US-CERT Bulletin (SB22-136):Vulnerability Summary for the Week of May 9, 2022
Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
High Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
adobe — photoshop | Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-06 | 9.3 | CVE-2022-23205 MISC |
adobe — photoshop | Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an improper input validation vulnerability when parsing a PCX file that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PCX file. | 2022-05-06 | 9.3 | CVE-2022-24098 MISC |
adobe — photoshop | Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious U3D file. | 2022-05-06 | 9.3 | CVE-2022-24105 MISC |
adobe — after_effects | Adobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in After Effects. | 2022-05-06 | 9.3 | CVE-2022-27783 MISC |
adobe — photoshop | Adobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in After Effects. | 2022-05-06 | 9.3 | CVE-2022-27784 MISC |
adobe — photoshop | Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious SVG file. | 2022-05-06 | 9.3 | CVE-2022-28270 MISC |
adobe — photoshop | Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. | 2022-05-06 | 9.3 | CVE-2022-28271 MISC |
adobe — photoshop | Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-06 | 9.3 | CVE-2022-28272 MISC |
adobe — photoshop | Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-06 | 9.3 | CVE-2022-28273 MISC |
edmonsoft — countdown_builder | Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-06 | 9.3 | CVE-2022-28274 MISC |
edmonsoft — countdown_builder | Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-06 | 9.3 | CVE-2022-28275 MISC |
edmonsoft — countdown_builder | Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-06 | 9.3 | CVE-2022-28276 MISC |
edmonsoft — countdown_builder | Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. | 2022-05-06 | 9.3 | CVE-2022-28277 MISC |
piwigo — piwigo | SQL Injection vulnerability in cat_move.php in piwigo v2.9.5, via the selection parameter to move_categories. | 2022-05-06 | 7.5 | CVE-2020-19213 MISC |
broadcom — sannav | In Brocade SANnav before Brocade SANnav 2.2.0, multiple endpoints associated with Zone management are susceptible to SQL injection, allowing an attacker to run arbitrary SQL commands. | 2022-05-06 | 7.5 | CVE-2022-28163 MISC |
edmonsoft — countdown_builder | Pro Features Lock Bypass vulnerability in Countdown & Clock plugin <= 2.3.2 at WordPress. | 2022-05-06 | 7.5 | CVE-2022-29423 CONFIRM CONFIRM |
webkitgtk — webkitgtk | In WebKitGTK through 2.36.0 (and WPE WebKit), there is a use-after-free in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp. | 2022-05-06 | 7.5 | CVE-2022-30294 MISC MISC |
Medium Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
piwigo — piwigo | SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=user_perm. | 2022-05-06 | 6.5 | CVE-2020-19215 MISC |
piwigo — piwigo | SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=group_perm. | 2022-05-06 | 6.5 | CVE-2020-19216 MISC |
piwigo — piwigo | SQL Injection vulnerability in admin/batch_manager.php in piwigo v2.9.5, via the filter_category parameter to admin.php?page=batch_manager. | 2022-05-06 | 6.5 | CVE-2020-19217 MISC |
fluxcd — flux2 | Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious `kustomization.yaml` allows an attacker to expose sensitive data from the controller’s pod filesystem and possibly privilege escalation in multi-tenancy deployments. Workarounds include automated tooling in the user’s CI/CD pipeline to validate `kustomization.yaml` files conform with specific policies. This vulnerability is fixed in kustomize-controller v0.24.0 and included in flux2 v0.29.0. | 2022-05-06 | 6.5 | CVE-2022-24877 CONFIRM |
kubernetes — ingress-nginx | A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. | 2022-05-06 | 5.5 | CVE-2021-25746 MISC MISC |
webkitgtk — webkitgtk | In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp. | 2022-05-06 | 5.1 | CVE-2022-30293 MISC MISC |
adobe — photoshop | Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-06 | 4.3 | CVE-2022-24099 MISC |
contao — contao | Contao is a powerful open source CMS that allows you to create professional websites and scalable web applications. In versions of Contao prior to 4.13.3 it is possible to inject code into the canonical tag. As a workaround users may disable canonical tags in the root page settings. | 2022-05-06 | 4.3 | CVE-2022-24899 CONFIRM MISC MISC |
splunk — splunk | The Monitoring Console app configured in Distributed mode allows for a Reflected XSS in a query parameter in Splunk Enterprise versions before 8.1.4. The Monitoring Console app is a bundled app included in Splunk Enterprise, not for download on SplunkBase, and not installed on Splunk Cloud Platform instances. Note that the Cloud Monitoring Console is not impacted. | 2022-05-06 | 4.3 | CVE-2022-27183 MISC MISC |
piwigo — piwigo | SQL Injection vulnerability in admin/group_list.php in piwigo v2.9.5, via the group parameter to delete. | 2022-05-06 | 4 | CVE-2020-19212 MISC |
broadcom — sannav | IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved. IBM X-Force ID: 213865. | 2022-05-06 | 4 | CVE-2021-39027 XF CONFIRM |
fluxcd — flux2 | Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious `kustomization.yaml` allows an attacker to cause a Denial of Service at the controller level. Workarounds include automated tooling in the user’s CI/CD pipeline to validate `kustomization.yaml` files conform with specific policies. This vulnerability is fixed in kustomize-controller v0.24.0 and included in flux2 v0.29.0. Users are recommended to upgrade. | 2022-05-06 | 4 | CVE-2022-24878 CONFIRM |
broadcom — sannav | Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm for the storage of passwords. This could allow an authenticated attacker to decrypt stored account passwords. | 2022-05-06 | 4 | CVE-2022-28164 MISC |
Low Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
google-news-sitemap_project — google-news-sitemap | Stored Cross-Site Scripting (XSS) vulnerability in Andrea Pernici News Sitemap for Google plugin <= 1.0.16 on WordPress, attackers must have contributor or higher user role. | 2022-05-06 | 3.5 | CVE-2021-36912 CONFIRM CONFIRM |
bdt-121_project — bdt-121_firmware | Dragon Path Technologies Bharti Airtel Routers Hardware BDT-121 version 1.0 is vulnerable to Cross Site Scripting (XSS) via Dragon path router admin page. | 2022-05-06 | 3.5 | CVE-2022-28507 MISC MISC |
Severity Not Yet Assigned
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
admesh — admesg |
ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_connects_remove_1 (called from stl_remove_degenerate) in connect.c in libadmesh.a. | 2022-05-08 | not yet calculated | CVE-2018-25033 MISC |
wordpress — wpgraphql_wordpress_plugin |
The WPGraphQL WordPress plugin before 0.3.5 doesn’t properly restrict access to information about other users’ roles on the affected site. Because of this, a remote attacker could forge a GraphQL query to retrieve the account roles of every user on the site. | 2022-05-09 | not yet calculated | CVE-2019-25060 MISC MISC |
bludit — bludit |
An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows attackers to upload arbitrary files. | 2022-05-11 | not yet calculated | CVE-2020-19228 MISC MISC |
microstrategy — web_sdk | A Server-Side Request Forgery (SSRF) vulnerability exists in MicroStrategy Web SDK 11.1 and earlier, allows remote unauthenticated attackers to conduct a server-side request forgery (SSRF) attack via the srcURL parameter to the shortURL task. | 2022-05-13 | not yet calculated | CVE-2020-22983 MISC MISC MISC MISC MISC |
microstrategy — web_sdk | Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via key parameter to the getGoogleExtraConfig task. | 2022-05-12 | not yet calculated | CVE-2020-22984 MISC MISC MISC MISC |
microstrategy — web_sdk |
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task. | 2022-05-12 | not yet calculated | CVE-2020-22985 MISC MISC MISC MISC |
microstrategy — web_sdk |
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the searchString parameter to the wikiScrapper task. | 2022-05-12 | not yet calculated | CVE-2020-22986 MISC MISC MISC MISC MISC |
microstrategy — web_sdk |
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the fileToUpload parameter to the uploadFile task. | 2022-05-12 | not yet calculated | CVE-2020-22987 MISC MISC MISC MISC |
intel — manageability_commander |
Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. | 2022-05-12 | not yet calculated | CVE-2021-0126 MISC |
intel — bios_firmware |
Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. | 2022-05-12 | not yet calculated | CVE-2021-0153 MISC |
intel — bios_firmware |
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. | 2022-05-12 | not yet calculated | CVE-2021-0154 MISC |
intel — bios_firmware |
Unchecked return value in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | 2022-05-12 | not yet calculated | CVE-2021-0155 MISC |
intel — bios_authenticated_code_module |
Improper input validation in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. | 2022-05-12 | not yet calculated | CVE-2021-0159 MISC |
intel — bios_firmware |
Return of pointer value outside of expected range in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. | 2022-05-12 | not yet calculated | CVE-2021-0188 MISC |
intel — bios_firmware |
Use of out-of-range pointer offset in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. | 2022-05-12 | not yet calculated | CVE-2021-0189 MISC |
intel — bios_firmware |
Uncaught exception in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. | 2022-05-12 | not yet calculated | CVE-2021-0190 MISC |
intel — in-band_manageability_software |
Improper authentication in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access. | 2022-05-12 | not yet calculated | CVE-2021-0193 MISC |
intel — in-band_manageability_software |
Improper access control in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access. | 2022-05-12 | not yet calculated | CVE-2021-0194 MISC |
ibm — cloud_pak_system |
IBM Cloud Pak System 2.3.0 through 2.3.3.3 Interim Fix 1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 197498. | 2022-05-09 | not yet calculated | CVE-2021-20479 XF CONFIRM |
b&r — automation_runtime_webserver |
Buffer Overflow vulnerability in B&R Automation Runtime webserver allows an unauthenticated network-based attacker to stop the cyclic program on the device and cause a denial of service. | 2022-05-13 | not yet calculated | CVE-2021-22275 MISC |
microfocus — access_manager |
A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0 | 2022-05-12 | not yet calculated | CVE-2021-22531 MISC |
intel — killer_control_center_software |
Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4.3337.0 may allow an authorized user to potentially enable escalation of privilege via local access. | 2022-05-12 | not yet calculated | CVE-2021-26258 MISC |
amd — smm |
Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify SPI flash resulting in a potential arbitrary code execution. | 2022-05-12 | not yet calculated | CVE-2021-26317 MISC |
amd — sev-es_tmr |
A bug with the SEV-ES TMR may lead to a potential loss of memory integrity for SNP-active VMs. | 2022-05-10 | not yet calculated | CVE-2021-26324 MISC |
amd — sev-es_tmr |
Failure to verify SEV-ES TMR is not in MMIO space, SEV-ES FW could result in a potential loss of integrity or availability. | 2022-05-10 | not yet calculated | CVE-2021-26332 MISC |
amd — core_logic |
A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers. | 2022-05-11 | not yet calculated | CVE-2021-26339 MISC MISC |
amd — sev |
In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for disclosure of SEV guest memory contents. Users of SEV-ES/SEV-SNP guest VMs are not impacted by this vulnerability. | 2022-05-11 | not yet calculated | CVE-2021-26342 MISC |
amd — system_management_unit |
TOCTOU (time-of-check to time-of-use) issue in the System Management Unit (SMU) may result in a DMA (Direct Memory Access) to invalid DRAM address that could result in denial of service. | 2022-05-11 | not yet calculated | CVE-2021-26347 MISC |
amd — gen_amd_epyc |
Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity. | 2022-05-11 | not yet calculated | CVE-2021-26348 MISC |
amd — gen_amd_epyc |
Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA). | 2022-05-11 | not yet calculated | CVE-2021-26349 MISC |
amd — gen_amd_epyc |
A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a message port register which may result in a potential denial of service. | 2022-05-11 | not yet calculated | CVE-2021-26350 MISC |
amd — system_management_unit |
Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA (Direct Memory Access) read/write from/to invalid DRAM address that could result in denial of service. | 2022-05-12 | not yet calculated | CVE-2021-26351 MISC |
amd — system_management_unit |
Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service. | 2022-05-10 | not yet calculated | CVE-2021-26352 MISC |
amd — gen_amd_epyc |
Due to a mishandled error, it is possible to leave the DRTM UApp in a partially initialized state, which can result in unchecked memory writes when the UApp handles subsequent mailbox commands. | 2022-05-10 | not yet calculated | CVE-2021-26353 MISC |
amd — gen_amd_epyc |
A malicious or compromised User Application (UApp) or AGESA Boot Loader (ABL) could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure. | 2022-05-12 | not yet calculated | CVE-2021-26361 MISC |
amd — gen_amd_epyc |
A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call which results in mapping sensitive System Management Network (SMN) registers leading to a loss of integrity and availability. | 2022-05-12 | not yet calculated | CVE-2021-26362 MISC |
amd — gen_amd_epyc | A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the fenced area, potentially leading to data exposure. | 2022-05-12 | not yet calculated | CVE-2021-26363 MISC |
amd — gen_amd_epyc |
Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service. | 2022-05-11 | not yet calculated | CVE-2021-26364 MISC |
amd — gen_amd_epyc |
An attacker, who gained elevated privileges via some other vulnerability, may be able to read data from Boot ROM resulting in a loss of system integrity. | 2022-05-12 | not yet calculated | CVE-2021-26366 MISC |
amd — trusted_os |
Insufficient check of the process type in Trusted OS (TOS) may allow an attacker with privileges to enable a lesser privileged process to unmap memory owned by a higher privileged process resulting in a denial of service. | 2022-05-12 | not yet calculated | CVE-2021-26368 MISC |
amd — gen_amd_epyc |
A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses. | 2022-05-12 | not yet calculated | CVE-2021-26369 MISC |
amd — gen_amd_epyc |
Improper validation of destination address in SVC_LOAD_FW_IMAGE_BY_INSTANCE and SVC_LOAD_BINARY_BY_ATTRIB in a malicious UApp or ABL may allow an attacker to overwrite arbitrary bootloader memory with SPI ROM contents resulting in a loss of integrity and availability. | 2022-05-10 | not yet calculated | CVE-2021-26370 MISC |
amd — system_management_unit |
Insufficient bound checks related to PCIE in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service. | 2022-05-11 | not yet calculated | CVE-2021-26372 MISC MISC |
simple_management_unit — simple_management_unit | Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service. | 2022-05-11 | not yet calculated | CVE-2021-26373 MISC MISC |
system_management_unit — system_management_unit | Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service. | 2022-05-11 | not yet calculated | CVE-2021-26375 MISC MISC |
system_management_unit — system_management_unit | Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling features potentially resulting in denial of resources and/or denial of service. | 2022-05-11 | not yet calculated | CVE-2021-26376 MISC MISC |
system_management_unit — system_management_unit | Insufficient bound checks in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service. | 2022-05-11 | not yet calculated | CVE-2021-26378 MISC MISC |
amd — amd_ryzen |
A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call to the Stage 2 Bootloader potentially leading to corrupt memory and code execution. | 2022-05-12 | not yet calculated | CVE-2021-26386 MISC |
amd — bios_directory |
Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial of service. | 2022-05-11 | not yet calculated | CVE-2021-26388 MISC MISC |
amd — amd_ryzen | A malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data. | 2022-05-10 | not yet calculated | CVE-2021-26390 MISC |
amd — amd_ryzen | AMD processors may speculatively re-order load instructions which can result in stale data being observed when multiple processors are operating on shared memory, resulting in potential data leakage. | 2022-05-11 | not yet calculated | CVE-2021-26400 MISC |
amd — sev-legacy |
Insufficient validation of elliptic curve points in SEV-legacy firmware may compromise SEV-legacy guest migration potentially resulting in loss of guest’s integrity or confidentiality. | 2022-05-10 | not yet calculated | CVE-2021-26408 MISC |
eipstackgroup — opener_ethernet/ip |
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may cause a denial-of-service condition. | 2022-05-12 | not yet calculated | CVE-2021-27478 CONFIRM CONFIRM |
eipstackgroup — opener_ethernet/ip | A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may allow the attacker to read arbitrary data. | 2022-05-12 | not yet calculated | CVE-2021-27482 CONFIRM CONFIRM |
eipstackgroup — opener_ethernet/ip | A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition. | 2022-05-12 | not yet calculated | CVE-2021-27498 CONFIRM CONFIRM |
eipstackgroup — opener_ethernet/ip | A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition. | 2022-05-12 | not yet calculated | CVE-2021-27500 CONFIRM CONFIRM |
myscada — mypro |
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive directory listing information. | 2022-05-13 | not yet calculated | CVE-2021-27505 MISC CONFIRM |
hcl_software — hcl_bigfix_webui |
Cookie without HTTPONLY flag set. NUMBER cookie(s) was set without Secure or HTTPOnly flags. The images show the cookie with the missing flag. (WebUI) | 2022-05-06 | not yet calculated | CVE-2021-27764 CONFIRM |
hcl_software — hcl_bigfix_server_api |
The BigFix Server API installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed. | 2022-05-06 | not yet calculated | CVE-2021-27765 CONFIRM MISC |
hcl_software — hcl_bigfix_client_installer |
The BigFix Client installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed. | 2022-05-06 | not yet calculated | CVE-2021-27766 CONFIRM MISC |
hcl_software — hcl_bigfix_console_installer |
The BigFix Console installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed. | 2022-05-06 | not yet calculated | CVE-2021-27767 CONFIRM MISC |
hcl_software — android |
Using the ability to perform a Man-in-the-Middle (MITM) attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted. In this specific scenario, the application’s network traffic was intercepted using a proxy server set up in ‘transparent’ mode while a certificate with an invalid hostname was active. The Android application was found to have hostname verification issues during the server setup and login flows; however, the application did not process requests post-login. | 2022-05-12 | not yet calculated | CVE-2021-27768 MISC |
hcl_software — sametime |
Information leakage occurs when a website reveals information that could aid an attacker to further exploit the system. This information may or may not be sensitive and does not automatically mean a breach is likely to occur. Overall, any information that could be used for an attack should be limited whenever possible. | 2022-05-12 | not yet calculated | CVE-2021-27769 MISC |
hcl_software — sametime |
The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded URL which is then requested by the webserver. We assume this service is used by the “meetings”-function where users can specify an external URL where the online meeting will take place. | 2022-05-12 | not yet calculated | CVE-2021-27770 MISC |
hcl_software — sametime |
User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID (SID). This value is also used when sending chat messages, receiving notifications and/or transferring files. | 2022-05-12 | not yet calculated | CVE-2021-27771 MISC |
hcl_software — sametime |
Users are able to read group conversations without actively taking part in them. Next to one to one conversations, users are able to start group conversations with multiple users. It was found possible to obtain the contents of these group conversations without being part of it. This could lead to information leakage where confidential information discussed in private groups is read by other users without the users knowledge. | 2022-05-12 | not yet calculated | CVE-2021-27772 MISC |
hcl_software — sametime | This vulnerability allows users to execute a clickjacking attack in the meeting’s chat. | 2022-05-12 | not yet calculated | CVE-2021-27773 MISC |
hcl_software — unica_platform |
XML External Entity (XXE) injection vulnerabilities occur when poorly configured XML parsers process user supplied input without sufficient validation. Attackers can exploit this vulnerability to manipulate XML content and inject malicious external entity references. | 2022-05-12 | not yet calculated | CVE-2021-27777 MISC |
skoruba — skoruba |
A cross-site scripting (XSS) vulnerability in Skoruba IdentityServer4.Admin before 2.0.0 via unencoded value passed to the data-secret-value parameter. | 2022-05-11 | not yet calculated | CVE-2021-28290 MISC |
gaia_portal — multiple_products | The Check Point Gaia Portal’s GUI Clients allowed authenticated administrators with permission for the GUI Clients settings to inject a command that would run on the Gaia OS. | 2022-05-11 | not yet calculated | CVE-2021-30361 MISC |
review_board — review_board |
A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent. | 2022-05-11 | not yet calculated | CVE-2021-31330 MISC MISC MISC MISC |
asus — dsl-n14u-b1 |
Asus DSL-N14U-B1 1.1.2.3_805 allows remote attackers to cause a Denial of Service (DoS) via a TCP SYN scan using nmap. | 2022-05-11 | not yet calculated | CVE-2021-3254 MISC MISC |
myscada — mypro |
mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to arbitrary directories. | 2022-05-13 | not yet calculated | CVE-2021-33005 MISC CONFIRM |
myscada — mypro |
mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to the file system. | 2022-05-13 | not yet calculated | CVE-2021-33009 MISC CONFIRM |
myscada — mypro |
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive system information. | 2022-05-13 | not yet calculated | CVE-2021-33013 MISC CONFIRM |
intel — multiple_products |
Improper resource shutdown or release in firmware for some Intel(R) SSD, Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC may allow a privileged user to potentially enable denial of service via local access. | 2022-05-12 | not yet calculated | CVE-2021-33069 MISC |
intel — multiple_products | Protection mechanism failure in firmware for some Intel(R) SSD, Intel(R) SSD DC and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access. | 2022-05-12 | not yet calculated | CVE-2021-33074 MISC |
intel — multiple_products |
Race condition in firmware for some Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products may allow a privileged user to potentially enable denial of service via local access. | 2022-05-12 | not yet calculated | CVE-2021-33075 MISC |
intel — multiple_products |
Insufficient control flow management in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | 2022-05-12 | not yet calculated | CVE-2021-33077 MISC |
intel — multiple_products |
Race condition within a thread in firmware for some Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow a privileged user to potentially enable denial of service via local access. | 2022-05-12 | not yet calculated | CVE-2021-33078 MISC |
intel — multiple_products |
Exposure of sensitive system information due to uncleared debug information in firmware for some Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products may allow an unauthenticated user to potentially enable information disclosure or escalation of privilege via physical access. | 2022-05-12 | not yet calculated | CVE-2021-33080 MISC |
intel — multiple_products |
Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access. | 2022-05-12 | not yet calculated | CVE-2021-33082 MISC |
intel — multiple_products | Improper authentication in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products may allow an privileged user to potentially enable information disclosure via local access. | 2022-05-12 | not yet calculated | CVE-2021-33083 MISC |
intel — bios |
Unintended intermediary in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. | 2022-05-12 | not yet calculated | CVE-2021-33103 MISC |
intel — in-band_manageability_softwae |
Improper input validation in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via local access. | 2022-05-12 | not yet calculated | CVE-2021-33108 MISC |
intel — xeon |
Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access. | 2022-05-12 | not yet calculated | CVE-2021-33117 MISC |
intel — bios |
Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. | 2022-05-12 | not yet calculated | CVE-2021-33122 MISC |
intel — bios | Improper access control in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. | 2022-05-12 | not yet calculated | CVE-2021-33123 MISC |
intel — bios | Out-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. | 2022-05-12 | not yet calculated | CVE-2021-33124 MISC |
intel — realsense_id_solution_f450 |
Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical access. | 2022-05-12 | not yet calculated | CVE-2021-33130 MISC |
intel — linux_kernel_drivers |
Uncontrolled resource consumption in the Linux kernel drivers for Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access. | 2022-05-12 | not yet calculated | CVE-2021-33135 MISC |
intel — processors |
Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | 2022-05-12 | not yet calculated | CVE-2021-33149 MISC |
trendnet — ti-pg1284i_switch |
The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of PortID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access. | 2022-05-11 | not yet calculated | CVE-2021-33315 MISC |
trendnet — ti-pg1284i_switch |
The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of ChassisID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access. | 2022-05-11 | not yet calculated | CVE-2021-33316 MISC |
trendnet — ti-pg1284i_switch | The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if ChassisID TLV is contained in the packet, by sending a crafted lldp packet to the device, an attacker can crash the process due to null pointer dereference. | 2022-05-11 | not yet calculated | CVE-2021-33317 MISC |
mp3gain — mp3gain |
Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, a different vulnerability than CVE-2017-9872. CVE-2017-14409, and CVE-2018-10778. | 2022-05-11 | not yet calculated | CVE-2021-34085 MISC |
xinje — xinje |
A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file. This vulnerability can be triggered by manually opening an infected project file, or by initiating an upload program request from an infected Xinje PLC. This can result in remote code execution, information disclosure and denial of service of the system running the XINJE XD/E Series PLC Program Tool. | 2022-05-11 | not yet calculated | CVE-2021-34605 CONFIRM |
xinje — xinje |
A vulnerability exists in XINJE XD/E Series PLC Program Tool in versions up to v3.5.1 that can allow an authenticated, local attacker to load a malicious DLL. Local access is required to successfully exploit this vulnerability. This means the potential attacker must have access to the system and sufficient file-write privileges. If exploited, the attacker could place a malicious DLL file on the system, that when running XINJE XD/E Series PLC Program Tool will allow the attacker to execute arbitrary code with the privileges of another user’s account. | 2022-05-11 | not yet calculated | CVE-2021-34606 CONFIRM |
qemu — intel_hd_audio_device |
A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0. | 2022-05-11 | not yet calculated | CVE-2021-3611 MISC MISC |
mikrotik — routeros |
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | 2022-05-11 | not yet calculated | CVE-2021-36613 MISC |
mikrotik — routeros |
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | 2022-05-11 | not yet calculated | CVE-2021-36614 MISC |
eset — multiple_products |
Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0; 6.0 versions prior to 8.1.2050.0; 6.0 versions prior to 8.0.2053.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0; 6.0 versions prior to 8.1.2050.0; 6.0 versions prior to 8.0.2053.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0. | 2022-05-11 | not yet calculated | CVE-2021-37851 MISC |
ibm — spectrum_virtualize |
IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. IBM X-Force ID: 212609. | 2022-05-11 | not yet calculated | CVE-2021-38969 CONFIRM XF |
ibm — guardian_data_encryption |
IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213862. | 2022-05-10 | not yet calculated | CVE-2021-39024 XF CONFIRM |
ibm — jazz_foundation |
IBM Jazz Foundation (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214619. | 2022-05-11 | not yet calculated | CVE-2021-39059 CONFIRM XF |
android — setstream |
In setStream of WallpaperManager.java, there is a possible way to cause a permanent DoS due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-204087139 | 2022-05-10 | not yet calculated | CVE-2021-39670 MISC |
android — android |
In the policies of adbd.te, there was a logic error which caused the CTS Listening Ports Test to report invalid results. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-201645790 | 2022-05-10 | not yet calculated | CVE-2021-39700 MISC |
android — carsetting |
In CarSetings, there is a possible to pair BT device bypassing user’s consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-216190509 | 2022-05-10 | not yet calculated | CVE-2021-39738 MISC |
cisco — wps_spreadsheets |
An exploitable use-after-free vulnerability exists in WPS Spreadsheets ( ET ) as part of WPS Office, version 11.2.0.10351. A specially-crafted XLS file can cause a use-after-free condition, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | 2022-05-12 | not yet calculated | CVE-2021-40399 MISC CONFIRM |
siemens — desigo |
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). When the controller receives a specific BACnet protocol packet, an exception causes the BACnet communication function to go into a “out of work” state and could result in the controller going into a “factory reset” state. | 2022-05-10 | not yet calculated | CVE-2021-41545 MISC |
ramda — ramda |
Prototype poisoning in function mapObjIndexed in Ramda 0.27.0 and earlier allows attackers to compromise integrity or availability of application via supplying a crafted object (that contains an own property “__proto__”) as an argument to the function. | 2022-05-10 | not yet calculated | CVE-2021-42581 MISC MISC |
cmsimple-xh — cmsimple-xh | CMSimple_XH 1.7.4 is affected by a remote code execution (RCE) vulnerability. To exploit this vulnerability, an attacker must use the “File” parameter to upload a PHP payload to get a reverse shell from the vulnerable host. | 2022-05-10 | not yet calculated | CVE-2021-42645 MISC MISC |
wso2 — multiple_products |
XML External Entity (XXE) vulnerability in the file based service provider creation feature of the Management Console in WSO2 API Manager 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; and WSO2 IS as Key Manager 5.7.0, 5.9.0, and 5.10.0; and WSO2 Identity Server 5.7.0, 5.8.0, 5.9.0, 5.10.0, and 5.11.0. Allows attackers to gain read access to sensitive information or cause a denial of service via crafted GET requests. | 2022-05-11 | not yet calculated | CVE-2021-42646 MISC MISC |
coder — coder-server |
Cross-site scripting (XSS) vulnerability exists in Coder Code-Server before 3.12.0, allows attackers to execute arbitrary code via crafted URL. | 2022-05-11 | not yet calculated | CVE-2021-42648 MISC |
pentest-collaboration-framework — pentest-collaboration-framework |
A Server Side Template Injection (SSTI) vulnerability in Pentest-Collaboration-Framework v1.0.8 allows an authenticated remote attacker to execute arbitrary code through /project/PROJECTNAME/reports/. | 2022-05-11 | not yet calculated | CVE-2021-42651 MISC |
jerryscript — jerryscript |
A buffer overflow in ecma_builtin_typedarray_prototype_filter() in JerryScript version fe3a5c0 allows an attacker to construct a fake object or a fake arraybuffer with unlimited size. | 2022-05-12 | not yet calculated | CVE-2021-42863 MISC MISC |
novel-plus — novel-plus |
Unrestricted file upload in /novel-admin/src/main/java/com/java2nb/common/controller/FileController.java in novel-plus all versions allows allows an attacker to upload malicious JSP files. | 2022-05-13 | not yet calculated | CVE-2021-42967 MISC |
anaconda3 — anaconda3 |
Certain Anaconda3 2021.05 are affected by OS command injection. When a user installs Anaconda, an attacker can create a new file and write something in usercustomize.py. When the user opens the terminal or activates Anaconda, the command will be executed. | 2022-05-13 | not yet calculated | CVE-2021-42969 MISC |
safedog_apache — safedog_apache |
In Safedog Apache v4.0.30255, attackers can bypass this product for SQL injection. Attackers can bypass access to sensitive data. | 2022-05-10 | not yet calculated | CVE-2021-43010 MISC |
fortinet — forticlientwindows |
A external control of file name or path in Fortinet FortiClientWindows version 7.0.2 and below, version 6.4.6 and below, version 6.2.9 and below, version 6.0.10 and below allows attacker to escalate privilege via the MSI installer. | 2022-05-11 | not yet calculated | CVE-2021-43066 CONFIRM |
fortinet — fortios |
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests. | 2022-05-11 | not yet calculated | CVE-2021-43081 CONFIRM |
openmrs — reference_application_standalone_edition |
An SQL Injection vulnerability exists in OpenMRS Reference Application Standalone Edition <=2.11 and Platform Standalone Edition <=2.4.0 via GET requests on arbitrary parameters in patient.page. | 2022-05-10 | not yet calculated | CVE-2021-43094 MISC MISC MISC |
sourcecodester — employee_daily_task_management_system |
Stored XSS in Add New Employee Form in Sourcecodester Employee Daily Task Management System 1.0 Allows Remote Attacker to Inject/Store Arbitrary Code via the Name Field. | 2022-05-09 | not yet calculated | CVE-2021-43712 MISC MISC MISC |
fortinet — forticlient |
An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient for Linux version 6.0.8 and below, 6.2.9 and below, 6.4.7 and below, 7.0.2 and below may allow an unauthenticated attacker to access sensitive information in log files and directories via symbolic links. | 2022-05-11 | not yet calculated | CVE-2021-44167 CONFIRM |
amd — sev |
An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time. | 2022-05-11 | not yet calculated | CVE-2021-46744 MISC |
amd — secure_processor_firmware | Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by a compromised user application. | 2022-05-10 | not yet calculated | CVE-2021-46771 MISC |
huawei — emui | The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier. | 2022-05-13 | not yet calculated | CVE-2021-46785 MISC MISC |
huawei — emui | The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access. | 2022-05-13 | not yet calculated | CVE-2021-46786 MISC MISC |
huawei — emui |
The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash. | 2022-05-13 | not yet calculated | CVE-2021-46787 MISC MISC |
huawei — iconnect_module |
Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations. | 2022-05-13 | not yet calculated | CVE-2021-46788 MISC |
huawei — emui | Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | 2022-05-13 | not yet calculated | CVE-2021-46789 MISC |
huawei — emui | Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | 2022-05-12 | not yet calculated | CVE-2022-0004 MISC |
intel — multiple_products |
Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access. | 2022-05-12 | not yet calculated | CVE-2022-0005 MISC |
palo_alto_networks — pan-os |
A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committed on both hardware and virtual firewalls. This issue does not impact Panorama appliances or Prisma Access customers. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.23; PAN-OS 9.0 versions earlier than PAN-OS 9.0.16; PAN-OS 9.1 versions earlier than PAN-OS 9.1.13; PAN-OS 10.0 versions earlier than PAN-OS 10.0.10; PAN-OS 10.1 versions earlier than PAN-OS 10.1.5. | 2022-05-11 | not yet calculated | CVE-2022-0024 MISC |
palo_alto_networks — cortex_xdr_agent_software |
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This issue impacts: All versions of the Cortex XDR agent when upgrading to Cortex XDR agent 7.7.0 on Windows; Cortex XDR agent 7.7.0 without content update 500 or a later version on Windows. This issue does not impact other platforms or other versions of the Cortex XDR agent. | 2022-05-11 | not yet calculated | CVE-2022-0025 MISC |
palo_alto_networks — cortex_xdr_agent_software |
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This issue impacts all versions of Cortex XDR agent without content update 330 or a later content update version. | 2022-05-11 | not yet calculated | CVE-2022-0026 MISC |
palo_alto_networks — cortex_xsoar_software | An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the user does not have access. This issue impacts: All versions of Cortex XSOAR 6.1; All versions of Cortex XSOAR 6.2; All versions of Cortex XSOAR 6.5; Cortex XSOAR 6.6 versions earlier than Cortex XSOAR 6.6.0 build 6.6.0.2585049. | 2022-05-11 | not yet calculated | CVE-2022-0027 MISC |
wordpress — popup_by_supsystic_wordpress_plugin |
The Popup by Supsystic WordPress plugin before 1.10.9 does not have any authentication and authorisation in an AJAX action, allowing unauthenticated attackers to call it and get the email addresses of subscribed users | 2022-05-09 | not yet calculated | CVE-2022-0424 MISC |
wordpress — mapsvg_wordpress_plugin |
The MapSVG WordPress plugin before 6.2.20 does not validate and escape a parameter via a REST endpoint before using it in a SQL statement, leading to a SQL Injection exploitable by unauthenticated users. | 2022-05-09 | not yet calculated | CVE-2022-0592 MISC |
wordpress — admin_menu_editor_wordpress_plugin | The Admin Menu Editor WordPress plugin through 1.0.4 does not sanitize and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. | 2022-05-09 | not yet calculated | CVE-2022-0625 MISC |
wordpress — ubigeo_de_pera_para_woocommerce_wordpress_plugin |
The Ubigeo de Perú para Woocommerce WordPress plugin before 3.6.4 does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections | 2022-05-09 | not yet calculated | CVE-2022-0814 MISC |
wordpress — badgeos_wordpress_plugin |
The BadgeOS WordPress plugin through 3.7.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users | 2022-05-09 | not yet calculated | CVE-2022-0817 MISC |
wordpress — wp_video_gallery_wordpress_plugin |
The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users | 2022-05-09 | not yet calculated | CVE-2022-0826 MISC |
wordpress — sema_api_wordpress_plugin | The SEMA API WordPress plugin through 3.64 does not properly sanitise and escape some parameters before using them in SQL statements via an AJAX action, leading to SQL Injections exploitable by unauthenticated users | 2022-05-09 | not yet calculated | CVE-2022-0836 MISC |
jboss — jboss_eap |
This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the org.jboss.as.ejb3.security.RunAsPrincipalInterceptor to keep track of the current identity prior to switching to a new identity created using the RunAs principal. The exploit consist that the EJBComponent#incomingRunAsIdentity field is currently just a SecurityIdentity. This means in a concurrent environment, where multiple users are repeatedly invoking an EJB that is configured with a RunAs principal, it’s possible for the wrong the caller principal to be returned from EJBComponent#getCallerPrincipal. Similarly, it’s also possible for EJBComponent#isCallerInRole to return the wrong value. Both of these methods rely on incomingRunAsIdentity. Affects all versions of JBoss EAP from 7.1.0 and all versions of WildFly 11+ when Elytron is enabled. | 2022-05-10 | not yet calculated | CVE-2022-0866 MISC |
wordpress — wp_social_buttons_wordpress_plugin |
The WP Social Buttons WordPress plugin through 2.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 2022-05-09 | not yet calculated | CVE-2022-0874 MISC |
wordpress — igniteup_wordpress_plugin |
The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don’t have the unfiltered_html capability, which could lead to Stored Cross-Site Scripting issues | 2022-05-09 | not yet calculated | CVE-2022-0898 MISC |
abb — arg600_wireless_gateway |
A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the vulnerability by remotely connecting to the serial port gateway, and/or protocol converter, depending on the configuration. | 2022-05-10 | not yet calculated | CVE-2022-0947 MISC |
wordpress — woocommerce_wordpress_ plugin | The Order Listener for WooCommerce WordPress plugin before 3.2.2 does not sanitise and escape the id parameter before using it in a SQL statement via a REST route available to unauthenticated users, leading to an SQL injection | 2022-05-09 | not yet calculated | CVE-2022-0948 CONFIRM MISC |
wordpress — personal_dictionary_wordpress_plugin | The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability. | 2022-05-09 | not yet calculated | CVE-2022-1013 MISC |
polonel — trudesk |
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1. | 2022-05-12 | not yet calculated | CVE-2022-1044 CONFIRM MISC |
wordpress — themify_post_type_builder_search_addon_wordpress plugin |
The Themify Post Type Builder Search Addon WordPress plugin before 1.4.0 does not properly escape the current page URL before reusing it in a HTML attribute, leading to a reflected cross site scripting vulnerability. | 2022-05-09 | not yet calculated | CVE-2022-1047 MISC |
keylime — keylime |
Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. This allows an attacker to use one AK, EK pair from a real TPM to pass EK validation and give the verifier an AK of a software TPM. A successful attack breaks the entire chain of trust because a not validated AK is used by the verifier. This issue is worse if the validation happens first and then the agent gets added to the verifier because the timing is easier and the verifier does not validate the regcount entry being equal to 1, | 2022-05-06 | not yet calculated | CVE-2022-1053 MISC MISC MISC FEDORA FEDORA FEDORA |
wordpress — popup_maker_wordpress_plugin |
The Popup Maker WordPress plugin before 1.16.5 does not sanitise and escape some of its Popup settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | 2022-05-09 | not yet calculated | CVE-2022-1104 MISC |
gitlab — ce/ee |
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0, allowing Guest project members to access trace log of jobs when it is enabled | 2022-05-11 | not yet calculated | CVE-2022-1124 MISC MISC CONFIRM |
wordpress — vertical_scroll_wordpressplugin | The Vertical scroll recent post WordPress plugin before 14.0 does not sanitise and escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting | 2022-05-09 | not yet calculated | CVE-2022-1171 MISC |
wordpress — ultimate_member_plugin |
The Ultimate Member plugin for WordPress is vulnerable to open redirects due to insufficient validation on supplied URLs in the social fields of the Profile Page, which makes it possible for attackers to redirect unsuspecting victims in versions up to, and including, 2.3.1 granted the victim clicks on a social icon on a user’s profile page. | 2022-05-10 | not yet calculated | CVE-2022-1209 MISC MISC MISC MISC |
wordpress — slide_anything_wordpress_plugin |
The Slide Anything WordPress plugin before 2.3.44 does not sanitize and escape sliders’ description, which could allow high privilege users such as editor and above to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed | 2022-05-09 | not yet calculated | CVE-2022-1303 MISC |
wordpress — easily_generate_rest_api_url_wordpress_plugin |
The Easily Generate Rest API Url WordPress plugin through 1.0.0 does not escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | 2022-05-09 | not yet calculated | CVE-2022-1338 MISC |
gitlab — gitlab |
Due to an insecure direct object reference vulnerability in Gitlab EE/CE affecting all versions from 11.0 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1, an endpoint may reveal the issue title to a user who crafted an API call with the ID of the issue from a public project that restricts access to issue only to project members. | 2022-05-11 | not yet calculated | CVE-2022-1352 MISC MISC CONFIRM |
plantuml — plantuml |
URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. An attacker can abuse this to bypass URL restrictions that are imposed by the different security profiles and achieve server side request forgery (SSRF). This allows accessing restricted internal resources/servers or sending requests to third party servers. | 2022-05-14 | not yet calculated | CVE-2022-1379 MISC CONFIRM |
alextselegidis –easyappointments | API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover. | 2022-05-10 | not yet calculated | CVE-2022-1397 CONFIRM MISC |
gitlab — gitlab |
Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0 allows a Developer to read protected Group or Project CI/CD variables by importing a malicious project | 2022-05-11 | not yet calculated | CVE-2022-1406 CONFIRM MISC MISC |
gitlab — gitlab |
Improper access control in GitLab CE/EE affecting all versions starting from 8.12 before 14.8.6, all versions starting from 14.9 before 14.9.4, and all versions starting from 14.10 before 14.10.1 allows non-project members to access contents of Project Members-only Wikis via malicious CI jobs | 2022-05-10 | not yet calculated | CVE-2022-1417 MISC CONFIRM MISC |
gitlab — gitlab |
An issue has been discovered in GitLab affecting all versions starting from 12.6 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly authenticating a user that had some certain amount of information which allowed an user to authenticate without a personal access token. | 2022-05-11 | not yet calculated | CVE-2022-1426 MISC CONFIRM MISC |
gitlab — gitlab |
An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was incorrectly verifying throttling limits for authenticated package requests which resulted in limits not being enforced. | 2022-05-11 | not yet calculated | CVE-2022-1428 CONFIRM MISC |
gitlab — gitlab |
An issue has been discovered in GitLab affecting all versions starting from 12.10 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly handling malicious requests to the PyPi API endpoint allowing the attacker to cause uncontrolled resource consumption. | 2022-05-10 | not yet calculated | CVE-2022-1431 MISC CONFIRM MISC |
gitlab — gitlab | An issue has been discovered in GitLab affecting all versions starting from 14.4 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. Missing invalidation of Markdown caching causes potential payloads from a previously exploitable XSS vulnerability (CVE-2022-1175) to persist and execute. | 2022-05-11 | not yet calculated | CVE-2022-1433 MISC CONFIRM MISC |
wordpress — metform_wordpress_plugin |
The Metform WordPress plugin is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/action.php file which can be exploited by an unauthenticated attacker to view all API keys and secrets of integrated third-party APIs like that of PayPal, Stripe, Mailchimp, Hubspot, HelpScout, reCAPTCHA and many more, in versions up to and including 2.1.3. | 2022-05-10 | not yet calculated | CVE-2022-1442 MISC MISC MISC |
wordpress — rsvpmaker_plugin |
The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-util.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to and including 9.2.5. | 2022-05-10 | not yet calculated | CVE-2022-1453 MISC MISC MISC |
gitlab — gitlab |
An issue has been discovered in GitLab affecting all versions starting from 9.2 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not performing correct authorizations on scheduled pipelines allowing a malicious user to run a pipeline in the context of another user. | 2022-05-11 | not yet calculated | CVE-2022-1460 MISC CONFIRM MISC |
wordpress — booking_calendar_wordpress_plugin |
The Booking Calendar plugin for WordPress is vulnerable to PHP Object Injection via the [bookingflextimeline] shortcode in versions up to, and including, 9.1. This could be exploited by subscriber-level users and above to call arbitrary PHP objects on a vulnerable site. | 2022-05-10 | not yet calculated | CVE-2022-1463 MISC |
wordpress — all-in-one_wp_migration_plugin |
The All-in-One WP Migration plugin for WordPress is vulnerable to arbitrary file deletion via directory traversal due to insufficient file validation via the ~/lib/model/class-ai1wm-backups.php file, in versions up to, and including, 7.58. This can be exploited by administrative users, and users who have access to the site’s secret key. | 2022-05-10 | not yet calculated | CVE-2022-1476 MISC MISC |
wordpress — rsvpmaker_plugin |
The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-api-endpoints.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to and including 9.2.6. | 2022-05-10 | not yet calculated | CVE-2022-1505 MISC MISC |
gitlab — gitlab |
An issue has been discovered in GitLab affecting all versions starting from 13.9 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly handling malicious text in the CI Editor and CI Pipeline details page allowing the attacker to cause uncontrolled resource consumption. | 2022-05-11 | not yet calculated | CVE-2022-1510 MISC CONFIRM MISC |
gruntjs — grunt |
file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt prior to 1.5.3. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a lower-privileged user has write access to both source and destination directories as the lower-privileged user can create a symlink to the GruntJS user’s .bashrc file or replace /etc/shadow file if the GruntJS user is root. | 2022-05-10 | not yet calculated | CVE-2022-1537 CONFIRM MISC |
gitlab — gitlab |
It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1 if an unauthorised project member was tagged in the note. | 2022-05-11 | not yet calculated | CVE-2022-1545 CONFIRM MISC |
wordpress — wp-js_plugin |
The WP-JS plugin for WordPress contains a script called wp-js.php with the function wp_js_admin, that accepts unvalidated user input and echoes it back to the user. This can be used for reflected Cross-Site Scripting in versions up to, and including, 2.0.6. | 2022-05-10 | not yet calculated | CVE-2022-1567 MISC MISC |
vim — vim | Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution | 2022-05-07 | not yet calculated | CVE-2022-1616 MISC CONFIRM FEDORA FEDORA |
vim — vim |
Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution | 2022-05-08 | not yet calculated | CVE-2022-1619 CONFIRM MISC FEDORA FEDORA |
vim — vim |
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input. | 2022-05-08 | not yet calculated | CVE-2022-1620 CONFIRM MISC FEDORA FEDORA |
vim — vim | Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution | 2022-05-10 | not yet calculated | CVE-2022-1621 CONFIRM MISC |
libtiff – libtiff |
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. | 2022-05-11 | not yet calculated | CVE-2022-1622 MISC MISC CONFIRM |
libtiff – libtiff |
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. | 2022-05-11 | not yet calculated | CVE-2022-1623 MISC MISC CONFIRM |
vim — vim |
Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution | 2022-05-10 | not yet calculated | CVE-2022-1629 MISC CONFIRM |
microweber — microweber |
Users Account Pre-Takeover or Users Account Takeover. in GitHub repository microweber/microweber prior to 1.2.15. Victim Account Take Over. Since, there is no email confirmation, an attacker can easily create an account in the application using the Victim’s Email. This allows an attacker to gain pre-authentication to the victim’s account. Further, due to the lack of proper validation of email coming from Social Login and failing to check if an account already exists, the victim will not identify if an account is already existing. Hence, the attacker’s persistence will remain. An attacker would be able to see all the activities performed by the victim user impacting the confidentiality and attempt to modify/corrupt the data impacting the integrity and availability factor. This attack becomes more interesting when an attacker can register an account from an employee’s email address. Assuming the organization uses G-Suite, it is much more impactful to hijack into an employee’s account. | 2022-05-09 | not yet calculated | CVE-2022-1631 CONFIRM MISC |
radareorg — radare2 |
Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/476.html). | 2022-05-10 | not yet calculated | CVE-2022-1649 MISC CONFIRM |
eventsource — eventsource | Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository eventsource/eventsource prior to v2.0.2. | 2022-05-12 | not yet calculated | CVE-2022-1650 CONFIRM MISC |
vim — vim |
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. | 2022-05-12 | not yet calculated | CVE-2022-1674 CONFIRM MISC |
requarks — wiki |
Authentication Bypass Using an Alternate Path or Channel in GitHub repository requarks/wiki prior to 2.5.281. User can get root user permissions | 2022-05-12 | not yet calculated | CVE-2022-1681 CONFIRM MISC |
neorazorx — facturascripts |
Reflected Xss using url based payload in GitHub repository neorazorx/facturascripts prior to 2022.07. Xss can use to steal user’s cookies which lead to Account takeover or do any malicious activity in victim’s browser | 2022-05-12 | not yet calculated | CVE-2022-1682 MISC CONFIRM |
causefx — organizr |
Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. | 2022-05-12 | not yet calculated | CVE-2022-1698 CONFIRM MISC |
causefx — organizr |
Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. | 2022-05-12 | not yet calculated | CVE-2022-1699 CONFIRM MISC |
sonicwall — sma1000 |
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data. | 2022-05-13 | not yet calculated | CVE-2022-1701 CONFIRM |
sonicwall — sma1000 |
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to Open redirection vulnerability. | 2022-05-13 | not yet calculated | CVE-2022-1702 CONFIRM |
radareorg — radare2 |
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. | 2022-05-13 | not yet calculated | CVE-2022-1714 CONFIRM MISC |
neorazorx — facturascripts | Account Takeover in GitHub repository neorazorx/facturascripts prior to 2022.07. | 2022-05-13 | not yet calculated | CVE-2022-1715 CONFIRM MISC |
android — android |
In checkSlicePermission of SliceManagerService.java, it is possible to access any slice URI due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-179699767 | 2022-05-10 | not yet calculated | CVE-2022-20004 MISC |
android — android |
In validateApkInstallLocked of PackageInstallerSession.java, there is a way to force a mismatch between running code and a parsed APK . This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-219044664 | 2022-05-10 | not yet calculated | CVE-2022-20005 MISC |
android — android |
In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way to briefly view what’s under the lockscreen due to a race condition. This could lead to local escalation of privilege if a Guest user is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-151095871 | 2022-05-10 | not yet calculated | CVE-2022-20006 MISC |
android — android |
In startActivityForAttachedApplicationIfNeeded of RootWindowContainer.java, there is a possible way to overlay an app that believes it’s still in the foreground, when it is not, due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-211481342 | 2022-05-10 | not yet calculated | CVE-2022-20007 MISC |
android — android |
In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216481035References: Upstream kernel | 2022-05-10 | not yet calculated | CVE-2022-20008 MISC |
android — android |
In various functions of the USB gadget subsystem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213172319References: Upstream kernel | 2022-05-10 | not yet calculated | CVE-2022-20009 MISC |
android — android |
In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-213519176 | 2022-05-10 | not yet calculated | CVE-2022-20010 MISC |
android — android |
In getArray of NotificationManagerService.java , there is a possible leak of one user notifications to another due to missing check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-214999128 | 2022-05-10 | not yet calculated | CVE-2022-20011 MISC |
android — android |
In getAvailabilityStatus of PrivateDnsPreferenceController.java, there is a possible way for a guest user to change private DNS settings due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-206987762 | 2022-05-10 | not yet calculated | CVE-2022-20112 MISC |
android — android |
In mPreference of DefaultUsbConfigurationPreferenceController.java, there is a possible way to enable file transfer mode due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-205996517 | 2022-05-10 | not yet calculated | CVE-2022-20113 MISC |
android — android |
In placeCall of TelecomManager.java, there is a possible way for an application to keep itself running with foreground service importance due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-211114016 | 2022-05-10 | not yet calculated | CVE-2022-20114 MISC |
android — android |
In broadcastServiceStateChanged of TelephonyRegistry.java, there is a possible way to learn base station information without location permission due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-210118427 | 2022-05-10 | not yet calculated | CVE-2022-20115 MISC |
android — android |
In onEntryUpdated of OngoingCallController.kt, it is possible to launch non-exported activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-212467440 | 2022-05-10 | not yet calculated | CVE-2022-20116 MISC |
android — android |
In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-217475903References: N/A | 2022-05-10 | not yet calculated | CVE-2022-20117 MISC |
android — android |
In ion_ioctl and related functions of ion.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205707793References: N/A | 2022-05-10 | not yet calculated | CVE-2022-20118 MISC |
android — android |
In private_handle_t of mali_gralloc_buffer.h, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213170715References: N/A | 2022-05-10 | not yet calculated | CVE-2022-20119 MISC |
android — android |
Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A | 2022-05-10 | not yet calculated | CVE-2022-20120 MISC |
android — android |
In getNodeValue of USCCDMPlugin.java, there is a possible disclosure of ICCID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-212573046References: N/A | 2022-05-10 | not yet calculated | CVE-2022-20121 MISC |
intel — advisor_software |
Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2022-05-12 | not yet calculated | CVE-2022-21128 MISC |
intel — xeon |
Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 2022-05-12 | not yet calculated | CVE-2022-21131 MISC |
intel — xeon |
Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial of service via local access. | 2022-05-12 | not yet calculated | CVE-2022-21136 MISC |
cisco — estsoft_alyac |
An out of bounds read vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.7.7. A specially-crafted PE file can trigger this vulnerability to cause denial of service and termination of malware scan. An attacker can provide a malicious file to trigger this vulnerability. | 2022-05-12 | not yet calculated | CVE-2022-21147 MISC CONFIRM |
intel — processors |
Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 2022-05-12 | not yet calculated | CVE-2022-21151 MISC |
cisco — inhand_networks_inrouter302 | A privilege escalation vulnerability exists in the router configuration import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability. | 2022-05-12 | not yet calculated | CVE-2022-21182 MISC CONFIRM |
mozilla — mozilla |
This affects the package convict before 6.2.3. This is a bypass of [CVE-2022-22143](https://security.snyk.io/vuln/SNYK-JS-CONVICT-2340604). The [fix](https://github.com/mozilla/node-convict/commit/3b86be087d8f14681a9c889d45da7fe3ad9cd880) introduced, relies on the startsWith method and does not prevent the vulnerability: before splitting the path, it checks if it starts with __proto__ or this.constructor.prototype. To bypass this check it’s possible to prepend the dangerous paths with any string value followed by a dot, like for example foo.__proto__ or foo.this.constructor.prototype. | 2022-05-13 | not yet calculated | CVE-2022-21190 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
intel — nuc |
Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. | 2022-05-12 | not yet calculated | CVE-2022-21237 MISC |
cisco — inhand_networks_inrouter302 |
A cross-site scripting (xss) vulnerability exists in the info.jsp functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability. | 2022-05-12 | not yet calculated | CVE-2022-21238 CONFIRM MISC |
cisco — inhand_networks_inrouter302 |
A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can upload a malicious file to trigger this vulnerability. | 2022-05-12 | not yet calculated | CVE-2022-21809 MISC CONFIRM |
microsoft — point-to-point_tunneling_protocol | Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23270. | 2022-05-10 | not yet calculated | CVE-2022-21972 MISC |
microsoft — exchange_server | Microsoft Exchange Server Elevation of Privilege Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-21978 MISC |
micosoft — graphics |
Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-26934, CVE-2022-29112. | 2022-05-10 | not yet calculated | CVE-2022-22011 MISC |
microsoft — ldap |
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. | 2022-05-10 | not yet calculated | CVE-2022-22012 MISC |
microsoft — ldap |
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. | 2022-05-10 | not yet calculated | CVE-2022-22013 MISC |
microsoft — ldap |
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. | 2022-05-10 | not yet calculated | CVE-2022-22014 MISC |
microsoft — remote_desktop_protocol |
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-22015 MISC |
microsoft — playtomanager |
Windows PlayToManager Elevation of Privilege Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-22016 MISC |
microsoft — remote_desktop_client |
Remote Desktop Client Remote Code Execution Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-22017 MISC |
microsoft — remote_procedure_call | Remote Procedure Call Runtime Remote Code Execution Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-22019 MISC |
intel — xtu_software | Uncontrolled search path in the Intel(R) XTU software before version 7.3.0.33 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2022-05-12 | not yet calculated | CVE-2022-22139 MISC |
huawei — dfx_module |
The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability. | 2022-05-13 | not yet calculated | CVE-2022-22252 MISC MISC |
huawei — kernel_module |
The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability. | 2022-05-13 | not yet calculated | CVE-2022-22260 MISC MISC |
huawei — hialserver |
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | 2022-05-13 | not yet calculated | CVE-2022-22261 MISC MISC |
sonicwall — ssl-vpn_netextender_windows_client | A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender Windows Client (32 and 64 bit) in 10.2.322 and earlier versions, allows an attacker to potentially execute arbitrary code in the host windows operating system. | 2022-05-13 | not yet calculated | CVE-2022-22281 CONFIRM |
sonicwall — sma1000 |
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts access to a resource using HTTP connections from an unauthorized actor leading to Improper Access Control vulnerability. | 2022-05-13 | not yet calculated | CVE-2022-22282 CONFIRM |
ibm — robotic_process_automation |
IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disruption for any scripts dependent on the queue. IBM X-Force ID: 218366. | 2022-05-09 | not yet calculated | CVE-2022-22319 XF CONFIRM CONFIRM |
ibm — qradar_siem |
IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 218367. | 2022-05-11 | not yet calculated | CVE-2022-22320 XF CONFIRM |
ibm — mq |
IBM MQ (IBM MQ for HPE NonStop 8.1.0) can inadvertently disclose sensitive information under certain circumstances to a local user from a stack trace. IBM X-Force ID: 218853. | 2022-05-13 | not yet calculated | CVE-2022-22325 CONFIRM XF |
ibm — websphere_application_server_liberty |
IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ID: 222078. | 2022-05-13 | not yet calculated | CVE-2022-22393 CONFIRM XF |
ibm — robotic_process_automation |
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 223022. | 2022-05-12 | not yet calculated | CVE-2022-22413 XF CONFIRM |
ibm — infosphere_information_server |
IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 2022-05-10 | not yet calculated | CVE-2022-22454 XF CONFIRM |
ibm — navigator |
IBM Navigator for i 7.2, 7.3, and 7.4 (heritage version) could allow a remote attacker to obtain access to the web interface without valid credentials. By modifying the sign on request, an attacker can gain visibility to the fully qualified domain name of the target system and the navigator tasks page, however they do not gain the ability to perform those tasks on the system or see any specific system data. IBM X-Force ID: 225899. | 2022-05-09 | not yet calculated | CVE-2022-22481 CONFIRM XF |
microsoft — hyper-v |
Windows Hyper-V Denial of Service Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-22713 MISC |
tibco_software_inc — multiple_products |
The DOM XML parser and SAX XML parser components of TIBCO Software Inc.’s TIBCO Managed File Transfer Command Center, TIBCO Managed File Transfer Command Center, TIBCO Managed File Transfer Internet Server, and TIBCO Managed File Transfer Internet Server contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to execute XML External Entity (XXE) attacks on the affected system. Affected releases are TIBCO Software Inc.’s TIBCO Managed File Transfer Command Center: versions 8.3.1 and below, TIBCO Managed File Transfer Command Center: versions 8.4.0 and 8.4.1, TIBCO Managed File Transfer Internet Server: versions 8.3.1 and below, and TIBCO Managed File Transfer Internet Server: versions 8.4.0 and 8.4.1. | 2022-05-10 | not yet calculated | CVE-2022-22774 CONFIRM CONFIRM |
sysaid — sysaid_system_takeover |
Sysaid – Sysaid System Takeover – An attacker can bypass the authentication process by accessing to: /wmiwizard.jsp, Then to: /ConcurrentLogin.jsp, then click on the login button, and it will redirect you to /home.jsp without any authentication. | 2022-05-12 | not yet calculated | CVE-2022-22796 MISC |
sysaid — sysaid_open_redirect |
Sysaid – sysaid Open Redirect – An Attacker can change the redirect link at the parameter “redirectURL” from”GET” request from the url location: /CommunitySSORedirect.jsp?redirectURL=https://google.com. Unvalidated redirects and forwards are possible when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input. By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. | 2022-05-12 | not yet calculated | CVE-2022-22797 MISC |
sysaid — multiple_products |
Sysaid – Pro Plus Edition, SysAid Help Desk Broken Access Control v20.4.74 b10, v22.1.20 b62, v22.1.30 b49 – An attacker needs to log in as a guest after that the system redirects him to the service portal or EndUserPortal.JSP, then he needs to change the path in the URL to /ConcurrentLogin%2ejsp after that he will receive an error message with a login button, by clicking on it, he will connect to the system dashboard. The attacker can receive sensitive data like server details, usernames, workstations, etc. He can also perform actions such as uploading files, deleting calls from the system. | 2022-05-12 | not yet calculated | CVE-2022-22798 MISC |
spring_by_vmware — spring_framework |
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object. | 2022-05-12 | not yet calculated | CVE-2022-22970 MISC |
spring_by_vmware — spring_framework |
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user. | 2022-05-12 | not yet calculated | CVE-2022-22971 MISC |
spring_by_vmware — pinniped_supervisor |
An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. An attack would involve the malicious user changing the common name (CN) of their user entry on the LDAP or AD server to include special characters, which could be used to perform LDAP query injection on the Supervisor’s LDAP query which determines their Kubernetes group membership. | 2022-05-11 | not yet calculated | CVE-2022-22975 MISC |
solana — rbpf |
In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to transfer tokens or not. The vulnerability affects both integrity and may cause serious availability problems. | 2022-05-09 | not yet calculated | CVE-2022-23066 MISC MISC |
zte — zxcdn |
ZTE’s ZXCDN product has a reflective XSS vulnerability. The attacker could modify the parameters in the content clearing request url, and when a user clicks the url, an XSS attack will be triggered. | 2022-05-11 | not yet calculated | CVE-2022-23137 MISC |
zte — zxmp_m721 |
ZTE’s ZXMP M721 product has a permission and access control vulnerability. Since the folder permission viewed by sftp is 666, which is inconsistent with the actual permission. It’s easy for?users to?ignore the modification?of?the file permission configuration, so that low-authority accounts could actually obtain higher operating permissions on key files. | 2022-05-12 | not yet calculated | CVE-2022-23139 MISC |
sysaid — sysaid |
Sysaid – Sysaid 14.2.0 Reflected Cross-Site Scripting (XSS) – The parameter “helpPageName” used by the page “/help/treecontent.jsp” suffers from a Reflected Cross-Site Scripting vulnerability. For an attacker to exploit this Cross-Site Scripting vulnerability, it’s necessary for the affected product to expose the Offline Help Pages. An attacker may gain access to sensitive information or execute client-side code in the browser session of the victim user. Furthermore, an attacker would require the victim to open a malicious link. An attacker may exploit this vulnerability in order to perform phishing attacks. The attacker can receive sensitive data like server details, usernames, workstations, etc. He can also perform actions such as uploading files, deleting calls from the system | 2022-05-12 | not yet calculated | CVE-2022-23165 MISC |
sysaid — sysaid_local_file_inclusion |
Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to “/lib/tinymce/examples/index.html” path. in the “Insert/Edit Embedded Media” window Choose Type : iFrame and File/URL : [here is the LFI] Solution: Update to 22.2.20 cloud version, or to 22.1.64 on premise version. | 2022-05-12 | not yet calculated | CVE-2022-23166 MISC |
micrsoft — .net_and_visual_studio |
.NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-29117, CVE-2022-29145. | 2022-05-10 | not yet calculated | CVE-2022-23267 MISC |
microsoft — point-to-point_tunneling_protocol | Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21972. | 2022-05-10 | not yet calculated | CVE-2022-23270 MISC |
microsoft — alpc |
Windows ALPC Elevation of Privilege Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-23279 MISC |
shenzen_ejoin_information_technology_co — manual_ping_form |
Command injection vulnerability in Manual Ping Form (Web UI) in Shenzhen Ejoin Information Technology Co., Ltd. ACOM508/ACOM516/ACOM532 609-915-041-100-020 allows a remote attacker to inject arbitrary code via the field. | 2022-05-09 | not yet calculated | CVE-2022-23332 MISC MISC |
aruba_networks — arubaos_switch |
A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.03.xxxx: All versions; ArubaOS-Switch 16.04.xxxx: All versions; ArubaOS-Switch 16.05.xxxx: All versions; ArubaOS-Switch 16.06.xxxx: All versions; ArubaOS-Switch 16.07.xxxx: All versions; ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0024 and below; ArubaOS-Switch 16.09.xxxx: KB/WB/WC/YA/YB/YC.16.09.0019 and below; ArubaOS-Switch 16.10.xxxx: KB/WB/WC/YA/YB/YC.16.10.0019 and below; ArubaOS-Switch 16.11.xxxx: KB/WB/WC/YA/YB/YC.16.11.0003 and below. Aruba has released upgrades for ArubaOS-Switch Devices that address these security vulnerabilities. | 2022-05-10 | not yet calculated | CVE-2022-23676 MISC |
aruba_networks — arubaos_switch |
A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.03.xxxx: All versions; ArubaOS-Switch 16.04.xxxx: All versions; ArubaOS-Switch 16.05.xxxx: All versions; ArubaOS-Switch 16.06.xxxx: All versions; ArubaOS-Switch 16.07.xxxx: All versions; ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0024 and below; ArubaOS-Switch 16.09.xxxx: KB/WB/WC/YA/YB/YC.16.09.0019 and below; ArubaOS-Switch 16.10.xxxx: KB/WB/WC/YA/YB/YC.16.10.0019 and below; ArubaOS-Switch 16.11.xxxx: KB/WB/WC/YA/YB/YC.16.11.0003 and below. Aruba has released upgrades for ArubaOS-Switch Devices that address these security vulnerabilities. | 2022-05-10 | not yet calculated | CVE-2022-23677 MISC |
hpe — integrated_lights-out4 |
A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later. | 2022-05-09 | not yet calculated | CVE-2022-23704 MISC |
hpe — multiple_products |
A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays, and HPE Nimble Storage Secondary Flash Arrays which could potentially allow the upload, but not execution, of unauthorized update binaries to the array. HPE has made the following software updates to resolve the vulnerability in HPE Nimble Storage: 5.0.10.100 or later, 5.2.1.0 or later, 6.0.0.100 or later. | 2022-05-09 | not yet calculated | CVE-2022-23705 MISC |
zonealarm — check_point_endpoint_security_client | Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links. | 2022-05-12 | not yet calculated | CVE-2022-23742 MISC MISC |
zonealarm — check_point |
Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. | 2022-05-11 | not yet calculated | CVE-2022-23743 MISC |
siemens — desigo |
A vulnerability has been identified in Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The “addCell” JavaScript function fails to properly sanitize user-controllable input before including it into the generated XML body of the XLS report document, such that it is possible to inject arbitrary content (e.g., XML tags) into the generated file. An attacker with restricted privileges, by poisoning any of the content used to generate XLS reports, could be able to leverage the application to deliver malicious files against higher-privileged users and obtain Remote Code Execution (RCE) against the administrator’s workstation. | 2022-05-10 | not yet calculated | CVE-2022-24039 MISC |
siemens — desigo |
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application fails to enforce an upper bound to the cost factor of the PBKDF2 derived key during the creation or update of an account. An attacker with the user profile access privilege could cause a denial of service (DoS) condition through CPU consumption by setting a PBKDF2 derived key with a remarkably high cost effort and then attempting a login to the so-modified account. | 2022-05-10 | not yet calculated | CVE-2022-24040 MISC |
siemens — desigo |
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application stores the PBKDF2 derived key of users passwords with a low iteration count. An attacker with user profile access privilege can retrieve the stored password hashes of other accounts and then successfully perform an offline cracking attack and recover the plaintext passwords of other users. | 2022-05-10 | not yet calculated | CVE-2022-24041 MISC |
siemens — desigo |
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application returns an AuthToken that does not expire at the defined auto logoff delay timeout. An attacker could be able to capture this token and re-use old session credentials or session IDs for authorization. | 2022-05-10 | not yet calculated | CVE-2022-24042 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-24101 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-24102 MISC |
adobe — acrobat_reader_dc | Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-24103 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-24104 MISC |
intel — nucs | Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. | 2022-05-12 | not yet calculated | CVE-2022-24297 MISC |
intel — nucs |
Improper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. | 2022-05-12 | not yet calculated | CVE-2022-24382 MISC |
microsoft — hyper-v | Windows Hyper-V Security Feature Bypass Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-24466 MISC |
yubico — otp |
Incorrect access control in Yubico OTP functionality of the YubiKey hardware tokens along with the Yubico OTP validation server. The Yubico OTP supposedly creates hardware bound second factor credentials. When a user reprograms the OTP functionality by “writing” it on a token using the Yubico Personalization Tool, they can then upload the new configuration to Yubicos OTP validation servers. | 2022-05-11 | not yet calculated | CVE-2022-24584 MISC MISC MISC |
openclinica — openclinica |
OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known workarounds. This issue has been patched and users are recommended to upgrade. | 2022-05-14 | not yet calculated | CVE-2022-24830 CONFIRM MISC |
openclinica — openclinica |
OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). Versions prior to 3.16.1 are vulnerable to SQL injection due to the use of string concatenation to create SQL queries instead of prepared statements. No known workarounds exist. This issue has been patched in 3.16.1, 3.15.9, 3.14.1, and 3.13.1 and users are advised to upgrade. | 2022-05-14 | not yet calculated | CVE-2022-24831 CONFIRM MISC |
ecdsautils — ecdsautils |
ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[prepare_]legacy()` does not check whether the signature values `r` and `s` are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge signatures. Requiring multiple signatures from different public keys does not mitigate the issue: `ecdsa_verify_list_legacy()` will accept an arbitrary number of such forged signatures. Both the `ecdsautil verify` CLI command and the libecdsautil library are affected. The issue has been fixed in ecdsautils 0.4.1. All older versions of ecdsautils (including versions before the split into a library and a CLI utility) are vulnerable. | 2022-05-06 | not yet calculated | CVE-2022-24884 MISC CONFIRM MISC MLIST DEBIAN FEDORA FEDORA FEDORA |
cisco — inhand_networks_inrouter302 |
A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. | 2022-05-12 | not yet calculated | CVE-2022-24910 CONFIRM MISC |
cisco — inhand_networks_inrouter302 |
An information disclosure vulnerability exists in the web interface session cookie functionality of InHand Networks InRouter302 V3.5.4. The session cookie misses the HttpOnly flag, making it accessible via JavaScript and thus allowing an attacker, able to perform an XSS attack, to steal the session cookie. | 2022-05-12 | not yet calculated | CVE-2022-25172 CONFIRM MISC |
blogengine.net — blogengine.net |
BlogEngine.NET v3.3.8.0 was discovered to contain an arbitrary file deletion vulnerability which allows attackers to delete files within the web server root directory via a crafted HTTP request. | 2022-05-13 | not yet calculated | CVE-2022-25591 MISC MISC |
apache — tomcat |
If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that the application will continue to use the socket after it has been closed. The error handling triggered in this case could cause the a pooled object to be placed in the pool twice. This could result in subsequent connections using the same object concurrently which could result in data being returned to the wrong use and/or other errors. | 2022-05-13 | not yet calculated | CVE-2022-25762 MISC |
sds — sds |
This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. **Note:** This vulnerability derives from an incomplete fix to [CVE-2020-7618](https://security.snyk.io/vuln/SNYK-JS-SDS-564123) | 2022-05-13 | not yet calculated | CVE-2022-25862 CONFIRM CONFIRM |
microsoft — workspace_tools |
The package workspace-tools before 0.18.4 are vulnerable to Command Injection via git argument injection. When calling the fetchRemoteBranch(remote: string, remoteBranch: string, cwd: string) function, both the remote and remoteBranch parameters are passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection. | 2022-05-13 | not yet calculated | CVE-2022-25865 CONFIRM CONFIRM CONFIRM |
cisco — inhand_networks_inrouter302 | A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. | 2022-05-12 | not yet calculated | CVE-2022-25995 MISC CONFIRM |
cisco — inhand_networks_inrouter302 | A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of malicious packets to trigger this vulnerability. | 2022-05-12 | not yet calculated | CVE-2022-26002 MISC CONFIRM |
cisco — inhand_networks_inrouter302 |
An OS command injection vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability. | 2022-05-12 | not yet calculated | CVE-2022-26007 MISC CONFIRM |
cisco — inhand_networks_inrouter302 |
An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability. | 2022-05-12 | not yet calculated | CVE-2022-26020 MISC CONFIRM |
cisco — inhand_networks_inrouter302 |
An OS command injection vulnerability exists in the daretools binary functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. | 2022-05-12 | not yet calculated | CVE-2022-26042 MISC CONFIRM |
cisco — inhand_networks_inrouter302 |
An OS command injection vulnerability exists in the console infactory_wlan functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. | 2022-05-12 | not yet calculated | CVE-2022-26075 MISC CONFIRM |
cisco — inhand_networks_inrouter302 |
An OS command injection vulnerability exists in the httpd wlscan_ASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. | 2022-05-12 | not yet calculated | CVE-2022-26085 MISC CONFIRM |
fortinet — fortinac |
Multiple improper neutralization of special elements used in SQL commands (‘SQL Injection’) vulnerability [CWE-89] in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.2 and below may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted strings parameters. | 2022-05-11 | not yet calculated | CVE-2022-26116 CONFIRM |
cisco — inhand_networks_inrouter302 | An OS command injection vulnerability exists in the console infactory_port functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. | 2022-05-12 | not yet calculated | CVE-2022-26420 MISC CONFIRM |
cisco — inhand_networks_inrouter302 | A firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted HTTP request can lead to firmware update. An attacker can send a sequence of requests to trigger this vulnerability. | 2022-05-12 | not yet calculated | CVE-2022-26510 MISC CONFIRM |
cisco — inhand_networks_inrouter302 |
An OS command injection vulnerability exists in the console infactory_net functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. | 2022-05-12 | not yet calculated | CVE-2022-26518 MISC CONFIRM |
cisco — inhand_networks_inrouter302 | Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`’s `user_define_init` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution. | 2022-05-12 | not yet calculated | CVE-2022-26780 CONFIRM MISC |
cisco — inhand_networks_inrouter302 | Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`’s `user_define_print` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution. | 2022-05-12 | not yet calculated | CVE-2022-26781 CONFIRM MISC |
cisco — inhand_networks_inrouter302 |
Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`’s `user_define_set_item` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution. | 2022-05-12 | not yet calculated | CVE-2022-26782 CONFIRM MISC |
microsoft — authentication_security_feature | Windows Authentication Security Feature Bypass Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-26913 MISC |
microsoft — active_directory_domain_services | Active Directory Domain Services Elevation of Privilege Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-26923 MISC |
microsoft — lsa | Windows LSA Spoofing Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-26925 MISC |
microsoft — address_book | Windows Address Book Remote Code Execution Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-26926 MISC |
microsoft — graphics_component | Windows Graphics Component Remote Code Execution Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-26927 MISC |
microsoft — remote_access_connection_manager | Windows Remote Access Connection Manager Information Disclosure Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-26930 MISC |
microsoft — kerberos | Windows Kerberos Elevation of Privilege Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-26931 MISC |
microsoft — storage_spaces_direct | Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26938, CVE-2022-26939. | 2022-05-10 | not yet calculated | CVE-2022-26932 MISC |
microsoft — ntfs | Windows NTFS Information Disclosure Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-26933 MISC |
microsoft — grapics_component | Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22011, CVE-2022-29112. | 2022-05-10 | not yet calculated | CVE-2022-26934 MISC |
microsoft — wlan_autoconfig | Windows WLAN AutoConfig Service Information Disclosure Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-26935 MISC |
microsoft — server_service_ | Windows Server Service Information Disclosure Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-26936 MISC |
microsoft — network_file_system | Windows Network File System Remote Code Execution Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-26937 MISC |
microsoft — storage_spaces_direct | Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26932, CVE-2022-26939. | 2022-05-10 | not yet calculated | CVE-2022-26938 MISC |
microsoft — storage_spaces_direct | Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26932, CVE-2022-26938. | 2022-05-10 | not yet calculated | CVE-2022-26939 MISC |
microsoft — remote_desktop_protocol_client | Remote Desktop Protocol Client Information Disclosure Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-26940 MISC |
tp-link — tp-link_tl-wdr7660 |
TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MmtAtePrase` function. Local users could get remote code execution. | 2022-05-10 | not yet calculated | CVE-2022-26987 MISC MISC MISC |
tp-link — tp-link_tl-wdr7660 |
TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MntAte` function. Local users could get remote code execution. | 2022-05-10 | not yet calculated | CVE-2022-26988 MISC MISC MISC |
htmldoc — htmldoc |
There is a vulnerability in htmldoc 1.9.16. In image_load_jpeg function image.cxx when it calls malloc,’img->width’ and ‘img->height’ they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer overflow/Address boundary error in the jpeg_read_scanlines function. | 2022-05-09 | not yet calculated | CVE-2022-27114 MISC MISC MLIST |
eosio — eosio |
EOSIO batdappboomx v327c04cf has an Access-control vulnerability in the `transfer` function of the smart contract which allows remote attackers to win the cryptocurrency without paying ticket fee via the `std::string memo` parameter. | 2022-05-13 | not yet calculated | CVE-2022-27134 MISC |
eset — multiple_products |
Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit “Repair” and “Uninstall” features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0. | 2022-05-10 | not yet calculated | CVE-2022-27167 MISC |
cisco — inrouter302 |
A hard-coded password vulnerability exists in the console infactory functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted network request can lead to privileged operation execution. An attacker can send a sequence of requests to trigger this vulnerability. | 2022-05-12 | not yet calculated | CVE-2022-27172 MISC CONFIRM |
galleon — nts-6002-gps |
An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated attacker can perform command injection as root via shell metacharacters within the Network Tools section of the web-management interface. All three networking tools are affected (Ping, Traceroute, and DNS Lookup) and their respective input fields (ping_address, trace_address, nslookup_address). | 2022-05-09 | not yet calculated | CVE-2022-27224 MISC MISC |
cdsoft — onlinetools |
onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an attacker to download sensitive information about any customer (e.g., data of birth, full address, mail information, and phone number) via GastKont Insecure Direct Object Reference. | 2022-05-13 | not yet calculated | CVE-2022-27247 MISC MISC |
phprojekt — phpsimplygest |
A stored cross-site scripting (XSS) vulnerability in PHProjekt PhpSimplyGest v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a project title. | 2022-05-09 | not yet calculated | CVE-2022-27308 MISC MISC MISC |
explore_cms — explore_cms |
Explore CMS v1.0 was discovered to contain a SQL injection vulnerability via a /page.php?id= request. | 2022-05-09 | not yet calculated | CVE-2022-27412 MISC MISC |
sap — web_dispatcher_and_the_internet_communication_manager |
The Web administration UI of SAP Web Dispatcher and the Internet Communication Manager (ICM) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | 2022-05-11 | not yet calculated | CVE-2022-27656 MISC MISC |
adobe — acrobat_reader_dc | Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-27785 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-27786 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-27787 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-27788 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-27789 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-27790 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a stack-based buffer overflow vulnerability due to insecure processing of a font, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file | 2022-05-11 | not yet calculated | CVE-2022-27791 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-27792 MISC |
adobe — acrobat_reader_dc | Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-27793 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by the use of a variable that has not been initialized when processing of embedded fonts, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file | 2022-05-11 | not yet calculated | CVE-2022-27794 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-27795 MISC |
adobe — acrobat_reader_dc | Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-27796 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-27797 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-27798 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-27799 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-27800 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-27801 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-27802 MISC |
joomla — joomla |
In Joomla component ‘jDownloads 3.9.8.2 Stable’ the remote user can change some parameters in the address bar and see the names of other users’ files | 2022-05-06 | not yet calculated | CVE-2022-27909 MISC MISC |
home_owners_collection_management — home_owners_collection_management | Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET[‘s’] parameter. | 2022-05-11 | not yet calculated | CVE-2022-28077 MISC MISC |
home_owners_collection_management — home_owners_collection_management | Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET[‘page’] parameter. | 2022-05-11 | not yet calculated | CVE-2022-28078 MISC MISC |
hotel_management_system — hotel_management_system | Hotel Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at the login page. | 2022-05-10 | not yet calculated | CVE-2022-28110 MISC MISC |
broadcom — brocade_sannav |
An information exposure through log file vulnerability in Brocade SANNav versions before Brocade SANnav 2.2.0 could allow an authenticated, local attacker to view sensitive information such as ssh passwords in filetansfer.log in debug mode. To exploit this vulnerability, the attacker would need to have valid user credentials and turn on debug mode. | 2022-05-09 | not yet calculated | CVE-2022-28161 MISC |
broadcom — brocade_sannav | Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text. | 2022-05-09 | not yet calculated | CVE-2022-28162 MISC |
sap — businessobjects_enterprise_and_central_management_server |
During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) – versions 420, 430, authentication credentials are being exposed in Sysmon event logs. This Information Disclosure could cause a high impact on systems’ Confidentiality, Integrity, and Availability. | 2022-05-11 | not yet calculated | CVE-2022-28214 MISC MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28230 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by an out-of-bounds read vulnerability when processing a doc object, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28231 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the collab object that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28232 MISC |
adobe — acrobat_reader_dc | Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28233 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a heap-based buffer overflow vulnerability due to insecure handling of a crafted .pdf file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file | 2022-05-11 | not yet calculated | CVE-2022-28234 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28235 MISC |
adobe — acrobat_reader_dc | Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28236 MISC |
adobe — acrobat_reader_dc | Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28237 MISC |
adobe — acrobat_reader_dc | Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28238 MISC |
adobe — acrobat_reader_dc | Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28239 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28240 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28241 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28242 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28243 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a violation of secure design principles through bypassing the content security policy, which could result in an attacker sending arbitrarily configured requests to the cross-origin attack target domain. Exploitation requires user interaction in which the victim needs to access a crafted PDF file on an attacker’s server. | 2022-05-11 | not yet calculated | CVE-2022-28244 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28245 MISC |
adobe — acrobat_reader_dc | Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28246 MISC |
adobe — acrobat_reader_dc | Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an uncontrolled search path vulnerability that could lead to local privilege escalation. Exploitation of this issue requires user interaction in that a victim must run the uninstaller with Admin privileges. | 2022-05-11 | not yet calculated | CVE-2022-28247 MISC |
adobe — acrobat_reader_dc | Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28248 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28249 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28250 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28251 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28252 MISC |
adobe — acrobat_reader_dc | Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28253 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28254 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28255 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28256 MISC |
adobe — acrobat_reader_dc | Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28257 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28258 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28259 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28260 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28261 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28262 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28263 MISC |
adobe — acrobat_reader_dc | Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28264 MISC |
adobe — acrobat_reader_dc | Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28265 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28266 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28267 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28268 MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of Annotation objects that could result in a memory leak in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28269 MISC |
imagemagick — imagemagick |
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. | 2022-05-08 | not yet calculated | CVE-2022-28463 MISC MISC MISC MLIST |
pypl — pypl |
marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor. | 2022-05-08 | not yet calculated | CVE-2022-28470 MISC MISC MISC |
lms_doctor — simple_2fa_plugin_for_moodle |
A Two-Factor Authentication (2FA) bypass vulnerability in “Simple 2FA Plugin for Moodle” by LMS Doctor allows remote attackers to overwrite the phone number used for confirmation via the profile.php file. Therefore, allowing them to bypass the phone verification mechanism. | 2022-05-10 | not yet calculated | CVE-2022-28601 MISC MISC |
ruby — ruby |
A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations. | 2022-05-09 | not yet calculated | CVE-2022-28738 MISC CONFIRM MISC |
ruby — ruby |
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f. | 2022-05-09 | not yet calculated | CVE-2022-28739 MISC MISC CONFIRM |
sap — host_agent |
Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be restricted. | 2022-05-11 | not yet calculated | CVE-2022-28774 MISC MISC |
adobe — coldfusion |
ColdFusion versions CF2021U3 (and earlier) and CF2018U13 are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser. | 2022-05-12 | not yet calculated | CVE-2022-28818 MISC |
adobe — character_animator |
Adobe Character Animator versions 4.4.2 (and earlier) and 22.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious SVG file. | 2022-05-12 | not yet calculated | CVE-2022-28819 MISC |
adobe — framemaker |
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-13 | not yet calculated | CVE-2022-28821 MISC |
adobe — framemaker |
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-13 | not yet calculated | CVE-2022-28822 MISC |
adobe — framemaker |
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by a Use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-13 | not yet calculated | CVE-2022-28823 MISC |
adobe — framemaker |
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by a Use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-13 | not yet calculated | CVE-2022-28824 MISC |
adobe — framemaker |
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-13 | not yet calculated | CVE-2022-28825 MISC |
adobe — framemaker |
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-13 | not yet calculated | CVE-2022-28826 MISC |
adobe — framemaker |
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-13 | not yet calculated | CVE-2022-28827 MISC |
adobe — framemaker |
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-13 | not yet calculated | CVE-2022-28828 MISC |
adobe — framemaker |
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-13 | not yet calculated | CVE-2022-28829 MISC |
adobe — framemaker |
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-13 | not yet calculated | CVE-2022-28830 MISC |
adobe — acrobat_pro_dc |
Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28837 MISC |
adobe — acrobat_pro_dc |
Acrobat Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-05-11 | not yet calculated | CVE-2022-28838 MISC |
f-secure — safe_browser |
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails in a loop. | 2022-05-12 | not yet calculated | CVE-2022-28872 MISC |
f-secure — safe_browser |
A vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functionality in SAFE Browser which could lead address bar spoofing attacks. | 2022-05-12 | not yet calculated | CVE-2022-28873 MISC MISC |
d-link — dir882 | A command injection vulnerability in the component /setnetworksettings/IPAddress of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload. | 2022-05-10 | not yet calculated | CVE-2022-28895 MISC MISC |
d-link — dir882 | A command injection vulnerability in the component /setnetworksettings/SubnetMask of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload. | 2022-05-10 | not yet calculated | CVE-2022-28896 MISC MISC |
d-link — dir882 |
A command injection vulnerability in the component /SetTriggerLEDBlink/Blink of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload. | 2022-05-10 | not yet calculated | CVE-2022-28901 MISC MISC |
totolink — n600r |
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicemac parameter in /setting/setDeviceName. | 2022-05-10 | not yet calculated | CVE-2022-28905 MISC |
totolink — n600r |
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg. | 2022-05-10 | not yet calculated | CVE-2022-28906 MISC |
totolink — n600r | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost. | 2022-05-10 | not yet calculated | CVE-2022-28907 MISC |
totolink — n600r | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg. | 2022-05-10 | not yet calculated | CVE-2022-28908 MISC |
totolink — n600r | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx. | 2022-05-10 | not yet calculated | CVE-2022-28909 MISC |
totolink — n600r | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName. | 2022-05-10 | not yet calculated | CVE-2022-28910 MISC |
totolink — n600r | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/CloudACMunualUpdate. | 2022-05-10 | not yet calculated | CVE-2022-28911 MISC |
totolink — n600r |
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUpgradeFW. | 2022-05-10 | not yet calculated | CVE-2022-28912 MISC |
totolink — n600r |
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUploadSetting. | 2022-05-10 | not yet calculated | CVE-2022-28913 MISC |
d-link — dir-816 |
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a command injection vulnerability via the admuser and admpass parameters in /goform/setSysAdm. | 2022-05-10 | not yet calculated | CVE-2022-28915 MISC MISC |
htmlcreator — htmlcreator |
HTMLCreator release_stable_2020-07-29 was discovered to contain a cross-site scripting (XSS) vulnerability via the function _generateFilename. | 2022-05-12 | not yet calculated | CVE-2022-28919 MISC |
tieba-cloud-sign — tieba-cloud-sign |
Tieba-Cloud-Sign v4.9 was discovered to contain a cross-site scripting (XSS) vulnerability via the function strip_tags. | 2022-05-12 | not yet calculated | CVE-2022-28920 MISC |
lms_doctor_simple_2_factor_authentication_plugin — lms_doctor_simple_2_factor_authentication_plugin | LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: 2021072900 has an Insecure direct object references (IDOR) vulnerability, which allows remote attackers to update sensitive records such as email, password and phone number of other user accounts. | 2022-05-10 | not yet calculated | CVE-2022-28986 MISC MISC MISC |
directory_management_system — directory_management_system | Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication. | 2022-05-11 | not yet calculated | CVE-2022-29006 MISC |
dairy_farm_shop_management_system — dairy_farm_shop_management_system | Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication. | 2022-05-11 | not yet calculated | CVE-2022-29007 MISC |
bus_pass_management_system — bus_pass_management_system | An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information. | 2022-05-11 | not yet calculated | CVE-2022-29008 MISC |
cyber_cafe_management_system_project — cyber_cafe_management_system_project |
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication. | 2022-05-11 | not yet calculated | CVE-2022-29009 MISC |
microsoft — failover_cluster | Windows Failover Cluster Information Disclosure Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-29102 MISC |
microsoft — windows_remote_access_connection_manager | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-29103 MISC |
microsoft — print_spooler | Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29132. | 2022-05-10 | not yet calculated | CVE-2022-29104 MISC |
microsoft — windows_media_foundation | Microsoft Windows Media Foundation Remote Code Execution Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-29105 MISC |
microsoft — hyper-v_shared_virtual_disk | Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-29106 MISC |
microsoft — office |
Microsoft Office Security Feature Bypass Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-29107 MISC |
microsoft — sharepoint | Microsoft SharePoint Server Remote Code Execution Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-29108 MISC |
microsoft — excel | Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29110. | 2022-05-10 | not yet calculated | CVE-2022-29109 MISC |
microsoft — excel |
Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29109. | 2022-05-10 | not yet calculated | CVE-2022-29110 MISC |
microsoft — graphics |
Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22011, CVE-2022-26934. | 2022-05-10 | not yet calculated | CVE-2022-29112 MISC |
microsoft — digital_media_receiver |
Windows Digital Media Receiver Elevation of Privilege Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-29113 MISC |
microsoft — windows_print_spooler |
Windows Print Spooler Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29140. | 2022-05-10 | not yet calculated | CVE-2022-29114 MISC |
microsoft — windows_fax_service |
Windows Fax Service Remote Code Execution Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-29115 MISC |
microsoft — windows_kernel |
Windows Kernel Information Disclosure Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-29116 MISC |
microsoft — .net_and_visual_studio | .NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29145. | 2022-05-10 | not yet calculated | CVE-2022-29117 MISC |
microsoft — windows_clustered | Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29122, CVE-2022-29123, CVE-2022-29134. | 2022-05-10 | not yet calculated | CVE-2022-29120 MISC |
microsoft — windows_wlan | Windows WLAN AutoConfig Service Denial of Service Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-29121 MISC |
microsoft — windows_clustered |
Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29120, CVE-2022-29123, CVE-2022-29134. | 2022-05-10 | not yet calculated | CVE-2022-29122 MISC |
microsoft — windows_clustered |
Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29120, CVE-2022-29122, CVE-2022-29134. | 2022-05-10 | not yet calculated | CVE-2022-29123 MISC |
microsoft — windows_push_notifications_app |
Windows Push Notifications Apps Elevation of Privilege Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-29125 MISC |
microsoft — tablet_windows_user_interface_application |
Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-29126 MISC |
microsoft — bitlocker |
BitLocker Security Feature Bypass Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-29127 MISC |
microsoft — ldap |
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. | 2022-05-10 | not yet calculated | CVE-2022-29128 MISC |
microsoft — ldap |
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. | 2022-05-10 | not yet calculated | CVE-2022-29129 MISC |
microsoft — ldap | Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. | 2022-05-10 | not yet calculated | CVE-2022-29130 MISC |
microsoft — ldap |
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. | 2022-05-10 | not yet calculated | CVE-2022-29131 MISC |
microsoft — print_spooler_elevation |
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29104. | 2022-05-10 | not yet calculated | CVE-2022-29132 MISC |
microsoft — windows_kernel |
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29142. | 2022-05-10 | not yet calculated | CVE-2022-29133 MISC |
microsoft — clustered_shared_volume | Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29120, CVE-2022-29122, CVE-2022-29123. | 2022-05-10 | not yet calculated | CVE-2022-29134 MISC |
microsoft — clustered_shared_volume | Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29150, CVE-2022-29151. | 2022-05-10 | not yet calculated | CVE-2022-29135 MISC |
microsoft — ldap |
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29139, CVE-2022-29141. | 2022-05-10 | not yet calculated | CVE-2022-29137 MISC |
microsoft — clustered_shared_volume | Windows Clustered Shared Volume Elevation of Privilege Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-29138 MISC |
microsoft — ldap | Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29141. | 2022-05-10 | not yet calculated | CVE-2022-29139 MISC |
microsoft — print_spooler | Windows Print Spooler Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29114. | 2022-05-10 | not yet calculated | CVE-2022-29140 MISC |
microsoft — windows_ldap |
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139. | 2022-05-10 | not yet calculated | CVE-2022-29141 MISC |
microsoft — windows_kernel | Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29133. | 2022-05-10 | not yet calculated | CVE-2022-29142 MISC |
microsoft — .net_and_visual_studio | .NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29117. | 2022-05-10 | not yet calculated | CVE-2022-29145 MISC |
microsoft — visual_studio | Visual Studio Remote Code Execution Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-29148 MISC |
microsoft — multiple_products | Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29135, CVE-2022-29151. | 2022-05-10 | not yet calculated | CVE-2022-29150 MISC |
microsoft — multiple_products | Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29135, CVE-2022-29150. | 2022-05-10 | not yet calculated | CVE-2022-29151 MISC |
charmbracelet — charm |
A vulnerability in which attackers could forge HTTP requests to manipulate the `charm` data directory to access or delete anything on the server. This has been patched and is available in release [v0.12.1](https://github.com/charmbracelet/charm/releases/tag/v0.12.1). We recommend that all users running self-hosted `charm` instances update immediately. This vulnerability was found in-house and we haven’t been notified of any potential exploiters. ### Additional notes * Encrypted user data uploaded to the Charm server is safe as Charm servers cannot decrypt user data. This includes filenames, paths, and all key-value data. * Users running the official Charm [Docker images](https://github.com/charmbracelet/charm/blob/main/docker.md) are at minimal risk because the exploit is limited to the containerized filesystem. | 2022-05-07 | not yet calculated | CVE-2022-29180 MISC CONFIRM |
rubygems — rubygems |
RubyGems is a package registry used to supply software for the Ruby language ecosystem. An ordering mistake in the code that accepts gem uploads allowed some gems (with platforms ending in numbers, like `arm64-darwin-21`) to be temporarily replaced in the CDN cache by a malicious package. The bug has been patched, and is believed to have never been exploited, based on an extensive review of logs and existing gems by rubygems. The easiest way to ensure that an application has not been exploited by this vulnerability is to verify all downloaded .gems checksums match the checksum recorded in the RubyGems.org database. RubyGems.org has been patched and is no longer vulnerable to this issue. | 2022-05-13 | not yet calculated | CVE-2022-29218 CONFIRM |
solarview_compact — solarview_compact | SolarView Compact ver.6.00 allows attackers to access sensitive files via directory traversal. | 2022-05-12 | not yet calculated | CVE-2022-29298 MISC |
solarview_compact — solarview_compact | SolarView Compact ver.6.00 was discovered to contain a local file disclosure via /html/Solar_Ftp.php. | 2022-05-12 | not yet calculated | CVE-2022-29302 MISC |
solarview_compact — solarview_compact | SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php. | 2022-05-12 | not yet calculated | CVE-2022-29303 MISC |
ionize — ionizecms |
IonizeCMS v1.0.8.1 was discovered to contain a SQL injection vulnerability via the id_page parameter in application/models/article_model.php. | 2022-05-12 | not yet calculated | CVE-2022-29306 MISC |
ionize — ionizecms |
IonizeCMS v1.0.8.1 was discovered to contain a command injection vulnerability via the function copy_lang_content in application/models/lang_model.php. | 2022-05-12 | not yet calculated | CVE-2022-29307 MISC |
complete_online_job_search_system — complete_online_job_search_system | Complete Online Job Search System v1.0 was discovered to contain a SQL injection vulnerability via /eris/index.php?q=result&searchfor=advancesearch. | 2022-05-11 | not yet calculated | CVE-2022-29316 MISC |
simple_bus_ticket_booking_system — simple_bus_ticket_booking_system | Simple Bus Ticket Booking System v1.0 was discovered to contain multiple SQL injection vulnerbilities via the username and password parameters at /assets/partials/_handleLogin.php. | 2022-05-11 | not yet calculated | CVE-2022-29317 MISC |
car_rental_management_system — new_entry_module |
An arbitrary file upload vulnerability in the New Entry module of Car Rental Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | 2022-05-11 | not yet calculated | CVE-2022-29318 MISC |
d-link — dir-816 |
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the lanip parameter in /goform/setNetworkLan. | 2022-05-10 | not yet calculated | CVE-2022-29321 MISC MISC |
d-link — dir-816 |
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the IPADDR and nvmacaddr parameters in /goform/form2Dhcpip. | 2022-05-10 | not yet calculated | CVE-2022-29322 MISC MISC |
d-link — dir-816 |
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the MAC parameter in /goform/editassignment. | 2022-05-10 | not yet calculated | CVE-2022-29323 MISC MISC |
d-link — dir-816 |
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the proto parameter in /goform/form2IPQoSTcAdd. | 2022-05-10 | not yet calculated | CVE-2022-29324 MISC MISC |
d-link — dir-816 |
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addurlfilter parameter in /goform/websURLFilter. | 2022-05-10 | not yet calculated | CVE-2022-29325 MISC MISC |
d-link — dir-816 |
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addhostfilter parameter in /goform/websHostFilter. | 2022-05-10 | not yet calculated | CVE-2022-29326 MISC MISC |
d-link — dir-816 | D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the urladd parameter in /goform/websURLFilterAddDel. | 2022-05-10 | not yet calculated | CVE-2022-29327 MISC MISC |
d-link — dap-1330_oss-firmware | D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a stack overflow via the function checkvalidupgrade. | 2022-05-10 | not yet calculated | CVE-2022-29328 MISC MISC |
d-link — dap-1330_oss-firmware | D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a heap overflow via the devicename parameter in /goform/setDeviceSettings. | 2022-05-10 | not yet calculated | CVE-2022-29329 MISC MISC |
phpok — phpok |
Phpok v6.1 was discovered to contain a deserialization vulnerability via the update_f() function in login_control.php. This vulnerability allows attackers to getshell via writing arbitrary files. | 2022-05-12 | not yet calculated | CVE-2022-29363 MISC |
moddable — moddable |
Moddable commit before 135aa9a4a6a9b49b60aa730ebc3bcc6247d75c45 was discovered to contain an out-of-bounds read via the function fxUint8Getter at /moddable/xs/sources/xsDataView.c. | 2022-05-12 | not yet calculated | CVE-2022-29368 MISC MISC |
nginx — nginx_njs |
Nginx NJS v0.7.2 was discovered to contain a segmentation violation via njs_lvlhsh_bucket_find at njs_lvlhsh.c. | 2022-05-12 | not yet calculated | CVE-2022-29369 MISC MISC |
netgear — prosafe_ssl_vpn |
NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi. | 2022-05-13 | not yet calculated | CVE-2022-29383 MISC MISC |
totolink — n600r | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8. | 2022-05-10 | not yet calculated | CVE-2022-29391 MISC |
totolink — n600r | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24. | 2022-05-10 | not yet calculated | CVE-2022-29392 MISC |
totolink — n600r | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc. | 2022-05-10 | not yet calculated | CVE-2022-29393 MISC |
totolink — n600r | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448. | 2022-05-10 | not yet calculated | CVE-2022-29394 MISC |
totolink — n600r | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4. | 2022-05-10 | not yet calculated | CVE-2022-29395 MISC |
totolink — n600r | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418f10. | 2022-05-10 | not yet calculated | CVE-2022-29396 MISC |
totolink — n600r | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8. | 2022-05-10 | not yet calculated | CVE-2022-29397 MISC |
totolink — n600r |
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the File parameter in the function FUN_0041309c. | 2022-05-10 | not yet calculated | CVE-2022-29398 MISC |
totolink — n600r |
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the url parameter in the function FUN_00415bf0. | 2022-05-10 | not yet calculated | CVE-2022-29399 MISC |
wordpress — donations_plugin |
Authenticated (contributor or higher role) Cross-Site Scripting (XSS) vulnerability in Donations plugin <= 1.8 on WordPress. | 2022-05-13 | not yet calculated | CVE-2022-29433 CONFIRM CONFIRM |
gruppo_tim – resi_gemini-net_web |
RESI Gemini-Net Web 4.2 is affected by Improper Access Control in authorization logic. An unauthenticated user is able to access some critical resources. | 2022-05-12 | not yet calculated | CVE-2022-29538 MISC MISC |
gruppo_tim – resi_gemini-net |
resi-calltrace in RESI Gemini-Net 4.2 is affected by OS Command Injection. It does not properly check the parameters sent as input before they are processed on the server. Due to the lack of validation of user input, an unauthenticated attacker can bypass the syntax intended by the software (e.g., concatenate `&|;\r\ commands) and inject arbitrary system commands with the privileges of the application user. | 2022-05-12 | not yet calculated | CVE-2022-29539 MISC MISC |
tend — tx9_pro | Tenda TX9 Pro 22.03.02.10 devices have a SetNetControlList buffer overflow. | 2022-05-10 | not yet calculated | CVE-2022-29591 MISC |
microstrategy — enterprise_manager_2022 |
MicroStrategy Enterprise Manager 2022 allows authentication bypass by triggering a login failure and then entering the Uid=/../../../../../../../../../../../windows/win.ini%00.jpg&Pwd=_any_password_&ConnMode=1&3054=Login substring for directory traversal. | 2022-05-11 | not yet calculated | CVE-2022-29596 MISC |
sap — netweaver_application_server | SAP NetWeaver Application Server ABAP allows an authenticated attacker to upload malicious files and delete (theme) data, which could result in Stored Cross-Site Scripting (XSS) attack. | 2022-05-11 | not yet calculated | CVE-2022-29610 MISC MISC |
sap — netweaver_application_server |
SAP NetWeaver Application Server for ABAP and ABAP Platform do not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | 2022-05-11 | not yet calculated | CVE-2022-29611 MISC MISC |
sap — employee_self_service |
Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker with user privileges to alter employee number. On successful exploitation, the attacker can view personal details of other users causing a limited impact on confidentiality of the application. | 2022-05-11 | not yet calculated | CVE-2022-29613 MISC MISC |
sap — multiple_products |
SAP Host Agent, SAP NetWeaver and ABAP Platform allow an attacker to leverage logical errors in memory management to cause a memory corruption. | 2022-05-11 | not yet calculated | CVE-2022-29616 MISC MISC |
wedding_management_system — upload_photos_module |
An arbitrary file upload vulnerability in the Upload Photos module of Wedding Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | 2022-05-11 | not yet calculated | CVE-2022-29655 MISC |
wedding_management_system — wedding_management_system | Wedding Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Wedding-Management/package_detail.php. | 2022-05-11 | not yet calculated | CVE-2022-29656 MISC |
survey_sparrow — enterprise_survery_software | Survey Sparrow Enterprise Survey Software 2022 has a Stored cross-site scripting (XSS) vulnerability in the Signup parameter. | 2022-05-11 | not yet calculated | CVE-2022-29727 MISC MISC |
survey_sparrow — enterprise_survery_software | Survey Sparrow Enterprise Survey Software 2022 has a Reflected cross-site scripting (XSS) vulnerability in the test parameter. | 2022-05-11 | not yet calculated | CVE-2022-29728 MISC MISC |
money_transfer_management_system — money_transfer_management_system | Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=transaction/send&id=, id. | 2022-05-12 | not yet calculated | CVE-2022-29738 MISC |
money_transfer_management_system — money_transfer_management_system | Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=user/manage_user&id=. | 2022-05-12 | not yet calculated | CVE-2022-29739 MISC |
money_transfer_management_system — money_transfer_management_system | Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=delete_fee. | 2022-05-12 | not yet calculated | CVE-2022-29741 MISC |
money_transfer_management_system — money_transfer_management_system | Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=delete_transaction. | 2022-05-12 | not yet calculated | CVE-2022-29745 MISC |
money_transfer_management_system — money_transfer_management_system | Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/classes/Users.php?f=delete. | 2022-05-12 | not yet calculated | CVE-2022-29746 MISC |
simple_client_management_system — simple_client_management_system | Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/manage_invoice&id= // Leak place —> id. | 2022-05-12 | not yet calculated | CVE-2022-29747 MISC |
simple_client_management_system — simple_client_management_system | Simple Client Management System 1.0 is vulnerable to SQL Injection via \cms\admin?page=client/manage_client&id=. | 2022-05-12 | not yet calculated | CVE-2022-29748 MISC |
simple_client_management_system — simple_client_management_system | Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_invoice. | 2022-05-12 | not yet calculated | CVE-2022-29749 MISC |
simple_client_management_system — simple_client_management_system | Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_service. | 2022-05-12 | not yet calculated | CVE-2022-29750 MISC |
simple_client_management_system — simple_client_management_system | Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_client. | 2022-05-12 | not yet calculated | CVE-2022-29751 MISC |
huawei — hialserver | The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services. | 2022-05-13 | not yet calculated | CVE-2022-29789 MISC MISC |
huawei — harmonyos | The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions. | 2022-05-13 | not yet calculated | CVE-2022-29790 MISC MISC |
huawei — hialserver | The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | 2022-05-13 | not yet calculated | CVE-2022-29791 MISC MISC |
huawei — chip_component | The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality. | 2022-05-13 | not yet calculated | CVE-2022-29792 MISC MISC |
huawei — activation_lock | There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability. | 2022-05-13 | not yet calculated | CVE-2022-29793 MISC MISC |
huawei — frame_scheduling_module | The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality. | 2022-05-13 | not yet calculated | CVE-2022-29794 MISC MISC |
huawei — frame_scheduling_module | The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability. | 2022-05-13 | not yet calculated | CVE-2022-29795 MISC MISC |
huawei — hialserver |
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | 2022-05-13 | not yet calculated | CVE-2022-29796 MISC MISC |
progress — ipswitch_watchsup_gold | In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file. | 2022-05-11 | not yet calculated | CVE-2022-29845 MISC MISC |
progress — ipswitch_watchsup_gold | In Progress Ipswitch WhatsUp Gold 16.1 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to obtain the WhatsUp Gold installation serial number. | 2022-05-11 | not yet calculated | CVE-2022-29846 MISC MISC |
progress — ipswitch_watchsup_gold |
In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host. | 2022-05-11 | not yet calculated | CVE-2022-29847 MISC MISC |
progress — ipswitch_watchsup_gold |
In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system. | 2022-05-11 | not yet calculated | CVE-2022-29848 MISC MISC |
mitel — 6900_series |
A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12) and earlier, could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution. | 2022-05-13 | not yet calculated | CVE-2022-29854 MISC CONFIRM |
mitel — multiple_products |
Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have “undocumented functionality.” A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution. | 2022-05-11 | not yet calculated | CVE-2022-29855 MISC CONFIRM |
apple — 1passord |
1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass. Malicious software running on the same computer can exfiltrate secrets from 1Password provided that 1Password is running and is unlocked. Affected secrets include vault items and derived values used for signing in to 1Password. | 2022-05-09 | not yet calculated | CVE-2022-29868 MISC |
apache — tomcat |
The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks. | 2022-05-12 | not yet calculated | CVE-2022-29885 MISC |
phoneix_contact — rad-ism |
On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the traceroute utility integrated in the WebUI to execute arbitrary code with root privileges on the OS due to an improper input validation in all versions of the firmware. | 2022-05-11 | not yet calculated | CVE-2022-29897 CONFIRM |
phoneix_contact — rad-ism | On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the configuration file uploader in the WebUI to execute arbitrary code with root privileges on the OS due to an improper validation of an integrity check value in all versions of the firmware. | 2022-05-11 | not yet calculated | CVE-2022-29898 CONFIRM |
jetbrains — teamcity | In JetBrains TeamCity before 2022.04 reflected XSS on the Build Chain Status page was possible | 2022-05-12 | not yet calculated | CVE-2022-29927 MISC |
jetbrains — teamcity | In JetBrains TeamCity before 2022.04 leak of secrets in TeamCity agent logs was possible | 2022-05-12 | not yet calculated | CVE-2022-29928 MISC |
jetbrains — teamcity | In JetBrains TeamCity before 2022.04 potential XSS via Referrer header was possible | 2022-05-12 | not yet calculated | CVE-2022-29929 MISC |
jetbrains — ktor_native |
SHA1 implementation in JetBrains Ktor Native before 2.0.1 was returning the same value | 2022-05-12 | not yet calculated | CVE-2022-29930 MISC MISC |
primeur — spazio |
The HTTP Server in PRIMEUR SPAZIO 2.5.1.954 (File Transfer) allows an unauthenticated attacker to obtain sensitive data (related to the content of transferred files) via a crafted HTTP request. | 2022-05-11 | not yet calculated | CVE-2022-29932 MISC MISC |
craft_cms — cms |
Craft CMS through 3.7.36 allows a remote unauthenticated attacker, who knows at least one valid username, to reset the account’s password and take over the account by providing a crafted HTTP header to the application while using the password reset functionality. Specifically, the attacker must send X-Forwarded-Host to the /index.php?p=admin/actions/users/send-password-reset-email URI. NOTE: the vendor’s position is that a customer can already work around this by adjusting the configuration (i.e., by not using the default configuration). | 2022-05-09 | not yet calculated | CVE-2022-29933 MISC MISC MISC MISC |
magnitude — simba_amazon_redshift_odbc_driver |
An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Athena ODBC Driver 1.1.1 through 1.1.x before 1.1.17 may allow a local user to execute arbitrary code. | 2022-05-09 | not yet calculated | CVE-2022-29971 CONFIRM MISC |
magnitude — simba_amazon_redshift_odbc_driver | An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift ODBC Driver (1.4.14 through 1.4.21.1001 and 1.4.22 through 1.4.x before 1.4.52) may allow a local user to execute arbitrary code. | 2022-05-09 | not yet calculated | CVE-2022-29972 CONFIRM MISC |
mdaemon — mdaemon | An Authenticated Reflected Cross-site scripting at CC Parameter was discovered in MDaemon before 22.0.0 . | 2022-05-11 | not yet calculated | CVE-2022-29975 MISC |
mdaemon — mdaemon | An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0 . | 2022-05-11 | not yet calculated | CVE-2022-29976 MISC |
libsixel — libsixel | There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file. | 2022-05-11 | not yet calculated | CVE-2022-29977 MISC |
libsixel — libsixel | There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file. | 2022-05-11 | not yet calculated | CVE-2022-29978 MISC |
simple_client_management_system — simple_client_management_system | Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_designation. | 2022-05-12 | not yet calculated | CVE-2022-29979 MISC |
simple_client_management_system — simple_client_management_system | Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=user/manage_user&id=. | 2022-05-12 | not yet calculated | CVE-2022-29980 MISC |
simple_client_management_system — simple_client_management_system | Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Users.php?f=delete. | 2022-05-12 | not yet calculated | CVE-2022-29981 MISC |
simple_client_management_system — simple_client_management_system | Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/maintenance/manage_service.php?id=. | 2022-05-12 | not yet calculated | CVE-2022-29982 MISC |
simple_client_management_system — simple_client_management_system | Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/view_invoice&id=. | 2022-05-12 | not yet calculated | CVE-2022-29983 MISC |
simple_client_management_system — simple_client_management_system | Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=client/view_client&id=. | 2022-05-12 | not yet calculated | CVE-2022-29984 MISC |
online_sports_complex_booking_system — online_sports_complex_booking_system | Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_category. | 2022-05-12 | not yet calculated | CVE-2022-29985 MISC |
online_sports_complex_booking_system — online_sports_complex_booking_system | Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_facility. | 2022-05-12 | not yet calculated | CVE-2022-29986 MISC |
online_sports_complex_booking_system — online_sports_complex_booking_system | Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=user/manage_user&id=. | 2022-05-12 | not yet calculated | CVE-2022-29987 MISC |
online_sports_complex_booking_system — online_sports_complex_booking_system | Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete. | 2022-05-12 | not yet calculated | CVE-2022-29988 MISC |
online_sports_complex_booking_system — online_sports_complex_booking_system | Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_booking. | 2022-05-12 | not yet calculated | CVE-2022-29989 MISC |
online_sports_complex_booking_system — online_sports_complex_booking_system | Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/view_category.php?id=. | 2022-05-12 | not yet calculated | CVE-2022-29990 MISC |
online_sports_complex_booking_system — online_sports_complex_booking_system | Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/manage_category.php?id=. | 2022-05-12 | not yet calculated | CVE-2022-29992 MISC |
online_sports_complex_booking_system — online_sports_complex_booking_system | Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/bookings/view_booking.php?id=. | 2022-05-12 | not yet calculated | CVE-2022-29993 MISC |
online_sports_complex_booking_system — online_sports_complex_booking_system | Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=facilities/manage_facility&id=. | 2022-05-12 | not yet calculated | CVE-2022-29994 MISC |
online_sports_complex_booking_system — online_sports_complex_booking_system | Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=clients/manage_client&id=. | 2022-05-12 | not yet calculated | CVE-2022-29995 MISC |
insurance_management_system — insurance_management_system | Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/clientStatus.php?client_id=. | 2022-05-12 | not yet calculated | CVE-2022-29998 MISC |
insurance_management_system — insurance_management_system | Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editClient.php?client_id=. | 2022-05-12 | not yet calculated | CVE-2022-29999 MISC |
insurance_management_system — insurance_management_system | Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editPayment.php?recipt_no=. | 2022-05-12 | not yet calculated | CVE-2022-30000 MISC |
insurance_management_system — insurance_management_system | Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editAgent.php?agent_id=. | 2022-05-12 | not yet calculated | CVE-2022-30001 MISC |
insurance_management_system — insurance_management_system | Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editNominee.php?nominee_id=. | 2022-05-12 | not yet calculated | CVE-2022-30002 MISC |
tenda — ax1803 |
Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / goform / setsystimecfg of / bin / tdhttpd in ubif file system, attackers can access http://ip/goform/SetSysTimeCfg, and by setting the ntpserve parameter, the stack buffer overflow can be caused to achieve the effect of router denial of service. | 2022-05-11 | not yet calculated | CVE-2022-30040 MISC |
mingsoft — mcms | Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/listExcludeApp URI via orderBy parameter. | 2022-05-11 | not yet calculated | CVE-2022-30047 MISC |
mingsoft — mcms | Mingsoft MCMS 5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/list URI via orderBy parameter. | 2022-05-11 | not yet calculated | CVE-2022-30048 MISC |
shopwind — shopwind | Shopwind <=v3.4.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability. | 2022-05-11 | not yet calculated | CVE-2022-30057 MISC |
shopwind — shopwind | Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Download vulnerability via the neirong parameter at \backend\controllers\DbController.php. | 2022-05-11 | not yet calculated | CVE-2022-30058 MISC |
shopwind — shopwind | Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Delete vulnerability via the neirong parameter at \backend\controllers\DbController.php. | 2022-05-11 | not yet calculated | CVE-2022-30059 MISC |
ftcms — ftcms | ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php | 2022-05-11 | not yet calculated | CVE-2022-30060 MISC |
ftcms — ftcms | ftcms <=2.1 was discovered to be vulnerable to directory traversal attacks via the parameter tp. | 2022-05-11 | not yet calculated | CVE-2022-30061 MISC |
ftcms — ftcms | ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Read via tp.php | 2022-05-11 | not yet calculated | CVE-2022-30062 MISC |
ftcms — ftcms | ftcms <=2.1 was discovered to be vulnerable to code execution attacks . | 2022-05-11 | not yet calculated | CVE-2022-30063 MISC |
microsoft — visual_studio_code | Visual Studio Code Remote Code Execution Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-30129 MISC |
microsoft — .net_framework | .NET Framework Denial of Service Vulnerability. | 2022-05-10 | not yet calculated | CVE-2022-30130 MISC |
magnitude — simba_amazon_redshift_jdbc_driver | An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Athena JDBC Driver 2.0.25 through 2.0.28 may allow a local user to execute code. NOTE: this is different from CVE-2022-29971. | 2022-05-09 | not yet calculated | CVE-2022-30239 CONFIRM MISC |
magnitude — simba_amazon_redshift_jdbc_driver | An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift JDBC Driver 1.2.40 through 1.2.55 may allow a local user to execute code. NOTE: this is different from CVE-2022-29972. | 2022-05-09 | not yet calculated | CVE-2022-30240 CONFIRM MISC |
black_duck — black_duck_hub |
A vulnerability in Black Duck Hub’s embedded MadCap Flare documentation files could allow an unauthenticated remote attacker to conduct a cross-site scripting attack. The vulnerability is due to improper validation of user-supplied input to MadCap Flare’s framework embedded within Black Duck Hub’s Help Documentation to supply content. An attacker could exploit this vulnerability by convincing a user to click a link designed to pass malicious input to the interface. A successful exploit could allow the attacker to conduct cross-site scripting attacks and gain access to sensitive browser-based information. | 2022-05-10 | not yet calculated | CVE-2022-30278 MISC |
stormshield — network_security |
An issue was discovered in Stormshield Network Security (SNS) 4.3.x before 4.3.8. The event logging of the ASQ sofbus lacbus plugin triggers the dereferencing of a NULL pointer, leading to a crash of SNS. An attacker could exploit this vulnerability via forged sofbus lacbus traffic to cause a firmware crash. | 2022-05-12 | not yet calculated | CVE-2022-30279 MISC |
pyscript — pyscriptjs |
pyscriptjs (aka PyScript Demonstrator) in PyScript through 2022-05-04 allows a remote user to read Python source code. | 2022-05-09 | not yet calculated | CVE-2022-30286 MISC MISC MISC MISC MISC |
uclibc-ng — uclibc-ng |
uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable DNS transaction IDs that may lead to DNS cache poisoning. This is related to a reset of a value to 0x2. | 2022-05-06 | not yet calculated | CVE-2022-30295 MISC CERT-VN |
keepkey — keepkey_firmware |
In the KeepKey firmware before 7.3.2, the bootloader can be exploited in unusual situations in which the attacker has physical access, convinces the victim to install malicious firmware, or has unspecified other capabilities. lib/board/supervise.c mishandles svhandler_flash_* address range checks. If exploited, any installed malware could persist even after wiping the device and resetting the firmware. | 2022-05-07 | not yet calculated | CVE-2022-30330 MISC MISC |
rarlab — rarlab_unrar |
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected. | 2022-05-09 | not yet calculated | CVE-2022-30333 CONFIRM MISC |
brave — brave |
Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises “Note that Private Windows with Tor Connectivity in Brave are just regular private windows that use Tor as a proxy. Brave does NOT implement most of the privacy protections from Tor Browser.” | 2022-05-07 | not yet calculated | CVE-2022-30334 MISC MISC MISC MISC |
bonanza — wealth_management_system |
Bonanza Wealth Management System (BWM) 7.3.2 allows SQL injection via the login form. Users who supply the application with a SQL injection payload in the User Name textbox could collect all passwords in encrypted format from the Microsoft SQL Server component. | 2022-05-09 | not yet calculated | CVE-2022-30335 MISC MISC MISC |
air_cargo_management_system — air_cargo_management_system | Air Cargo Management System v1.0 is vulnerable to file deletion via /acms/classes/Master.php?f=delete_img. | 2022-05-13 | not yet calculated | CVE-2022-30367 MISC |
air_cargo_management_system — air_cargo_management_system | Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo_type. | 2022-05-13 | not yet calculated | CVE-2022-30370 MISC |
air_cargo_management_system — air_cargo_management_system | Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/view_cargo_type.php?id=. | 2022-05-13 | not yet calculated | CVE-2022-30371 MISC |
air_cargo_management_system — air_cargo_management_system | Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo. | 2022-05-13 | not yet calculated | CVE-2022-30372 MISC |
air_cargo_management_system — air_cargo_management_system | Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/manage_cargo_type.php?id=. | 2022-05-13 | not yet calculated | CVE-2022-30373 MISC |
air_cargo_management_system — air_cargo_management_system | Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/?page=transactions/manage_transaction&id=. | 2022-05-13 | not yet calculated | CVE-2022-30374 MISC |
sourcecodester — simple_social_networking_site | Sourcecodester Simple Social Networking Site v1.0 is vulnerable to file deletion via /sns/classes/Master.php?f=delete_img. | 2022-05-13 | not yet calculated | CVE-2022-30375 MISC |
sourcecodester — simple_social_networking_site | Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/members/view_member.php?id=. | 2022-05-13 | not yet calculated | CVE-2022-30376 MISC |
sourcecodester — simple_social_networking_site | Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=posts/view_post&id=. | 2022-05-13 | not yet calculated | CVE-2022-30378 MISC |
sourcecodester — simple_social_networking_site | Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=user/manage_user&id=. | 2022-05-13 | not yet calculated | CVE-2022-30379 MISC |
merchandise_online_store — merchandise_online_store | Merchandise Online Store v1.0 is vulnerable to file deletion via /vloggers_merch/classes/Master.php?f=delete_img. | 2022-05-13 | not yet calculated | CVE-2022-30381 MISC |
merchandise_online_store — merchandise_online_store | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_inventory. | 2022-05-13 | not yet calculated | CVE-2022-30384 MISC |
merchandise_online_store — merchandise_online_store | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_order. | 2022-05-13 | not yet calculated | CVE-2022-30385 MISC |
merchandise_online_store — merchandise_online_store | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_featured. | 2022-05-13 | not yet calculated | CVE-2022-30386 MISC |
merchandise_online_store — merchandise_online_store | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=pay_order. | 2022-05-13 | not yet calculated | CVE-2022-30387 MISC |
merchandise_online_store — merchandise_online_store | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_category. | 2022-05-13 | not yet calculated | CVE-2022-30391 MISC |
merchandise_online_store — merchandise_online_store | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_sub_category. | 2022-05-13 | not yet calculated | CVE-2022-30392 MISC |
merchandise_online_store — merchandise_online_store | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=product/manage_product&id=. | 2022-05-13 | not yet calculated | CVE-2022-30393 MISC |
merchandise_online_store — merchandise_online_store | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_cart. | 2022-05-13 | not yet calculated | CVE-2022-30395 MISC |
merchandise_online_store — merchandise_online_store | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=inventory/manage_inventory&id=. | 2022-05-13 | not yet calculated | CVE-2022-30396 MISC |
merchandise_online_store — merchandise_online_store | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=orders/view_order&id=. | 2022-05-13 | not yet calculated | CVE-2022-30398 MISC |
merchandise_online_store — merchandise_online_store | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_category&id=. | 2022-05-13 | not yet calculated | CVE-2022-30399 MISC |
merchandise_online_store — merchandise_online_store | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/orders/view_order.php?view=user&id=. | 2022-05-13 | not yet calculated | CVE-2022-30400 MISC |
merchandise_online_store — merchandise_online_store | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=view_product&id=. | 2022-05-13 | not yet calculated | CVE-2022-30401 MISC |
merchandise_online_store — merchandise_online_store | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_sub_category&id=. | 2022-05-13 | not yet calculated | CVE-2022-30402 MISC |
merchandise_online_store — merchandise_online_store | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=products&c=. | 2022-05-13 | not yet calculated | CVE-2022-30403 MISC |
college_management_system — college_management_system | College Management System v1.0 is vulnerable to SQL Injection via /College_Management_System/admin/display-teacher.php?teacher_id=. | 2022-05-13 | not yet calculated | CVE-2022-30404 MISC |
pharmacy_sales_and_inventory_system — pharmacy_sales_and_inventory_system | Pharmacy Sales And Inventory System v1.0 is vulnerable to SQL Injection via /pharmacy-sales-and-inventory-system/manage_user.php?id=. | 2022-05-13 | not yet calculated | CVE-2022-30407 MISC |
covid-19_travel_pass_management_system — covid-19_travel_pass_management_system | Covid-19 Travel Pass Management System v1.0 is vulnerable to file deletion via /ctpms/classes/Master.php?f=delete_img. | 2022-05-13 | not yet calculated | CVE-2022-30408 MISC |
covid-19_travel_pass_management_system — covid-19_travel_pass_management_system | Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=individuals/view_individual&id=. | 2022-05-13 | not yet calculated | CVE-2022-30411 MISC |
covid-19_travel_pass_management_system — covid-19_travel_pass_management_system | Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/individuals/update_status.php?id=. | 2022-05-13 | not yet calculated | CVE-2022-30412 MISC |
covid-19_travel_pass_management_system — covid-19_travel_pass_management_system | Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master.php?f=delete_application. | 2022-05-13 | not yet calculated | CVE-2022-30413 MISC |
covid-19_travel_pass_management_system — covid-19_travel_pass_management_system | Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=applications/view_application&id=. | 2022-05-13 | not yet calculated | CVE-2022-30414 MISC |
covid-19_travel_pass_management_system — covid-19_travel_pass_management_system | Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/applications/update_status.php?id=. | 2022-05-13 | not yet calculated | CVE-2022-30415 MISC |
covid-19_travel_pass_management_system — covid-19_travel_pass_management_system | Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via ctpms/admin/?page=user/manage_user&id=. | 2022-05-13 | not yet calculated | CVE-2022-30417 MISC |
php — hospital_management_system | Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a File upload vulnerability in treatmentrecord.php. | 2022-05-11 | not yet calculated | CVE-2022-30448 MISC |
php — hospital_management_system | Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in room.php. | 2022-05-11 | not yet calculated | CVE-2022-30449 MISC |
waimairencms — waimairencms | A Remote Code Execution (RCE) vulnerability exists in waimairen 9.1 via wx.php | 2022-05-11 | not yet calculated | CVE-2022-30450 MISC |
waimairencms — waimairencms | An authenticated user could execute code via a SQLi vulnerability in waimairenCMS before version 9.1. | 2022-05-11 | not yet calculated | CVE-2022-30451 MISC |
shopwind — shopwind |
ShopWind <= v3.4.2 has a Sql injection vulnerability in Database.php | 2022-05-11 | not yet calculated | CVE-2022-30452 MISC |
shopwind — shopwind |
ShopWind <= 3.4.2 has a RCE vulnerability in Database.php | 2022-05-11 | not yet calculated | CVE-2022-30453 MISC |
wavlink — wavlink_wn535_g3 |
WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi. | 2022-05-13 | not yet calculated | CVE-2022-30489 MISC |
xpdf — textline_class |
There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It can be triggered by (for example) sending a crafted pdf file to the pdftotext binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | 2022-05-09 | not yet calculated | CVE-2022-30524 MISC |
zyxel — usg_flex |
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versions 4.60 through 5.21 Patch 1, which could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device. | 2022-05-12 | not yet calculated | CVE-2022-30525 CONFIRM |
foxit — pdf_reader |
Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash because of Unsigned32 mishandling during JavaScript execution. | 2022-05-11 | not yet calculated | CVE-2022-30557 MISC |
liblsquic — lsquic |
liblsquic/lsquic_qenc_hdl.c in LiteSpeed QUIC (aka LSQUIC) before 3.1.0 mishandles MAX_TABLE_CAPACITY. | 2022-05-11 | not yet calculated | CVE-2022-30592 MISC MISC |
linux — linux_kernel |
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. | 2022-05-12 | not yet calculated | CVE-2022-30594 MISC MISC MISC MISC |
This product is provided subject to this Notification and this Privacy & Use policy.
Please share your thoughts.
CISA recently updated an anonymous product survey;they’d welcome your feedback.