US-CERT Bulletin (SB22-136):Vulnerability Summary for the Week of May 9, 2022

Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
adobe — photoshop Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-06 9.3 CVE-2022-23205
MISC
adobe — photoshop Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an improper input validation vulnerability when parsing a PCX file that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PCX file. 2022-05-06 9.3 CVE-2022-24098
MISC
adobe — photoshop Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious U3D file. 2022-05-06 9.3 CVE-2022-24105
MISC
adobe — after_effects Adobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in After Effects. 2022-05-06 9.3 CVE-2022-27783
MISC
adobe — photoshop Adobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in After Effects. 2022-05-06 9.3 CVE-2022-27784
MISC
adobe — photoshop Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious SVG file. 2022-05-06 9.3 CVE-2022-28270
MISC
adobe — photoshop Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. 2022-05-06 9.3 CVE-2022-28271
MISC
adobe — photoshop Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-06 9.3 CVE-2022-28272
MISC
adobe — photoshop Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-06 9.3 CVE-2022-28273
MISC
edmonsoft — countdown_builder Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-06 9.3 CVE-2022-28274
MISC
edmonsoft — countdown_builder Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-06 9.3 CVE-2022-28275
MISC
edmonsoft — countdown_builder Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-06 9.3 CVE-2022-28276
MISC
edmonsoft — countdown_builder Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. 2022-05-06 9.3 CVE-2022-28277
MISC
piwigo — piwigo SQL Injection vulnerability in cat_move.php in piwigo v2.9.5, via the selection parameter to move_categories. 2022-05-06 7.5 CVE-2020-19213
MISC
broadcom — sannav In Brocade SANnav before Brocade SANnav 2.2.0, multiple endpoints associated with Zone management are susceptible to SQL injection, allowing an attacker to run arbitrary SQL commands. 2022-05-06 7.5 CVE-2022-28163
MISC
edmonsoft — countdown_builder Pro Features Lock Bypass vulnerability in Countdown & Clock plugin <= 2.3.2 at WordPress. 2022-05-06 7.5 CVE-2022-29423
CONFIRM
CONFIRM
webkitgtk — webkitgtk In WebKitGTK through 2.36.0 (and WPE WebKit), there is a use-after-free in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp. 2022-05-06 7.5 CVE-2022-30294
MISC
MISC
Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
piwigo — piwigo SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=user_perm. 2022-05-06 6.5 CVE-2020-19215
MISC
piwigo — piwigo SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=group_perm. 2022-05-06 6.5 CVE-2020-19216
MISC
piwigo — piwigo SQL Injection vulnerability in admin/batch_manager.php in piwigo v2.9.5, via the filter_category parameter to admin.php?page=batch_manager. 2022-05-06 6.5 CVE-2020-19217
MISC
fluxcd — flux2 Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious `kustomization.yaml` allows an attacker to expose sensitive data from the controller’s pod filesystem and possibly privilege escalation in multi-tenancy deployments. Workarounds include automated tooling in the user’s CI/CD pipeline to validate `kustomization.yaml` files conform with specific policies. This vulnerability is fixed in kustomize-controller v0.24.0 and included in flux2 v0.29.0. 2022-05-06 6.5 CVE-2022-24877
CONFIRM
kubernetes — ingress-nginx A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. 2022-05-06 5.5 CVE-2021-25746
MISC
MISC
webkitgtk — webkitgtk In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp. 2022-05-06 5.1 CVE-2022-30293
MISC
MISC
adobe — photoshop Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-06 4.3 CVE-2022-24099
MISC
contao — contao Contao is a powerful open source CMS that allows you to create professional websites and scalable web applications. In versions of Contao prior to 4.13.3 it is possible to inject code into the canonical tag. As a workaround users may disable canonical tags in the root page settings. 2022-05-06 4.3 CVE-2022-24899
CONFIRM
MISC
MISC
splunk — splunk The Monitoring Console app configured in Distributed mode allows for a Reflected XSS in a query parameter in Splunk Enterprise versions before 8.1.4. The Monitoring Console app is a bundled app included in Splunk Enterprise, not for download on SplunkBase, and not installed on Splunk Cloud Platform instances. Note that the Cloud Monitoring Console is not impacted. 2022-05-06 4.3 CVE-2022-27183
MISC
MISC
piwigo — piwigo SQL Injection vulnerability in admin/group_list.php in piwigo v2.9.5, via the group parameter to delete. 2022-05-06 4 CVE-2020-19212
MISC
broadcom — sannav IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved. IBM X-Force ID: 213865. 2022-05-06 4 CVE-2021-39027
XF
CONFIRM
fluxcd — flux2 Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious `kustomization.yaml` allows an attacker to cause a Denial of Service at the controller level. Workarounds include automated tooling in the user’s CI/CD pipeline to validate `kustomization.yaml` files conform with specific policies. This vulnerability is fixed in kustomize-controller v0.24.0 and included in flux2 v0.29.0. Users are recommended to upgrade. 2022-05-06 4 CVE-2022-24878
CONFIRM
broadcom — sannav Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm for the storage of passwords. This could allow an authenticated attacker to decrypt stored account passwords. 2022-05-06 4 CVE-2022-28164
MISC
Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
google-news-sitemap_project — google-news-sitemap Stored Cross-Site Scripting (XSS) vulnerability in Andrea Pernici News Sitemap for Google plugin <= 1.0.16 on WordPress, attackers must have contributor or higher user role. 2022-05-06 3.5 CVE-2021-36912
CONFIRM
CONFIRM
bdt-121_project — bdt-121_firmware Dragon Path Technologies Bharti Airtel Routers Hardware BDT-121 version 1.0 is vulnerable to Cross Site Scripting (XSS) via Dragon path router admin page. 2022-05-06 3.5 CVE-2022-28507
MISC
MISC
Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
admesh — admesg
 
ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_connects_remove_1 (called from stl_remove_degenerate) in connect.c in libadmesh.a. 2022-05-08 not yet calculated CVE-2018-25033
MISC
wordpress — wpgraphql_wordpress_plugin
 
The WPGraphQL WordPress plugin before 0.3.5 doesn’t properly restrict access to information about other users’ roles on the affected site. Because of this, a remote attacker could forge a GraphQL query to retrieve the account roles of every user on the site. 2022-05-09 not yet calculated CVE-2019-25060
MISC
MISC
bludit — bludit
 
An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows attackers to upload arbitrary files. 2022-05-11 not yet calculated CVE-2020-19228
MISC
MISC
microstrategy — web_sdk A Server-Side Request Forgery (SSRF) vulnerability exists in MicroStrategy Web SDK 11.1 and earlier, allows remote unauthenticated attackers to conduct a server-side request forgery (SSRF) attack via the srcURL parameter to the shortURL task. 2022-05-13 not yet calculated CVE-2020-22983
MISC
MISC
MISC
MISC
MISC
microstrategy — web_sdk Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via key parameter to the getGoogleExtraConfig task. 2022-05-12 not yet calculated CVE-2020-22984
MISC
MISC
MISC
MISC
microstrategy — web_sdk
 
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task. 2022-05-12 not yet calculated CVE-2020-22985
MISC
MISC
MISC
MISC
microstrategy — web_sdk
 
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the searchString parameter to the wikiScrapper task. 2022-05-12 not yet calculated CVE-2020-22986
MISC
MISC
MISC
MISC
MISC
microstrategy — web_sdk
 
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the fileToUpload parameter to the uploadFile task. 2022-05-12 not yet calculated CVE-2020-22987
MISC
MISC
MISC
MISC
intel — manageability_commander
 
Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. 2022-05-12 not yet calculated CVE-2021-0126
MISC
intel — bios_firmware
 
Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-0153
MISC
intel — bios_firmware
 
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-0154
MISC
intel — bios_firmware
 
Unchecked return value in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. 2022-05-12 not yet calculated CVE-2021-0155
MISC
intel — bios_authenticated_code_module
 
Improper input validation in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-0159
MISC
intel — bios_firmware
 
Return of pointer value outside of expected range in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-0188
MISC
intel — bios_firmware
 
Use of out-of-range pointer offset in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-0189
MISC
intel — bios_firmware
 
Uncaught exception in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-0190
MISC
intel — in-band_manageability_software
 
Improper authentication in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access. 2022-05-12 not yet calculated CVE-2021-0193
MISC
intel — in-band_manageability_software
 
Improper access control in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access. 2022-05-12 not yet calculated CVE-2021-0194
MISC
ibm — cloud_pak_system
 
IBM Cloud Pak System 2.3.0 through 2.3.3.3 Interim Fix 1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 197498. 2022-05-09 not yet calculated CVE-2021-20479
XF
CONFIRM
b&r — automation_runtime_webserver
 
Buffer Overflow vulnerability in B&R Automation Runtime webserver allows an unauthenticated network-based attacker to stop the cyclic program on the device and cause a denial of service. 2022-05-13 not yet calculated CVE-2021-22275
MISC
microfocus — access_manager
 
A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0 2022-05-12 not yet calculated CVE-2021-22531
MISC
intel — killer_control_center_software
 
Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4.3337.0 may allow an authorized user to potentially enable escalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-26258
MISC
amd — smm
 
Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify SPI flash resulting in a potential arbitrary code execution. 2022-05-12 not yet calculated CVE-2021-26317
MISC
amd — sev-es_tmr
 
A bug with the SEV-ES TMR may lead to a potential loss of memory integrity for SNP-active VMs. 2022-05-10 not yet calculated CVE-2021-26324
MISC
amd — sev-es_tmr
 
Failure to verify SEV-ES TMR is not in MMIO space, SEV-ES FW could result in a potential loss of integrity or availability. 2022-05-10 not yet calculated CVE-2021-26332
MISC
amd — core_logic
 
A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers. 2022-05-11 not yet calculated CVE-2021-26339
MISC
MISC
amd — sev
 
In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for disclosure of SEV guest memory contents. Users of SEV-ES/SEV-SNP guest VMs are not impacted by this vulnerability. 2022-05-11 not yet calculated CVE-2021-26342
MISC
amd — system_management_unit
 
TOCTOU (time-of-check to time-of-use) issue in the System Management Unit (SMU) may result in a DMA (Direct Memory Access) to invalid DRAM address that could result in denial of service. 2022-05-11 not yet calculated CVE-2021-26347
MISC
amd — gen_amd_epyc
 
Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity. 2022-05-11 not yet calculated CVE-2021-26348
MISC
amd — gen_amd_epyc
 
Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA). 2022-05-11 not yet calculated CVE-2021-26349
MISC
amd — gen_amd_epyc
 
A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a message port register which may result in a potential denial of service. 2022-05-11 not yet calculated CVE-2021-26350
MISC
amd — system_management_unit
 
Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA (Direct Memory Access) read/write from/to invalid DRAM address that could result in denial of service. 2022-05-12 not yet calculated CVE-2021-26351
MISC
amd — system_management_unit
 
Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service. 2022-05-10 not yet calculated CVE-2021-26352
MISC
amd — gen_amd_epyc
 
Due to a mishandled error, it is possible to leave the DRTM UApp in a partially initialized state, which can result in unchecked memory writes when the UApp handles subsequent mailbox commands. 2022-05-10 not yet calculated CVE-2021-26353
MISC
amd — gen_amd_epyc
 
A malicious or compromised User Application (UApp) or AGESA Boot Loader (ABL) could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure. 2022-05-12 not yet calculated CVE-2021-26361
MISC
amd — gen_amd_epyc
 
A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call which results in mapping sensitive System Management Network (SMN) registers leading to a loss of integrity and availability. 2022-05-12 not yet calculated CVE-2021-26362
MISC
amd — gen_amd_epyc A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the fenced area, potentially leading to data exposure. 2022-05-12 not yet calculated CVE-2021-26363
MISC
amd — gen_amd_epyc
 
Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service. 2022-05-11 not yet calculated CVE-2021-26364
MISC
amd — gen_amd_epyc
 
An attacker, who gained elevated privileges via some other vulnerability, may be able to read data from Boot ROM resulting in a loss of system integrity. 2022-05-12 not yet calculated CVE-2021-26366
MISC
amd — trusted_os
 
Insufficient check of the process type in Trusted OS (TOS) may allow an attacker with privileges to enable a lesser privileged process to unmap memory owned by a higher privileged process resulting in a denial of service. 2022-05-12 not yet calculated CVE-2021-26368
MISC
amd — gen_amd_epyc
 
A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses. 2022-05-12 not yet calculated CVE-2021-26369
MISC
amd — gen_amd_epyc
 
Improper validation of destination address in SVC_LOAD_FW_IMAGE_BY_INSTANCE and SVC_LOAD_BINARY_BY_ATTRIB in a malicious UApp or ABL may allow an attacker to overwrite arbitrary bootloader memory with SPI ROM contents resulting in a loss of integrity and availability. 2022-05-10 not yet calculated CVE-2021-26370
MISC
amd — system_management_unit
 
Insufficient bound checks related to PCIE in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service. 2022-05-11 not yet calculated CVE-2021-26372
MISC
MISC
simple_management_unit — simple_management_unit Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service. 2022-05-11 not yet calculated CVE-2021-26373
MISC
MISC
system_management_unit — system_management_unit Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service. 2022-05-11 not yet calculated CVE-2021-26375
MISC
MISC
system_management_unit — system_management_unit Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling features potentially resulting in denial of resources and/or denial of service. 2022-05-11 not yet calculated CVE-2021-26376
MISC
MISC
system_management_unit — system_management_unit Insufficient bound checks in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service. 2022-05-11 not yet calculated CVE-2021-26378
MISC
MISC
amd — amd_ryzen
 
A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call to the Stage 2 Bootloader potentially leading to corrupt memory and code execution. 2022-05-12 not yet calculated CVE-2021-26386
MISC
amd — bios_directory
 
Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial of service. 2022-05-11 not yet calculated CVE-2021-26388
MISC
MISC
amd — amd_ryzen A malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data. 2022-05-10 not yet calculated CVE-2021-26390
MISC
amd — amd_ryzen AMD processors may speculatively re-order load instructions which can result in stale data being observed when multiple processors are operating on shared memory, resulting in potential data leakage. 2022-05-11 not yet calculated CVE-2021-26400
MISC
amd — sev-legacy
 
Insufficient validation of elliptic curve points in SEV-legacy firmware may compromise SEV-legacy guest migration potentially resulting in loss of guest’s integrity or confidentiality. 2022-05-10 not yet calculated CVE-2021-26408
MISC
eipstackgroup — opener_ethernet/ip
 
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may cause a denial-of-service condition. 2022-05-12 not yet calculated CVE-2021-27478
CONFIRM
CONFIRM
eipstackgroup — opener_ethernet/ip A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may allow the attacker to read arbitrary data. 2022-05-12 not yet calculated CVE-2021-27482
CONFIRM
CONFIRM
eipstackgroup — opener_ethernet/ip A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition. 2022-05-12 not yet calculated CVE-2021-27498
CONFIRM
CONFIRM
eipstackgroup — opener_ethernet/ip A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition. 2022-05-12 not yet calculated CVE-2021-27500
CONFIRM
CONFIRM
myscada — mypro
 
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive directory listing information. 2022-05-13 not yet calculated CVE-2021-27505
MISC
CONFIRM
hcl_software — hcl_bigfix_webui
 
Cookie without HTTPONLY flag set. NUMBER cookie(s) was set without Secure or HTTPOnly flags. The images show the cookie with the missing flag. (WebUI) 2022-05-06 not yet calculated CVE-2021-27764
CONFIRM
hcl_software — hcl_bigfix_server_api
 
The BigFix Server API installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed. 2022-05-06 not yet calculated CVE-2021-27765
CONFIRM
MISC
hcl_software — hcl_bigfix_client_installer
 
The BigFix Client installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed. 2022-05-06 not yet calculated CVE-2021-27766
CONFIRM
MISC
hcl_software — hcl_bigfix_console_installer
 
The BigFix Console installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed. 2022-05-06 not yet calculated CVE-2021-27767
CONFIRM
MISC
hcl_software — android
 
Using the ability to perform a Man-in-the-Middle (MITM) attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted. In this specific scenario, the application’s network traffic was intercepted using a proxy server set up in ‘transparent’ mode while a certificate with an invalid hostname was active. The Android application was found to have hostname verification issues during the server setup and login flows; however, the application did not process requests post-login. 2022-05-12 not yet calculated CVE-2021-27768
MISC
hcl_software — sametime
 
Information leakage occurs when a website reveals information that could aid an attacker to further exploit the system. This information may or may not be sensitive and does not automatically mean a breach is likely to occur. Overall, any information that could be used for an attack should be limited whenever possible. 2022-05-12 not yet calculated CVE-2021-27769
MISC
hcl_software — sametime
 
The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded URL which is then requested by the webserver. We assume this service is used by the “meetings”-function where users can specify an external URL where the online meeting will take place. 2022-05-12 not yet calculated CVE-2021-27770
MISC
hcl_software — sametime
 
User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID (SID). This value is also used when sending chat messages, receiving notifications and/or transferring files. 2022-05-12 not yet calculated CVE-2021-27771
MISC
hcl_software — sametime
 
Users are able to read group conversations without actively taking part in them. Next to one to one conversations, users are able to start group conversations with multiple users. It was found possible to obtain the contents of these group conversations without being part of it. This could lead to information leakage where confidential information discussed in private groups is read by other users without the users knowledge. 2022-05-12 not yet calculated CVE-2021-27772
MISC
hcl_software — sametime This vulnerability allows users to execute a clickjacking attack in the meeting’s chat. 2022-05-12 not yet calculated CVE-2021-27773
MISC
hcl_software — unica_platform
 
XML External Entity (XXE) injection vulnerabilities occur when poorly configured XML parsers process user supplied input without sufficient validation. Attackers can exploit this vulnerability to manipulate XML content and inject malicious external entity references. 2022-05-12 not yet calculated CVE-2021-27777
MISC
skoruba — skoruba
 
A cross-site scripting (XSS) vulnerability in Skoruba IdentityServer4.Admin before 2.0.0 via unencoded value passed to the data-secret-value parameter. 2022-05-11 not yet calculated CVE-2021-28290
MISC
gaia_portal — multiple_products The Check Point Gaia Portal’s GUI Clients allowed authenticated administrators with permission for the GUI Clients settings to inject a command that would run on the Gaia OS. 2022-05-11 not yet calculated CVE-2021-30361
MISC
review_board — review_board
 
A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent. 2022-05-11 not yet calculated CVE-2021-31330
MISC
MISC
MISC
MISC
asus — dsl-n14u-b1
 
Asus DSL-N14U-B1 1.1.2.3_805 allows remote attackers to cause a Denial of Service (DoS) via a TCP SYN scan using nmap. 2022-05-11 not yet calculated CVE-2021-3254
MISC
MISC
myscada — mypro
 
mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to arbitrary directories. 2022-05-13 not yet calculated CVE-2021-33005
MISC
CONFIRM
myscada — mypro
 
mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to the file system. 2022-05-13 not yet calculated CVE-2021-33009
MISC
CONFIRM
myscada — mypro
 
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive system information. 2022-05-13 not yet calculated CVE-2021-33013
MISC
CONFIRM
intel — multiple_products
 
Improper resource shutdown or release in firmware for some Intel(R) SSD, Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC may allow a privileged user to potentially enable denial of service via local access. 2022-05-12 not yet calculated CVE-2021-33069
MISC
intel — multiple_products Protection mechanism failure in firmware for some Intel(R) SSD, Intel(R) SSD DC and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access. 2022-05-12 not yet calculated CVE-2021-33074
MISC
intel — multiple_products
 
Race condition in firmware for some Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products may allow a privileged user to potentially enable denial of service via local access. 2022-05-12 not yet calculated CVE-2021-33075
MISC
intel — multiple_products
 
Insufficient control flow management in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access. 2022-05-12 not yet calculated CVE-2021-33077
MISC
intel — multiple_products
 
Race condition within a thread in firmware for some Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow a privileged user to potentially enable denial of service via local access. 2022-05-12 not yet calculated CVE-2021-33078
MISC
intel — multiple_products
 
Exposure of sensitive system information due to uncleared debug information in firmware for some Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products may allow an unauthenticated user to potentially enable information disclosure or escalation of privilege via physical access. 2022-05-12 not yet calculated CVE-2021-33080
MISC
intel — multiple_products
 
Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access. 2022-05-12 not yet calculated CVE-2021-33082
MISC
intel — multiple_products Improper authentication in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products may allow an privileged user to potentially enable information disclosure via local access. 2022-05-12 not yet calculated CVE-2021-33083
MISC
intel — bios
 
Unintended intermediary in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-33103
MISC
intel — in-band_manageability_softwae
 
Improper input validation in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-33108
MISC
intel — xeon
 
Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access. 2022-05-12 not yet calculated CVE-2021-33117
MISC
intel — bios
 
Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-33122
MISC
intel — bios Improper access control in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-33123
MISC
intel — bios Out-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-33124
MISC
intel — realsense_id_solution_f450
 
Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical access. 2022-05-12 not yet calculated CVE-2021-33130
MISC
intel — linux_kernel_drivers
 
Uncontrolled resource consumption in the Linux kernel drivers for Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access. 2022-05-12 not yet calculated CVE-2021-33135
MISC
intel — processors
 
Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. 2022-05-12 not yet calculated CVE-2021-33149
MISC
trendnet — ti-pg1284i_switch
 
The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of PortID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access. 2022-05-11 not yet calculated CVE-2021-33315
MISC
trendnet — ti-pg1284i_switch
 
The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of ChassisID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access. 2022-05-11 not yet calculated CVE-2021-33316
MISC
trendnet — ti-pg1284i_switch The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if ChassisID TLV is contained in the packet, by sending a crafted lldp packet to the device, an attacker can crash the process due to null pointer dereference. 2022-05-11 not yet calculated CVE-2021-33317
MISC
mp3gain — mp3gain
 
Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, a different vulnerability than CVE-2017-9872. CVE-2017-14409, and CVE-2018-10778. 2022-05-11 not yet calculated CVE-2021-34085
MISC
xinje — xinje
 
A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file. This vulnerability can be triggered by manually opening an infected project file, or by initiating an upload program request from an infected Xinje PLC. This can result in remote code execution, information disclosure and denial of service of the system running the XINJE XD/E Series PLC Program Tool. 2022-05-11 not yet calculated CVE-2021-34605
CONFIRM
xinje — xinje
 
A vulnerability exists in XINJE XD/E Series PLC Program Tool in versions up to v3.5.1 that can allow an authenticated, local attacker to load a malicious DLL. Local access is required to successfully exploit this vulnerability. This means the potential attacker must have access to the system and sufficient file-write privileges. If exploited, the attacker could place a malicious DLL file on the system, that when running XINJE XD/E Series PLC Program Tool will allow the attacker to execute arbitrary code with the privileges of another user’s account. 2022-05-11 not yet calculated CVE-2021-34606
CONFIRM
qemu — intel_hd_audio_device
 
A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0. 2022-05-11 not yet calculated CVE-2021-3611
MISC
MISC
mikrotik — routeros
 
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). 2022-05-11 not yet calculated CVE-2021-36613
MISC
mikrotik — routeros
 
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). 2022-05-11 not yet calculated CVE-2021-36614
MISC
eset — multiple_products
 
Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0; 6.0 versions prior to 8.1.2050.0; 6.0 versions prior to 8.0.2053.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0; 6.0 versions prior to 8.1.2050.0; 6.0 versions prior to 8.0.2053.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0. 2022-05-11 not yet calculated CVE-2021-37851
MISC
ibm — spectrum_virtualize
 
IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. IBM X-Force ID: 212609. 2022-05-11 not yet calculated CVE-2021-38969
CONFIRM
XF
ibm — guardian_data_encryption
 
IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213862. 2022-05-10 not yet calculated CVE-2021-39024
XF
CONFIRM
ibm — jazz_foundation
 
IBM Jazz Foundation (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214619. 2022-05-11 not yet calculated CVE-2021-39059
CONFIRM
XF
android — setstream
 
In setStream of WallpaperManager.java, there is a possible way to cause a permanent DoS due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-204087139 2022-05-10 not yet calculated CVE-2021-39670
MISC
android — android
 
In the policies of adbd.te, there was a logic error which caused the CTS Listening Ports Test to report invalid results. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-201645790 2022-05-10 not yet calculated CVE-2021-39700
MISC
android — carsetting
 
In CarSetings, there is a possible to pair BT device bypassing user’s consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-216190509 2022-05-10 not yet calculated CVE-2021-39738
MISC
cisco — wps_spreadsheets
 
An exploitable use-after-free vulnerability exists in WPS Spreadsheets ( ET ) as part of WPS Office, version 11.2.0.10351. A specially-crafted XLS file can cause a use-after-free condition, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. 2022-05-12 not yet calculated CVE-2021-40399
MISC
CONFIRM
siemens — desigo
 
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). When the controller receives a specific BACnet protocol packet, an exception causes the BACnet communication function to go into a “out of work” state and could result in the controller going into a “factory reset” state. 2022-05-10 not yet calculated CVE-2021-41545
MISC
ramda — ramda
 
Prototype poisoning in function mapObjIndexed in Ramda 0.27.0 and earlier allows attackers to compromise integrity or availability of application via supplying a crafted object (that contains an own property “__proto__”) as an argument to the function. 2022-05-10 not yet calculated CVE-2021-42581
MISC
MISC
cmsimple-xh — cmsimple-xh CMSimple_XH 1.7.4 is affected by a remote code execution (RCE) vulnerability. To exploit this vulnerability, an attacker must use the “File” parameter to upload a PHP payload to get a reverse shell from the vulnerable host. 2022-05-10 not yet calculated CVE-2021-42645
MISC
MISC
wso2 — multiple_products
 
XML External Entity (XXE) vulnerability in the file based service provider creation feature of the Management Console in WSO2 API Manager 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; and WSO2 IS as Key Manager 5.7.0, 5.9.0, and 5.10.0; and WSO2 Identity Server 5.7.0, 5.8.0, 5.9.0, 5.10.0, and 5.11.0. Allows attackers to gain read access to sensitive information or cause a denial of service via crafted GET requests. 2022-05-11 not yet calculated CVE-2021-42646
MISC
MISC
coder — coder-server
 
Cross-site scripting (XSS) vulnerability exists in Coder Code-Server before 3.12.0, allows attackers to execute arbitrary code via crafted URL. 2022-05-11 not yet calculated CVE-2021-42648
MISC
pentest-collaboration-framework — pentest-collaboration-framework 
 
A Server Side Template Injection (SSTI) vulnerability in Pentest-Collaboration-Framework v1.0.8 allows an authenticated remote attacker to execute arbitrary code through /project/PROJECTNAME/reports/. 2022-05-11 not yet calculated CVE-2021-42651
MISC
jerryscript — jerryscript
 
A buffer overflow in ecma_builtin_typedarray_prototype_filter() in JerryScript version fe3a5c0 allows an attacker to construct a fake object or a fake arraybuffer with unlimited size. 2022-05-12 not yet calculated CVE-2021-42863
MISC
MISC
novel-plus — novel-plus
 
Unrestricted file upload in /novel-admin/src/main/java/com/java2nb/common/controller/FileController.java in novel-plus all versions allows allows an attacker to upload malicious JSP files. 2022-05-13 not yet calculated CVE-2021-42967
MISC
anaconda3 — anaconda3
 
Certain Anaconda3 2021.05 are affected by OS command injection. When a user installs Anaconda, an attacker can create a new file and write something in usercustomize.py. When the user opens the terminal or activates Anaconda, the command will be executed. 2022-05-13 not yet calculated CVE-2021-42969
MISC
safedog_apache — safedog_apache
 
In Safedog Apache v4.0.30255, attackers can bypass this product for SQL injection. Attackers can bypass access to sensitive data. 2022-05-10 not yet calculated CVE-2021-43010
MISC
fortinet — forticlientwindows
 
A external control of file name or path in Fortinet FortiClientWindows version 7.0.2 and below, version 6.4.6 and below, version 6.2.9 and below, version 6.0.10 and below allows attacker to escalate privilege via the MSI installer. 2022-05-11 not yet calculated CVE-2021-43066
CONFIRM
fortinet — fortios
 
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests. 2022-05-11 not yet calculated CVE-2021-43081
CONFIRM
openmrs — reference_application_standalone_edition
 
An SQL Injection vulnerability exists in OpenMRS Reference Application Standalone Edition <=2.11 and Platform Standalone Edition <=2.4.0 via GET requests on arbitrary parameters in patient.page. 2022-05-10 not yet calculated CVE-2021-43094
MISC
MISC
MISC
sourcecodester — employee_daily_task_management_system
 
Stored XSS in Add New Employee Form in Sourcecodester Employee Daily Task Management System 1.0 Allows Remote Attacker to Inject/Store Arbitrary Code via the Name Field. 2022-05-09 not yet calculated CVE-2021-43712
MISC
MISC
MISC
fortinet — forticlient
 
An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient for Linux version 6.0.8 and below, 6.2.9 and below, 6.4.7 and below, 7.0.2 and below may allow an unauthenticated attacker to access sensitive information in log files and directories via symbolic links. 2022-05-11 not yet calculated CVE-2021-44167
CONFIRM
amd — sev
 
An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time. 2022-05-11 not yet calculated CVE-2021-46744
MISC
amd — secure_processor_firmware Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by a compromised user application. 2022-05-10 not yet calculated CVE-2021-46771
MISC
huawei — emui The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier. 2022-05-13 not yet calculated CVE-2021-46785
MISC
MISC
huawei — emui The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access. 2022-05-13 not yet calculated CVE-2021-46786
MISC
MISC
huawei — emui
 
The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash. 2022-05-13 not yet calculated CVE-2021-46787
MISC
MISC
huawei — iconnect_module
 
Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations. 2022-05-13 not yet calculated CVE-2021-46788
MISC
huawei — emui Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. 2022-05-13 not yet calculated CVE-2021-46789
MISC
huawei — emui Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access. 2022-05-12 not yet calculated CVE-2022-0004
MISC
intel — multiple_products
 
Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access. 2022-05-12 not yet calculated CVE-2022-0005
MISC
palo_alto_networks — pan-os
 
A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committed on both hardware and virtual firewalls. This issue does not impact Panorama appliances or Prisma Access customers. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.23; PAN-OS 9.0 versions earlier than PAN-OS 9.0.16; PAN-OS 9.1 versions earlier than PAN-OS 9.1.13; PAN-OS 10.0 versions earlier than PAN-OS 10.0.10; PAN-OS 10.1 versions earlier than PAN-OS 10.1.5. 2022-05-11 not yet calculated CVE-2022-0024
MISC
palo_alto_networks — cortex_xdr_agent_software
 
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This issue impacts: All versions of the Cortex XDR agent when upgrading to Cortex XDR agent 7.7.0 on Windows; Cortex XDR agent 7.7.0 without content update 500 or a later version on Windows. This issue does not impact other platforms or other versions of the Cortex XDR agent. 2022-05-11 not yet calculated CVE-2022-0025
MISC
palo_alto_networks — cortex_xdr_agent_software
 
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This issue impacts all versions of Cortex XDR agent without content update 330 or a later content update version. 2022-05-11 not yet calculated CVE-2022-0026
MISC
palo_alto_networks — cortex_xsoar_software An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the user does not have access. This issue impacts: All versions of Cortex XSOAR 6.1; All versions of Cortex XSOAR 6.2; All versions of Cortex XSOAR 6.5; Cortex XSOAR 6.6 versions earlier than Cortex XSOAR 6.6.0 build 6.6.0.2585049. 2022-05-11 not yet calculated CVE-2022-0027
MISC
wordpress — popup_by_supsystic_wordpress_plugin
 
The Popup by Supsystic WordPress plugin before 1.10.9 does not have any authentication and authorisation in an AJAX action, allowing unauthenticated attackers to call it and get the email addresses of subscribed users 2022-05-09 not yet calculated CVE-2022-0424
MISC
wordpress — mapsvg_wordpress_plugin
 
The MapSVG WordPress plugin before 6.2.20 does not validate and escape a parameter via a REST endpoint before using it in a SQL statement, leading to a SQL Injection exploitable by unauthenticated users. 2022-05-09 not yet calculated CVE-2022-0592
MISC
wordpress — admin_menu_editor_wordpress_plugin The Admin Menu Editor WordPress plugin through 1.0.4 does not sanitize and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. 2022-05-09 not yet calculated CVE-2022-0625
MISC
wordpress — ubigeo_de_pera_para_woocommerce_wordpress_plugin
 
The Ubigeo de Perú para Woocommerce WordPress plugin before 3.6.4 does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections 2022-05-09 not yet calculated CVE-2022-0814
MISC
wordpress — badgeos_wordpress_plugin
 
The BadgeOS WordPress plugin through 3.7.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users 2022-05-09 not yet calculated CVE-2022-0817
MISC
wordpress — wp_video_gallery_wordpress_plugin
 
The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users 2022-05-09 not yet calculated CVE-2022-0826
MISC
wordpress — sema_api_wordpress_plugin The SEMA API WordPress plugin through 3.64 does not properly sanitise and escape some parameters before using them in SQL statements via an AJAX action, leading to SQL Injections exploitable by unauthenticated users 2022-05-09 not yet calculated CVE-2022-0836
MISC
jboss — jboss_eap
 
This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the org.jboss.as.ejb3.security.RunAsPrincipalInterceptor to keep track of the current identity prior to switching to a new identity created using the RunAs principal. The exploit consist that the EJBComponent#incomingRunAsIdentity field is currently just a SecurityIdentity. This means in a concurrent environment, where multiple users are repeatedly invoking an EJB that is configured with a RunAs principal, it’s possible for the wrong the caller principal to be returned from EJBComponent#getCallerPrincipal. Similarly, it’s also possible for EJBComponent#isCallerInRole to return the wrong value. Both of these methods rely on incomingRunAsIdentity. Affects all versions of JBoss EAP from 7.1.0 and all versions of WildFly 11+ when Elytron is enabled. 2022-05-10 not yet calculated CVE-2022-0866
MISC
wordpress — wp_social_buttons_wordpress_plugin
 
The WP Social Buttons WordPress plugin through 2.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. 2022-05-09 not yet calculated CVE-2022-0874
MISC
wordpress — igniteup_wordpress_plugin
 
The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don’t have the unfiltered_html capability, which could lead to Stored Cross-Site Scripting issues 2022-05-09 not yet calculated CVE-2022-0898
MISC
abb — arg600_wireless_gateway
 
A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the vulnerability by remotely connecting to the serial port gateway, and/or protocol converter, depending on the configuration. 2022-05-10 not yet calculated CVE-2022-0947
MISC
wordpress — woocommerce_wordpress_ plugin The Order Listener for WooCommerce WordPress plugin before 3.2.2 does not sanitise and escape the id parameter before using it in a SQL statement via a REST route available to unauthenticated users, leading to an SQL injection 2022-05-09 not yet calculated CVE-2022-0948
CONFIRM
MISC
wordpress — personal_dictionary_wordpress_plugin The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability. 2022-05-09 not yet calculated CVE-2022-1013
MISC
polonel — trudesk
 
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1. 2022-05-12 not yet calculated CVE-2022-1044
CONFIRM
MISC
wordpress — themify_post_type_builder_search_addon_wordpress plugin
 
The Themify Post Type Builder Search Addon WordPress plugin before 1.4.0 does not properly escape the current page URL before reusing it in a HTML attribute, leading to a reflected cross site scripting vulnerability. 2022-05-09 not yet calculated CVE-2022-1047
MISC
keylime — keylime
 
Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. This allows an attacker to use one AK, EK pair from a real TPM to pass EK validation and give the verifier an AK of a software TPM. A successful attack breaks the entire chain of trust because a not validated AK is used by the verifier. This issue is worse if the validation happens first and then the agent gets added to the verifier because the timing is easier and the verifier does not validate the regcount entry being equal to 1, 2022-05-06 not yet calculated CVE-2022-1053
MISC
MISC
MISC
FEDORA
FEDORA
FEDORA
wordpress — popup_maker_wordpress_plugin
 
The Popup Maker WordPress plugin before 1.16.5 does not sanitise and escape some of its Popup settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed 2022-05-09 not yet calculated CVE-2022-1104
MISC
gitlab — ce/ee
 
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0, allowing Guest project members to access trace log of jobs when it is enabled 2022-05-11 not yet calculated CVE-2022-1124
MISC
MISC
CONFIRM
wordpress — vertical_scroll_wordpressplugin The Vertical scroll recent post WordPress plugin before 14.0 does not sanitise and escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting 2022-05-09 not yet calculated CVE-2022-1171
MISC
wordpress — ultimate_member_plugin
 
The Ultimate Member plugin for WordPress is vulnerable to open redirects due to insufficient validation on supplied URLs in the social fields of the Profile Page, which makes it possible for attackers to redirect unsuspecting victims in versions up to, and including, 2.3.1 granted the victim clicks on a social icon on a user’s profile page. 2022-05-10 not yet calculated CVE-2022-1209
MISC
MISC
MISC
MISC
wordpress — slide_anything_wordpress_plugin
 
The Slide Anything WordPress plugin before 2.3.44 does not sanitize and escape sliders’ description, which could allow high privilege users such as editor and above to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed 2022-05-09 not yet calculated CVE-2022-1303
MISC
wordpress — easily_generate_rest_api_url_wordpress_plugin
 
The Easily Generate Rest API Url WordPress plugin through 1.0.0 does not escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed 2022-05-09 not yet calculated CVE-2022-1338
MISC
gitlab — gitlab
 
Due to an insecure direct object reference vulnerability in Gitlab EE/CE affecting all versions from 11.0 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1, an endpoint may reveal the issue title to a user who crafted an API call with the ID of the issue from a public project that restricts access to issue only to project members. 2022-05-11 not yet calculated CVE-2022-1352
MISC
MISC
CONFIRM
plantuml — plantuml
 
URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. An attacker can abuse this to bypass URL restrictions that are imposed by the different security profiles and achieve server side request forgery (SSRF). This allows accessing restricted internal resources/servers or sending requests to third party servers. 2022-05-14 not yet calculated CVE-2022-1379
MISC
CONFIRM
alextselegidis –easyappointments API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover. 2022-05-10 not yet calculated CVE-2022-1397
CONFIRM
MISC
gitlab — gitlab
 
Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0 allows a Developer to read protected Group or Project CI/CD variables by importing a malicious project 2022-05-11 not yet calculated CVE-2022-1406
CONFIRM
MISC
MISC
gitlab — gitlab
 
Improper access control in GitLab CE/EE affecting all versions starting from 8.12 before 14.8.6, all versions starting from 14.9 before 14.9.4, and all versions starting from 14.10 before 14.10.1 allows non-project members to access contents of Project Members-only Wikis via malicious CI jobs 2022-05-10 not yet calculated CVE-2022-1417
MISC
CONFIRM
MISC
gitlab — gitlab
 
An issue has been discovered in GitLab affecting all versions starting from 12.6 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly authenticating a user that had some certain amount of information which allowed an user to authenticate without a personal access token. 2022-05-11 not yet calculated CVE-2022-1426
MISC
CONFIRM
MISC
gitlab — gitlab
 
An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was incorrectly verifying throttling limits for authenticated package requests which resulted in limits not being enforced. 2022-05-11 not yet calculated CVE-2022-1428
CONFIRM
MISC
gitlab — gitlab
 
An issue has been discovered in GitLab affecting all versions starting from 12.10 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly handling malicious requests to the PyPi API endpoint allowing the attacker to cause uncontrolled resource consumption. 2022-05-10 not yet calculated CVE-2022-1431
MISC
CONFIRM
MISC
gitlab — gitlab An issue has been discovered in GitLab affecting all versions starting from 14.4 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. Missing invalidation of Markdown caching causes potential payloads from a previously exploitable XSS vulnerability (CVE-2022-1175) to persist and execute. 2022-05-11 not yet calculated CVE-2022-1433
MISC
CONFIRM
MISC
wordpress — metform_wordpress_plugin
 
The Metform WordPress plugin is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/action.php file which can be exploited by an unauthenticated attacker to view all API keys and secrets of integrated third-party APIs like that of PayPal, Stripe, Mailchimp, Hubspot, HelpScout, reCAPTCHA and many more, in versions up to and including 2.1.3. 2022-05-10 not yet calculated CVE-2022-1442
MISC
MISC
MISC
wordpress — rsvpmaker_plugin
 
The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-util.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to and including 9.2.5. 2022-05-10 not yet calculated CVE-2022-1453
MISC
MISC
MISC
gitlab — gitlab
 
An issue has been discovered in GitLab affecting all versions starting from 9.2 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not performing correct authorizations on scheduled pipelines allowing a malicious user to run a pipeline in the context of another user. 2022-05-11 not yet calculated CVE-2022-1460
MISC
CONFIRM
MISC
wordpress — booking_calendar_wordpress_plugin
 
The Booking Calendar plugin for WordPress is vulnerable to PHP Object Injection via the [bookingflextimeline] shortcode in versions up to, and including, 9.1. This could be exploited by subscriber-level users and above to call arbitrary PHP objects on a vulnerable site. 2022-05-10 not yet calculated CVE-2022-1463
MISC
wordpress — all-in-one_wp_migration_plugin
 
The All-in-One WP Migration plugin for WordPress is vulnerable to arbitrary file deletion via directory traversal due to insufficient file validation via the ~/lib/model/class-ai1wm-backups.php file, in versions up to, and including, 7.58. This can be exploited by administrative users, and users who have access to the site’s secret key. 2022-05-10 not yet calculated CVE-2022-1476
MISC
MISC
wordpress — rsvpmaker_plugin
 
The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-api-endpoints.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to and including 9.2.6. 2022-05-10 not yet calculated CVE-2022-1505
MISC
MISC
gitlab — gitlab
 
An issue has been discovered in GitLab affecting all versions starting from 13.9 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly handling malicious text in the CI Editor and CI Pipeline details page allowing the attacker to cause uncontrolled resource consumption. 2022-05-11 not yet calculated CVE-2022-1510
MISC
CONFIRM
MISC
gruntjs — grunt
 
file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt prior to 1.5.3. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a lower-privileged user has write access to both source and destination directories as the lower-privileged user can create a symlink to the GruntJS user’s .bashrc file or replace /etc/shadow file if the GruntJS user is root. 2022-05-10 not yet calculated CVE-2022-1537
CONFIRM
MISC
gitlab — gitlab
 
It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1 if an unauthorised project member was tagged in the note. 2022-05-11 not yet calculated CVE-2022-1545
CONFIRM
MISC
wordpress — wp-js_plugin
 
The WP-JS plugin for WordPress contains a script called wp-js.php with the function wp_js_admin, that accepts unvalidated user input and echoes it back to the user. This can be used for reflected Cross-Site Scripting in versions up to, and including, 2.0.6. 2022-05-10 not yet calculated CVE-2022-1567
MISC
MISC
vim — vim Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution 2022-05-07 not yet calculated CVE-2022-1616
MISC
CONFIRM
FEDORA
FEDORA
vim — vim
 
Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution 2022-05-08 not yet calculated CVE-2022-1619
CONFIRM
MISC
FEDORA
FEDORA
vim — vim
 
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input. 2022-05-08 not yet calculated CVE-2022-1620
CONFIRM
MISC
FEDORA
FEDORA
vim — vim Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution 2022-05-10 not yet calculated CVE-2022-1621
CONFIRM
MISC
libtiff – libtiff
 
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. 2022-05-11 not yet calculated CVE-2022-1622
MISC
MISC
CONFIRM
libtiff – libtiff
 
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. 2022-05-11 not yet calculated CVE-2022-1623
MISC
MISC
CONFIRM
vim — vim
 
Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution 2022-05-10 not yet calculated CVE-2022-1629
MISC
CONFIRM
microweber — microweber
 
Users Account Pre-Takeover or Users Account Takeover. in GitHub repository microweber/microweber prior to 1.2.15. Victim Account Take Over. Since, there is no email confirmation, an attacker can easily create an account in the application using the Victim’s Email. This allows an attacker to gain pre-authentication to the victim’s account. Further, due to the lack of proper validation of email coming from Social Login and failing to check if an account already exists, the victim will not identify if an account is already existing. Hence, the attacker’s persistence will remain. An attacker would be able to see all the activities performed by the victim user impacting the confidentiality and attempt to modify/corrupt the data impacting the integrity and availability factor. This attack becomes more interesting when an attacker can register an account from an employee’s email address. Assuming the organization uses G-Suite, it is much more impactful to hijack into an employee’s account. 2022-05-09 not yet calculated CVE-2022-1631
CONFIRM
MISC
radareorg — radare2
 
Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/476.html). 2022-05-10 not yet calculated CVE-2022-1649
MISC
CONFIRM
eventsource — eventsource Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository eventsource/eventsource prior to v2.0.2. 2022-05-12 not yet calculated CVE-2022-1650
CONFIRM
MISC
vim — vim
 
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. 2022-05-12 not yet calculated CVE-2022-1674
CONFIRM
MISC
requarks — wiki
 
Authentication Bypass Using an Alternate Path or Channel in GitHub repository requarks/wiki prior to 2.5.281. User can get root user permissions 2022-05-12 not yet calculated CVE-2022-1681
CONFIRM
MISC
neorazorx — facturascripts
 
Reflected Xss using url based payload in GitHub repository neorazorx/facturascripts prior to 2022.07. Xss can use to steal user’s cookies which lead to Account takeover or do any malicious activity in victim’s browser 2022-05-12 not yet calculated CVE-2022-1682
MISC
CONFIRM
causefx — organizr
 
Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. 2022-05-12 not yet calculated CVE-2022-1698
CONFIRM
MISC
causefx — organizr
 
Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. 2022-05-12 not yet calculated CVE-2022-1699
CONFIRM
MISC
sonicwall — sma1000
 
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data. 2022-05-13 not yet calculated CVE-2022-1701
CONFIRM
sonicwall — sma1000
 
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to Open redirection vulnerability. 2022-05-13 not yet calculated CVE-2022-1702
CONFIRM
radareorg — radare2
 
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. 2022-05-13 not yet calculated CVE-2022-1714
CONFIRM
MISC
neorazorx — facturascripts Account Takeover in GitHub repository neorazorx/facturascripts prior to 2022.07. 2022-05-13 not yet calculated CVE-2022-1715
CONFIRM
MISC
android — android
 
In checkSlicePermission of SliceManagerService.java, it is possible to access any slice URI due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-179699767 2022-05-10 not yet calculated CVE-2022-20004
MISC
android — android
 
In validateApkInstallLocked of PackageInstallerSession.java, there is a way to force a mismatch between running code and a parsed APK . This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-219044664 2022-05-10 not yet calculated CVE-2022-20005
MISC
android — android
 
In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way to briefly view what’s under the lockscreen due to a race condition. This could lead to local escalation of privilege if a Guest user is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-151095871 2022-05-10 not yet calculated CVE-2022-20006
MISC
android — android
 
In startActivityForAttachedApplicationIfNeeded of RootWindowContainer.java, there is a possible way to overlay an app that believes it’s still in the foreground, when it is not, due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-211481342 2022-05-10 not yet calculated CVE-2022-20007
MISC
android — android
 
In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216481035References: Upstream kernel 2022-05-10 not yet calculated CVE-2022-20008
MISC
android — android
 
In various functions of the USB gadget subsystem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213172319References: Upstream kernel 2022-05-10 not yet calculated CVE-2022-20009
MISC
android — android
 
In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-213519176 2022-05-10 not yet calculated CVE-2022-20010
MISC
android — android
 
In getArray of NotificationManagerService.java , there is a possible leak of one user notifications to another due to missing check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-214999128 2022-05-10 not yet calculated CVE-2022-20011
MISC
android — android
 
In getAvailabilityStatus of PrivateDnsPreferenceController.java, there is a possible way for a guest user to change private DNS settings due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-206987762 2022-05-10 not yet calculated CVE-2022-20112
MISC
android — android
 
In mPreference of DefaultUsbConfigurationPreferenceController.java, there is a possible way to enable file transfer mode due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-205996517 2022-05-10 not yet calculated CVE-2022-20113
MISC
android — android
 
In placeCall of TelecomManager.java, there is a possible way for an application to keep itself running with foreground service importance due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-211114016 2022-05-10 not yet calculated CVE-2022-20114
MISC
android — android
 
In broadcastServiceStateChanged of TelephonyRegistry.java, there is a possible way to learn base station information without location permission due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-210118427 2022-05-10 not yet calculated CVE-2022-20115
MISC
android — android
 
In onEntryUpdated of OngoingCallController.kt, it is possible to launch non-exported activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-212467440 2022-05-10 not yet calculated CVE-2022-20116
MISC
android — android
 
In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-217475903References: N/A 2022-05-10 not yet calculated CVE-2022-20117
MISC
android — android
 
In ion_ioctl and related functions of ion.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205707793References: N/A 2022-05-10 not yet calculated CVE-2022-20118
MISC
android — android
 
In private_handle_t of mali_gralloc_buffer.h, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213170715References: N/A 2022-05-10 not yet calculated CVE-2022-20119
MISC
android — android
 
Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A 2022-05-10 not yet calculated CVE-2022-20120
MISC
android — android
 
In getNodeValue of USCCDMPlugin.java, there is a possible disclosure of ICCID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-212573046References: N/A 2022-05-10 not yet calculated CVE-2022-20121
MISC
intel — advisor_software
 
Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access. 2022-05-12 not yet calculated CVE-2022-21128
MISC
intel — xeon
 
Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 2022-05-12 not yet calculated CVE-2022-21131
MISC
intel — xeon
 
Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial of service via local access. 2022-05-12 not yet calculated CVE-2022-21136
MISC
cisco — estsoft_alyac
 
An out of bounds read vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.7.7. A specially-crafted PE file can trigger this vulnerability to cause denial of service and termination of malware scan. An attacker can provide a malicious file to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-21147
MISC
CONFIRM
intel — processors
 
Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 2022-05-12 not yet calculated CVE-2022-21151
MISC
cisco — inhand_networks_inrouter302 A privilege escalation vulnerability exists in the router configuration import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-21182
MISC
CONFIRM
mozilla — mozilla
 
This affects the package convict before 6.2.3. This is a bypass of [CVE-2022-22143](https://security.snyk.io/vuln/SNYK-JS-CONVICT-2340604). The [fix](https://github.com/mozilla/node-convict/commit/3b86be087d8f14681a9c889d45da7fe3ad9cd880) introduced, relies on the startsWith method and does not prevent the vulnerability: before splitting the path, it checks if it starts with __proto__ or this.constructor.prototype. To bypass this check it’s possible to prepend the dangerous paths with any string value followed by a dot, like for example foo.__proto__ or foo.this.constructor.prototype. 2022-05-13 not yet calculated CVE-2022-21190
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
intel — nuc
 
Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. 2022-05-12 not yet calculated CVE-2022-21237
MISC
cisco — inhand_networks_inrouter302
 
A cross-site scripting (xss) vulnerability exists in the info.jsp functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-21238
CONFIRM
MISC
cisco — inhand_networks_inrouter302
 
A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can upload a malicious file to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-21809
MISC
CONFIRM
microsoft — point-to-point_tunneling_protocol Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23270. 2022-05-10 not yet calculated CVE-2022-21972
MISC
microsoft — exchange_server Microsoft Exchange Server Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-21978
MISC
micosoft — graphics
 
Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-26934, CVE-2022-29112. 2022-05-10 not yet calculated CVE-2022-22011
MISC
microsoft — ldap
 
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-22012
MISC
microsoft — ldap
 
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-22013
MISC
microsoft — ldap
 
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-22014
MISC
microsoft — remote_desktop_protocol
 
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability. 2022-05-10 not yet calculated CVE-2022-22015
MISC
microsoft — playtomanager
 
Windows PlayToManager Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-22016
MISC
microsoft — remote_desktop_client
 
Remote Desktop Client Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-22017
MISC
microsoft — remote_procedure_call Remote Procedure Call Runtime Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-22019
MISC
intel — xtu_software Uncontrolled search path in the Intel(R) XTU software before version 7.3.0.33 may allow an authenticated user to potentially enable escalation of privilege via local access. 2022-05-12 not yet calculated CVE-2022-22139
MISC
huawei — dfx_module
 
The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability. 2022-05-13 not yet calculated CVE-2022-22252
MISC
MISC
huawei — kernel_module
 
The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability. 2022-05-13 not yet calculated CVE-2022-22260
MISC
MISC
huawei — hialserver
 
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. 2022-05-13 not yet calculated CVE-2022-22261
MISC
MISC
sonicwall — ssl-vpn_netextender_windows_client A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender Windows Client (32 and 64 bit) in 10.2.322 and earlier versions, allows an attacker to potentially execute arbitrary code in the host windows operating system. 2022-05-13 not yet calculated CVE-2022-22281
CONFIRM
sonicwall — sma1000
 
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts access to a resource using HTTP connections from an unauthorized actor leading to Improper Access Control vulnerability. 2022-05-13 not yet calculated CVE-2022-22282
CONFIRM
ibm — robotic_process_automation
 
IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disruption for any scripts dependent on the queue. IBM X-Force ID: 218366. 2022-05-09 not yet calculated CVE-2022-22319
XF
CONFIRM
CONFIRM
ibm — qradar_siem
 
IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 218367. 2022-05-11 not yet calculated CVE-2022-22320
XF
CONFIRM
ibm — mq
 
IBM MQ (IBM MQ for HPE NonStop 8.1.0) can inadvertently disclose sensitive information under certain circumstances to a local user from a stack trace. IBM X-Force ID: 218853. 2022-05-13 not yet calculated CVE-2022-22325
CONFIRM
XF
ibm — websphere_application_server_liberty
 
IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ID: 222078. 2022-05-13 not yet calculated CVE-2022-22393
CONFIRM
XF
ibm — robotic_process_automation
 
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 223022. 2022-05-12 not yet calculated CVE-2022-22413
XF
CONFIRM
ibm — infosphere_information_server
 
IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. 2022-05-10 not yet calculated CVE-2022-22454
XF
CONFIRM
ibm — navigator
 
IBM Navigator for i 7.2, 7.3, and 7.4 (heritage version) could allow a remote attacker to obtain access to the web interface without valid credentials. By modifying the sign on request, an attacker can gain visibility to the fully qualified domain name of the target system and the navigator tasks page, however they do not gain the ability to perform those tasks on the system or see any specific system data. IBM X-Force ID: 225899. 2022-05-09 not yet calculated CVE-2022-22481
CONFIRM
XF
microsoft — hyper-v
 
Windows Hyper-V Denial of Service Vulnerability. 2022-05-10 not yet calculated CVE-2022-22713
MISC
tibco_software_inc — multiple_products
 
The DOM XML parser and SAX XML parser components of TIBCO Software Inc.’s TIBCO Managed File Transfer Command Center, TIBCO Managed File Transfer Command Center, TIBCO Managed File Transfer Internet Server, and TIBCO Managed File Transfer Internet Server contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to execute XML External Entity (XXE) attacks on the affected system. Affected releases are TIBCO Software Inc.’s TIBCO Managed File Transfer Command Center: versions 8.3.1 and below, TIBCO Managed File Transfer Command Center: versions 8.4.0 and 8.4.1, TIBCO Managed File Transfer Internet Server: versions 8.3.1 and below, and TIBCO Managed File Transfer Internet Server: versions 8.4.0 and 8.4.1. 2022-05-10 not yet calculated CVE-2022-22774
CONFIRM
CONFIRM
sysaid — sysaid_system_takeover
 
Sysaid – Sysaid System Takeover – An attacker can bypass the authentication process by accessing to: /wmiwizard.jsp, Then to: /ConcurrentLogin.jsp, then click on the login button, and it will redirect you to /home.jsp without any authentication. 2022-05-12 not yet calculated CVE-2022-22796
MISC
sysaid — sysaid_open_redirect
 
Sysaid – sysaid Open Redirect – An Attacker can change the redirect link at the parameter “redirectURL” from”GET” request from the url location: /CommunitySSORedirect.jsp?redirectURL=https://google.com. Unvalidated redirects and forwards are possible when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input. By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. 2022-05-12 not yet calculated CVE-2022-22797
MISC
sysaid — multiple_products
 
Sysaid – Pro Plus Edition, SysAid Help Desk Broken Access Control v20.4.74 b10, v22.1.20 b62, v22.1.30 b49 – An attacker needs to log in as a guest after that the system redirects him to the service portal or EndUserPortal.JSP, then he needs to change the path in the URL to /ConcurrentLogin%2ejsp after that he will receive an error message with a login button, by clicking on it, he will connect to the system dashboard. The attacker can receive sensitive data like server details, usernames, workstations, etc. He can also perform actions such as uploading files, deleting calls from the system. 2022-05-12 not yet calculated CVE-2022-22798
MISC
spring_by_vmware — spring_framework
 
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object. 2022-05-12 not yet calculated CVE-2022-22970
MISC
spring_by_vmware — spring_framework
 
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user. 2022-05-12 not yet calculated CVE-2022-22971
MISC
spring_by_vmware — pinniped_supervisor 
 
An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. An attack would involve the malicious user changing the common name (CN) of their user entry on the LDAP or AD server to include special characters, which could be used to perform LDAP query injection on the Supervisor’s LDAP query which determines their Kubernetes group membership. 2022-05-11 not yet calculated CVE-2022-22975
MISC
solana — rbpf
 
In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to transfer tokens or not. The vulnerability affects both integrity and may cause serious availability problems. 2022-05-09 not yet calculated CVE-2022-23066
MISC
MISC
zte — zxcdn
 
ZTE’s ZXCDN product has a reflective XSS vulnerability. The attacker could modify the parameters in the content clearing request url, and when a user clicks the url, an XSS attack will be triggered. 2022-05-11 not yet calculated CVE-2022-23137
MISC
zte — zxmp_m721
 
ZTE’s ZXMP M721 product has a permission and access control vulnerability. Since the folder permission viewed by sftp is 666, which is inconsistent with the actual permission. It’s easy for?users to?ignore the modification?of?the file permission configuration, so that low-authority accounts could actually obtain higher operating permissions on key files. 2022-05-12 not yet calculated CVE-2022-23139
MISC
sysaid — sysaid
 
Sysaid – Sysaid 14.2.0 Reflected Cross-Site Scripting (XSS) – The parameter “helpPageName” used by the page “/help/treecontent.jsp” suffers from a Reflected Cross-Site Scripting vulnerability. For an attacker to exploit this Cross-Site Scripting vulnerability, it’s necessary for the affected product to expose the Offline Help Pages. An attacker may gain access to sensitive information or execute client-side code in the browser session of the victim user. Furthermore, an attacker would require the victim to open a malicious link. An attacker may exploit this vulnerability in order to perform phishing attacks. The attacker can receive sensitive data like server details, usernames, workstations, etc. He can also perform actions such as uploading files, deleting calls from the system 2022-05-12 not yet calculated CVE-2022-23165
MISC
sysaid — sysaid_local_file_inclusion
 
Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to “/lib/tinymce/examples/index.html” path. in the “Insert/Edit Embedded Media” window Choose Type : iFrame and File/URL : [here is the LFI] Solution: Update to 22.2.20 cloud version, or to 22.1.64 on premise version. 2022-05-12 not yet calculated CVE-2022-23166
MISC
micrsoft — .net_and_visual_studio
 
.NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-29117, CVE-2022-29145. 2022-05-10 not yet calculated CVE-2022-23267
MISC
microsoft — point-to-point_tunneling_protocol Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21972. 2022-05-10 not yet calculated CVE-2022-23270
MISC
microsoft — alpc
 
Windows ALPC Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-23279
MISC
shenzen_ejoin_information_technology_co — manual_ping_form
 
Command injection vulnerability in Manual Ping Form (Web UI) in Shenzhen Ejoin Information Technology Co., Ltd. ACOM508/ACOM516/ACOM532 609-915-041-100-020 allows a remote attacker to inject arbitrary code via the field. 2022-05-09 not yet calculated CVE-2022-23332
MISC
MISC
aruba_networks — arubaos_switch
 
A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.03.xxxx: All versions; ArubaOS-Switch 16.04.xxxx: All versions; ArubaOS-Switch 16.05.xxxx: All versions; ArubaOS-Switch 16.06.xxxx: All versions; ArubaOS-Switch 16.07.xxxx: All versions; ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0024 and below; ArubaOS-Switch 16.09.xxxx: KB/WB/WC/YA/YB/YC.16.09.0019 and below; ArubaOS-Switch 16.10.xxxx: KB/WB/WC/YA/YB/YC.16.10.0019 and below; ArubaOS-Switch 16.11.xxxx: KB/WB/WC/YA/YB/YC.16.11.0003 and below. Aruba has released upgrades for ArubaOS-Switch Devices that address these security vulnerabilities. 2022-05-10 not yet calculated CVE-2022-23676
MISC
aruba_networks — arubaos_switch
 
A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.03.xxxx: All versions; ArubaOS-Switch 16.04.xxxx: All versions; ArubaOS-Switch 16.05.xxxx: All versions; ArubaOS-Switch 16.06.xxxx: All versions; ArubaOS-Switch 16.07.xxxx: All versions; ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0024 and below; ArubaOS-Switch 16.09.xxxx: KB/WB/WC/YA/YB/YC.16.09.0019 and below; ArubaOS-Switch 16.10.xxxx: KB/WB/WC/YA/YB/YC.16.10.0019 and below; ArubaOS-Switch 16.11.xxxx: KB/WB/WC/YA/YB/YC.16.11.0003 and below. Aruba has released upgrades for ArubaOS-Switch Devices that address these security vulnerabilities. 2022-05-10 not yet calculated CVE-2022-23677
MISC
hpe — integrated_lights-out4
 
A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later. 2022-05-09 not yet calculated CVE-2022-23704
MISC
hpe — multiple_products
 
A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays, and HPE Nimble Storage Secondary Flash Arrays which could potentially allow the upload, but not execution, of unauthorized update binaries to the array. HPE has made the following software updates to resolve the vulnerability in HPE Nimble Storage: 5.0.10.100 or later, 5.2.1.0 or later, 6.0.0.100 or later. 2022-05-09 not yet calculated CVE-2022-23705
MISC
zonealarm — check_point_endpoint_security_client Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links. 2022-05-12 not yet calculated CVE-2022-23742
MISC
MISC
zonealarm — check_point
 
Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. 2022-05-11 not yet calculated CVE-2022-23743
MISC
siemens — desigo
 
A vulnerability has been identified in Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The “addCell” JavaScript function fails to properly sanitize user-controllable input before including it into the generated XML body of the XLS report document, such that it is possible to inject arbitrary content (e.g., XML tags) into the generated file. An attacker with restricted privileges, by poisoning any of the content used to generate XLS reports, could be able to leverage the application to deliver malicious files against higher-privileged users and obtain Remote Code Execution (RCE) against the administrator’s workstation. 2022-05-10 not yet calculated CVE-2022-24039
MISC
siemens — desigo
 
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application fails to enforce an upper bound to the cost factor of the PBKDF2 derived key during the creation or update of an account. An attacker with the user profile access privilege could cause a denial of service (DoS) condition through CPU consumption by setting a PBKDF2 derived key with a remarkably high cost effort and then attempting a login to the so-modified account. 2022-05-10 not yet calculated CVE-2022-24040
MISC
siemens — desigo
 
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application stores the PBKDF2 derived key of users passwords with a low iteration count. An attacker with user profile access privilege can retrieve the stored password hashes of other accounts and then successfully perform an offline cracking attack and recover the plaintext passwords of other users. 2022-05-10 not yet calculated CVE-2022-24041
MISC
siemens — desigo
 
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application returns an AuthToken that does not expire at the defined auto logoff delay timeout. An attacker could be able to capture this token and re-use old session credentials or session IDs for authorization. 2022-05-10 not yet calculated CVE-2022-24042
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-24101
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-24102
MISC
adobe — acrobat_reader_dc Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-24103
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-24104
MISC
intel — nucs Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. 2022-05-12 not yet calculated CVE-2022-24297
MISC
intel — nucs
 
Improper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. 2022-05-12 not yet calculated CVE-2022-24382
MISC
microsoft — hyper-v Windows Hyper-V Security Feature Bypass Vulnerability. 2022-05-10 not yet calculated CVE-2022-24466
MISC
yubico — otp
 
Incorrect access control in Yubico OTP functionality of the YubiKey hardware tokens along with the Yubico OTP validation server. The Yubico OTP supposedly creates hardware bound second factor credentials. When a user reprograms the OTP functionality by “writing” it on a token using the Yubico Personalization Tool, they can then upload the new configuration to Yubicos OTP validation servers. 2022-05-11 not yet calculated CVE-2022-24584
MISC
MISC
MISC
openclinica — openclinica
 
OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known workarounds. This issue has been patched and users are recommended to upgrade. 2022-05-14 not yet calculated CVE-2022-24830
CONFIRM
MISC
openclinica — openclinica
 
OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). Versions prior to 3.16.1 are vulnerable to SQL injection due to the use of string concatenation to create SQL queries instead of prepared statements. No known workarounds exist. This issue has been patched in 3.16.1, 3.15.9, 3.14.1, and 3.13.1 and users are advised to upgrade. 2022-05-14 not yet calculated CVE-2022-24831
CONFIRM
MISC
ecdsautils — ecdsautils
 
ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[prepare_]legacy()` does not check whether the signature values `r` and `s` are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge signatures. Requiring multiple signatures from different public keys does not mitigate the issue: `ecdsa_verify_list_legacy()` will accept an arbitrary number of such forged signatures. Both the `ecdsautil verify` CLI command and the libecdsautil library are affected. The issue has been fixed in ecdsautils 0.4.1. All older versions of ecdsautils (including versions before the split into a library and a CLI utility) are vulnerable. 2022-05-06 not yet calculated CVE-2022-24884
MISC
CONFIRM
MISC
MLIST
DEBIAN
FEDORA
FEDORA
FEDORA
cisco — inhand_networks_inrouter302
 
A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-24910
CONFIRM
MISC
cisco — inhand_networks_inrouter302
 
An information disclosure vulnerability exists in the web interface session cookie functionality of InHand Networks InRouter302 V3.5.4. The session cookie misses the HttpOnly flag, making it accessible via JavaScript and thus allowing an attacker, able to perform an XSS attack, to steal the session cookie. 2022-05-12 not yet calculated CVE-2022-25172
CONFIRM
MISC
blogengine.net — blogengine.net
 
BlogEngine.NET v3.3.8.0 was discovered to contain an arbitrary file deletion vulnerability which allows attackers to delete files within the web server root directory via a crafted HTTP request. 2022-05-13 not yet calculated CVE-2022-25591
MISC
MISC
apache — tomcat
 
If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that the application will continue to use the socket after it has been closed. The error handling triggered in this case could cause the a pooled object to be placed in the pool twice. This could result in subsequent connections using the same object concurrently which could result in data being returned to the wrong use and/or other errors. 2022-05-13 not yet calculated CVE-2022-25762
MISC
sds — sds
 
This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. **Note:** This vulnerability derives from an incomplete fix to [CVE-2020-7618](https://security.snyk.io/vuln/SNYK-JS-SDS-564123) 2022-05-13 not yet calculated CVE-2022-25862
CONFIRM
CONFIRM
microsoft — workspace_tools
 
The package workspace-tools before 0.18.4 are vulnerable to Command Injection via git argument injection. When calling the fetchRemoteBranch(remote: string, remoteBranch: string, cwd: string) function, both the remote and remoteBranch parameters are passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection. 2022-05-13 not yet calculated CVE-2022-25865
CONFIRM
CONFIRM
CONFIRM
cisco — inhand_networks_inrouter302 A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-25995
MISC
CONFIRM
cisco — inhand_networks_inrouter302 A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of malicious packets to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26002
MISC
CONFIRM
cisco — inhand_networks_inrouter302
 
An OS command injection vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26007
MISC
CONFIRM
cisco — inhand_networks_inrouter302
 
An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26020
MISC
CONFIRM
cisco — inhand_networks_inrouter302
 
An OS command injection vulnerability exists in the daretools binary functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26042
MISC
CONFIRM
cisco — inhand_networks_inrouter302
 
An OS command injection vulnerability exists in the console infactory_wlan functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26075
MISC
CONFIRM
cisco — inhand_networks_inrouter302
 
An OS command injection vulnerability exists in the httpd wlscan_ASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26085
MISC
CONFIRM
fortinet — fortinac
 
Multiple improper neutralization of special elements used in SQL commands (‘SQL Injection’) vulnerability [CWE-89] in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.2 and below may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted strings parameters. 2022-05-11 not yet calculated CVE-2022-26116
CONFIRM
cisco — inhand_networks_inrouter302 An OS command injection vulnerability exists in the console infactory_port functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26420
MISC
CONFIRM
cisco — inhand_networks_inrouter302 A firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted HTTP request can lead to firmware update. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26510
MISC
CONFIRM
cisco — inhand_networks_inrouter302
 
An OS command injection vulnerability exists in the console infactory_net functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26518
MISC
CONFIRM
cisco — inhand_networks_inrouter302 Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`’s `user_define_init` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution. 2022-05-12 not yet calculated CVE-2022-26780
CONFIRM
MISC
cisco — inhand_networks_inrouter302 Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`’s `user_define_print` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution. 2022-05-12 not yet calculated CVE-2022-26781
CONFIRM
MISC
cisco — inhand_networks_inrouter302
 
Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`’s `user_define_set_item` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution. 2022-05-12 not yet calculated CVE-2022-26782
CONFIRM
MISC
microsoft — authentication_security_feature Windows Authentication Security Feature Bypass Vulnerability. 2022-05-10 not yet calculated CVE-2022-26913
MISC
microsoft — active_directory_domain_services Active Directory Domain Services Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-26923
MISC
microsoft — lsa Windows LSA Spoofing Vulnerability. 2022-05-10 not yet calculated CVE-2022-26925
MISC
microsoft — address_book Windows Address Book Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-26926
MISC
microsoft — graphics_component Windows Graphics Component Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-26927
MISC
microsoft — remote_access_connection_manager Windows Remote Access Connection Manager Information Disclosure Vulnerability. 2022-05-10 not yet calculated CVE-2022-26930
MISC
microsoft — kerberos Windows Kerberos Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-26931
MISC
microsoft — storage_spaces_direct Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26938, CVE-2022-26939. 2022-05-10 not yet calculated CVE-2022-26932
MISC
microsoft — ntfs Windows NTFS Information Disclosure Vulnerability. 2022-05-10 not yet calculated CVE-2022-26933
MISC
microsoft — grapics_component Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22011, CVE-2022-29112. 2022-05-10 not yet calculated CVE-2022-26934
MISC
microsoft — wlan_autoconfig Windows WLAN AutoConfig Service Information Disclosure Vulnerability. 2022-05-10 not yet calculated CVE-2022-26935
MISC
microsoft — server_service_ Windows Server Service Information Disclosure Vulnerability. 2022-05-10 not yet calculated CVE-2022-26936
MISC
microsoft — network_file_system Windows Network File System Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-26937
MISC
microsoft — storage_spaces_direct Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26932, CVE-2022-26939. 2022-05-10 not yet calculated CVE-2022-26938
MISC
microsoft — storage_spaces_direct Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26932, CVE-2022-26938. 2022-05-10 not yet calculated CVE-2022-26939
MISC
microsoft — remote_desktop_protocol_client Remote Desktop Protocol Client Information Disclosure Vulnerability. 2022-05-10 not yet calculated CVE-2022-26940
MISC
tp-link — tp-link_tl-wdr7660
 
TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MmtAtePrase` function. Local users could get remote code execution. 2022-05-10 not yet calculated CVE-2022-26987
MISC
MISC
MISC
tp-link — tp-link_tl-wdr7660
 
TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MntAte` function. Local users could get remote code execution. 2022-05-10 not yet calculated CVE-2022-26988
MISC
MISC
MISC
htmldoc — htmldoc
 
There is a vulnerability in htmldoc 1.9.16. In image_load_jpeg function image.cxx when it calls malloc,’img->width’ and ‘img->height’ they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer overflow/Address boundary error in the jpeg_read_scanlines function. 2022-05-09 not yet calculated CVE-2022-27114
MISC
MISC
MLIST
eosio — eosio
 
EOSIO batdappboomx v327c04cf has an Access-control vulnerability in the `transfer` function of the smart contract which allows remote attackers to win the cryptocurrency without paying ticket fee via the `std::string memo` parameter. 2022-05-13 not yet calculated CVE-2022-27134
MISC
eset — multiple_products
 
Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit “Repair” and “Uninstall” features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0. 2022-05-10 not yet calculated CVE-2022-27167
MISC
cisco — inrouter302
 
A hard-coded password vulnerability exists in the console infactory functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted network request can lead to privileged operation execution. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-27172
MISC
CONFIRM
galleon — nts-6002-gps
 
An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated attacker can perform command injection as root via shell metacharacters within the Network Tools section of the web-management interface. All three networking tools are affected (Ping, Traceroute, and DNS Lookup) and their respective input fields (ping_address, trace_address, nslookup_address). 2022-05-09 not yet calculated CVE-2022-27224
MISC
MISC
cdsoft — onlinetools
 
onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an attacker to download sensitive information about any customer (e.g., data of birth, full address, mail information, and phone number) via GastKont Insecure Direct Object Reference. 2022-05-13 not yet calculated CVE-2022-27247
MISC
MISC
phprojekt — phpsimplygest
 
A stored cross-site scripting (XSS) vulnerability in PHProjekt PhpSimplyGest v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a project title. 2022-05-09 not yet calculated CVE-2022-27308
MISC
MISC
MISC
explore_cms — explore_cms
 
Explore CMS v1.0 was discovered to contain a SQL injection vulnerability via a /page.php?id= request. 2022-05-09 not yet calculated CVE-2022-27412
MISC
MISC
sap — web_dispatcher_and_the_internet_communication_manager
 
The Web administration UI of SAP Web Dispatcher and the Internet Communication Manager (ICM) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. 2022-05-11 not yet calculated CVE-2022-27656
MISC
MISC
adobe — acrobat_reader_dc Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27785
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27786
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27787
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27788
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27789
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27790
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a stack-based buffer overflow vulnerability due to insecure processing of a font, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file 2022-05-11 not yet calculated CVE-2022-27791
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27792
MISC
adobe — acrobat_reader_dc Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27793
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by the use of a variable that has not been initialized when processing of embedded fonts, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file 2022-05-11 not yet calculated CVE-2022-27794
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27795
MISC
adobe — acrobat_reader_dc Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27796
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27797
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27798
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27799
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27800
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27801
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27802
MISC
joomla — joomla
 
In Joomla component ‘jDownloads 3.9.8.2 Stable’ the remote user can change some parameters in the address bar and see the names of other users’ files 2022-05-06 not yet calculated CVE-2022-27909
MISC
MISC
home_owners_collection_management — home_owners_collection_management Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET[‘s’] parameter. 2022-05-11 not yet calculated CVE-2022-28077
MISC
MISC
home_owners_collection_management — home_owners_collection_management Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET[‘page’] parameter. 2022-05-11 not yet calculated CVE-2022-28078
MISC
MISC
hotel_management_system — hotel_management_system Hotel Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at the login page. 2022-05-10 not yet calculated CVE-2022-28110
MISC
MISC
broadcom — brocade_sannav
 
An information exposure through log file vulnerability in Brocade SANNav versions before Brocade SANnav 2.2.0 could allow an authenticated, local attacker to view sensitive information such as ssh passwords in filetansfer.log in debug mode. To exploit this vulnerability, the attacker would need to have valid user credentials and turn on debug mode. 2022-05-09 not yet calculated CVE-2022-28161
MISC
broadcom — brocade_sannav Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text. 2022-05-09 not yet calculated CVE-2022-28162
MISC
sap — businessobjects_enterprise_and_central_management_server
 
During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) – versions 420, 430, authentication credentials are being exposed in Sysmon event logs. This Information Disclosure could cause a high impact on systems’ Confidentiality, Integrity, and Availability. 2022-05-11 not yet calculated CVE-2022-28214
MISC
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28230
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by an out-of-bounds read vulnerability when processing a doc object, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28231
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the collab object that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28232
MISC
adobe — acrobat_reader_dc Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28233
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a heap-based buffer overflow vulnerability due to insecure handling of a crafted .pdf file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file 2022-05-11 not yet calculated CVE-2022-28234
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28235
MISC
adobe — acrobat_reader_dc Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28236
MISC
adobe — acrobat_reader_dc Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28237
MISC
adobe — acrobat_reader_dc Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28238
MISC
adobe — acrobat_reader_dc Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28239
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28240
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28241
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28242
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28243
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a violation of secure design principles through bypassing the content security policy, which could result in an attacker sending arbitrarily configured requests to the cross-origin attack target domain. Exploitation requires user interaction in which the victim needs to access a crafted PDF file on an attacker’s server. 2022-05-11 not yet calculated CVE-2022-28244
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28245
MISC
adobe — acrobat_reader_dc Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28246
MISC
adobe — acrobat_reader_dc Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an uncontrolled search path vulnerability that could lead to local privilege escalation. Exploitation of this issue requires user interaction in that a victim must run the uninstaller with Admin privileges. 2022-05-11 not yet calculated CVE-2022-28247
MISC
adobe — acrobat_reader_dc Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28248
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28249
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28250
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28251
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28252
MISC
adobe — acrobat_reader_dc Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28253
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28254
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28255
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28256
MISC
adobe — acrobat_reader_dc Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28257
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28258
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28259
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28260
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28261
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28262
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28263
MISC
adobe — acrobat_reader_dc Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28264
MISC
adobe — acrobat_reader_dc Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28265
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28266
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28267
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28268
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of Annotation objects that could result in a memory leak in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28269
MISC
imagemagick — imagemagick
 
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. 2022-05-08 not yet calculated CVE-2022-28463
MISC
MISC
MISC
MLIST
pypl — pypl
 
marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor. 2022-05-08 not yet calculated CVE-2022-28470
MISC
MISC
MISC
lms_doctor — simple_2fa_plugin_for_moodle
 
A Two-Factor Authentication (2FA) bypass vulnerability in “Simple 2FA Plugin for Moodle” by LMS Doctor allows remote attackers to overwrite the phone number used for confirmation via the profile.php file. Therefore, allowing them to bypass the phone verification mechanism. 2022-05-10 not yet calculated CVE-2022-28601
MISC
MISC
ruby — ruby
 
A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations. 2022-05-09 not yet calculated CVE-2022-28738
MISC
CONFIRM
MISC
ruby — ruby
 
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f. 2022-05-09 not yet calculated CVE-2022-28739
MISC
MISC
CONFIRM
sap — host_agent
 
Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be restricted. 2022-05-11 not yet calculated CVE-2022-28774
MISC
MISC
adobe — coldfusion
 
ColdFusion versions CF2021U3 (and earlier) and CF2018U13 are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser. 2022-05-12 not yet calculated CVE-2022-28818
MISC
adobe — character_animator
 
Adobe Character Animator versions 4.4.2 (and earlier) and 22.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious SVG file. 2022-05-12 not yet calculated CVE-2022-28819
MISC
adobe — framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28821
MISC
adobe — framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28822
MISC
adobe — framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by a Use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28823
MISC
adobe — framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by a Use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28824
MISC
adobe — framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28825
MISC
adobe — framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28826
MISC
adobe — framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28827
MISC
adobe — framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28828
MISC
adobe — framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28829
MISC
adobe — framemaker
 
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28830
MISC
adobe — acrobat_pro_dc
 
Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28837
MISC
adobe — acrobat_pro_dc
 
Acrobat Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28838
MISC
f-secure — safe_browser
 
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails in a loop. 2022-05-12 not yet calculated CVE-2022-28872
MISC
f-secure — safe_browser
 
A vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functionality in SAFE Browser which could lead address bar spoofing attacks. 2022-05-12 not yet calculated CVE-2022-28873
MISC
MISC
d-link — dir882 A command injection vulnerability in the component /setnetworksettings/IPAddress of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload. 2022-05-10 not yet calculated CVE-2022-28895
MISC
MISC
d-link — dir882 A command injection vulnerability in the component /setnetworksettings/SubnetMask of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload. 2022-05-10 not yet calculated CVE-2022-28896
MISC
MISC
d-link — dir882
 
A command injection vulnerability in the component /SetTriggerLEDBlink/Blink of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload. 2022-05-10 not yet calculated CVE-2022-28901
MISC
MISC
totolink — n600r
 
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicemac parameter in /setting/setDeviceName. 2022-05-10 not yet calculated CVE-2022-28905
MISC
totolink — n600r
 
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg. 2022-05-10 not yet calculated CVE-2022-28906
MISC
totolink — n600r TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost. 2022-05-10 not yet calculated CVE-2022-28907
MISC
totolink — n600r TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg. 2022-05-10 not yet calculated CVE-2022-28908
MISC
totolink — n600r TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx. 2022-05-10 not yet calculated CVE-2022-28909
MISC
totolink — n600r TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName. 2022-05-10 not yet calculated CVE-2022-28910
MISC
totolink — n600r TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/CloudACMunualUpdate. 2022-05-10 not yet calculated CVE-2022-28911
MISC
totolink — n600r
 
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUpgradeFW. 2022-05-10 not yet calculated CVE-2022-28912
MISC
totolink — n600r
 
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUploadSetting. 2022-05-10 not yet calculated CVE-2022-28913
MISC
d-link — dir-816
 
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a command injection vulnerability via the admuser and admpass parameters in /goform/setSysAdm. 2022-05-10 not yet calculated CVE-2022-28915
MISC
MISC
htmlcreator — htmlcreator
 
HTMLCreator release_stable_2020-07-29 was discovered to contain a cross-site scripting (XSS) vulnerability via the function _generateFilename. 2022-05-12 not yet calculated CVE-2022-28919
MISC
tieba-cloud-sign — tieba-cloud-sign
 
Tieba-Cloud-Sign v4.9 was discovered to contain a cross-site scripting (XSS) vulnerability via the function strip_tags. 2022-05-12 not yet calculated CVE-2022-28920
MISC
lms_doctor_simple_2_factor_authentication_plugin — lms_doctor_simple_2_factor_authentication_plugin LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: 2021072900 has an Insecure direct object references (IDOR) vulnerability, which allows remote attackers to update sensitive records such as email, password and phone number of other user accounts. 2022-05-10 not yet calculated CVE-2022-28986
MISC
MISC
MISC
directory_management_system — directory_management_system Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication. 2022-05-11 not yet calculated CVE-2022-29006
MISC
dairy_farm_shop_management_system — dairy_farm_shop_management_system Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication. 2022-05-11 not yet calculated CVE-2022-29007
MISC
bus_pass_management_system — bus_pass_management_system An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information. 2022-05-11 not yet calculated CVE-2022-29008
MISC
cyber_cafe_management_system_project — cyber_cafe_management_system_project 
 
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication. 2022-05-11 not yet calculated CVE-2022-29009
MISC
microsoft — failover_cluster Windows Failover Cluster Information Disclosure Vulnerability. 2022-05-10 not yet calculated CVE-2022-29102
MISC
microsoft — windows_remote_access_connection_manager Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-29103
MISC
microsoft — print_spooler Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29132. 2022-05-10 not yet calculated CVE-2022-29104
MISC
microsoft — windows_media_foundation Microsoft Windows Media Foundation Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-29105
MISC
microsoft — hyper-v_shared_virtual_disk Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-29106
MISC
microsoft — office
 
Microsoft Office Security Feature Bypass Vulnerability. 2022-05-10 not yet calculated CVE-2022-29107
MISC
microsoft — sharepoint Microsoft SharePoint Server Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-29108
MISC
microsoft — excel Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29110. 2022-05-10 not yet calculated CVE-2022-29109
MISC
microsoft — excel
 
Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29109. 2022-05-10 not yet calculated CVE-2022-29110
MISC
microsoft — graphics
 
Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22011, CVE-2022-26934. 2022-05-10 not yet calculated CVE-2022-29112
MISC
microsoft — digital_media_receiver
 
Windows Digital Media Receiver Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-29113
MISC
microsoft — windows_print_spooler
 
Windows Print Spooler Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29140. 2022-05-10 not yet calculated CVE-2022-29114
MISC
microsoft — windows_fax_service
 
Windows Fax Service Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-29115
MISC
microsoft — windows_kernel
 
Windows Kernel Information Disclosure Vulnerability. 2022-05-10 not yet calculated CVE-2022-29116
MISC
microsoft — .net_and_visual_studio .NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29145. 2022-05-10 not yet calculated CVE-2022-29117
MISC
microsoft — windows_clustered Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29122, CVE-2022-29123, CVE-2022-29134. 2022-05-10 not yet calculated CVE-2022-29120
MISC
microsoft — windows_wlan Windows WLAN AutoConfig Service Denial of Service Vulnerability. 2022-05-10 not yet calculated CVE-2022-29121
MISC
microsoft — windows_clustered
 
Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29120, CVE-2022-29123, CVE-2022-29134. 2022-05-10 not yet calculated CVE-2022-29122
MISC
microsoft — windows_clustered
 
Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29120, CVE-2022-29122, CVE-2022-29134. 2022-05-10 not yet calculated CVE-2022-29123
MISC
microsoft — windows_push_notifications_app
 
Windows Push Notifications Apps Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-29125
MISC
microsoft — tablet_windows_user_interface_application
 
Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-29126
MISC
microsoft — bitlocker
 
BitLocker Security Feature Bypass Vulnerability. 2022-05-10 not yet calculated CVE-2022-29127
MISC
microsoft — ldap
 
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-29128
MISC
microsoft — ldap
 
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-29129
MISC
microsoft — ldap Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-29130
MISC
microsoft — ldap
 
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-29131
MISC
microsoft — print_spooler_elevation
 
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29104. 2022-05-10 not yet calculated CVE-2022-29132
MISC
microsoft — windows_kernel
 
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29142. 2022-05-10 not yet calculated CVE-2022-29133
MISC
microsoft — clustered_shared_volume Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29120, CVE-2022-29122, CVE-2022-29123. 2022-05-10 not yet calculated CVE-2022-29134
MISC
microsoft — clustered_shared_volume Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29150, CVE-2022-29151. 2022-05-10 not yet calculated CVE-2022-29135
MISC
microsoft — ldap
 
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29139, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-29137
MISC
microsoft — clustered_shared_volume Windows Clustered Shared Volume Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-29138
MISC
microsoft — ldap Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-29139
MISC
microsoft — print_spooler Windows Print Spooler Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29114. 2022-05-10 not yet calculated CVE-2022-29140
MISC
microsoft — windows_ldap
 
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139. 2022-05-10 not yet calculated CVE-2022-29141
MISC
microsoft — windows_kernel Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29133. 2022-05-10 not yet calculated CVE-2022-29142
MISC
microsoft — .net_and_visual_studio .NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29117. 2022-05-10 not yet calculated CVE-2022-29145
MISC
microsoft — visual_studio Visual Studio Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-29148
MISC
microsoft — multiple_products Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29135, CVE-2022-29151. 2022-05-10 not yet calculated CVE-2022-29150
MISC
microsoft — multiple_products Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29135, CVE-2022-29150. 2022-05-10 not yet calculated CVE-2022-29151
MISC
charmbracelet — charm
 
A vulnerability in which attackers could forge HTTP requests to manipulate the `charm` data directory to access or delete anything on the server. This has been patched and is available in release [v0.12.1](https://github.com/charmbracelet/charm/releases/tag/v0.12.1). We recommend that all users running self-hosted `charm` instances update immediately. This vulnerability was found in-house and we haven’t been notified of any potential exploiters. ### Additional notes * Encrypted user data uploaded to the Charm server is safe as Charm servers cannot decrypt user data. This includes filenames, paths, and all key-value data. * Users running the official Charm [Docker images](https://github.com/charmbracelet/charm/blob/main/docker.md) are at minimal risk because the exploit is limited to the containerized filesystem. 2022-05-07 not yet calculated CVE-2022-29180
MISC
CONFIRM
rubygems — rubygems
 
RubyGems is a package registry used to supply software for the Ruby language ecosystem. An ordering mistake in the code that accepts gem uploads allowed some gems (with platforms ending in numbers, like `arm64-darwin-21`) to be temporarily replaced in the CDN cache by a malicious package. The bug has been patched, and is believed to have never been exploited, based on an extensive review of logs and existing gems by rubygems. The easiest way to ensure that an application has not been exploited by this vulnerability is to verify all downloaded .gems checksums match the checksum recorded in the RubyGems.org database. RubyGems.org has been patched and is no longer vulnerable to this issue. 2022-05-13 not yet calculated CVE-2022-29218
CONFIRM
solarview_compact — solarview_compact SolarView Compact ver.6.00 allows attackers to access sensitive files via directory traversal. 2022-05-12 not yet calculated CVE-2022-29298
MISC
solarview_compact — solarview_compact SolarView Compact ver.6.00 was discovered to contain a local file disclosure via /html/Solar_Ftp.php. 2022-05-12 not yet calculated CVE-2022-29302
MISC
solarview_compact — solarview_compact SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php. 2022-05-12 not yet calculated CVE-2022-29303
MISC
ionize — ionizecms
 
IonizeCMS v1.0.8.1 was discovered to contain a SQL injection vulnerability via the id_page parameter in application/models/article_model.php. 2022-05-12 not yet calculated CVE-2022-29306
MISC
ionize — ionizecms
 
IonizeCMS v1.0.8.1 was discovered to contain a command injection vulnerability via the function copy_lang_content in application/models/lang_model.php. 2022-05-12 not yet calculated CVE-2022-29307
MISC
complete_online_job_search_system — complete_online_job_search_system Complete Online Job Search System v1.0 was discovered to contain a SQL injection vulnerability via /eris/index.php?q=result&searchfor=advancesearch. 2022-05-11 not yet calculated CVE-2022-29316
MISC
simple_bus_ticket_booking_system  — simple_bus_ticket_booking_system Simple Bus Ticket Booking System v1.0 was discovered to contain multiple SQL injection vulnerbilities via the username and password parameters at /assets/partials/_handleLogin.php. 2022-05-11 not yet calculated CVE-2022-29317
MISC
car_rental_management_system — new_entry_module
 
An arbitrary file upload vulnerability in the New Entry module of Car Rental Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. 2022-05-11 not yet calculated CVE-2022-29318
MISC
d-link — dir-816
 
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the lanip parameter in /goform/setNetworkLan. 2022-05-10 not yet calculated CVE-2022-29321
MISC
MISC
d-link — dir-816
 
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the IPADDR and nvmacaddr parameters in /goform/form2Dhcpip. 2022-05-10 not yet calculated CVE-2022-29322
MISC
MISC
d-link — dir-816
 
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the MAC parameter in /goform/editassignment. 2022-05-10 not yet calculated CVE-2022-29323
MISC
MISC
d-link — dir-816
 
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the proto parameter in /goform/form2IPQoSTcAdd. 2022-05-10 not yet calculated CVE-2022-29324
MISC
MISC
d-link — dir-816
 
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addurlfilter parameter in /goform/websURLFilter. 2022-05-10 not yet calculated CVE-2022-29325
MISC
MISC
d-link — dir-816
 
D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addhostfilter parameter in /goform/websHostFilter. 2022-05-10 not yet calculated CVE-2022-29326
MISC
MISC
d-link — dir-816 D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the urladd parameter in /goform/websURLFilterAddDel. 2022-05-10 not yet calculated CVE-2022-29327
MISC
MISC
d-link — dap-1330_oss-firmware D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a stack overflow via the function checkvalidupgrade. 2022-05-10 not yet calculated CVE-2022-29328
MISC
MISC
d-link — dap-1330_oss-firmware D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a heap overflow via the devicename parameter in /goform/setDeviceSettings. 2022-05-10 not yet calculated CVE-2022-29329
MISC
MISC
phpok — phpok
 
Phpok v6.1 was discovered to contain a deserialization vulnerability via the update_f() function in login_control.php. This vulnerability allows attackers to getshell via writing arbitrary files. 2022-05-12 not yet calculated CVE-2022-29363
MISC
moddable — moddable
 
Moddable commit before 135aa9a4a6a9b49b60aa730ebc3bcc6247d75c45 was discovered to contain an out-of-bounds read via the function fxUint8Getter at /moddable/xs/sources/xsDataView.c. 2022-05-12 not yet calculated CVE-2022-29368
MISC
MISC
nginx — nginx_njs
 
Nginx NJS v0.7.2 was discovered to contain a segmentation violation via njs_lvlhsh_bucket_find at njs_lvlhsh.c. 2022-05-12 not yet calculated CVE-2022-29369
MISC
MISC
netgear — prosafe_ssl_vpn
 
NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi. 2022-05-13 not yet calculated CVE-2022-29383
MISC
MISC
totolink — n600r TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8. 2022-05-10 not yet calculated CVE-2022-29391
MISC
totolink — n600r TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24. 2022-05-10 not yet calculated CVE-2022-29392
MISC
totolink — n600r TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc. 2022-05-10 not yet calculated CVE-2022-29393
MISC
totolink — n600r TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448. 2022-05-10 not yet calculated CVE-2022-29394
MISC
totolink — n600r TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4. 2022-05-10 not yet calculated CVE-2022-29395
MISC
totolink — n600r TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418f10. 2022-05-10 not yet calculated CVE-2022-29396
MISC
totolink — n600r TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8. 2022-05-10 not yet calculated CVE-2022-29397
MISC
totolink — n600r
 
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the File parameter in the function FUN_0041309c. 2022-05-10 not yet calculated CVE-2022-29398
MISC
totolink — n600r
 
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the url parameter in the function FUN_00415bf0. 2022-05-10 not yet calculated CVE-2022-29399
MISC
wordpress — donations_plugin
 
Authenticated (contributor or higher role) Cross-Site Scripting (XSS) vulnerability in Donations plugin <= 1.8 on WordPress. 2022-05-13 not yet calculated CVE-2022-29433
CONFIRM
CONFIRM
gruppo_tim – resi_gemini-net_web
 
RESI Gemini-Net Web 4.2 is affected by Improper Access Control in authorization logic. An unauthenticated user is able to access some critical resources. 2022-05-12 not yet calculated CVE-2022-29538
MISC
MISC
gruppo_tim – resi_gemini-net
 
resi-calltrace in RESI Gemini-Net 4.2 is affected by OS Command Injection. It does not properly check the parameters sent as input before they are processed on the server. Due to the lack of validation of user input, an unauthenticated attacker can bypass the syntax intended by the software (e.g., concatenate `&|;\r\ commands) and inject arbitrary system commands with the privileges of the application user. 2022-05-12 not yet calculated CVE-2022-29539
MISC
MISC
 tend — tx9_pro Tenda TX9 Pro 22.03.02.10 devices have a SetNetControlList buffer overflow. 2022-05-10 not yet calculated CVE-2022-29591
MISC
microstrategy — enterprise_manager_2022
 
MicroStrategy Enterprise Manager 2022 allows authentication bypass by triggering a login failure and then entering the Uid=/../../../../../../../../../../../windows/win.ini%00.jpg&Pwd=_any_password_&ConnMode=1&3054=Login substring for directory traversal. 2022-05-11 not yet calculated CVE-2022-29596
MISC
sap — netweaver_application_server SAP NetWeaver Application Server ABAP allows an authenticated attacker to upload malicious files and delete (theme) data, which could result in Stored Cross-Site Scripting (XSS) attack. 2022-05-11 not yet calculated CVE-2022-29610
MISC
MISC
sap — netweaver_application_server
 
SAP NetWeaver Application Server for ABAP and ABAP Platform do not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. 2022-05-11 not yet calculated CVE-2022-29611
MISC
MISC
sap — employee_self_service
 
Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker with user privileges to alter employee number. On successful exploitation, the attacker can view personal details of other users causing a limited impact on confidentiality of the application. 2022-05-11 not yet calculated CVE-2022-29613
MISC
MISC
sap — multiple_products
 
SAP Host Agent, SAP NetWeaver and ABAP Platform allow an attacker to leverage logical errors in memory management to cause a memory corruption. 2022-05-11 not yet calculated CVE-2022-29616
MISC
MISC
wedding_management_system — upload_photos_module
 
An arbitrary file upload vulnerability in the Upload Photos module of Wedding Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. 2022-05-11 not yet calculated CVE-2022-29655
MISC
wedding_management_system — wedding_management_system Wedding Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Wedding-Management/package_detail.php. 2022-05-11 not yet calculated CVE-2022-29656
MISC
survey_sparrow — enterprise_survery_software Survey Sparrow Enterprise Survey Software 2022 has a Stored cross-site scripting (XSS) vulnerability in the Signup parameter. 2022-05-11 not yet calculated CVE-2022-29727
MISC
MISC
survey_sparrow — enterprise_survery_software Survey Sparrow Enterprise Survey Software 2022 has a Reflected cross-site scripting (XSS) vulnerability in the test parameter. 2022-05-11 not yet calculated CVE-2022-29728
MISC
MISC
money_transfer_management_system — money_transfer_management_system Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=transaction/send&id=, id. 2022-05-12 not yet calculated CVE-2022-29738
MISC
money_transfer_management_system — money_transfer_management_system Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=user/manage_user&id=. 2022-05-12 not yet calculated CVE-2022-29739
MISC
money_transfer_management_system — money_transfer_management_system Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=delete_fee. 2022-05-12 not yet calculated CVE-2022-29741
MISC
money_transfer_management_system — money_transfer_management_system Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=delete_transaction. 2022-05-12 not yet calculated CVE-2022-29745
MISC
money_transfer_management_system — money_transfer_management_system Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/classes/Users.php?f=delete. 2022-05-12 not yet calculated CVE-2022-29746
MISC
simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/manage_invoice&id= // Leak place —> id. 2022-05-12 not yet calculated CVE-2022-29747
MISC
simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via \cms\admin?page=client/manage_client&id=. 2022-05-12 not yet calculated CVE-2022-29748
MISC
simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_invoice. 2022-05-12 not yet calculated CVE-2022-29749
MISC
simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_service. 2022-05-12 not yet calculated CVE-2022-29750
MISC
simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_client. 2022-05-12 not yet calculated CVE-2022-29751
MISC
huawei — hialserver The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services. 2022-05-13 not yet calculated CVE-2022-29789
MISC
MISC
huawei — harmonyos The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions. 2022-05-13 not yet calculated CVE-2022-29790
MISC
MISC
huawei — hialserver The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. 2022-05-13 not yet calculated CVE-2022-29791
MISC
MISC
huawei — chip_component The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality. 2022-05-13 not yet calculated CVE-2022-29792
MISC
MISC
huawei — activation_lock There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability. 2022-05-13 not yet calculated CVE-2022-29793
MISC
MISC
huawei — frame_scheduling_module The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality. 2022-05-13 not yet calculated CVE-2022-29794
MISC
MISC
huawei — frame_scheduling_module The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability. 2022-05-13 not yet calculated CVE-2022-29795
MISC
MISC
huawei — hialserver
 
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. 2022-05-13 not yet calculated CVE-2022-29796
MISC
MISC
progress — ipswitch_watchsup_gold In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file. 2022-05-11 not yet calculated CVE-2022-29845
MISC
MISC
progress — ipswitch_watchsup_gold In Progress Ipswitch WhatsUp Gold 16.1 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to obtain the WhatsUp Gold installation serial number. 2022-05-11 not yet calculated CVE-2022-29846
MISC
MISC
progress — ipswitch_watchsup_gold
 
In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host. 2022-05-11 not yet calculated CVE-2022-29847
MISC
MISC
progress — ipswitch_watchsup_gold
 
In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system. 2022-05-11 not yet calculated CVE-2022-29848
MISC
MISC
mitel — 6900_series
 
A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12) and earlier, could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution. 2022-05-13 not yet calculated CVE-2022-29854
MISC
CONFIRM
mitel — multiple_products
 
Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have “undocumented functionality.” A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution. 2022-05-11 not yet calculated CVE-2022-29855
MISC
CONFIRM
apple — 1passord
 
1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass. Malicious software running on the same computer can exfiltrate secrets from 1Password provided that 1Password is running and is unlocked. Affected secrets include vault items and derived values used for signing in to 1Password. 2022-05-09 not yet calculated CVE-2022-29868
MISC
apache — tomcat
 
The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks. 2022-05-12 not yet calculated CVE-2022-29885
MISC
phoneix_contact — rad-ism
 
On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the traceroute utility integrated in the WebUI to execute arbitrary code with root privileges on the OS due to an improper input validation in all versions of the firmware. 2022-05-11 not yet calculated CVE-2022-29897
CONFIRM
phoneix_contact — rad-ism On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the configuration file uploader in the WebUI to execute arbitrary code with root privileges on the OS due to an improper validation of an integrity check value in all versions of the firmware. 2022-05-11 not yet calculated CVE-2022-29898
CONFIRM
jetbrains — teamcity In JetBrains TeamCity before 2022.04 reflected XSS on the Build Chain Status page was possible 2022-05-12 not yet calculated CVE-2022-29927
MISC
jetbrains — teamcity In JetBrains TeamCity before 2022.04 leak of secrets in TeamCity agent logs was possible 2022-05-12 not yet calculated CVE-2022-29928
MISC
jetbrains — teamcity In JetBrains TeamCity before 2022.04 potential XSS via Referrer header was possible 2022-05-12 not yet calculated CVE-2022-29929
MISC
jetbrains — ktor_native
 
SHA1 implementation in JetBrains Ktor Native before 2.0.1 was returning the same value 2022-05-12 not yet calculated CVE-2022-29930
MISC
MISC
primeur — spazio
 
The HTTP Server in PRIMEUR SPAZIO 2.5.1.954 (File Transfer) allows an unauthenticated attacker to obtain sensitive data (related to the content of transferred files) via a crafted HTTP request. 2022-05-11 not yet calculated CVE-2022-29932
MISC
MISC
craft_cms — cms
 
Craft CMS through 3.7.36 allows a remote unauthenticated attacker, who knows at least one valid username, to reset the account’s password and take over the account by providing a crafted HTTP header to the application while using the password reset functionality. Specifically, the attacker must send X-Forwarded-Host to the /index.php?p=admin/actions/users/send-password-reset-email URI. NOTE: the vendor’s position is that a customer can already work around this by adjusting the configuration (i.e., by not using the default configuration). 2022-05-09 not yet calculated CVE-2022-29933
MISC
MISC
MISC
MISC
magnitude — simba_amazon_redshift_odbc_driver
 
An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Athena ODBC Driver 1.1.1 through 1.1.x before 1.1.17 may allow a local user to execute arbitrary code. 2022-05-09 not yet calculated CVE-2022-29971
CONFIRM
MISC
magnitude — simba_amazon_redshift_odbc_driver An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift ODBC Driver (1.4.14 through 1.4.21.1001 and 1.4.22 through 1.4.x before 1.4.52) may allow a local user to execute arbitrary code. 2022-05-09 not yet calculated CVE-2022-29972
CONFIRM
MISC
mdaemon — mdaemon An Authenticated Reflected Cross-site scripting at CC Parameter was discovered in MDaemon before 22.0.0 . 2022-05-11 not yet calculated CVE-2022-29975
MISC
mdaemon — mdaemon An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0 . 2022-05-11 not yet calculated CVE-2022-29976
MISC
libsixel — libsixel There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file. 2022-05-11 not yet calculated CVE-2022-29977
MISC
libsixel — libsixel There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file. 2022-05-11 not yet calculated CVE-2022-29978
MISC
simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_designation. 2022-05-12 not yet calculated CVE-2022-29979
MISC
simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=user/manage_user&id=. 2022-05-12 not yet calculated CVE-2022-29980
MISC
simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Users.php?f=delete. 2022-05-12 not yet calculated CVE-2022-29981
MISC
simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/maintenance/manage_service.php?id=. 2022-05-12 not yet calculated CVE-2022-29982
MISC
simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/view_invoice&id=. 2022-05-12 not yet calculated CVE-2022-29983
MISC
simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=client/view_client&id=. 2022-05-12 not yet calculated CVE-2022-29984
MISC
online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_category. 2022-05-12 not yet calculated CVE-2022-29985
MISC
online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_facility. 2022-05-12 not yet calculated CVE-2022-29986
MISC
online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=user/manage_user&id=. 2022-05-12 not yet calculated CVE-2022-29987
MISC
online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete. 2022-05-12 not yet calculated CVE-2022-29988
MISC
online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_booking. 2022-05-12 not yet calculated CVE-2022-29989
MISC
online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/view_category.php?id=. 2022-05-12 not yet calculated CVE-2022-29990
MISC
online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/manage_category.php?id=. 2022-05-12 not yet calculated CVE-2022-29992
MISC
online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/bookings/view_booking.php?id=. 2022-05-12 not yet calculated CVE-2022-29993
MISC
online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=facilities/manage_facility&id=. 2022-05-12 not yet calculated CVE-2022-29994
MISC
online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=clients/manage_client&id=. 2022-05-12 not yet calculated CVE-2022-29995
MISC
insurance_management_system — insurance_management_system Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/clientStatus.php?client_id=. 2022-05-12 not yet calculated CVE-2022-29998
MISC
insurance_management_system — insurance_management_system Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editClient.php?client_id=. 2022-05-12 not yet calculated CVE-2022-29999
MISC
insurance_management_system — insurance_management_system Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editPayment.php?recipt_no=. 2022-05-12 not yet calculated CVE-2022-30000
MISC
insurance_management_system — insurance_management_system Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editAgent.php?agent_id=. 2022-05-12 not yet calculated CVE-2022-30001
MISC
insurance_management_system — insurance_management_system Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editNominee.php?nominee_id=. 2022-05-12 not yet calculated CVE-2022-30002
MISC
tenda — ax1803
 
Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / goform / setsystimecfg of / bin / tdhttpd in ubif file system, attackers can access http://ip/goform/SetSysTimeCfg, and by setting the ntpserve parameter, the stack buffer overflow can be caused to achieve the effect of router denial of service. 2022-05-11 not yet calculated CVE-2022-30040
MISC
mingsoft — mcms Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/listExcludeApp URI via orderBy parameter. 2022-05-11 not yet calculated CVE-2022-30047
MISC
mingsoft — mcms Mingsoft MCMS 5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/list URI via orderBy parameter. 2022-05-11 not yet calculated CVE-2022-30048
MISC
shopwind — shopwind Shopwind <=v3.4.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability. 2022-05-11 not yet calculated CVE-2022-30057
MISC
shopwind — shopwind Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Download vulnerability via the neirong parameter at \backend\controllers\DbController.php. 2022-05-11 not yet calculated CVE-2022-30058
MISC
shopwind — shopwind Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Delete vulnerability via the neirong parameter at \backend\controllers\DbController.php. 2022-05-11 not yet calculated CVE-2022-30059
MISC
ftcms — ftcms ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php 2022-05-11 not yet calculated CVE-2022-30060
MISC
ftcms — ftcms ftcms <=2.1 was discovered to be vulnerable to directory traversal attacks via the parameter tp. 2022-05-11 not yet calculated CVE-2022-30061
MISC
ftcms — ftcms ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Read via tp.php 2022-05-11 not yet calculated CVE-2022-30062
MISC
ftcms — ftcms ftcms <=2.1 was discovered to be vulnerable to code execution attacks . 2022-05-11 not yet calculated CVE-2022-30063
MISC
microsoft — visual_studio_code Visual Studio Code Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-30129
MISC
microsoft — .net_framework .NET Framework Denial of Service Vulnerability. 2022-05-10 not yet calculated CVE-2022-30130
MISC
magnitude — simba_amazon_redshift_jdbc_driver An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Athena JDBC Driver 2.0.25 through 2.0.28 may allow a local user to execute code. NOTE: this is different from CVE-2022-29971. 2022-05-09 not yet calculated CVE-2022-30239
CONFIRM
MISC
magnitude — simba_amazon_redshift_jdbc_driver An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift JDBC Driver 1.2.40 through 1.2.55 may allow a local user to execute code. NOTE: this is different from CVE-2022-29972. 2022-05-09 not yet calculated CVE-2022-30240
CONFIRM
MISC
black_duck — black_duck_hub
 
A vulnerability in Black Duck Hub’s embedded MadCap Flare documentation files could allow an unauthenticated remote attacker to conduct a cross-site scripting attack. The vulnerability is due to improper validation of user-supplied input to MadCap Flare’s framework embedded within Black Duck Hub’s Help Documentation to supply content. An attacker could exploit this vulnerability by convincing a user to click a link designed to pass malicious input to the interface. A successful exploit could allow the attacker to conduct cross-site scripting attacks and gain access to sensitive browser-based information. 2022-05-10 not yet calculated CVE-2022-30278
MISC
stormshield — network_security
 
An issue was discovered in Stormshield Network Security (SNS) 4.3.x before 4.3.8. The event logging of the ASQ sofbus lacbus plugin triggers the dereferencing of a NULL pointer, leading to a crash of SNS. An attacker could exploit this vulnerability via forged sofbus lacbus traffic to cause a firmware crash. 2022-05-12 not yet calculated CVE-2022-30279
MISC
pyscript — pyscriptjs
 
pyscriptjs (aka PyScript Demonstrator) in PyScript through 2022-05-04 allows a remote user to read Python source code. 2022-05-09 not yet calculated CVE-2022-30286
MISC
MISC
MISC
MISC
MISC
uclibc-ng — uclibc-ng
 
uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable DNS transaction IDs that may lead to DNS cache poisoning. This is related to a reset of a value to 0x2. 2022-05-06 not yet calculated CVE-2022-30295
MISC
CERT-VN
keepkey — keepkey_firmware
 
In the KeepKey firmware before 7.3.2, the bootloader can be exploited in unusual situations in which the attacker has physical access, convinces the victim to install malicious firmware, or has unspecified other capabilities. lib/board/supervise.c mishandles svhandler_flash_* address range checks. If exploited, any installed malware could persist even after wiping the device and resetting the firmware. 2022-05-07 not yet calculated CVE-2022-30330
MISC
MISC
rarlab — rarlab_unrar
 
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected. 2022-05-09 not yet calculated CVE-2022-30333
CONFIRM
MISC
brave — brave
 
Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises “Note that Private Windows with Tor Connectivity in Brave are just regular private windows that use Tor as a proxy. Brave does NOT implement most of the privacy protections from Tor Browser.” 2022-05-07 not yet calculated CVE-2022-30334
MISC
MISC
MISC
MISC
bonanza — wealth_management_system
 
Bonanza Wealth Management System (BWM) 7.3.2 allows SQL injection via the login form. Users who supply the application with a SQL injection payload in the User Name textbox could collect all passwords in encrypted format from the Microsoft SQL Server component. 2022-05-09 not yet calculated CVE-2022-30335
MISC
MISC
MISC
air_cargo_management_system — air_cargo_management_system Air Cargo Management System v1.0 is vulnerable to file deletion via /acms/classes/Master.php?f=delete_img. 2022-05-13 not yet calculated CVE-2022-30367
MISC
air_cargo_management_system — air_cargo_management_system Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo_type. 2022-05-13 not yet calculated CVE-2022-30370
MISC
air_cargo_management_system — air_cargo_management_system Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/view_cargo_type.php?id=. 2022-05-13 not yet calculated CVE-2022-30371
MISC
air_cargo_management_system — air_cargo_management_system Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo. 2022-05-13 not yet calculated CVE-2022-30372
MISC
air_cargo_management_system — air_cargo_management_system Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/manage_cargo_type.php?id=. 2022-05-13 not yet calculated CVE-2022-30373
MISC
air_cargo_management_system — air_cargo_management_system Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/?page=transactions/manage_transaction&id=. 2022-05-13 not yet calculated CVE-2022-30374
MISC
sourcecodester — simple_social_networking_site Sourcecodester Simple Social Networking Site v1.0 is vulnerable to file deletion via /sns/classes/Master.php?f=delete_img. 2022-05-13 not yet calculated CVE-2022-30375
MISC
sourcecodester — simple_social_networking_site Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/members/view_member.php?id=. 2022-05-13 not yet calculated CVE-2022-30376
MISC
sourcecodester — simple_social_networking_site Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=posts/view_post&id=. 2022-05-13 not yet calculated CVE-2022-30378
MISC
sourcecodester — simple_social_networking_site Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=user/manage_user&id=. 2022-05-13 not yet calculated CVE-2022-30379
MISC
merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to file deletion via /vloggers_merch/classes/Master.php?f=delete_img. 2022-05-13 not yet calculated CVE-2022-30381
MISC
merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_inventory. 2022-05-13 not yet calculated CVE-2022-30384
MISC
merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_order. 2022-05-13 not yet calculated CVE-2022-30385
MISC
merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_featured. 2022-05-13 not yet calculated CVE-2022-30386
MISC
merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=pay_order. 2022-05-13 not yet calculated CVE-2022-30387
MISC
merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_category. 2022-05-13 not yet calculated CVE-2022-30391
MISC
merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_sub_category. 2022-05-13 not yet calculated CVE-2022-30392
MISC
merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=product/manage_product&id=. 2022-05-13 not yet calculated CVE-2022-30393
MISC
merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_cart. 2022-05-13 not yet calculated CVE-2022-30395
MISC
merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=inventory/manage_inventory&id=. 2022-05-13 not yet calculated CVE-2022-30396
MISC
merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=orders/view_order&id=. 2022-05-13 not yet calculated CVE-2022-30398
MISC
merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_category&id=. 2022-05-13 not yet calculated CVE-2022-30399
MISC
merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/orders/view_order.php?view=user&id=. 2022-05-13 not yet calculated CVE-2022-30400
MISC
merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=view_product&id=. 2022-05-13 not yet calculated CVE-2022-30401
MISC
merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_sub_category&id=. 2022-05-13 not yet calculated CVE-2022-30402
MISC
merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=products&c=. 2022-05-13 not yet calculated CVE-2022-30403
MISC
college_management_system — college_management_system College Management System v1.0 is vulnerable to SQL Injection via /College_Management_System/admin/display-teacher.php?teacher_id=. 2022-05-13 not yet calculated CVE-2022-30404
MISC
pharmacy_sales_and_inventory_system — pharmacy_sales_and_inventory_system Pharmacy Sales And Inventory System v1.0 is vulnerable to SQL Injection via /pharmacy-sales-and-inventory-system/manage_user.php?id=. 2022-05-13 not yet calculated CVE-2022-30407
MISC
covid-19_travel_pass_management_system — covid-19_travel_pass_management_system Covid-19 Travel Pass Management System v1.0 is vulnerable to file deletion via /ctpms/classes/Master.php?f=delete_img. 2022-05-13 not yet calculated CVE-2022-30408
MISC
covid-19_travel_pass_management_system — covid-19_travel_pass_management_system Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=individuals/view_individual&id=. 2022-05-13 not yet calculated CVE-2022-30411
MISC
covid-19_travel_pass_management_system — covid-19_travel_pass_management_system Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/individuals/update_status.php?id=. 2022-05-13 not yet calculated CVE-2022-30412
MISC
covid-19_travel_pass_management_system — covid-19_travel_pass_management_system Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master.php?f=delete_application. 2022-05-13 not yet calculated CVE-2022-30413
MISC
covid-19_travel_pass_management_system — covid-19_travel_pass_management_system Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=applications/view_application&id=. 2022-05-13 not yet calculated CVE-2022-30414
MISC
covid-19_travel_pass_management_system — covid-19_travel_pass_management_system Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/applications/update_status.php?id=. 2022-05-13 not yet calculated CVE-2022-30415
MISC
covid-19_travel_pass_management_system — covid-19_travel_pass_management_system Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via ctpms/admin/?page=user/manage_user&id=. 2022-05-13 not yet calculated CVE-2022-30417
MISC
php — hospital_management_system Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a File upload vulnerability in treatmentrecord.php. 2022-05-11 not yet calculated CVE-2022-30448
MISC
php — hospital_management_system Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in room.php. 2022-05-11 not yet calculated CVE-2022-30449
MISC
waimairencms — waimairencms A Remote Code Execution (RCE) vulnerability exists in waimairen 9.1 via wx.php 2022-05-11 not yet calculated CVE-2022-30450
MISC
waimairencms — waimairencms An authenticated user could execute code via a SQLi vulnerability in waimairenCMS before version 9.1. 2022-05-11 not yet calculated CVE-2022-30451
MISC
shopwind — shopwind
 
ShopWind <= v3.4.2 has a Sql injection vulnerability in Database.php 2022-05-11 not yet calculated CVE-2022-30452
MISC
shopwind — shopwind
 
ShopWind <= 3.4.2 has a RCE vulnerability in Database.php 2022-05-11 not yet calculated CVE-2022-30453
MISC
wavlink — wavlink_wn535_g3
 
WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi. 2022-05-13 not yet calculated CVE-2022-30489
MISC
xpdf — textline_class
 
There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It can be triggered by (for example) sending a crafted pdf file to the pdftotext binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. 2022-05-09 not yet calculated CVE-2022-30524
MISC
zyxel — usg_flex
 
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versions 4.60 through 5.21 Patch 1, which could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device. 2022-05-12 not yet calculated CVE-2022-30525
CONFIRM
foxit — pdf_reader
 
Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash because of Unsigned32 mishandling during JavaScript execution. 2022-05-11 not yet calculated CVE-2022-30557
MISC
liblsquic — lsquic
 
liblsquic/lsquic_qenc_hdl.c in LiteSpeed QUIC (aka LSQUIC) before 3.1.0 mishandles MAX_TABLE_CAPACITY. 2022-05-11 not yet calculated CVE-2022-30592
MISC
MISC
linux — linux_kernel
 
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. 2022-05-12 not yet calculated CVE-2022-30594
MISC
MISC
MISC
MISC
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

CISA recently updated an anonymous product survey;they’d welcome your feedback.