUGGEDCOM ROS RST916P (All versions < V5.6.0), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). A timing attack, in a third-party component, could make the retrieval of the private key possible, used for encryption of sensitive data. If a threat actor were to exploit this, the data integrity and security could be compromised. | 2022-03-08 | 5 | CVE-2021-42016 CONFIRM |
siemens — ruggedcom_ros | A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < V5.6.0), RUGGEDCOM ROS RST2228 (All versions < V5.6.0), RUGGEDCOM ROS RST2228P (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < V5.6.0), RUGGEDCOM ROS RST916P (All versions < V5.6.0), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). A new variant of the POODLE attack has left a third-party component vulnerable due to the implementation flaws of the CBC encryption mode in TLS 1.0 to 1.2. If an attacker were to exploit this, they could act as a man-in-the-middle and eavesdrop on encrypted communications. | 2022-03-08 | 4.3 | CVE-2021-42017 CONFIRM |
siemens — ruggedcom_ros | A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < V5.6.0), RUGGEDCOM ROS RST2228 (All versions < V5.6.0), RUGGEDCOM ROS RST2228P (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < V5.6.0), RUGGEDCOM ROS RST916P (All versions < V5.6.0), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). The third-party component, in its TFTP functionality fails to check for null terminations in file names. If an attacker were to exploit this, it could result in data corruption, and possibly a hard-fault of the application. | 2022-03-08 | 5 | CVE-2021-42020 CONFIRM |
siemens — simcenter_star-ccm\+_viewer | A vulnerability has been identified in Simcenter STAR-CCM+ Viewer (All versions < V2022.1). The starview+.exe contains a memory corruption vulnerability while parsing specially crafted .SCE files. This could allow an attacker to execute code in the context of the current process. | 2022-03-08 | 6.8 | CVE-2022-24661 CONFIRM |
siemens — sinec_network_management_syste | A vulnerability has been identified in SINEC NMS (All versions). A privileged authenticated attacker could execute arbitrary commands in the local database by sending specially crafted requests to the webserver of the affected application. | 2022-03-08 | 6.5 | CVE-2022-24281 CONFIRM |
siemens — sinec_network_management_system | A vulnerability has been identified in SINEC NMS (All versions). The affected software do not properly check privileges between users during the same web browser session, creating an unintended sphere of control. This could allow an authenticated low privileged user to achieve privilege escalation. | 2022-03-08 | 6.5 | CVE-2022-25311 CONFIRM |
siemens — sinec_network_management_system | A vulnerability has been identified in SINEC NMS (All versions). The affected system allows to upload JSON objects that are deserialized to Java objects. Due to insecure deserialization of user-supplied content by the affected software, a privileged attacker could exploit this vulnerability by sending a maliciously crafted serialized Java object. This could allow the attacker to execute arbitrary code on the device with root privileges. | 2022-03-08 | 6.5 | CVE-2022-24282 CONFIRM |
spirit-project — spirit | Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3. | 2022-03-06 | 5.8 | CVE-2022-0869 CONFIRM MISC |
stripe — stripe_cli | Stripe CLI is a command-line tool for the Stripe eCommerce platform. A vulnerability in Stripe CLI exists on Windows when certain commands are run in a directory where an attacker has planted files. The commands are `stripe login`, `stripe config -e`, `stripe community`, and `stripe open`. MacOS and Linux are unaffected. An attacker who successfully exploits the vulnerability can run arbitrary code in the context of the current user. The update addresses the vulnerability by throwing an error in these situations before the code can run.Users are advised to upgrade to version 1.7.13. There are no known workarounds for this issue. | 2022-03-09 | 4.4 | CVE-2022-24753 MISC CONFIRM |
tatvic — conversios.io | The Conversios.io WordPress plugin before 4.6.2 does not sanitise, validate and escape the sync_progressive_data parameter for the tvcajax_product_sync_bantch_wise AJAX action before using it in a SQL statement, allowing any authenticated user to perform SQL injection attacks. | 2022-03-07 | 6.5 | CVE-2021-24952 MISC |
tinywebgallery — advanced_iframe | The Advanced iFrame WordPress plugin before 2022 does not sanitise and escape the ai_config_id parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue | 2022-03-07 | 4.3 | CVE-2021-24953 MISC |
uclouvain — openjpeg | A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg. | 2022-03-04 | 6.8 | CVE-2021-3575 MISC MISC MISC |
uri.js_project — uri.js | Open Redirect in GitHub repository medialize/uri.js prior to 1.19.10. | 2022-03-06 | 5.8 | CVE-2022-0868 CONFIRM MISC |
veritas — infoscale_operations_manager | An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via Directory Traversal. By manipulating the resource name in GET requests referring to files with absolute paths, it is possible to access arbitrary files stored on the filesystem, including application source code, configuration files, and critical system files. | 2022-03-04 | 6.8 | CVE-2022-26484 MISC |
video_conferencing_with_zoom_project — video_conferencing_with_zoom | The Video Conferencing with Zoom WordPress plugin before 3.8.17 does not have authorisation in its vczapi_get_wp_users AJAX action, allowing any authenticated users, such as subscriber to download the list of email addresses registered on the blog | 2022-03-07 | 4 | CVE-2022-0384 MISC CONFIRM |
videousermanuals — white_label_cms | The White Label CMS WordPress plugin before 2.2.9 does not sanitise and validate the wlcms[_login_custom_js] parameter before outputting it back in the response while previewing, leading to a Reflected Cross-Site Scripting issue | 2022-03-07 | 4.3 | CVE-2022-0422 MISC CONFIRM |
weblate — weblate | The package weblate from 0 and before 4.11.1 are vulnerable to Remote Code Execution (RCE) via argument injection when using git or mercurial repositories. Authenticated users, can change the behavior of the application in an unintended way, leading to command execution. | 2022-03-04 | 6.5 | CVE-2022-23915 CONFIRM CONFIRM CONFIRM CONFIRM |
weblate — weblate | Weblate is a web based localization tool with tight version control integration. Prior to version 4.11.1, Weblate didn’t properly sanitize some arguments passed to Git and Mercurial, allowing them to change their behavior in an unintended way. Instances where untrusted users cannot create new components are not affected. The issues were fixed in the 4.11.1 release. | 2022-03-04 | 6.5 | CVE-2022-24727 MISC CONFIRM MISC |
wpaffiliatefeed — tradetracker-store | The test parameter of the xmlfeed in the Tradetracker-Store WordPress plugin before 4.6.60 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. | 2022-03-07 | 6.5 | CVE-2021-24778 MISC |
wpbrigade — loginpress | The LoginPress | Custom Login Page Customizer WordPress plugin before 1.5.12 does not escape the redirect-page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting | 2022-03-07 | 4.3 | CVE-2022-0347 MISC |
wpdownloadmanager — wordpress_download_manager | The Download Manager WordPress plugin before 3.2.35 does not have any authorisation checks in some of the REST API endpoints, allowing unauthenticated attackers to call them, which could lead to sensitive information disclosure, such as posts passwords (fixed in 3.2.24) and files Master Keys (fixed in 3.2.25). | 2022-03-07 | 5 | CVE-2021-25087 MISC |
Low Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
adtribes — product_feed_pro_for_woocommerce | The Product Feed PRO for WooCommerce WordPress plugin before 11.2.3 does not escape the rowCount parameter before outputting it back in an attribute via the woosea_categories_dropdown AJAX action (available to any authenticated user), leading to a Reflected Cross-Site Scripting | 2022-03-07 | 3.5 | CVE-2022-0426 MISC CONFIRM |
apasionados — customize_login_image | A cross-site scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user’s browser and can use an application as the vehicle for the attack. The XSS payload given in the “Custom logo link” executes whenever the user opens the Settings Page of the “Customize Login Image” Plugin. | 2022-03-10 | 3.5 | CVE-2021-33851 MISC |
bitdefender — antivirus_plus | A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Endpoint Security Tools versions prior to 7.2.2.92. Bitdefender VPN Standalone versions prior to 25.5.0.48. | 2022-03-07 | 3.6 | CVE-2021-4198 CONFIRM MISC |
bookstackapp — bookstack | Cross-site Scripting (XSS) – Stored in GitHub repository bookstackapp/bookstack prior to v22.02.3. | 2022-03-08 | 3.5 | CVE-2022-0877 MISC CONFIRM |
codepeople — wp_time_slots_booking_form | The WP Time Slots Booking Form WordPress plugin before 1.1.63 does not sanitise and escape Calendar names, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 2022-03-07 | 3.5 | CVE-2022-0389 MISC |
custom_content_shortcode_project — custom_content_shortcode | The Custom Content Shortcode WordPress plugin before 4.0.2 does not escape custom fields before outputting them, which could allow Contributor+ (v < 4.0.1) or Admin+ (v < 4.0.2) users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed. Please note that such attack is still possible by admin+ in single site blogs by default (but won’t be when the unfiltered_html is disallowed) | 2022-03-07 | 3.5 | CVE-2021-24826 MISC |
dell — enterprise_storage_analytics | Dell EMC Enterprise Storage Analytics for vRealize Operations, versions 4.0.1 to 6.2.1, contain a Plain-text password storage vulnerability. A local high privileged malicious user may potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | 2022-03-04 | 3.6 | CVE-2021-43590 MISC |
dwbooster — cp_blocks | The CP Blocks WordPress plugin before 1.0.15 does not sanitise and escape its “License ID” settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed. | 2022-03-07 | 3.5 | CVE-2022-0448 MISC |
e2pdf — e2pdf | The E2Pdf WordPress plugin before 1.16.45 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | 2022-03-07 | 3.5 | CVE-2022-0535 MISC CONFIRM |
iptanus — wordpress_file_upload | The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 allows users with a role as low as Contributor to configure the upload form in a way that allows uploading of SVG files, which could be then be used for Cross-Site Scripting attacks | 2022-03-07 | 3.5 | CVE-2021-24960 MISC CONFIRM |
iptanus — wordpress_file_upload | The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 does not escape some of its shortcode argument, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks | 2022-03-07 | 3.5 | CVE-2021-24961 MISC CONFIRM |
linux — linux_kernel | A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808. | 2022-03-04 | 2.1 | CVE-2021-3744 MISC MISC MISC MISC MLIST DEBIAN |
linux — linux_kernel | An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. | 2022-03-04 | 3.6 | CVE-2021-3743 MISC MISC MISC MISC MISC MISC |
metaphorcreations — post_duplicator | A cross-site scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user’s browser and can use an application as the vehicle for the attack. The XSS payload given in the “Duplicate Title” text box executes whenever the user opens the Settings Page of the Post Duplicator Plugin or the application root page after duplicating any of the existing posts. | 2022-03-10 | 3.5 | CVE-2021-33852 MISC |
nextcloud — talk | Nextcloud talk is a self hosting messaging service. In versions prior to 12.3.0 the Nextcloud Android Talk application did not properly detect the lockscreen state when a call was incoming. If an attacker got physical access to the locked phone, and the victim received a phone call the attacker could gain access to the chat messages and files of the user. It is recommended that the Nextcloud Android Talk App is upgraded to 12.3.0. There are no known workarounds. | 2022-03-08 | 2.1 | CVE-2021-41181 CONFIRM MISC |
nicdark — cost_calculator | The Cost Calculator WordPress plugin before 1.6 allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the Description fields of a Cost Calculator > Price Settings (which gets injected on the edit page as well as any page that embeds the calculator using the shortcode), as well as the Text Preview field of a Project (injected on the edit project page) | 2022-03-07 | 3.5 | CVE-2021-24821 MISC |
pimcore — pimcore | Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.3.3. | 2022-03-04 | 3.5 | CVE-2022-0831 CONFIRM MISC |
pimcore — pimcore | Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.3.3. | 2022-03-04 | 3.5 | CVE-2022-0832 MISC CONFIRM |
secomea — sitemanager_1129_firmware | Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store javascript for later execution. This issue affects: Secomea SiteManager Version 9.6.621421014 and all prior versions. | 2022-03-10 | 3.5 | CVE-2021-32005 MISC |
siemens — ruggedcom_ros | A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < V5.6.0), RUGGEDCOM ROS RST2228 (All versions < V5.6.0), RUGGEDCOM ROS RST2228P (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < V5.6.0), RUGGEDCOM ROS RST916P (All versions < V5.6.0), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). Improper neutralization of special characters on the web server configuration page could allow an attacker, in a privileged position, to retrieve sensitive information via cross-site scripting. | 2022-03-08 | 3.5 | CVE-2021-37208 CONFIRM |
sophos — ssl_vpn_client | A local attacker can overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss, in all versions of Sophos SSL VPN client. | 2022-03-08 | 3.6 | CVE-2021-36809 CONFIRM |
st — j-safe3_firmware | STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to obtain information on cryptographic secrets. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed configuration and J-SIGN (when signature verification is activated) but not for J-SAFE3 EPASS BAC and EAC products. It might also impact other products based on the J-SAFE-3 Java Card platform. | 2022-03-04 | 1.9 | CVE-2021-43392 MISC MISC |
st — stsafe-j_firmware | STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed configuration and J-SIGN (when signature verification is activated) but not for J-SAFE3 EPASS BAC and EAC products. It might also impact other products based on the J-SAFE-3 Java Card platform. | 2022-03-04 | 1.9 | CVE-2021-43393 MISC MISC |
veritas — infoscale_operations_manager | An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting (XSS) vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP GET parameter (which reflect the user input without sanitization). | 2022-03-04 | 3.5 | CVE-2022-26483 MISC |
wp-eventmanager — wp_event_manager | The WP Event Manager WordPress plugin before 3.1.23 does not escape some of its Field Editor settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | 2022-03-07 | 3.5 | CVE-2021-24810 MISC |
yop-poll — yop-poll | The YOP Poll WordPress plugin before 6.3.5 does not sanitise and escape some of the settings (available to users with a role as low as author) before outputting them, leading to a Stored Cross-Site Scripting issue | 2022-03-07 | 3.5 | CVE-2022-0205 MISC |
Severity Not Yet Assigned
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
/dsadatatest — /dsadatatest |
It was discovered that the /DsaDataTest endpoint is susceptible to Cross-site scripting (XSS) attack. It was noted that the Metric parameter does not have any input checks on the user input that allows an attacker to craft its own malicious payload to trigger a XSS vulnerability. | 2022-03-10 | not yet calculated | CVE-2021-42856 CONFIRM |
microsoft — vp9_video_extensions |
VP9 Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24501. | 2022-03-09 | not yet calculated | CVE-2022-24451 N/A |
apc_smart-ups_family — apc_smart-ups_family |
A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected Product: APC Smart-UPS Family: SMT Series (SMT Series ID=18: UPS 09.8 and prior / SMT Series ID=1040: UPS 01.2 and prior / SMT Series ID=1031: UPS 03.1 and prior), SMC Series (SMC Series ID=1005: UPS 14.1 and prior / SMC Series ID=1007: UPS 11.0 and prior / SMC Series ID=1041: UPS 01.1 and prior), SCL Series (SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior), SMX Series (SMX Series ID=20: UPS 10.2 and prior / SMX Series ID=23: UPS 07.0 and prior), SRT Series (SRT Series ID=1010/1019/1025: UPS 08.3 and prior / SRT Series ID=1024: UPS 01.0 and prior / SRT Series ID=1020: UPS 10.4 and prior / SRT Series ID=1021: UPS 12.2 and prior / SRT Series ID=1001/1013: UPS 05.1 and prior / SRT Series ID=1002/1014: UPSa05.2 and prior), APC SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior) | 2022-03-09 | not yet calculated | CVE-2022-0715 CONFIRM |
linux — linux_kernel_bpf |
A NULL pointer dereference flaw was found in the Linux kernel’s BPF subsystem in the way a user triggers the map_get_next_key function of the BPF bloom filter. This flaw allows a local user to crash the system. This flaw affects Linux kernel versions prior to 5.17-rc1. | 2022-03-10 | not yet calculated | CVE-2022-0433 MISC MISC MISC |
easyappointments — easyappointments |
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidis/easyappointments prior to 1.4.3. | 2022-03-09 | not yet calculated | CVE-2022-0482 CONFIRM MISC |
pandora_fms — pandora_api |
Found a potential security vulnerability inside the Pandora API. Affected Pandora FMS version range: all versions of NG version, up to OUM 759. This vulnerability could allow an attacker with authenticated IP to inject SQL. | 2022-03-10 | not yet calculated | CVE-2022-0507 CONFIRM CONFIRM |
linux — linux_kernel |
A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4. | 2022-03-10 | not yet calculated | CVE-2022-0516 MISC DEBIAN MISC |
apple — swift-nio-http2 |
A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This vulnerability is caused by a logical error when parsing a HTTP/2 HEADERS or HTTP/2 PUSH_PROMISE frame where the frame contains padding information without any other data. This logical error caused confusion about the size of the frame, leading to a parsing error. This parsing error immediately crashes the entire process. Sending a HEADERS frame or PUSH_PROMISE frame with HTTP/2 padding information does not require any special permission, so any HTTP/2 connection peer may send such a frame. For clients, this means any server to which they connect may launch this attack. For servers, anyone they allow to connect to them may launch such an attack. The attack is low-effort: it takes very little resources to send an appropriately crafted frame. The impact on availability is high: receiving the frame immediately crashes the server, dropping all in-flight connections and causing the service to need to restart. It is straightforward for an attacker to repeatedly send appropriately crafted frames, so attackers require very few resources to achieve a substantial denial of service. The attack does not have any confidentiality or integrity risks in and of itself: swift-nio-http2 is parsing the frame in memory-safe code, so the crash is safe. However, sudden process crashes can lead to violations of invariants in services, so it is possible that this attack can be used to trigger an error condition that has confidentiality or integrity risks. The risk can be mitigated if untrusted peers can be prevented from communicating with the service. This mitigation is not available to many services. The issue is fixed by rewriting the parsing code to correctly handle the condition. The issue was found by automated fuzzing by oss-fuzz. | 2022-03-10 | not yet calculated | CVE-2022-0618 MISC |
calibre_web — calibre_web |
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17. | 2022-03-07 | not yet calculated | CVE-2022-0767 MISC CONFIRM |
keepass — keepass |
A flaw was found in KeePass. The vulnerability occurs due to logging the plain text passwords in the system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs. | 2022-03-10 | not yet calculated | CVE-2022-0725 MISC |
bluez — bluez |
A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service. | 2022-03-10 | not yet calculated | CVE-2022-0204 MISC MISC |
mcafee — mcafee_webadvisor_chrome |
Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up to 8.1.0.1895 allows a remote attacker to gain access to McAfee WebAdvisor settings and other details about the user’s system. This could lead to unexpected behaviors including; settings being changed, fingerprinting of the system leading to targeted scams, and not triggering the malicious software if McAfee software is detected. | 2022-03-10 | not yet calculated | CVE-2022-0815 MISC |
shopware — shopware |
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In affected versions user sessions are not logged out if the password is reset via password recovery. This issue has been resolved in version 6.4.8.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. | 2022-03-09 | not yet calculated | CVE-2022-24744 CONFIRM |
nextcloud — nextcloud |
Nextcloud server is an open source, self hosted cloud style services platform. In affected versions an attacker can cause a denial of service by uploading specially crafted files which will cause the server to allocate too much memory / CPU. It is recommended that the Nextcloud Server is upgraded to 21.0.8 , 22.2.4 or 23.0.1. Users unable to upgrade should disable preview generation with the `’enable_previews’` config flag. | 2022-03-09 | not yet calculated | CVE-2022-24741 MISC CONFIRM MISC |
alltube — alltube |
alltube is an html front end for youtube-dl. On releases prior to 3.0.3, an attacker could craft a special HTML page to trigger either an open redirect attack or a Server-Side Request Forgery attack (depending on how AllTube is configured). The impact is mitigated by the fact the SSRF attack is only possible when the `stream` option is enabled in the configuration. (This option is disabled by default.) 3.0.3 contains a fix for this vulnerability. | 2022-03-08 | not yet calculated | CVE-2022-24739 MISC CONFIRM MISC MISC |
microsoft — microsoft |
Point-to-Point Tunneling Protocol Denial of Service Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-23253 N/A |
mcafee — mcafee_total_protection |
A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary file delete. This could lead to sensitive files being deleted and potentially cause denial of service. This attack exploits the way symlinks are created and how the product works with them. | 2022-03-10 | not yet calculated | CVE-2022-0280 MISC |
intel — intel |
Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | 2022-03-11 | not yet calculated | CVE-2022-0001 MISC |
intel — intel |
Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | 2022-03-11 | not yet calculated | CVE-2022-0002 MISC |
microsoft — microsoft |
Remote Desktop Protocol Client Information Disclosure Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24503 N/A |
frontend — frontend |
An authenticated user can create a link with reflected Javascript code inside it for graphs’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks. | 2022-03-09 | not yet calculated | CVE-2022-24919 CONFIRM |
frontend — frontend |
An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks. | 2022-03-09 | not yet calculated | CVE-2022-24917 CONFIRM |
frontend — frontend |
The absence of filters when loading some sections in the web application of the vulnerable device allows attackers to inject malicious code that will be interpreted when a legitimate user accesses the web section where the information is displayed. Injection can be done on specific parameters. The injected code is executed when a legitimate user attempts to upload, copy, download, or delete an existing configuration (Administrative Services). | 2022-03-10 | not yet calculated | CVE-2022-24915 MISC |
parse_community — parse_server |
Parse Server is an open source http web server backend. In versions prior to 4.10.7 there is a Remote Code Execution (RCE) vulnerability in Parse Server. This vulnerability affects Parse Server in the default configuration with MongoDB. The main weakness that leads to RCE is the Prototype Pollution vulnerable code in the file `DatabaseController.js`, so it is likely to affect Postgres and any other database backend as well. This vulnerability has been confirmed on Linux (Ubuntu) and Windows. Users are advised to upgrade as soon as possible. The only known workaround is to manually patch your installation with code referenced at the source GHSA-p6h4-93qp-jhcm. | 2022-03-12 | not yet calculated | CVE-2022-24760 CONFIRM MISC |
pjsip — pjsip_project |
PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials (credentials with data_type `PJSIP_CRED_DATA_DIGEST`). This issue has been patched in the master branch of the PJSIP repository and will be included with the next release. Users unable to upgrade need to check that the hashed digest data length must be equal to `PJSIP_MD5STRLEN` before passing to PJSIP. | 2022-03-11 | not yet calculated | CVE-2022-24754 MISC CONFIRM |
ultravnc — ultravnc |
UltraVNC is a free and open source remote pc access software. A vulnerability has been found in versions prior to 1.3.8.0 in which the DSM plugin module, which allows a local authenticated user to achieve local privilege escalation (LPE) on a vulnerable system. The vulnerability has been fixed to allow loading of plugins from the installed directory. Affected users should upgrade their UltraVNC to 1.3.8.0. Users unable to upgrade should not install and run UltraVNC server as a service. It is advisable to create a scheduled task on a low privilege account to launch WinVNC.exe instead. There are no known workarounds if wincnc needs to be started as a service. | 2022-03-10 | not yet calculated | CVE-2022-24750 CONFIRM MISC MISC |
microsft — remote_desktop_client |
Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21990. | 2022-03-09 | not yet calculated | CVE-2022-23285 N/A |
evmos — evmos |
Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. In versions of evmos prior to 2.0.1 attackers are able to drain unclaimed funds from user addresses. To do this an attacker must create a new chain which does not enforce signature verification and connects it to the target evmos instance. The attacker can use this joined chain to transfer unclaimed funds. Users are advised to upgrade. There are no known workarounds for this issue. | 2022-03-07 | not yet calculated | CVE-2022-24738 CONFIRM MISC MISC |
shopware — core |
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In versions prior to 6.4.8.2 it is possible to modify customers and to create orders without App Permission. This issue is a result of improper api route checking. Users are advised to upgrade to version 6.4.8.2. There are no known workarounds. | 2022-03-09 | not yet calculated | CVE-2022-24748 CONFIRM MISC |
shopware — core |
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. Affected versions of shopware do no properly set sensitive HTTP headers to be non-cacheable. If there is an HTTP cache between the server and client then headers may be exposed via HTTP caches. This issue has been resolved in version 6.4.8.2. There are no known workarounds. | 2022-03-09 | not yet calculated | CVE-2022-24747 MISC MISC CONFIRM |
shopware — core |
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In affected versions it is possible to inject code via the voucher code form. This issue has been patched in version 6.4.8.1. There are no known workarounds for this issue. | 2022-03-09 | not yet calculated | CVE-2022-24746 MISC CONFIRM MISC |
shopware — core |
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In affected versions guest sessions are shared between customers when HTTP cache is enabled. This can lead to inconsistent experiences for guest users. Setups with Varnish are not affected by this issue. This issue has been resolved in version 6.4.8.2. Users unable to upgrade should disable the HTTP Cache. | 2022-03-09 | not yet calculated | CVE-2022-24745 CONFIRM |
antaris — razorengine |
** UNSUPPORTED WHEN ASSIGNED ** In the IsolatedRazorEngine component of Antaris RazorEngine through 4.5.1-alpha001, an attacker can execute arbitrary .NET code in a sandboxed environment (if users can externally control template contents). NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | 2022-03-06 | not yet calculated | CVE-2021-46703 MISC |
npmjs — npmjs |
The swagger-ui-dist package before 4.1.3 for Node.js could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim’s click actions and possibly launch further attacks against the victim. | 2022-03-11 | not yet calculated | CVE-2021-46708 MISC MISC |
libcaca — libcaca |
libcaca is affected by a Divide By Zero issue via img2txt, which allows a remote malicious user to cause a Denial of Service | 2022-03-10 | not yet calculated | CVE-2022-0856 MISC |
httpie — httpie |
HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. Before 3.1.0, HTTPie didn‘t distinguish between cookies and hosts they belonged. This behavior resulted in the exposure of some cookies when there are redirects originating from the actual host to a third party website. Users are advised to upgrade. There are no known workarounds. | 2022-03-07 | not yet calculated | CVE-2022-24737 MISC MISC CONFIRM |
samsung_mobile_security — applock |
Unprotected Activity in AppLock prior to SMR Mar-2022 Release 1 allows attacker to change the list of locked app without authentication. | 2022-03-10 | not yet calculated | CVE-2022-24929 MISC |
mediatek — btif |
In btif, there is a possible memory corruption due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06271186; Issue ID: ALPS06271186. | 2022-03-10 | not yet calculated | CVE-2022-20057 MISC |
mediatek — connsyslogger |
In connsyslogger, there is a possible symbolic link following due to improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06335038; Issue ID: ALPS06335038. | 2022-03-10 | not yet calculated | CVE-2022-20050 MISC |
mediatek — ims_service |
In ims service, there is a possible unexpected application behavior due to incorrect privilege assignment. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219127; Issue ID: ALPS06219127. | 2022-03-10 | not yet calculated | CVE-2022-20051 MISC |
mediatek — ims_service |
In ims service, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219097; Issue ID: ALPS06219097. | 2022-03-10 | not yet calculated | CVE-2022-20053 MISC |
mediatek — ims_service |
In ims service, there is a possible AT command injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219083; Issue ID: ALPS06219083. | 2022-03-10 | not yet calculated | CVE-2022-20054 MISC |
mediatek — preloader |
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160830. | 2022-03-10 | not yet calculated | CVE-2022-20055 MISC |
mediatek — preloader |
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160820. | 2022-03-10 | not yet calculated | CVE-2022-20056 MISC |
mediatek — preloader |
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160485. | 2022-03-10 | not yet calculated | CVE-2022-20058 MISC |
mediatek — video_decoder |
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917502; Issue ID: ALPS05917502. | 2022-03-10 | not yet calculated | CVE-2022-20048 MISC |
mediatek — preloader |
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160781. | 2022-03-10 | not yet calculated | CVE-2022-20059 MISC |
mediatek — preloader |
In preloader (usb), there is a possible permission bypass due to a missing proper image authentication. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06137462. | 2022-03-10 | not yet calculated | CVE-2022-20060 MISC |
madiant — hevc_video_extensions |
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456. | 2022-03-09 | not yet calculated | CVE-2022-22007 N/A MISC |
ipdio — web_interface |
Persistent cross-site scripting in the web interface of ipDIO allows an unauthenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into a specific parameter. The XSS payload will be executed when a legitimate user attempts to review history. | 2022-03-10 | not yet calculated | CVE-2022-21146 MISC |
marktext — marktext |
A stored cross-site scripting vulnerability in marktext versions prior to v0.17.0 due to improper handling of the link (with javascript: scheme) inside the document may allow an attacker to execute an arbitrary script on the PC of the user using marktext. | 2022-03-10 | not yet calculated | CVE-2022-21158 MISC MISC |
madiant — hevc_video_extensions |
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456. | 2022-03-09 | not yet calculated | CVE-2022-22006 N/A MISC |
mediatek — vpu |
In vpu, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05954679; Issue ID: ALPS05954679. | 2022-03-10 | not yet calculated | CVE-2022-20049 MISC |
mediatek — video_decoder |
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917489; Issue ID: ALPS05917489. | 2022-03-10 | not yet calculated | CVE-2022-20047 MISC |
linux — linux_pv |
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn’t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 | 2022-03-10 | not yet calculated | CVE-2022-23042 MISC |
ipcomm — ipdio |
The absence of filters when loading some sections in the web application of the vulnerable device allows attackers to inject malicious code that will be interpreted when a legitimate user accesses the specific web section where the information is displayed. Injection can be done on specific parameters. The injected code is executed when a legitimate user attempts to review history. | 2022-03-10 | not yet calculated | CVE-2022-22985 MISC |
linux — linux_pv |
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn’t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 | 2022-03-10 | not yet calculated | CVE-2022-23041 MISC |
linux — linux_pv |
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn’t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 | 2022-03-10 | not yet calculated | CVE-2022-23040 MISC |
linux — linux_pv |
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn’t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 | 2022-03-10 | not yet calculated | CVE-2022-23039 MISC |
linux — linux_pv |
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn’t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 | 2022-03-10 | not yet calculated | CVE-2022-23038 MISC |
linux — linux_pv |
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn’t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 | 2022-03-10 | not yet calculated | CVE-2022-23037 MISC |
linux — linux_pv |
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn’t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 | 2022-03-10 | not yet calculated | CVE-2022-23036 MISC |
microsoft — hevc_video_extensions |
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-23301, CVE-2022-24453, CVE-2022-24456. | 2022-03-09 | not yet calculated | CVE-2022-24452 N/A |
microsoft — media_foundation_information_disclosure |
Media Foundation Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21977. | 2022-03-09 | not yet calculated | CVE-2022-22010 N/A |
schneider-electric — smartconnect_family |
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior) | 2022-03-09 | not yet calculated | CVE-2022-22806 CONFIRM |
schneider-electric — smartconnect_family |
A CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior) | 2022-03-09 | not yet calculated | CVE-2022-22805 CONFIRM |
signiant-manager_agents — signiant-manager_agents |
Signiant – Manager+Agents XML External Entity (XXE) – Extract internal files of the affected machine An attacker can read all the system files, the product is running with root on Linux systems and nt/authority on windows systems, which allows him to access and extract any file on the systems, such as passwd, shadow, hosts and so on. By gaining access to these files, attackers can steal sensitive information from the victims machine. | 2022-03-10 | not yet calculated | CVE-2022-22795 MISC |
zz.inc — keymouse_windows |
ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability during an unauthenticated update. To exploit this vulnerability, a user must trigger an update of an affected installation of KeyMouse. | 2022-03-10 | not yet calculated | CVE-2022-24644 MISC MISC |
heindal — heimdal_premium_security |
Heimdal.Wizard.exe installer in Heimdal Premium Security 2.5.395 and earlier has insecure permissions, which allows unprivileged local users to elevate privileges to SYSTEM via the “Browse For Folder” window accessible by triggering a “Repair” on the MSI package located in C:\Windows\Installer. | 2022-03-10 | not yet calculated | CVE-2022-24618 MISC MISC |
wago — wago |
Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks. An authorized attacker with user privileges may use this to gain access to confidential information on a PC that connects to the WBM after it has been compromised. | 2022-03-09 | not yet calculated | CVE-2022-22511 CONFIRM |
ibm — aix |
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged trusted host user to exploit a vulnerability in the nimsh daemon to cause a denial of service in the nimsh daemon on another trusted host. IBM X-Force ID: 220396 | 2022-03-07 | not yet calculated | CVE-2022-22351 XF CONFIRM |
samsung_mobile_security — kernel |
Security misconfiguration of RKP in kernel prior to SMR Mar-2022 Release 1 allows a system not to be protected by RKP. | 2022-03-10 | not yet calculated | CVE-2022-24928 MISC |
zabbix — zabbix |
An authenticated user can create a link with reflected Javascript code inside it for items’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks. | 2022-03-09 | not yet calculated | CVE-2022-24918 CONFIRM |
samsung_mobile_security — stretailmodereceiver |
An Improper access control vulnerability in StRetailModeReceiver in Wear OS 3.0 prior to Firmware update MAR-2022 Release allows untrusted applications to reset default app settings without a proper permission | 2022-03-10 | not yet calculated | CVE-2022-24930 MISC |
hp — bios |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure. | 2022-03-11 | not yet calculated | CVE-2022-23930 MISC |
lg — lg |
The public API error causes for the attacker to be able to bypass API access control. | 2022-03-11 | not yet calculated | CVE-2022-23730 MISC |
lg — v8_javascript_engine |
V8 javascript engine (heap vulnerability) can cause privilege escalation ,which can impact on some webOS TV models. | 2022-03-11 | not yet calculated | CVE-2022-23731 MISC |
hp — bios |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure. | 2022-03-11 | not yet calculated | CVE-2022-23924 MISC |
hp — bios |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure. | 2022-03-11 | not yet calculated | CVE-2022-23925 MISC |
hp — bios |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure. | 2022-03-11 | not yet calculated | CVE-2022-23926 MISC |
hp — bios |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure. | 2022-03-11 | not yet calculated | CVE-2022-23927 MISC |
hp — bios |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure. | 2022-03-11 | not yet calculated | CVE-2022-23928 MISC |
hp — bios |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure. | 2022-03-11 | not yet calculated | CVE-2022-23929 MISC |
hp — bios |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure. | 2022-03-11 | not yet calculated | CVE-2022-23931 MISC |
microsoft — raw_image_extension |
Raw Image Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23295. | 2022-03-09 | not yet calculated | CVE-2022-23300 N/A |
hp — bios |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure. | 2022-03-11 | not yet calculated | CVE-2022-23932 MISC |
hp — bios |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure. | 2022-03-11 | not yet calculated | CVE-2022-23933 MISC |
hp — bios |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure. | 2022-03-11 | not yet calculated | CVE-2022-23934 MISC |
samsung_mobile_security — apkinstaller |
Improper access control vulnerability in dynamic receiver in ApkInstaller prior to SMR MAR-2022 Release allows unauthorized attackers to execute arbitrary activity without a proper permission | 2022-03-10 | not yet calculated | CVE-2022-24931 MISC |
zabbix — zabbix_frontend |
An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim. This attack can be implemented with the help of social engineering and expiration of a number of factors – an attacker should have authorized access to the Zabbix Frontend and allowed network connection between a malicious server and victim’s computer, understand attacked infrastructure, be recognized by the victim as a trustee and use trusted communication channel. | 2022-03-09 | not yet calculated | CVE-2022-24349 CONFIRM |
mandiant — heif_image_extensions |
HEIF Image Extensions Remote Code Execution Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24457 N/A MISC |
microsoft — hevc_video_extensions |
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453. | 2022-03-09 | not yet calculated | CVE-2022-24456 N/A MISC |
microsoft — hevc_video_extensions |
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24456. | 2022-03-09 | not yet calculated | CVE-2022-24453 N/A MISC |
microsoft — hevc_video_extensions |
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456. | 2022-03-09 | not yet calculated | CVE-2022-23301 N/A |
microsft — remote_desktop_client |
Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23285. | 2022-03-09 | not yet calculated | CVE-2022-21990 N/A |
microsoft — raw_image_extension |
Raw Image Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23300. | 2022-03-09 | not yet calculated | CVE-2022-23295 N/A |
suletm — pdftron_sdk |
A use after free vulnerability was discovered in PDFTron SDK version 9.2.0. A crafted PDF can overwrite RIP with data previously allocated on the heap. This issue affects: PDFTron PDFTron SDK 9.2.0 on OSX; 9.2.0 on Linux; 9.2.0 on Windows. | 2022-03-10 | not yet calculated | CVE-2022-24960 MISC MISC |
tenda — tenda_ax3 | Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter. | 2022-03-10 | not yet calculated | CVE-2022-24995 MISC |
printix — printix_secure_cloud_print_management |
Printix Secure Cloud Print Management through 1.3.1106.0 creates a temporary temp.ini file in a directory with insecure permissions, leading to privilege escalation because of a race condition. | 2022-03-10 | not yet calculated | CVE-2022-25090 MISC MISC MISC MISC |
foxit — foxit_pdf_reader_and_editor |
Foxit PDF Reader and Editor before 11.2.1 and PhantomPDF before 10.1.7 allow a NULL pointer dereference during PDF parsing because the pointer is used without proper validation. | 2022-03-10 | not yet calculated | CVE-2022-25108 MISC |
tenable — phicomm_k2 |
Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. The same port exposes an unauthenticated Das U-Boot BIOS shell. | 2022-03-10 | not yet calculated | CVE-2022-25213 MISC |
tenable — phicomm_k2 |
Improper access control on the LocalClientList.asp interface allows an unauthenticated remote attacker to obtain sensitive information concerning devices on the local area network, including IP and MAC addresses. Improper access control on the wirelesssetup.asp interface allows an unauthenticated remote attacker to obtain the WPA passphrases for the 2.4GHz and 5.0GHz wireless networks. This is particularly dangerous given that the K2G setup wizard presents the user with the option of using the same password for the 2.4Ghz network and the administrative interface, by clicking a checkbox. When Remote Managment is enabled, these endpoints are exposed to the WAN. | 2022-03-10 | not yet calculated | CVE-2022-25214 MISC |
tenable — dvdfab_12 |
An absolute path traversal vulnerability allows a remote attacker to download any file on the Windows file system for which the user account running DVDFab 12 Player (recently renamed PlayerFab) has read-access, by means of an HTTP GET request to http://<IP_ADDRESS>:32080/download/<URL_ENCODED_PATH>. | 2022-03-11 | not yet calculated | CVE-2022-25216 MISC |
tenable — localmacconfi.asp |
Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) client MAC addresses to (or from) a list of banned hosts. Clients with those MAC addresses are then prevented from accessing either the WAN or the router itself. | 2022-03-10 | not yet calculated | CVE-2022-25215 MISC |
tenable — telnetd_startup |
Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on the local area network to obtain a root shell on the device over telnet. The builds of telnetd_startup included in the version 22.5.9.163 of the K2 firmware, and version 32.1.15.93 of the K3C firmware (possibly amongst many other releases) included both the private and public RSA keys. The remaining versions cited here redacted the private key, but left the public key unchanged. An attacker in possession of the leaked private key may, through a scripted exchange of UDP packets, instruct telnetd_startup to spawn an unauthenticated telnet shell as root, by means of which they can then obtain complete control of the device. A consequence of the limited availablility of firmware images for testing is that models and versions not listed here may share this vulnerability. | 2022-03-10 | not yet calculated | CVE-2022-25217 MISC |
tenable — telnetd_startup |
The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetd_startup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control over the “plaintext” to which an arbitrary blob of ciphertext will be decrypted by OpenSSL’s RSA_public_decrypt() function. This weakness allows the attacker to manipulate the various iterations of the telnetd startup state machine and eventually obtain a root shell on the device, by means of an exchange of crafted UDP packets. In all versions but K2 22.5.9.163 and K3C 32.1.15.93 a successful attack also requires the exploitation of a null-byte interaction error (CVE-2022-25219). | 2022-03-10 | not yet calculated | CVE-2022-25218 MISC |
tenable — telnetd_startup |
A null byte interaction error has been discovered in the code that the telnetd_startup daemon uses to construct a pair of ephemeral passwords that allow a user to spawn a telnet service on the router, and to ensure that the telnet service persists upon reboot. By means of a crafted exchange of UDP packets, an unauthenticated attacker on the local network can leverage this null byte interaction error in such a way as to make those ephemeral passwords predictable (with 1-in-94 odds). Since the attacker must manipulate data processed by the OpenSSL function RSA_public_decrypt(), successful exploitation of this vulnerability depends on the use of an unpadded RSA cipher (CVE-2022-25218). | 2022-03-10 | not yet calculated | CVE-2022-25219 MISC |
microsoft — vp9_video_extensions |
VP9 Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24451. | 2022-03-09 | not yet calculated | CVE-2022-24501 N/A |
samsung_mobile_security — setup_wizard |
Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard. | 2022-03-10 | not yet calculated | CVE-2022-24932 MISC |
abantecart — abantecart |
Abantecart through 1.3.2 allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Catalog>Media Manager>Images settings can be changed by an administrator (e.g., by configuring .php to be a valid image file type). | 2022-03-10 | not yet calculated | CVE-2022-26521 MISC |
ace2 — coloros11 |
In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting in user information disclosure. | 2022-03-11 | not yet calculated | CVE-2021-23246 MISC |
acer — care_center |
Acer Care Center 4.00.30xx before 4.00.3042 contains a local privilege escalation vulnerability. The user process communicates with a service of system authority called ACCsvc through a named pipe. In this case, the Named Pipe is also given Read and Write rights to the general user. In addition, the service program does not verify the user when communicating. A thread may exist with a specific command. When the path of the program to be executed is sent, there is a local privilege escalation in which the service program executes the path with system privileges. | 2022-03-10 | not yet calculated | CVE-2022-24285 MISC |
acer — quickaccess |
Acer QuickAccess 2.01.300x before 2.01.3030 and 3.00.30xx before 3.00.3038 contains a local privilege escalation vulnerability. The user process communicates with a service of system authority through a named pipe. In this case, the Named Pipe is also given Read and Write rights to the general user. In addition, the service program does not verify the user when communicating. A thread may exist with a specific command. When the path of the program to be executed is sent, there is a local privilege escalation in which the service program executes the path with system privileges. | 2022-03-10 | not yet calculated | CVE-2022-24286 MISC |
adobe — after_effects | Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-03-11 | not yet calculated | CVE-2022-24095 MISC |
adobe — after_effects | Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-03-11 | not yet calculated | CVE-2022-24094 MISC |
adobe — after_effects |
Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-03-11 | not yet calculated | CVE-2022-24097 MISC |
adobe — after_effects |
Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by an Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-03-11 | not yet calculated | CVE-2022-24096 MISC |
adobe — illustrator |
Adobe Illustrator version 26.0.3 (and earlier) is affected by a buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in Illustrator. | 2022-03-11 | not yet calculated | CVE-2022-23187 MISC |
adobe — photoshop |
Adobe Photoshop versions 23.1.1 (and earlier) and 22.5.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-03-11 | not yet calculated | CVE-2022-24090 MISC |
alist — alist |
Alist v2.1.0 and below was discovered to contain a cross-site scripting (XSS) vulnerability via /i/:data/ipa.plist. | 2022-03-12 | not yet calculated | CVE-2022-26533 MISC |
amd — cpus |
LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. | 2022-03-11 | not yet calculated | CVE-2021-26401 MISC |
amd — cpus |
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. | 2022-03-11 | not yet calculated | CVE-2021-26341 MISC |
atlassian — jira_server_and_data_center |
This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Server and Data Center allowed remote attackers with system administrator permissions to execute arbitrary code via Template Injection leading to Remote Code Execution (RCE) in the Email Templates feature. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3. | 2022-03-08 | not yet calculated | CVE-2021-43944 N/A |
atune — atune |
atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file. Authentication is not forcibly enabled in the default configuration. | 2022-03-11 | not yet calculated | CVE-2021-33658 CONFIRM |
casaos — casaos |
CasaOS before v0.2.7 was discovered to contain a command injection vulnerability via the component leave or join zerotier api. | 2022-03-10 | not yet calculated | CVE-2022-24193 MISC MISC MISC MISC |
cgi-bin/ej.cgi — cgi-bin/ej.cgi |
A cross-site scripting (XSS) vulnerability in the component cgi-bin/ej.cgi of Ex libris ALEPH 500 v18.1 and v20 allows attackers to execute arbitrary web scripts or HTML. | 2022-03-10 | not yet calculated | CVE-2022-24177 MISC |
citrix — federated_authentication_service |
Citrix Federated Authentication Service (FAS) 7.17 – 10.6 causes deployments that have been configured to store a registration authority certificate’s private key in a Trusted Platform Module (TPM) to incorrectly store that key in the Microsoft Software Key Storage Provider (MSKSP). This issue only occurs if PowerShell was used when configuring FAS to store the registration authority certificate’s private key in the TPM. It does not occur if the TPM was not selected for use or if the FAS administration console was used for configuration. | 2022-03-10 | not yet calculated | CVE-2022-26355 MISC |
cobbler — cobbler |
Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2. | 2022-03-11 | not yet calculated | CVE-2022-0860 CONFIRM MISC |
cockpit — cockpit |
A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon (SSSD). This flaw allows client certificates to authenticate successfully, regardless of the Certificate Revocation List (CRL) configuration or the certificate status. The highest threat from this vulnerability is to confidentiality. | 2022-03-10 | not yet calculated | CVE-2021-3698 MISC |
cockpit — cockpit |
Cockpit (and its plugins) do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an <iFrame> HTML entry. This may be used by a malicious website in clickjacking or similar attacks. | 2022-03-10 | not yet calculated | CVE-2021-3660 MISC MISC MISC |
contact_form_x — contact_form_x |
Reflected Cross-Site Scripting (XSS) vulnerability affecting parameter &tab discovered in Contact Form X WordPress plugin (versions <= 2.4). | 2022-03-11 | not yet calculated | CVE-2022-25601 CONFIRM CONFIRM |
couchbase_operator — couchbase_operator |
Couchbase Operator 2.2.x before 2.2.3 exposes Sensitive Information to an Unauthorized Actor. Secrets are not redacted in logs collected from Kubernetes environments. | 2022-03-10 | not yet calculated | CVE-2022-26311 CONFIRM MISC |
croogo — croogo |
A Remote Code Execution (RCE) vulnerability exists in Croogo 3.0.2via admin/file-manager/attachments, which lets a malicoius user upload a web shell script. | 2022-03-10 | not yet calculated | CVE-2021-44673 MISC |
cx-programmer — cx-programmer | Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25325. | 2022-03-10 | not yet calculated | CVE-2022-25230 MISC |
cx-programmer — cx-programmer | Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25230. | 2022-03-10 | not yet calculated | CVE-2022-25325 MISC |
cx-programmer — cx-programmer |
Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25234. | 2022-03-10 | not yet calculated | CVE-2022-21124 MISC |
cx-programmer — cx-programmer |
Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-21124. | 2022-03-10 | not yet calculated | CVE-2022-25234 MISC |
cx-programmer — cx-programmer |
Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. | 2022-03-10 | not yet calculated | CVE-2022-21219 MISC |
dell — bios | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | 2022-03-11 | not yet calculated | CVE-2022-24416 MISC |
dell — bios | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | 2022-03-11 | not yet calculated | CVE-2022-24419 MISC |
dell — bios | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | 2022-03-11 | not yet calculated | CVE-2022-24420 MISC |
dell — bios | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | 2022-03-11 | not yet calculated | CVE-2022-24421 MISC |
dell — bios |
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | 2022-03-11 | not yet calculated | CVE-2022-24415 MISC |
f-secure — support_tool |
An arbitrary code execution vulnerability was found in the F-Secure Support Tool. A standard user can craft a special configuration file, which when run by administrator can execute any commands. | 2022-03-10 | not yet calculated | CVE-2021-44750 MISC MISC |
fedora — fedora |
A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read this file and leak kernel internal information from a previous panic. The highest threat from this vulnerability is to confidentiality. This flaw affects kexec-tools shipped by Fedora versions prior to 2.0.21-8 and RHEL versions prior to 2.0.20-47. | 2022-03-10 | not yet calculated | CVE-2021-20269 MISC |
fiori — launchpad |
Fiori launchpad – versions 754, 755, 756, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | 2022-03-10 | not yet calculated | CVE-2022-26101 MISC MISC |
freetakserver — freetakserver | FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows attackers to create crafted cookies to bypass authentication or escalate privileges. | 2022-03-11 | not yet calculated | CVE-2022-25510 MISC |
freetakserver — freetakserver | An access control issue in the component /ManageRoute/postRoute of FreeTAKServer v1.9.8 allows unauthenticated attackers to cause a Denial of Service (DoS) via an unusually large amount of created routes, or create unsafe or false routes for legitimate users. | 2022-03-11 | not yet calculated | CVE-2022-25508 MISC |
freetakserver-ui — freetakserver-ui | An issue in the ?filename= argument of the route /DataPackageTable in FreeTAKServer-UI v1.9.8 allows attackers to place arbitrary files anywhere on the system. | 2022-03-11 | not yet calculated | CVE-2022-25511 MISC |
freetakserver-ui — freetakserver-ui | FreeTAKServer-UI v1.9.8 was discovered to contain a SQL injection vulnerability via the API endpoint /AuthenticateUser. | 2022-03-11 | not yet calculated | CVE-2022-25506 MISC |
freetakserver-ui — freetakserver-ui |
FreeTAKServer-UI v1.9.8 was discovered to leak sensitive API and Websocket keys. | 2022-03-11 | not yet calculated | CVE-2022-25512 MISC |
freetakserver-ui — freetakserver-ui |
FreeTAKServer-UI v1.9.8 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Callsign parameter. | 2022-03-11 | not yet calculated | CVE-2022-25507 MISC |
gerapy — gerapy |
An Access Control vunerabiity exists in Gerapy v 0.9.7 via the spider parameter in project_configure function. | 2022-03-10 | not yet calculated | CVE-2021-44597 MISC |
go-gitea — gitea |
Improper Authorization in GitHub repository go-gitea/gitea prior to 1.16.4. | 2022-03-10 | not yet calculated | CVE-2022-0905 CONFIRM MISC |
gogs — gogs |
Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5. | 2022-03-11 | not yet calculated | CVE-2022-0870 MISC CONFIRM |
gogs — gogs |
Improper Authorization in GitHub repository gogs/gogs prior to 0.12.5. | 2022-03-11 | not yet calculated | CVE-2022-0871 MISC CONFIRM |
gpac — gpac |
GPAC 2.0 allows a heap-based buffer overflow in gf_base64_encode. It can be triggered via MP4Box. | 2022-03-12 | not yet calculated | CVE-2022-26967 MISC |
grub2 — grub2 |
A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue, as those users can eventually read any encrypted passwords present in grub.cfg. This flaw affects grub2 2.06 and previous versions. This issue has been fixed in grub upstream but no version with the fix is currently released. | 2022-03-10 | not yet calculated | CVE-2021-3981 MISC FEDORA |
hitachi — aab_power_grids_ellipse_enterprise_asset_management | An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code that would then be run by the web browser. This can result in the compromise of confidential information, or even the takeover of the user’s session. | 2022-03-11 | not yet calculated | CVE-2021-27416 CONFIRM CONFIRM |
hitachi — aab_power_grids_ellipse_enterprise_asset_management |
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials. | 2022-03-11 | not yet calculated | CVE-2021-27414 CONFIRM CONFIRM |
horde — mime_viewer |
lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. This occurs after XSLT rendering. | 2022-03-11 | not yet calculated | CVE-2022-26874 MISC MISC |
huawei — devices | There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system stability. | 2022-03-10 | not yet calculated | CVE-2021-40064 MISC MISC |
huawei — devices | There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization. | 2022-03-10 | not yet calculated | CVE-2021-40049 MISC MISC |
huawei — devices | There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality. | 2022-03-10 | not yet calculated | CVE-2021-40051 MISC MISC |
huawei — devices | There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability. | 2022-03-10 | not yet calculated | CVE-2021-40048 MISC MISC |
huawei — devices | There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability. | 2022-03-10 | not yet calculated | CVE-2021-40052 MISC |
huawei — devices | There is a permission control vulnerability in the Nearby module. Successful exploitation of this vulnerability will affect availability and integrity. | 2022-03-10 | not yet calculated | CVE-2021-40053 MISC |
huawei — devices | There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity. | 2022-03-10 | not yet calculated | CVE-2021-40054 MISC |
huawei — devices | There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity. | 2022-03-10 | not yet calculated | CVE-2021-40055 MISC MISC |
huawei — devices | There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability. | 2022-03-10 | not yet calculated | CVE-2021-40056 MISC |
huawei — devices | There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability. | 2022-03-10 | not yet calculated | CVE-2021-40057 MISC |
huawei — devices | There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability. | 2022-03-10 | not yet calculated | CVE-2021-40058 MISC |
huawei — devices | There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect confidentiality. | 2022-03-10 | not yet calculated | CVE-2021-40059 MISC |
huawei — devices | There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability. | 2022-03-10 | not yet calculated | CVE-2021-40060 MISC |
huawei — devices | There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module. Successful exploitation of this vulnerability may affect integrity. | 2022-03-10 | not yet calculated | CVE-2021-40061 MISC MISC |
huawei — devices | There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability. | 2022-03-10 | not yet calculated | CVE-2021-40062 MISC |
huawei — devices | There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality. | 2022-03-10 | not yet calculated | CVE-2021-40063 MISC MISC |
huawei — devices | There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow. | 2022-03-10 | not yet calculated | CVE-2021-40050 MISC MISC |
huawei — devices |
There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity. | 2022-03-10 | not yet calculated | CVE-2021-40047 MISC MISC |
ibm — aix_and_vios | IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 212950. | 2022-03-07 | not yet calculated | CVE-2021-38988 XF CONFIRM |
ibm — aix_and_vios | IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 212951. | 2022-03-07 | not yet calculated | CVE-2021-38989 XF CONFIRM |
ibm — datapower_gateway |
IBM DataPower Gateway V10CD, 10.0.1, and 2108.4.1 could allow a remote attacker to bypass security restrictions, caused by the improper validation of input. By sending a specially crafted JSON message, an attacker could exploit this vulnerability to modify structure and fields. IBM X-Force ID: 209824. | 2022-03-10 | not yet calculated | CVE-2021-38910 CONFIRM XF |
ibm — guardium_data_encryption |
IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by spreadsheet software. IBM X-Force ID: 213858. | 2022-03-10 | not yet calculated | CVE-2021-39022 CONFIRM XF |
ibm — guardium_data_encryption |
IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 could disclose internal IP address information when the web backend is down. IBM X-Force 213863. | 2022-03-10 | not yet calculated | CVE-2021-39025 XF CONFIRM |
icinga_web_2 — icinga_web_2 | Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including `icingaweb2` configuration files with database credentials. This issue has been resolved in versions 2.9.6 and 2.10 of Icinga Web 2. Database credentials should be rotated. | 2022-03-08 | not yet calculated | CVE-2022-24716 CONFIRM MISC |
icinga_web_2 — icinga_web_2 | Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbitrary code. This issue has been resolved in versions 2.8.6, 2.9.6 and 2.10 of Icinga Web 2. Users unable to upgrade should limit access to the Icinga Web 2 configuration. | 2022-03-08 | not yet calculated | CVE-2022-24715 CONFIRM MISC |
icinga_web_2 — icinga_web_2 |
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Installations of Icinga 2 with the IDO writer enabled are affected. If you use service custom variables in role restrictions, and you regularly decommission service objects, users with said roles may still have access to a collection of content. Note that this only applies if a role has implicitly permitted access to hosts, due to permitted access to at least one of their services. If access to a host is permitted by other means, no sensible information has been disclosed to unauthorized users. This issue has been resolved in versions 2.8.6, 2.9.6 and 2.10 of Icinga Web 2. | 2022-03-08 | not yet calculated | CVE-2022-24714 CONFIRM MISC |
ifilter_ver — ifilter_ver |
Improper check for certificate revocation in i-FILTER Ver.10.45R01 and earlier, i-FILTER Ver.9.50R10 and earlier, i-FILTER Browser & Cloud MultiAgent for Windows Ver.4.93R04 and earlier, and D-SPA (Ver.3 / Ver.4) using i-FILTER allows a remote unauthenticated attacker to conduct a man-in-the-middle attack and eavesdrop on an encrypted communication. | 2022-03-10 | not yet calculated | CVE-2022-21170 MISC MISC MISC MISC MISC MISC |
intel — sgx |
The pointer-validation logic in util/mem_util.rs in Occlum before 0.26.0 for Intel SGX acts as a confused deputy that allows a local attacker to access unauthorized information via side-channel analysis. | 2022-03-10 | not yet calculated | CVE-2021-44421 CONFIRM MISC CONFIRM MISC |
intel — trace_hub |
Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | 2022-03-11 | not yet calculated | CVE-2021-33150 MISC |
ipdio — ipdio |
Persistent cross-site scripting (XSS) in the web interface of ipDIO allows an authenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into specific fields. The XSS payload will be executed when a legitimate user attempts to upload, copy, download, or delete an existing configuration (Administrative Services). | 2022-03-10 | not yet calculated | CVE-2022-24432 MISC |
istio — istio |
Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, istiod, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing when the validating webhook for a cluster is exposed publicly. This endpoint is served over TLS port 15017, but does not require any authentication from the attacker. For simple installations, Istiod is typically only reachable from within the cluster, limiting the blast radius. However, for some deployments, especially [external istiod](https://istio.io/latest/docs/setup/install/external-controlplane/) topologies, this port is exposed over the public internet. This issue has been patched in versions 1.13.2, 1.12.5 and 1.11.8. Users are advised to upgrade. Users unable to upgrade should disable access to a validating webhook that is exposed to the public internet or restrict the set of IP addresses that can query it to a set of known, trusted entities. | 2022-03-10 | not yet calculated | CVE-2022-24726 MISC MISC CONFIRM |
jackson-databind — jackson-databind |
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. | 2022-03-11 | not yet calculated | CVE-2020-36518 MISC |
jboss-client — jboss-client |
A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability. | 2022-03-11 | not yet calculated | CVE-2022-0853 MISC MISC |
jeecg-boot — jceeg-boot |
A Cross Site Scripting (XSS) vulnerabilitiy exits in jeecg-boot 3.0 in /jeecg-boot/jmreport/view with a mouseover event. | 2022-03-10 | not yet calculated | CVE-2021-44585 MISC |
jetson — linux |
NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU configuration may allow an unprivileged attacker with physical access to the board direct read/write access to the entire system address space through the PCI bus. Such an attack could result in denial of service, code execution, escalation of privileges, and impact to data integrity and confidentiality. The scope impact may extend to other components. | 2022-03-11 | not yet calculated | CVE-2022-21819 MISC |
libtiff — libtiff | Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa. | 2022-03-11 | not yet calculated | CVE-2022-0909 MISC MISC CONFIRM |
libtiff — libtiff | Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file. | 2022-03-11 | not yet calculated | CVE-2022-0908 CONFIRM MISC MISC |
libtiff — libtiff |
Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2. | 2022-03-11 | not yet calculated | CVE-2022-0907 MISC CONFIRM MISC |
libtiff — libtiff |
Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4. | 2022-03-11 | not yet calculated | CVE-2022-0924 MISC CONFIRM MISC |
libtiff — libtiff |
Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045. | 2022-03-10 | not yet calculated | CVE-2022-0865 MISC MISC CONFIRM |
libtiff — libtiff |
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact | 2022-03-10 | not yet calculated | CVE-2022-0891 CONFIRM MISC MISC MISC |
linux — linux_kernel | drivers/bluetooth/virtio_bt.c in the Linux kernel before 5.16.3 has a memory leak (socket buffers have memory allocated but not freed). | 2022-03-11 | not yet calculated | CVE-2022-26878 MISC MISC MISC MISC MLIST |
linux — linux_kernel |
A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attacker to crash the system or leak kernel internal information. The highest threat from this vulnerability is to system availability. | 2022-03-10 | not yet calculated | CVE-2021-3739 MISC MISC MISC MISC MISC |
linux — linux_kernel |
An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device. | 2022-03-12 | not yet calculated | CVE-2022-26966 MISC MISC |
linux — linux_kernel |
A flaw was found in the io-workqueue implementation in the Linux kernel versions prior to 5.15-rc1. The kernel can panic when an improper cancellation operation triggers the submission of new io-uring operations during a shortage of free space. This flaw allows a local user with permissions to execute io-uring requests to possibly crash the system. | 2022-03-10 | not yet calculated | CVE-2021-4023 MISC |
linux — linux_kernel |
A security issue was found in Linux kernel’s OverlayFS subsystem where a local attacker who has the ability to mount the TmpFS filesystem with OverlayFS can abuse a logic bug in the overlayfs code which can inadvertently reveal files hidden in the original mount. | 2022-03-10 | not yet calculated | CVE-2021-3732 MISC MISC MISC MISC |
linux — linux_kernel |
A NULL pointer dereference was found in the Linux kernel’s KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVM_XEN_HVM_SET_ATTR ioctl. This flaw affects Linux kernel versions prior to 5.17-rc1. | 2022-03-10 | not yet calculated | CVE-2021-4095 MISC MLIST |
luocms — luocms | Luocms v2.0 is affected by SQL Injection in /admin/link/link_mod.php. | 2022-03-10 | not yet calculated | CVE-2022-24604 MISC |
luocms — luocms | Luocms v2.0 is affected by Cross Site Scripting (XSS) in /admin/news/sort_add.php and /inc/function.php. | 2022-03-10 | not yet calculated | CVE-2022-24608 MISC |
luocms — luocms | Luocms v2.0 is affected by SQL Injection in /admin/news/news_mod.php. | 2022-03-10 | not yet calculated | CVE-2022-24602 MISC |
luocms — luocms | Luocms v2.0 is affected by SQL Injection in /admin/manager/admin_mod.php. An attacker can obtain sensitive information through SQL injection statements. | 2022-03-10 | not yet calculated | CVE-2022-24601 MISC |
luocms — luocms | Luocms v2.0 is affected by SQL Injection in /admin/news/sort_mod.php. | 2022-03-10 | not yet calculated | CVE-2022-24603 MISC |
luocms — luocms | Luocms v2.0 is affected by SQL Injection in /admin/link/link_ok.php. | 2022-03-10 | not yet calculated | CVE-2022-24605 MISC |
luocms — luocms | Luocms v2.0 is affected by SQL Injection in /admin/news/sort_ok.php. | 2022-03-10 | not yet calculated | CVE-2022-24606 MISC |
luocms — luocms | Luocms v2.0 is affected by SQL Injection in /admin/news/news_ok.php. | 2022-03-10 | not yet calculated | CVE-2022-24607 MISC |
luocms — luocms | Luocms v2.0 is affected by an incorrect access control vulnerability. Through /admin/templates/template_manage.php, an attacker can write an arbitrary shell file. | 2022-03-10 | not yet calculated | CVE-2022-24609 MISC |
luocms — luocms |
Luocms v2.0 is affected by SQL Injection through /admin/login.php. An attacker can log in to the background through SQL injection statements. | 2022-03-10 | not yet calculated | CVE-2022-24600 MISC |
maddy — mail_server |
Maddy Mail Server is an open source SMTP compatible email server. Versions of maddy prior to 0.5.4 do not implement password expiry or account expiry checking when authenticating using PAM. Users are advised to upgrade. Users unable to upgrade should manually remove expired accounts via existing filtering mechanisms. | 2022-03-09 | not yet calculated | CVE-2022-24732 MISC CONFIRM |
mattermost — server | A stack overflow bug in the document extractor in Mattermost Server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted Apple Pages document. | 2022-03-10 | not yet calculated | CVE-2022-0904 MISC |
mattermost — server |
A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted POST body. | 2022-03-10 | not yet calculated | CVE-2022-0903 MISC |
microsoft — .net_and_visual_studio |
.NET and Visual Studio Remote Code Execution Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24512 N/A |
microsoft — .net_and_visual_studio |
.NET and Visual Studio Denial of Service Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24464 N/A |
microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24469, CVE-2022-24506, CVE-2022-24515, CVE-2022-24518. | 2022-03-09 | not yet calculated | CVE-2022-24519 N/A |
microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24469, CVE-2022-24506, CVE-2022-24515, CVE-2022-24519. | 2022-03-09 | not yet calculated | CVE-2022-24518 N/A |
microsoft — azure | Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24468, CVE-2022-24470, CVE-2022-24471, CVE-2022-24520. | 2022-03-09 | not yet calculated | CVE-2022-24517 N/A |
microsoft — azure | Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24468, CVE-2022-24471, CVE-2022-24517, CVE-2022-24520. | 2022-03-09 | not yet calculated | CVE-2022-24470 N/A |
microsoft — azure | Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24468, CVE-2022-24470, CVE-2022-24471, CVE-2022-24517. | 2022-03-09 | not yet calculated | CVE-2022-24520 N/A |
microsoft — azure | Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24468, CVE-2022-24470, CVE-2022-24517, CVE-2022-24520. | 2022-03-09 | not yet calculated | CVE-2022-24471 N/A |
microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24506, CVE-2022-24515, CVE-2022-24518, CVE-2022-24519. | 2022-03-09 | not yet calculated | CVE-2022-24469 N/A |
microsoft — azure | Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24470, CVE-2022-24471, CVE-2022-24517, CVE-2022-24520. | 2022-03-09 | not yet calculated | CVE-2022-24468 N/A |
microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24469, CVE-2022-24515, CVE-2022-24518, CVE-2022-24519. | 2022-03-09 | not yet calculated | CVE-2022-24506 N/A |
microsoft — azure |
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24469, CVE-2022-24506, CVE-2022-24518, CVE-2022-24519. | 2022-03-09 | not yet calculated | CVE-2022-24515 N/A |
microsoft — azure |
Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24468, CVE-2022-24470, CVE-2022-24471, CVE-2022-24517, CVE-2022-24520. | 2022-03-09 | not yet calculated | CVE-2022-24467 N/A |
microsoft — defender | Microsoft Defender for IoT Elevation of Privilege Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-23266 N/A |
microsoft — defender |
Microsoft Defender for IoT Remote Code Execution Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-23265 N/A |
microsoft — defender |
Microsoft Defender for Endpoint Spoofing Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-23278 N/A |
microsoft — exchange |
Microsoft Exchange Server Remote Code Execution Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-23277 N/A |
microsoft — exchange_server |
Microsoft Exchange Server Spoofing Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24463 N/A |
microsoft — intune_portal |
Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24465 N/A |
microsoft — media_foundation |
Media Foundation Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22010. | 2022-03-09 | not yet calculated | CVE-2022-21977 N/A |
microsoft — office |
Microsoft Office Word Tampering Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24511 N/A |
microsoft — office_visio | Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24461, CVE-2022-24509. | 2022-03-09 | not yet calculated | CVE-2022-24510 N/A |
microsoft — office_visio | Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24461, CVE-2022-24510. | 2022-03-09 | not yet calculated | CVE-2022-24509 N/A |
microsoft — office_visio |
Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24509, CVE-2022-24510. | 2022-03-09 | not yet calculated | CVE-2022-24461 N/A |
microsoft — pint_3d |
Paint 3D Remote Code Execution Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-23282 N/A |
microsoft — skype |
Skype Extension for Chrome Information Disclosure Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24522 N/A |
microsoft — visual_studio |
Visual Studio Code Spoofing Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24526 N/A |
microsoft — windows | Windows CD-ROM Driver Elevation of Privilege Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24455 N/A |
microsoft — windows | Windows Fax and Scan Service Elevation of Privilege Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24459 N/A |
microsoft — windows | Tablet Windows User Interface Application Elevation of Privilege Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24460 N/A |
microsoft — windows | Windows HTML Platforms Security Feature Bypass Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24502 N/A |
microsoft — windows | Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23283, CVE-2022-23287. | 2022-03-09 | not yet calculated | CVE-2022-24505 N/A |
microsoft — windows | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24507 N/A |
microsoft — windows | Windows SMBv3 Client/Server Remote Code Execution Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24508 N/A |
microsoft — windows | Microsoft Word Security Feature Bypass Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24462 N/A |
microsoft — windows | Windows Fast FAT File System Driver Elevation of Privilege Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-23293 N/A |
microsoft — windows | Windows Event Tracing Remote Code Execution Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-23294 N/A |
microsoft — windows | Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-23297 N/A |
microsoft — windows | Windows Print Spooler Elevation of Privilege Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-23284 N/A |
microsoft — windows | Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23283, CVE-2022-24505. | 2022-03-09 | not yet calculated | CVE-2022-23287 N/A |
microsoft — windows | Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23291. | 2022-03-09 | not yet calculated | CVE-2022-23288 N/A |
microsoft — windows | Windows Inking COM Elevation of Privilege Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-23290 N/A |
microsoft — windows | Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23288. | 2022-03-09 | not yet calculated | CVE-2022-23291 N/A |
microsoft — windows | Windows Installer Elevation of Privilege Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-23296 N/A MISC |
microsoft — windows | Windows PDEV Elevation of Privilege Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-23299 N/A |
microsoft — windows | Windows NT OS Kernel Elevation of Privilege Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-23298 N/A |
microsoft — windows |
Windows Hyper-V Denial of Service Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-21975 N/A |
microsoft — windows |
Windows Common Log File System Driver Information Disclosure Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-23281 N/A |
microsoft — windows |
Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23287, CVE-2022-24505. | 2022-03-09 | not yet calculated | CVE-2022-23283 N/A |
microsoft — windows |
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-23286 N/A |
microsoft — windows |
Windows Update Stack Elevation of Privilege Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24525 N/A |
microsoft — windows |
Windows Security Support Provider Interface Elevation of Privilege Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-24454 N/A |
microsoft — windows_media_center |
Windows Media Center Update Denial of Service Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-21973 N/A |
microsoft — wps_office_for_windows |
The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the service program is installed. | 2022-03-09 | not yet calculated | CVE-2022-25943 CONFIRM MISC JVN |
microsoft — xbox_live |
Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability. | 2022-03-09 | not yet calculated | CVE-2022-21967 N/A |
microweber — microweber | XSS on dynamic_text module in GitHub repository microweber/microweber prior to 1.2.11. | 2022-03-12 | not yet calculated | CVE-2022-0929 MISC CONFIRM |
microweber — microweber | Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.2.11. | 2022-03-11 | not yet calculated | CVE-2022-0912 MISC CONFIRM |
microweber — microweber | Integer Overflow or Wraparound in GitHub repository microweber/microweber prior to 1.3. | 2022-03-11 | not yet calculated | CVE-2022-0913 CONFIRM MISC |
microweber — microweber | Abusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber prior to 1.2.12. | 2022-03-11 | not yet calculated | CVE-2022-0921 MISC CONFIRM |
microweber — microweber | File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12. | 2022-03-12 | not yet calculated | CVE-2022-0926 MISC CONFIRM |
microweber — microweber | File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12. | 2022-03-12 | not yet calculated | CVE-2022-0930 MISC CONFIRM |
microweber — microweber |
Unrestricted file upload leads to stored XSS in GitHub repository microweber/microweber prior to 1.1.12. | 2022-03-10 | not yet calculated | CVE-2022-0906 CONFIRM MISC |
microweber — microweber |
Cross-site Scripting (XSS) – Stored in GitHub repository microweber/microweber prior to 1.2.12. | 2022-03-11 | not yet calculated | CVE-2022-0928 MISC CONFIRM |
microweber — microweber |
Static Code Injection in GitHub repository microweber/microweber prior to 1.3. | 2022-03-10 | not yet calculated | CVE-2022-0895 CONFIRM MISC |
mitel — micollab |
The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). This was exploited in the wild in February and March 2022 for the TP240PhoneHome DDoS attack. | 2022-03-10 | not yet calculated | CVE-2022-26143 MISC MISC MISC MISC MISC MISC MISC |
moodle — moodle | An SQL injection risk existed on sites with MNet enabled and configured, via an XML-RPC call from the connected peer host. Note that this required site administrator access or access to the keypair. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected. | 2022-03-11 | not yet calculated | CVE-2021-32474 MISC |
moodle — moodle | The redirect URI in the LTI authorization endpoint required extra sanitizing to prevent reflected XSS and open redirect risks. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8 and earlier unsupported versions are affected. | 2022-03-11 | not yet calculated | CVE-2021-32478 MISC |
moodle — moodle | ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected. | 2022-03-11 | not yet calculated | CVE-2021-32475 MISC |
moodle — moodle | The last time a user accessed the mobile app is displayed on their profile page, but should be restricted to users with the relevant capability (site administrators by default). Moodle versions 3.10 to 3.10.3 are affected. | 2022-03-11 | not yet calculated | CVE-2021-32477 MISC |
moodle — moodle | Teachers exporting a forum in CSV format could receive a CSV of forums from all courses in some circumstances. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6 and 3.8 to 3.8.8 are affected. | 2022-03-11 | not yet calculated | CVE-2021-32472 MISC |
moodle — moodle | It was possible for a student to view their quiz grade before it had been released, using a quiz web service. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected | 2022-03-11 | not yet calculated | CVE-2021-32473 MISC |
moodle — moodle |
A denial-of-service risk was identified in the draft files area, due to it not respecting user file upload limits. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected. | 2022-03-11 | not yet calculated | CVE-2021-32476 MISC |
mruby — mruby |
NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2. | 2022-03-10 | not yet calculated | CVE-2022-0890 MISC CONFIRM |
myasus — myasus |
The System Diagnosis service of MyASUS before 3.1.2.0 allows privilege escalation. | 2022-03-10 | not yet calculated | CVE-2022-22814 MISC |
nabu_casa — home_assistant_operating_system |
An information leak in Nabu Casa Home Assistant Operating System and Home Assistant Supervised 2022.03 allows a DNS operator to gain knowledge about internal network resources via the hardcoded DNS resolver configuration. | 2022-03-10 | not yet calculated | CVE-2020-36517 MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC |
nacos — nacos | A Cross Site Scripting (XSS) vulnerability exists in Nacos 2.0.3 in auth/users via the (1) pageSize and (2) pageNo parameters. | 2022-03-11 | not yet calculated | CVE-2021-44667 MISC |
nats — nats-server |
NATS nats-server before 2.7.4 allows Directory Traversal (with write access) via an element in a ZIP archive for JetStream streams. nats-streaming-server before 0.24.3 is also affected. | 2022-03-10 | not yet calculated | CVE-2022-26652 CONFIRM MISC CONFIRM MLIST |
network_olympus — network_olympus |
Network Olympus version 1.8.0 allows an authenticated admin user to inject SQL queries in ‘/api/eventinstance’ via the ‘sqlparameter’ JSON parameter. It is also possible to achieve remote code execution in the default installation (PostgreSQL) by exploiting this issue. | 2022-03-10 | not yet calculated | CVE-2022-25225 MISC MISC |
nextcloud — server | Nextcloud server is a self hosted system designed to provide cloud style services. The groupfolders application for Nextcloud allows sharing a folder with a group of people. In addition, it allows setting “advanced permissions” on subfolders, for example, a user could be granted access to the groupfolder but not specific subfolders. Due to a lacking permission check in affected versions, a user could still access these subfolders by copying the groupfolder to another location. It is recommended that the Nextcloud Server is upgraded to 20.0.14, 21.0.6 or 22.2.1. Users unable to upgrade should disable the “groupfolders” application in the admin settings. | 2022-03-08 | not yet calculated | CVE-2021-41241 CONFIRM MISC MISC |
nextcloud — server |
Nextcloud server is a self hosted system designed to provide cloud style services. In affected versions the User Status API did not consider the user enumeration settings by the administrator. This allowed a user to enumerate other users on the instance, even when user listings where disabled. It is recommended that the Nextcloud Server is upgraded to 20.0.14, 21.0.6 or 22.2.1. There are no known workarounds. | 2022-03-08 | not yet calculated | CVE-2021-41239 CONFIRM MISC MISC |
nextcloud — talk |
Nextcloud talk is a self hosting messaging service. In versions prior 12.1.2 an attacker is able to control the link of a geolocation preview in the Nextcloud Talk application due to a lack of validation on the link. This could result in an open-redirect, but required user interaction. This only affected users of the Android Talk client. It is recommended that the Nextcloud Talk App is upgraded to 12.1.2. There are no known workarounds. | 2022-03-08 | not yet calculated | CVE-2021-41180 CONFIRM MISC MISC |
nextcloud — text |
Nextcloud text is a collaborative document editing using Markdown built for the nextcloud server. Due to an issue with the Nextcloud Text application, which is by default shipped with Nextcloud Server, an attacker is able to access the folder names of “File Drop”. For successful exploitation an attacker requires knowledge of the sharing link. It is recommended that users upgrade their Nextcloud Server to 20.0.14, 21.0.6 or 22.2.1. Users unable to upgrade should disable the Nextcloud Text application in the application settings. | 2022-03-10 | not yet calculated | CVE-2021-41233 MISC CONFIRM |
northern.tech — cfengine_enterprise | Northern.tech CFEngine Enterprise before 3.15.5 and 3.18.x before 3.18.1 has Insecure Permissions that may allow unauthorized local users to access the Apache and Mission Portal log files. | 2022-03-10 | not yet calculated | CVE-2021-44216 MISC MISC |
northern.tech — cfengine_enterprise |
Northern.tech CFEngine Enterprise 3.15.4 before 3.15.5 has Insecure Permissions that may allow unauthorized local users to have an unspecified impact. | 2022-03-10 | not yet calculated | CVE-2021-44215 MISC MISC |
nystudio107 — seomatic |
A Server-side Template Injection (SSTI) vulnerability exists in Nystudio107 Seomatic 3.4.12 in src/helpers/UrlHelper.php via the host header. | 2022-03-11 | not yet calculated | CVE-2021-44618 MISC MISC |
onenav — onenav |
An issue in index.php of OneNav v0.9.14 allows attackers to perform directory traversal. | 2022-03-12 | not yet calculated | CVE-2022-26276 MISC |
opensuse — opensuse |
A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build service allowed attackers to present users with a expected login form that then sends the clear text credentials to an attacker specified server. This issue affects: openSUSE Build service login-proxy-scripts versions prior to dc000cdfe9b9b715fb92195b1a57559362f689ef. | 2022-03-09 | not yet calculated | CVE-2021-36777 CONFIRM |
orchardcms — orchardcore | Cross-site Scripting (XSS) – Stored in GitHub repository orchardcms/orchardcore prior to 1.3.0. | 2022-03-11 | not yet calculated | CVE-2022-0820 CONFIRM MISC |
orchardcms — orchardcore |
Cross-site Scripting (XSS) – Reflected in GitHub repository orchardcms/orchardcore prior to 1.3.0. | 2022-03-11 | not yet calculated | CVE-2022-0822 CONFIRM MISC |
orchardcms — orchardcore |
Improper Authorization in GitHub repository orchardcms/orchardcore prior to 1.3.0. | 2022-03-11 | not yet calculated | CVE-2022-0821 CONFIRM MISC |
otris — update_manager |
otris Update Manager 1.2.1.0 allows local users to achieve SYSTEM access via unauthenticated calls to exposed interfaces over a .NET named pipe. A remote attack may be possible as well, by leveraging WsHTTPBinding for HTTP traffic on TCP port 9000. | 2022-03-10 | not yet calculated | CVE-2021-40376 MISC MISC MISC |
overit_geocall — overit_geocall | An issue was discovered in OverIT Geocall before 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XSLT Injection vulnerability. Attackers could exploit this issue to achieve remote code execution. | 2022-03-10 | not yet calculated | CVE-2022-22834 MISC MISC |
overit_geocall — overit_geocall |
An issue was discovered in OverIT Geocall before version 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XXE vulnerability to read arbitrary files from the filesystem. | 2022-03-10 | not yet calculated | CVE-2022-22835 MISC MISC |
panorama_tools — libpano |
Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-bounds read in the function panoParserFindOLine() in parser.c. | 2022-03-10 | not yet calculated | CVE-2021-33293 MISC MISC |
pgjdbc — pgjdbc |
** DISPUTED ** In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat web root. NOTE: the vendor’s position is that there is no pgjdbc vulnerability; instead, it is a vulnerability for any application to use the pgjdbc driver with untrusted connection properties. | 2022-03-10 | not yet calculated | CVE-2022-26520 MISC MISC MISC MISC |
power_line_communications — plc4trucks |
Power Line Communications PLC4TRUCKS J2497 trailer receivers are susceptible to remote RF induced signals. | 2022-03-10 | not yet calculated | CVE-2022-26131 CONFIRM |
power_line_communications — plt4trucks |
Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions. | 2022-03-10 | not yet calculated | CVE-2022-25922 CONFIRM |
proofpoint — insider_threat_management_agent_for_windows |
Proofpoint Insider Threat Management Agent for Windows relies on an inherently dangerous function that could enable an unprivileged local Windows user to run arbitrary code with SYSTEM privileges. All versions prior to 7.12.1 are affected. Agents for MacOS and Linux and Cloud are unaffected. Proofpoint has released fixed software version 7.12.1. The fixed software versions are available through the customer support portal. | 2022-03-10 | not yet calculated | CVE-2022-25294 MISC |
python — python |
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability. | 2022-03-04 | not yet calculated | CVE-2021-3737 MISC MISC MISC MISC MISC MISC |
python — python |
In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2. | 2022-03-10 | not yet calculated | CVE-2022-26488 MISC |
qnx_software_development_platform — qnx_software_development_platform |
An elevation of privilege vulnerability in the QNX Neutrino Kernel of affected versions of QNX Software Development Platform version(s) 6.4.0 to 7.0, QNX Momentics all 6.3.x versions, QNX OS for Safety versions 1.0.0 to 1.0.2, QNX OS for Safety versions 2.0.0 to 2.0.1, QNX for Medical versions 1.0.0 to 1.1.1, and QNX OS for Medical version 2.0.0 could allow an attacker to potentially access data, modify behavior, or permanently crash the system. | 2022-03-10 | not yet calculated | CVE-2021-32025 MISC |
quicklert_for_digium — quickler_for_digium | An arbitrary file upload vulnerability exists in albumimages.jsp in Quicklert for Digium 10.0.0 (1043) via a .mp3;.jsp filename for a file that begins with audio data bytes. It allows an authenticated (low privileged) attacker to execute remote code on the target server within the context of application’s permissions (SYSTEM). | 2022-03-10 | not yet calculated | CVE-2021-43970 MISC MISC |
quicklert_for_digium — quickler_for_digium |
The login.jsp page of Quicklert for Digium 10.0.0 (1043) is affected by both Blind SQL Injection with Out-of-Band Interaction (DNS) and Blind Time-Based SQL Injections. Exploitation can be used to disclose all data within the database (up to and including the administrative accounts’ login IDs and passwords) via the login.jsp uname parameter. | 2022-03-10 | not yet calculated | CVE-2021-43969 MISC MISC |
regex — regex |
regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it’s considered part of the crate’s API. Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it’s possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes. All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5. All users accepting user-controlled regexes are recommended to upgrade immediately to the latest version of the regex crate. Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, it us not recommend to deny known problematic regexes. | 2022-03-08 | not yet calculated | CVE-2022-24713 CONFIRM MISC MISC |
rockcarry — ffjpeg |
The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference. | 2022-03-10 | not yet calculated | CVE-2021-34122 MISC MISC |
saleor– saleor |
Improper Authorization in GitHub repository saleor/saleor prior to 3.1.2. | 2022-03-11 | not yet calculated | CVE-2022-0932 CONFIRM MISC |
samsung — acount |
Improper access control vulnerability in Samsung Account prior to version 13.1.0.1 allows attackers to access to the authcode for sign-in. | 2022-03-10 | not yet calculated | CVE-2022-25825 MISC |
samsung — bixbytouch |
Improper access control vulnerability in BixbyTouch prior to version 2.2.00.6 in China models allows untrusted applications to load arbitrary URL and local files in webview. | 2022-03-10 | not yet calculated | CVE-2022-25824 MISC |
samsung — galaxy_watch_plugin |
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741 allows attackers to access user information in log. | 2022-03-10 | not yet calculated | CVE-2022-25823 MISC |
samsung — galaxy_watch_plugin |
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows attacker to access password information of connected WiFiAp in the log | 2022-03-10 | not yet calculated | CVE-2022-25827 MISC |
samsung — smr | Improper authentication in One UI Home prior to SMR Mar-2022 Release 1 allows attacker to generate pinned-shortcut without user consent. | 2022-03-10 | not yet calculated | CVE-2022-25817 MISC |
samsung — smr | Improper boundary check in UWB stack prior to SMR Mar-2022 Release 1 allows arbitrary code execution. | 2022-03-10 | not yet calculated | CVE-2022-25818 MISC |
samsung — smr | PendingIntent hijacking vulnerability in Weather application prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | 2022-03-10 | not yet calculated | CVE-2022-25815 MISC |
samsung — smr | OOB read vulnerability in hdcp2 device node prior to SMR Mar-2022 Release 1 allow an attacker to view Kernel stack memory. | 2022-03-10 | not yet calculated | CVE-2022-25819 MISC |
samsung — smr | PendingIntent hijacking vulnerability in Wearable Manager Installer prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | 2022-03-10 | not yet calculated | CVE-2022-25814 MISC |
samsung — smr | Improper authentication in Samsung Lock and mask apps setting prior to SMR Mar-2022 Release 1 allows attacker to change enable/disable without authentication | 2022-03-10 | not yet calculated | CVE-2022-25816 MISC |
samsung — smr |
An use after free vulnerability in sdp driver prior to SMR Mar-2022 Release 1 allows kernel crash. | 2022-03-10 | not yet calculated | CVE-2022-25822 MISC |
samsung — smr |
Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB read. | 2022-03-10 | not yet calculated | CVE-2022-25821 MISC |
samsung — smr |
A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows physical attackers to perform brute force attack on screen lock password. | 2022-03-10 | not yet calculated | CVE-2022-25820 MISC |
samsung — watch_active2_plugin |
Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751 allows attacker to access password information of connected WiFiAp in the log | 2022-03-10 | not yet calculated | CVE-2022-25829 MISC |
samsung — watch_active_plugin |
Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows attacker to access password information of connected WiFiAp in the log | 2022-03-10 | not yet calculated | CVE-2022-25828 MISC |
samsung– galaxy_watch3_plugin |
Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751 allows attacker to access password information of connected WiFiAp in the log | 2022-03-10 | not yet calculated | CVE-2022-25830 MISC |
sap — business_objects_business_intelligence_platform |
Under certain conditions SAP Business Objects Business Intelligence Platform – versions 420, 430, allows an authenticated attacker to access information which would otherwise be restricted. | 2022-03-10 | not yet calculated | CVE-2022-24398 MISC MISC |
sap — financial_consolidation |
SAP Financial Consolidation – version 10.1, does not perform necessary authorization checks for updating homepage messages, resulting for an unauthorized user to alter the maintenance system message. | 2022-03-10 | not yet calculated | CVE-2022-26104 MISC MISC |
sap — focused_run |
The SAP Focused Run (Real User Monitoring) – versions 200, 300, REST service does not sufficiently sanitize the input name of the file using multipart/form-data, resulting in Cross-Site Scripting (XSS) vulnerability. | 2022-03-10 | not yet calculated | CVE-2022-24399 MISC MISC |
sap — netweaver |
Under certain conditions, SAP NetWeaver (Real Time Messaging Framework) – version 7.50, allows an attacker to access information which could lead to information gathering for further exploits and attacks. | 2022-03-10 | not yet calculated | CVE-2022-26103 MISC MISC |
sap — netweaver_application_server_for_abap |
Due to missing authorization check, SAP NetWeaver Application Server for ABAP – versions 700, 701, 702, 731, allows an authenticated attacker, to access content on the start screen of any transaction that is available with in the same SAP system even if he/she isn’t authorized for that transaction. A successful exploitation could expose information and in worst case manipulate data before the start screen is executed, resulting in limited impact on confidentiality and integrity of the application. | 2022-03-10 | not yet calculated | CVE-2022-26102 MISC MISC |
sap — netweaver_enterprise_portal |
SAP NetWeaver Enterprise Portal – versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability. | 2022-03-10 | not yet calculated | CVE-2022-24395 MISC MISC |
sap — netweaver_enterprise_portal |
SAP NetWeaver Enterprise Portal – versions 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.This reflected cross-site scripting attack can be used to non-permanently deface or modify displayed content of portal Website. The execution of the script content by a victim registered on the portal could compromise the confidentiality and integrity of victim’s web browser. | 2022-03-10 | not yet calculated | CVE-2022-24397 MISC MISC |
sapcar — sapcar |
SAPCAR – version 7.22, does not contain sufficient input validation on the SAPCAR archive. As a result, the SAPCAR process may crash, and the attacker may obtain privileged access to the system. | 2022-03-10 | not yet calculated | CVE-2022-26100 MISC MISC |
sas — logon_manager |
SAS Logon Manager v9.4 was discovered to contain a vulnerability in the web UI which would allow an attacker to conduct a clickjacking attack. | 2022-03-10 | not yet calculated | CVE-2021-42186 MISC MISC MISC |
sasung — galaxy_s3_plugin |
Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows attacker to access password information of connected WiFiAp in the log | 2022-03-10 | not yet calculated | CVE-2022-25826 MISC |
secomea — gatemanager | Cross-site Scripting (XSS) vulnerability in firmware section of Secomea GateManager allows logged in user to inject javascript in browser session. This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. | 2022-03-11 | not yet calculated | CVE-2021-32009 MISC |
secomea — gatemanager |
This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Permission Issues vulnerability in LinkManager web portal of Secomea GateManager allows logged in LinkManager user to access stored SiteManager backup files. | 2022-03-10 | not yet calculated | CVE-2021-32006 MISC |
sentcms — sentcms | sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload. | 2022-03-10 | not yet calculated | CVE-2022-24652 MISC |
sentcms — sentcms |
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload. | 2022-03-10 | not yet calculated | CVE-2022-24651 MISC |
simowireless — luna_simo | An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It sends the following Personally Identifiable Information (PII) in plaintext using HTTP to servers located in China: user’s list of installed apps and device International Mobile Equipment Identity (IMEI). This PII is transmitted to log.skyroam.com.cn using HTTP, independent of whether the user uses the Simo software. | 2022-03-11 | not yet calculated | CVE-2021-41849 MISC MISC MISC MISC |
simowireless — luna_simo | An issue was discovered in Luna Simo PPR1.180610.011/202001031830. A pre-installed app with a package name of com.skyroam.silverhelper writes three IMEI values to system properties at system startup. The system property values can be obtained via getprop by all third-party applications co-located on the device, even those with no permissions granted, exposing the IMEI values to processes without enforcing any access control. | 2022-03-11 | not yet calculated | CVE-2021-41850 MISC MISC MISC MISC |
simowireless — luna_simo |
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It mishandles software updates such that local third-party apps can provide a spoofed software update file that contains an arbitrary shell script and arbitrary ARM binary, where both will be executed as the root user with an SELinux domain named osi. To exploit this vulnerability, a local third-party app needs to have write access to external storage to write the spoofed update at the expected path. The vulnerable system binary (i.e., /system/bin/osi_bin) does not perform any authentication of the update file beyond ensuring that it is encrypted with an AES key (that is hard-coded in the vulnerable system binary). Processes executing with the osi SELinux domain can programmatically perform the following actions: install apps, grant runtime permissions to apps (including permissions with protection levels of dangerous and development), access extensive Personally Identifiable Information (PII) using the programmatically grant permissions, uninstall apps, set the default launcher app to a malicious launcher app that spoofs other apps, set a network proxy to intercept network traffic, unload kernel modules, set the default keyboard to a keyboard that has keylogging functionality, examine notification contents, send text messages, and more. The spoofed update can optionally contain an arbitrary ARM binary that will be locally stored in internal storage and executed at system startup to achieve persistent code execution as the root user with the osi SELinux domain. This ARM binary will continue to execute at startup even if the app that provided the spoofed update is uninstalled. | 2022-03-11 | not yet calculated | CVE-2021-41848 MISC MISC MISC MISC |
simple-git — simple-git |
The package simple-git before 3.3.0 are vulnerable to Command Injection via argument injection. When calling the .fetch(remote, branch, handlerFn) function, both the remote and branch parameters are passed to the git fetch subcommand. By injecting some git options it was possible to get arbitrary command execution. | 2022-03-11 | not yet calculated | CVE-2022-24433 MISC MISC MISC MISC |
simple_diagnostics_agent — simple_diagnostics_agent |
Simple Diagnostics Agent – versions 1.0 (up to version 1.57.), allows an attacker to access information which would otherwise be restricted via a random port 9000-65535. This allows information gathering which could be used exploit future open-source security exploits. | 2022-03-10 | not yet calculated | CVE-2022-22547 MISC MISC |
simple_diagnostics_agent — simple_diagnostics_agent |
The Simple Diagnostics Agent – versions 1.0 up to version 1.57, does not perform any authentication checks for functionalities that can be accessed via localhost on http port 3005. Due to lack of authentication checks, an attacker could access administrative or other privileged functionalities and read, modify, or delete sensitive information and configurations. | 2022-03-10 | not yet calculated | CVE-2022-24396 MISC MISC |
smartbear — codecollaborator |
SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI which would allow an attacker to conduct a clickjacking attack. | 2022-03-10 | not yet calculated | CVE-2021-41657 MISC MISC MISC |
softing_opc — ua_c++_sdk | An issue was discovered in Softing OPC UA C++ SDK before 5.70. A malformed OPC/UA message abort packet makes the client crash with a NULL pointer dereference. | 2022-03-11 | not yet calculated | CVE-2021-42577 MISC MISC |
softing_opc — ua_c++_sdk |
An issue was discovered in Softing OPC UA C++ SDK before 5.70. An invalid XML element in the type dictionary makes the OPC/UA client crash due to an out-of-memory condition. | 2022-03-11 | not yet calculated | CVE-2021-42262 MISC MISC |
solarwinds — solarwinds |
Sensitive information could be displayed when a detailed technical error message is posted. This information could disclose environmental details about the Web Help Desk installation. | 2022-03-10 | not yet calculated | CVE-2021-35251 MISC MISC |
spectre_bhb — spectre_bhb |
Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim’s hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which can then be used to infer information that should be protected. | 2022-03-10 | not yet calculated | CVE-2022-25368 MISC MISC CONFIRM |
spip — spip | SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated editors to execute arbitrary code. | 2022-03-10 | not yet calculated | CVE-2022-26846 MISC MISC MISC |
spip — spip |
SPIP before 3.2.14 and 4.x before 4.0.5 allows unauthenticated access to information about editorial objects. | 2022-03-10 | not yet calculated | CVE-2022-26847 MISC MISC MISC |
star7th — showdoc |
Cross-site Scripting (XSS) – Stored in GitHub repository star7th/showdoc prior to 2.10.2. | 2022-03-12 | not yet calculated | CVE-2022-0880 MISC CONFIRM |
steelcentral_appinternals_dynamic_sampling_agent — steelcentral_appinternals_dynamic_sampling_agent | It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent’s (DSA) AgentConfigurationServlet has directory traversal vulnerabilities at the “/api/appInternals/1.0/agent/configuration” API. The affected endpoint does not have any input validation of the user’s input that allows a malicious payload to be injected. | 2022-03-10 | not yet calculated | CVE-2021-42787 CONFIRM |
steelcentral_appinternals_dynamic_sampling_agent — steelcentral_appinternals_dynamic_sampling_agent | It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the “.debug_command.config” file to store a json string that contains a list of IDs and pre-configured commands. The config file is subsequently used by the “/api/appInternals/1.0/agent/configuration” API to map the corresponding ID to a command to be executed. | 2022-03-10 | not yet calculated | CVE-2021-42855 CONFIRM |
steelcentral_appinternals_dynamic_sampling_agent — steelcentral_appinternals_dynamic_sampling_agent | It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent’s (DSA) PluginServlet has directory traversal vulnerabilities at the “/api/appInternals/1.0/plugin/pmx” API. The affected endpoint does not have any input validation of the user’s input that allows a malicious payload to be injected. | 2022-03-10 | not yet calculated | CVE-2021-42854 CONFIRM |
steelcentral_appinternals_dynamic_sampling_agent — steelcentral_appinternals_dynamic_sampling_agent | It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent’s (DSA) AgentDiagnosticServlet has directory traversal vulnerability at the “/api/appInternals/1.0/agent/diagnostic/logs” API. The affected endpoint does not have any input validation of the user’s input that allows a malicious payload to be injected. | 2022-03-10 | not yet calculated | CVE-2021-42853 CONFIRM |
steelcentral_appinternals_dynamic_sampling_agent — steelcentral_appinternals_dynamic_sampling_agent |
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code Execution vulnerabilities in multiple instances of the API requests. The affected endpoints do not have any input validation of the user’s input that allowed a malicious payload to be injected. | 2022-03-10 | not yet calculated | CVE-2021-42786 CONFIRM |
steelcentral_appinternals_dynamic_sampling_agent — steelcentral_appinternals_dynamic_sampling_agent |
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent’s (DSA) AgentDaServlet has directory traversal vulnerabilities at the “/api/appInternals/1.0/agent/da/pcf” API. The affected endpoint does not have any validation of the user’s input that allows a malicious payload to be injected. | 2022-03-10 | not yet calculated | CVE-2021-42857 CONFIRM |
suitecrm — suitecrm |
SuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution. Authenticated users with access to the Scheduled Reports module can achieve this by leveraging PHP deserialization in the email_recipients property. By using a crafted request, they can create a malicious report, containing a PHP-deserialization payload in the email_recipients field. Once someone accesses this report, the backend will deserialize the content of the email_recipients field and the payload gets executed. Project dependencies include a number of interesting PHP deserialization gadgets (e.g., Monolog/RCE1 from phpggc) that can be used for Code Execution. | 2022-03-10 | not yet calculated | CVE-2022-23940 MISC MISC |
swagger_ui — swagger_ui |
Swagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions. | 2022-03-11 | not yet calculated | CVE-2018-25031 MISC MISC MISC |
tenda — ax12 | Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_4327CC. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter. | 2022-03-10 | not yet calculated | CVE-2022-25560 MISC |
tenda — ax12 | Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42E328. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter. | 2022-03-10 | not yet calculated | CVE-2022-25556 MISC |
tenda — ax12 |
Tenda AX12 v22.03.01.21 was discovered to contain a stack buffer overflow in the function sub_422CE4. This vulnerability allows attackers to cause a Denial of Service (DoS) via the strcpy parameter. | 2022-03-10 | not yet calculated | CVE-2021-46408 MISC |
tenda — ax12 |
Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42DE00. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter. | 2022-03-10 | not yet calculated | CVE-2022-25561 MISC |
totolink — a3100r |
A Command Injection vulnerability exits in TOTOLINK A3100R <=V4.1.2cu.5050_B20200504 in adm/ntm.asp via the hosTime parameters. | 2022-03-11 | not yet calculated | CVE-2021-44620 MISC MISC MISC |
tp-link — omada_sdn_software_controller |
TP-Link Omada SDN Software Controller before 5.0.15 does not check if the authentication method specified in a connection request is allowed. An attacker can bypass the captive portal authentication process by using the downgraded “no authentication” method, and access the protected network. For example, the attacker can simply set window.authType=0 in client-side JavaScript. | 2022-03-10 | not yet calculated | CVE-2021-44032 MISC MISC MISC |
tp-link — tapo_c200_ip_camera |
TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera. | 2022-03-10 | not yet calculated | CVE-2021-4045 CONFIRM |
trend_micro — password_manager |
Trend Micro Password Manager (Consumer) installer version 5.0.0.1262 and below is vulnerable to an Uncontrolled Search Path Element vulnerability that could allow an attacker to use a specially crafted file to exploit the vulnerability and escalate local privileges on the affected machine. | 2022-03-08 | not yet calculated | CVE-2022-26337 N/A |
trend_micro — portable_security | An installer search patch element vulnerability in Trend Micro Portable Security 3.0 Pro, 3.0 and 2.0 could allow a local attacker to place an arbitrarily generated DLL file in an installer folder to elevate local privileges. Please note: an attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. | 2022-03-08 | not yet calculated | CVE-2022-26319 N/A |
tryton_application_platform — tryton_application_platform | An XXE issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An authenticated user can make the server parse a crafted XML SEPA file to access arbitrary files on the system. | 2022-03-10 | not yet calculated | CVE-2022-26661 MISC MISC MLIST MLIST DEBIAN DEBIAN |
tryton_application_platform — tryton_application_platform |
An XML Entity Expansion (XEE) issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An unauthenticated user can send a crafted XML-RPC message to consume all the resources of the server. | 2022-03-10 | not yet calculated | CVE-2022-26662 MISC MISC MLIST MLIST DEBIAN DEBIAN |
univerge_wa — univerge_wa |
UNIVERGE WA 1020 Ver8.2.11 and prior, UNIVERGE WA 1510 Ver8.2.11 and prior, UNIVERGE WA 1511 Ver8.2.11 and prior, UNIVERGE WA 1512 Ver8.2.11 and prior, UNIVERGE WA 2020 Ver8.2.11 and prior, UNIVERGE WA 2021 Ver8.2.11 and prior, UNIVERGE WA 2610-AP Ver8.2.11 and prior, UNIVERGE WA 2611-AP Ver8.2.11 and prior, UNIVERGE WA 2611E-AP Ver8.2.11 and prior, UNIVERGE WA WA2612-AP Ver8.2.11 and prior allows a remote attacker to execute arbitrary OS commands. | 2022-03-11 | not yet calculated | CVE-2022-25621 MISC |
url-js — url-js |
The package url-js before 2.1.0 are vulnerable to Improper Input Validation due to improper parsing, which makes it is possible for the hostname to be spoofed. http://\\\\\\\\localhost and http://localhost are the same URL. However, the hostname is not parsed as localhost, and the backslash is reflected as it is. | 2022-03-11 | not yet calculated | CVE-2022-25839 CONFIRM CONFIRM |
urlib — abstractbasicauthhandler |
There’s a flaw in urllib’s AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability. | 2022-03-10 | not yet calculated | CVE-2021-3733 MISC MISC MISC MISC MISC |
vault_enterprise — vault_enterprise | “Vault and Vault Enterprise 1.8.0 through 1.8.8, and 1.9.3 allowed the PKI secrets engine under certain configurations to issue wildcard certificates to authorized users for a specified domain, even if the PKI role policy attribute allow_subdomains is set to false. Fixed in Vault Enterprise 1.8.9 and 1.9.4. | 2022-03-10 | not yet calculated | CVE-2022-25243 MISC MISC |
vault_enterprise — vault_enterprise |
Vault Enterprise clusters using the tokenization transform feature can expose the tokenization key through the tokenization key configuration endpoint to authorized operators with `read` permissions on this endpoint. Fixed in Vault Enterprise 1.9.4, 1.8.9 and 1.7.10. | 2022-03-10 | not yet calculated | CVE-2022-25244 MISC MISC |
veritas_system_recovery — veritas_system_recovery |
Veritas System Recovery (VSR) 18 and 21 stores a network destination password in the Windows registry during configuration of the backup configuration. This could allow a Windows user (who has sufficient privileges) to access a network file system that they were not authorized to access. | 2022-03-10 | not yet calculated | CVE-2022-26778 MISC |
watchguard — firebox_and_xtm |
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. | 2022-03-04 | not yet calculated | CVE-2022-26318 CONFIRM |
wavpack — wavpack |
An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. This issue triggered in function WavpackPackSamples of file src/pack_utils.c, tainted variable cnt is too large, that makes pointer sptr read beyond heap bound. | 2022-03-10 | not yet calculated | CVE-2021-44269 MISC |
wire-ios — wire-ios |
Wire-ios is a messaging application using the wire protocol on apple’s ios platform. In versions prior to 3.95 malformed resource identifiers may render the iOS Wire Client completely unusable by causing it to repeatedly crash on launch. These malformed resource identifiers can be generated and sent between Wire users. The root cause lies in [wireapp/wire-ios-transport](https://github.com/wireapp/wire-ios-transport), where code responsible for removing sensible tokens before logging may fail and lead to a crash (Swift exception) of the application. This causes undesirable behavior, however the (greater) Wire system is still functional. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue. | 2022-03-11 | not yet calculated | CVE-2022-23625 MISC MISC CONFIRM |
wireguard — wireguard |
Directory traversal vulnerability in pfSense-pkg-WireGuard pfSense-pkg-WireGuard 0.1.5 versions prior to 0.1.5_4 and pfSense-pkg-WireGuard 0.1.6 versions prior to 0.1.6_1 allows a remote authenticated attacker to lead a pfSense user to view a file outside the public folder. | 2022-03-10 | not yet calculated | CVE-2022-21132 MISC MISC |
wp_google_map — wp_google_map |
Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and Copy Map functions in WP Google Map plugin (versions <= 4.2.3). | 2022-03-11 | not yet calculated | CVE-2022-25600 CONFIRM CONFIRM |
yokogawa_electric — multiple_product | The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00. | 2022-03-11 | not yet calculated | CVE-2022-21194 CONFIRM |
yokogawa_electric — multiple_product | Path traversal vulnerability exists in CAMS for HIS Server contained in the following Yokogawa Electric products: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00. | 2022-03-11 | not yet calculated | CVE-2022-21808 CONFIRM |
yokogawa_electric — multiple_products | CAMS for HIS Log Server contained in the following Yokogawa Electric products fails to properly neutralize log outputs: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, and Exaopc versions from R3.72.00 to R3.79.00. | 2022-03-11 | not yet calculated | CVE-2022-22151 CONFIRM |
yokogawa_electric — multiple_products | ‘Root Service’ service implemented in the following Yokogawa Electric products creates some named pipe with improper ACL configuration. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00. | 2022-03-11 | not yet calculated | CVE-2022-22148 CONFIRM |
yokogawa_electric — multiple_products | CAMS for HIS Log Server contained in the following Yokogawa Electric products is vulnerable to uncontrolled resource consumption. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00. | 2022-03-11 | not yet calculated | CVE-2022-22145 CONFIRM |
yokogawa_electric — multiple_products | ‘Long-term Data Archive Package’ service implemented in the following Yokogawa Electric products creates some named pipe with imporper ACL configuration. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00. | 2022-03-11 | not yet calculated | CVE-2022-22141 CONFIRM |
yokogawa_electric — multiple_products | The following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00 | 2022-03-11 | not yet calculated | CVE-2022-23402 CONFIRM |
yokogawa_electric — multiple_products | There is a path traversal vulnerability in CAMS for HIS Log Server contained in the following Yokogawa Electric products: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, andfrom R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00. | 2022-03-11 | not yet calculated | CVE-2022-21177 CONFIRM |
yokogawa_electric — multiple_products | CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate the receiving packets. The authentication may be bypassed via some crafted packets: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, and Exaopc versions from R3.72.00 to R3.79.00. | 2022-03-11 | not yet calculated | CVE-2022-22729 CONFIRM |
yokogawa_electric — multiple_products |
The following Yokogawa Electric products contain insecure DLL loading issues. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00. | 2022-03-11 | not yet calculated | CVE-2022-23401 CONFIRM |
yxmcms — yzmcms |
YzmCMS v6.3 is affected by broken access control. Without login, unauthorized access to the user’s personal home page can be realized. It is necessary to judge the user’s login status before accessing the personal home page, but the vulnerability can access other users’ home pages through the non login status because real authentication is not carried out. | 2022-03-10 | not yet calculated | CVE-2022-23383 MISC MISC MISC |
This product is provided subject to this Notification and this Privacy & Use policy.
Please share your thoughts.
CISA recently updated an anonymous product survey;they’d welcome your feedback.