Recent LofyLife campaign steals tokens and infects client files to monitor various user actions, such as log-ins, password changes and payment methods.
Month: July 2022
Categories
CISA Releases Log4Shell-Related MAR
Original release date: July 28, 2022
From May through June 2022, CISA responded to an organization that was compromised by an exploitation of an unpatched and unmitigated Log4Shell vulnerability in a VMware Horizon server. CISA analyzed five malware samples obtained from the organization’s network and released a Malware Analysis Report of the findings.
Users and administrators are encouraged to review MAR 10386789-1.v1 for more information. For more information on Log4Shell, see:
- Joint Cybersecurity Advisory (CSA) Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems,
- CISA’s Apache Log4j Vulnerability Guidance webpage,
- Joint CSA Mitigating Log4Shell and Other Log4j-Related Vulnerabilities, and
- CISA’s database of known vulnerable services on the CISA GitHub page.
This product is provided subject to this Notification and this Privacy & Use policy.
Original release date: July 26, 2022
High Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| infiray — iray-a8z3_firmware | An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The firmware contains a potential buffer overflow by calling strcpy() without checking the string length beforehand. | 2022-07-17 | 10 | CVE-2022-31209 MISC |
| infiray — iray-a8z3_firmware | An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET by default. | 2022-07-17 | 10 | CVE-2022-31211 MISC |
| infiray — iray-a8z3_firmware | An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The webserver contains an endpoint that can execute arbitrary commands by manipulating the cmd_string URL parameter. | 2022-07-17 | 9 | CVE-2022-31208 MISC MISC |
| infiray — iray-a8z3_firmware | An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject/set_param.cgi contains hardcoded credentials to the web application. Because these accounts cannot be deactivated or have their passwords changed, they are considered to be backdoor accounts. | 2022-07-17 | 7.5 | CVE-2022-31210 MISC |
| itechscripts — auction_script | A vulnerability was found in Itech Auction Script 6.49. It has been classified as critical. This affects an unknown part of the file /mcategory.php. The manipulation of the argument mcid with the input 4′ AND 1734=1734 AND ‘Ggks’=’Ggks leads to sql injection (Blind). It is possible to initiate the attack remotely. | 2022-07-16 | 7.5 | CVE-2017-20138 MISC |
Medium Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| collect_and_deliver_interface_for_woocommerce_project — collect_and_deliver_interface_for_woocommerce | The CDI WordPress plugin before 5.1.9 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting | 2022-07-17 | 4.3 | CVE-2022-1933 MISC |
| contact_form_7_captcha_project — contact_form_7_captcha | The Contact Form 7 Captcha WordPress plugin before 0.1.2 does not escape the $_SERVER[‘REQUEST_URI’] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers | 2022-07-17 | 4.3 | CVE-2022-2187 MISC |
| flycart — discount_rules_for_woocommerce | The Discount Rules for WooCommerce WordPress plugin before 2.4.2 does not escape a parameter before outputting it back in an attribute of the plugin’s discount rule page, leading to Reflected Cross-Site Scripting | 2022-07-17 | 4.3 | CVE-2022-2090 MISC |
| import_csv_files_project — import_csv_files | The Import CSV Files WordPress plugin through 1.0 does not sanitise and escaped imported data before outputting them back in a page, and is lacking CSRF check when performing such action as well, resulting in a Reflected Cross-Site Scripting | 2022-07-17 | 4.3 | CVE-2022-2146 MISC |
| insights_from_google_pagespeed_project — insights_from_google_pagespeed | The Insights from Google PageSpeed WordPress plugin before 4.0.7 does not verify for CSRF before doing various actions such as deleting Custom URLs, which could allow attackers to make a logged in admin perform such actions via CSRF attacks | 2022-07-17 | 6.8 | CVE-2022-1672 MISC |
| itechscripts — b2b_script | A vulnerability was found in Itech B2B Script 4.28. It has been rated as critical. This issue affects some unknown processing of the file /catcompany.php. The manipulation of the argument token with the input 704667c6a1e7ce56d3d6fa748ab6d9af3fd7′ AND 6539=6539 AND ‘Fakj’=’Fakj leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-07-16 | 5 | CVE-2017-20137 MISC MISC |
| itechscripts — classifieds_script | A vulnerability classified as critical has been found in Itech Classifieds Script 7.27. Affected is an unknown function of the file /subpage.php. The manipulation of the argument scat with the input =51′ AND 4941=4941 AND ‘hoCP’=’hoCP leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2022-07-16 | 5 | CVE-2017-20136 MISC MISC |
| jquery_validation_for_contact_form_7_project — jquery_validation_for_contact_form_7 | The Jquery Validation For Contact Form 7 WordPress plugin before 5.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change Blog options like default_role, users_can_register via a CSRF attack | 2022-07-17 | 4.3 | CVE-2022-2144 MISC |
| microweber — microweber | An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini. | 2022-07-15 | 6.5 | CVE-2021-36461 MISC |
| miniorange — oauth_single_sign_on | The OAuth Single Sign On WordPress plugin before 6.22.6 doesn’t validate that OAuth access token requests are legitimate, which allows attackers to log onto the site with the only knowledge of a user’s email address. | 2022-07-17 | 5 | CVE-2022-2133 MISC |
| opener_project — opener | EIPStackGroup OpENer v2.3.0 was discovered to contain a stack overflow via /bin/posix/src/ports/POSIX/OpENer+0x56073d. | 2022-07-15 | 6.8 | CVE-2022-32434 MISC MISC |
| pexip — pexip_infinity | Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join. | 2022-07-17 | 6.4 | CVE-2022-26656 MISC |
| pexip — pexip_infinity | Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. | 2022-07-17 | 5.8 | CVE-2022-27933 MISC |
| pexip — pexip_infinity | Pexip Infinity 27.x before 27.2 has Improper Access Control. An attacker can sometimes join a conference (call join) if it has a lock but not a PIN. | 2022-07-17 | 5 | CVE-2022-25357 MISC |
| pexip — pexip_infinity | Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP. | 2022-07-17 | 5 | CVE-2022-26654 MISC |
| pexip — pexip_infinity | Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. | 2022-07-17 | 5 | CVE-2022-27928 MISC |
| pexip — pexip_infinity | Pexip Infinity 27.x before 27.3 has Improper Input Validation. The client API allows remote attackers to trigger a software abort via a gateway call into Teams. | 2022-07-17 | 5 | CVE-2022-26655 MISC |
| pexip — pexip_infinity | Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. | 2022-07-17 | 5 | CVE-2022-26657 MISC |
| pexip — pexip_infinity | Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323. | 2022-07-17 | 5 | CVE-2022-27936 MISC |
| pexip — pexip_infinity | Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP. | 2022-07-17 | 5 | CVE-2022-27929 MISC |
| pexip — pexip_infinity | Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP. | 2022-07-17 | 5 | CVE-2022-27934 MISC |
| pexip — pexip_infinity | Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. | 2022-07-17 | 5 | CVE-2022-27931 MISC |
| pexip — pexip_infinity | Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264. | 2022-07-17 | 5 | CVE-2022-27937 MISC |
| pexip — pexip_infinity | Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed. | 2022-07-17 | 4.3 | CVE-2022-27930 MISC |
| pexip — pexip_infinity | Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. | 2022-07-17 | 4.3 | CVE-2022-27932 MISC |
| pexip — pexip_infinity | Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth. | 2022-07-17 | 5 | CVE-2022-27935 MISC |
| pyenv_project — pyenv | pyenv 1.2.24 through 2.3.2 allows local users to gain privileges via a .python-version file in the current working directory. An attacker can craft a Python version string in .python-version to execute shims under their control. (Shims are executables that pass a command along to a specific version of pyenv. The version string is used to construct the path to the command, and there is no validation of whether the version specified is a valid version. Thus, relative path traversal can occur.) | 2022-07-17 | 4.6 | CVE-2022-35861 MISC |
| sigmaplugin — advanced_database_cleaner | The Advanced Database Cleaner WordPress plugin before 3.1.1 does not escape numerous generated URLs before outputting them back in href attributes of admin dashboard pages, leading to Reflected Cross-Site Scripting | 2022-07-17 | 4.3 | CVE-2022-2173 MISC |
| wpchill — download_monitor | The Download Monitor WordPress plugin before 4.5.91 does not ensure that files to be downloaded are inside the blog folders, and not sensitive, allowing high privilege users such as admin to download the wp-config.php or /etc/passwd even in an hardened environment or multisite setup. | 2022-07-17 | 4 | CVE-2022-2222 MISC |
| wpdownloadmanager — download_manager | The Download Manager WordPress plugin before 3.2.44 does not escape a generated URL before outputting it back in an attribute of the history dashboard, leading to Reflected Cross-Site Scripting | 2022-07-17 | 4.3 | CVE-2022-2168 MISC |
| wpusermanager — wp_user_manager | The WP User Manager WordPress plugin before 2.6.3 does not ensure that the user ID to reset the password of is related to the reset key given. As a result, any authenticated user can reset the password (to an arbitrary value) of any user knowing only their ID, and gain access to their account. | 2022-07-17 | 6 | CVE-2021-24655 MISC |
Low Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| bracketspace — simple_post_notes | The Simple Post Notes WordPress plugin before 1.7.6 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 2022-07-17 | 3.5 | CVE-2022-2186 MISC |
| dwbooster — loading_page_with_loading_screen | The Loading Page with Loading Screen WordPress plugin before 1.0.83 does not escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 2022-07-17 | 3.5 | CVE-2022-2169 MISC |
| emarketdesign — best_contact_management_software | The Best Contact Management Software WordPress plugin through 3.7.3 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 2022-07-17 | 3.5 | CVE-2022-2151 MISC |
| linkedin_company_updates_project — linkedin_company_updates | The LinkedIn Company Updates WordPress plugin through 1.5.3 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 2022-07-17 | 3.5 | CVE-2022-2148 MISC |
| multi_restaurant_table_reservation_system_project — multi_restaurant_table_reservation_system | Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Restaurant Name field to /dashboard/profile.php. | 2022-07-15 | 3.5 | CVE-2020-35261 MISC MISC MISC MISC |
| multi_restaurant_table_reservation_system_project — multi_restaurant_table_reservation_system | Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Table Name field to /dashboard/table-list.php. | 2022-07-15 | 3.5 | CVE-2020-36550 MISC MISC MISC MISC |
| multi_restaurant_table_reservation_system_project — multi_restaurant_table_reservation_system | Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Item Name field to /dashboard/menu-list.php. | 2022-07-15 | 3.5 | CVE-2020-36551 MISC MISC MISC MISC |
| multi_restaurant_table_reservation_system_project — multi_restaurant_table_reservation_system | Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Made field to /dashboard/menu-list.php. | 2022-07-15 | 3.5 | CVE-2020-36552 MISC MISC MISC MISC |
| multi_restaurant_table_reservation_system_project — multi_restaurant_table_reservation_system | Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Area(food_type) field to /dashboard/menu-list.php. | 2022-07-15 | 3.5 | CVE-2020-36553 MISC MISC MISC MISC |
| supsystic — data_tables_generator | The Data Tables Generator by Supsystic WordPress plugin before 1.10.20 does not sanitise and escape some of its Table settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup) | 2022-07-17 | 3.5 | CVE-2022-2114 MISC |
| tipsandtricks-hq — accept_stripe | The Accept Stripe Payments WordPress plugin before 2.0.64 does not sanitize and escape some of its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 2022-07-17 | 3.5 | CVE-2022-2194 MISC |
| tooltulips — 404s | The 404s WordPress plugin before 3.5.1 does not sanitise and escape its fields, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 2022-07-17 | 3.5 | CVE-2022-2118 MISC |
| very_simple_breadcrumb_project — very_simple_breadcrumb | The Very Simple Breadcrumb WordPress plugin through 1.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 2022-07-17 | 3.5 | CVE-2022-2149 MISC |
| woocommerce — woocommerce | The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles | 2022-07-17 | 3.5 | CVE-2022-2099 MISC |
| wpzinc — page_generator | The Page Generator WordPress plugin before 1.6.5 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 2022-07-17 | 3.5 | CVE-2022-2100 MISC |
Severity Not Yet Assigned
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Resource Using Incompatible Type (‘Type Confusion’) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34221 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.. | 2022-07-15 | not yet calculated | CVE-2022-34237 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34234 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34233 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34232 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34230 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34229 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34228 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34223 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34222 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34239 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34216 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34225 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34226 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34220 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34219 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34217 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34215 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34236 MISC |
| adobe — character_animator | Adobe Character Animator version 4.4.7 (and earlier) and 22.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34241 MISC |
| adobe — character_animator | Adobe Character Animator version 4.4.7 (and earlier) and 22.4 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34242 MISC |
| adobe — incopy | Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34252 MISC |
| adobe — incopy | Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34251 MISC |
| adobe — incopy | Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34250 MISC |
| adobe — incopy | Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34249 MISC |
| adobe — indesign | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34248 MISC |
| adobe — indesign | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34246 MISC |
| adobe — indesign | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34245 MISC |
| adobe — indesign | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34247 MISC |
| adobe — photoshop | Adobe Photoshop versions 22.5.7 (and earlier) and 23.3.2 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34244 MISC |
| adobe — photoshop | Adobe Photoshop versions 22.5.7 (and earlier) and 23.3.2 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34243 MISC |
| adobe — robohelp | Adobe RoboHelp versions 2020.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser. | 2022-07-15 | not yet calculated | CVE-2022-23201 MISC |
| advantech — iview |
The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized attacker to disclose information | 2022-07-22 | not yet calculated | CVE-2022-2137 MISC |
| advantech — iview |
The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose information. | 2022-07-22 | not yet calculated | CVE-2022-2142 MISC |
| advantech — iview |
The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code. | 2022-07-22 | not yet calculated | CVE-2022-2143 MISC |
| advantech — iview |
The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information. | 2022-07-22 | not yet calculated | CVE-2022-2136 MISC |
| advantech — iview |
The affected product is vulnerable to directory traversal, which may allow an attacker to access unauthorized files and execute arbitrary code. | 2022-07-22 | not yet calculated | CVE-2022-2139 MISC |
| advantech — iview |
The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition. | 2022-07-22 | not yet calculated | CVE-2022-2138 MISC |
| advantech — iview |
The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information. | 2022-07-22 | not yet calculated | CVE-2022-2135 MISC |
| allnet — adsl/vdsl_router |
Web page which “wizardpwd.asp” ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at “admin” allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user’s identity and can be accessed publicly. | 2022-07-21 | not yet calculated | CVE-2022-34767 MISC |
| amazon — amazon_linux_2 |
The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service (application crash), a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be passed as an argument to the memset() function within TIFFFetchStripThing() in tif_dirread.c. This will cause TIFFFetchStripThing() to segfault after use of an uninitialized resource. | 2022-07-19 | not yet calculated | CVE-2022-34266 MISC MISC |
| amazon — aws-sdk-java | The AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the `downloadDirectory` method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK control the `destinationDirectory` argument, but S3 object keys are determined by the application that uploaded the objects. The `downloadDirectory` method allows the caller to pass a filesystem object in the object key but contained an issue in the validation logic for the key name. A knowledgeable actor could bypass the validation logic by including a UNIX double-dot in the bucket key. Under certain conditions, this could permit them to retrieve a directory from their S3 bucket that is one level up in the filesystem from their working directory. This issue’s scope is limited to directories whose name prefix matches the destinationDirectory. E.g. for destination directory`/tmp/foo`, the actor can cause a download to `/tmp/foo-bar`, but not `/tmp/bar`. If `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory` is used to download an untrusted buckets contents, the contents of that bucket can be written outside of the intended destination directory. Version 1.12.261 contains a patch for this issue. As a workaround, when calling `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory`, pass a `KeyFilter` that forbids `S3ObjectSummary` objects that `getKey` method return a string containing the substring `..` . | 2022-07-15 | not yet calculated | CVE-2022-31159 CONFIRM |
| anchore_enterprise — anchorectl |
Anchore Enterprise anchorectl version 0.1.4 improperly stored credentials when generating a Software Bill of Materials. anchorectl will add the credentials used to access Anchore Enterprise API in the Software Bill of Materials (SBOM) generated by anchorectl. Users of anchorectl version 0.1.4 should upgrade to anchorectl version 0.1.5 to resolve this issue. | 2022-07-20 | not yet calculated | CVE-2022-1766 CONFIRM |
| angularjs — angular | All versions of package angular are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of <textarea> elements. | 2022-07-15 | not yet calculated | CVE-2022-25869 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| anydesk — anydesk | AnyDesk 7.0.9 allows a local user to gain SYSTEM privileges via a symbolic link because the user can write to their own %APPDATA% folder (used for ad.trace and chat) but the product runs as SYSTEM when writing chat-room data there. | 2022-07-18 | not yet calculated | CVE-2022-32450 MISC MISC FULLDISC MISC |
| apache — cloudstack |
Apache CloudStack version 4.5.0 and later has a SAML 2.0 authentication Service Provider plugin which is found to be vulnerable to XML external entity (XXE) injection. This plugin is not enabled by default and the attacker would require that this plugin be enabled to exploit the vulnerability. When the SAML 2.0 plugin is enabled in affected versions of Apache CloudStack could potentially allow the exploitation of XXE vulnerabilities. The SAML 2.0 messages constructed during the authentication flow in Apache CloudStack are XML-based and the XML data is parsed by various standard libraries that are now understood to be vulnerable to XXE injection attacks such as arbitrary file reading, possible denial of service, server-side request forgery (SSRF) on the CloudStack management server. | 2022-07-18 | not yet calculated | CVE-2022-35741 MISC MLIST MLIST |
| apache — hive | Apache Hive before 3.1.3 “CREATE” and “DROP” function operations does not check for necessary authorization of involved entities in the query. It was found that an unauthorized user can manipulate an existing UDF without having the privileges to do so. This allowed unauthorized or underprivileged users to drop and recreate UDFs pointing them to new jars that could be potentially malicious. | 2022-07-16 | not yet calculated | CVE-2021-34538 CONFIRM |
| apache — skywalking_nodejs_agent |
A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can’t establish the connection. | 2022-07-18 | not yet calculated | CVE-2022-36127 MISC MLIST |
| apache — spark_ui |
The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can allow someone to perform impersonation by providing an arbitrary user name. A malicious user might then be able to reach a permission check function that will ultimately build a Unix shell command based on their input, and execute it. This will result in arbitrary shell command execution as the user Spark is currently running as. This affects Apache Spark versions 3.0.3 and earlier, versions 3.1.1 to 3.1.2, and versions 3.2.0 to 3.2.1. | 2022-07-18 | not yet calculated | CVE-2022-33891 CONFIRM |
| apache — xalan_java_xslt |
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. No future releases of Apache Xalan Java to address this issue are expected. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan. | 2022-07-19 | not yet calculated | CVE-2022-34169 MISC MISC MLIST MLIST MLIST MLIST MISC DEBIAN |
| arm — mbed_tls | An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information disclosure based on error responses. Affected configurations have MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled and MBEDTLS_SSL_IN_CONTENT_LEN less than a threshold that depends on the configuration: 258 bytes if using mbedtls_ssl_cookie_check, and possibly up to 571 bytes with a custom cookie check function. | 2022-07-15 | not yet calculated | CVE-2022-35409 MISC MISC |
| arox — school_erp_pro | Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1finance_master.inc.php. | 2022-07-15 | not yet calculated | CVE-2022-32119 MISC MISC MISC |
| arox — school_erp_pro | Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the dispatchcategory parameter in backoffice.inc.php. | 2022-07-15 | not yet calculated | CVE-2022-32118 MISC MISC |
| asea_brown_boveri_ltd — multiple_products |
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’), Improper Neutralization of Special Elements used in a Command (‘Command Injection’) vulnerability in flow computer and remote controller products of ABB ( RMC-100 (Standard), RMC-100-LITE, XIO, XFCG5 , XRCG5 , uFLOG5 , UDC) allows an attacker who successfully exploited this vulnerability could insert and run arbitrary code in an affected system node. | 2022-07-21 | not yet calculated | CVE-2022-0902 MISC |
| asustek — aura_ready_game_sdk |
There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILES(X86)%ASUSGameSDK.exe file. | 2022-07-21 | not yet calculated | CVE-2022-35899 MISC MISC MISC |
| atlassian — jira |
The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page. | 2022-07-22 | not yet calculated | CVE-2022-36131 MISC MISC |
| atlassian — multiple_products |
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security issue associated with this vulnerability: Cross-origin resource sharing (CORS) bypass. Sending a specially crafted HTTP request can invoke the Servlet Filter used to respond to CORS requests, resulting in a CORS bypass. An attacker that can trick a user into requesting a malicious URL can access the vulnerable application with the victim’s permissions. Atlassian Bamboo versions are affected before 8.0.9, from 8.1.0 before 8.1.8, and from 8.2.0 before 8.2.4. Atlassian Bitbucket versions are affected before 7.6.16, from 7.7.0 before 7.17.8, from 7.18.0 before 7.19.5, from 7.20.0 before 7.20.2, from 7.21.0 before 7.21.2, and versions 8.0.0 and 8.1.0. Atlassian Confluence versions are affected before 7.4.17, from 7.5.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and version 7.21.0. Atlassian Crowd versions are affected before 4.3.8, from 4.4.0 before 4.4.2, and version 5.0.0. Atlassian Fisheye and Crucible versions before 4.8.10 are affected. Atlassian Jira versions are affected before 8.13.22, from 8.14.0 before 8.20.10, and from 8.21.0 before 8.22.4. Atlassian Jira Service Management versions are affected before 4.13.22, from 4.14.0 before 4.20.10, and from 4.21.0 before 4.22.4. | 2022-07-20 | not yet calculated | CVE-2022-26137 MISC MISC MISC MISC MISC MISC MISC MISC |
| atlassian — multiple_products |
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by each app, and how the filters are used. This vulnerability can result in authentication bypass and cross-site scripting. Atlassian has released updates that fix the root cause of this vulnerability, but has not exhaustively enumerated all potential consequences of this vulnerability. Atlassian Bamboo versions are affected before 8.0.9, from 8.1.0 before 8.1.8, and from 8.2.0 before 8.2.4. Atlassian Bitbucket versions are affected before 7.6.16, from 7.7.0 before 7.17.8, from 7.18.0 before 7.19.5, from 7.20.0 before 7.20.2, from 7.21.0 before 7.21.2, and versions 8.0.0 and 8.1.0. Atlassian Confluence versions are affected before 7.4.17, from 7.5.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and version 7.21.0. Atlassian Crowd versions are affected before 4.3.8, from 4.4.0 before 4.4.2, and version 5.0.0. Atlassian Fisheye and Crucible versions before 4.8.10 are affected. Atlassian Jira versions are affected before 8.13.22, from 8.14.0 before 8.20.10, and from 8.21.0 before 8.22.4. Atlassian Jira Service Management versions are affected before 4.13.22, from 4.14.0 before 4.20.10, and from 4.21.0 before 4.22.4. | 2022-07-20 | not yet calculated | CVE-2022-26136 MISC MISC MISC MISC MISC MISC MISC MISC |
| atlassian — questions_for_confluence |
The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. This user account is created when installing versions 2.7.34, 2.7.35, and 3.0.2 of the app. | 2022-07-20 | not yet calculated | CVE-2022-26138 MISC MISC |
| barangay_management_system_project — barangay_management_system | Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /officials/officials.php. | 2022-07-19 | not yet calculated | CVE-2022-34023 MISC |
| barangay_management_system_project — barangay_management_system | Barangay Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the resident module editing function at /bmis/pages/resident/resident.php. | 2022-07-19 | not yet calculated | CVE-2022-34024 MISC |
| barangay_management_system_project — barangay_management_system |
Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /pages/household/household.php. | 2022-07-20 | not yet calculated | CVE-2022-34042 MISC |
| bentley — microstation | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an OBJ file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of OBJ files could enable an attacker to read information in the context of the current process. | 2022-07-15 | not yet calculated | CVE-2022-35902 MISC |
| bentley — microstation | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a 3DS file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of 3DS files could enable an attacker to read information in the context of the current process. | 2022-07-15 | not yet calculated | CVE-2022-35903 MISC |
| bentley — microstation | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an IFC file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of IFC files could enable an attacker to read information in the context of the current process. | 2022-07-15 | not yet calculated | CVE-2022-35904 MISC |
| bentley — microstation | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a JP2 file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of JP2 files could enable an attacker to read information in the context of the current process. | 2022-07-15 | not yet calculated | CVE-2022-35900 MISC |
| bentley — microstation | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a J2K file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of J2K files could enable an attacker to read information in the context of the current process. | 2022-07-15 | not yet calculated | CVE-2022-35901 MISC |
| bentley — microstation | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an FBX file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of FBX files could enable an attacker to read information in the context of the current process. | 2022-07-15 | not yet calculated | CVE-2022-35905 MISC |
| bentley — microstation | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a DGN file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of DGN files could enable an attacker to read information in the context of the current process. | 2022-07-15 | not yet calculated | CVE-2022-35906 MISC |
| blogifier — blogifier |
Blogifier v3.0 was discovered to contain an arbitrary file upload vulnerability at /api/storage/upload/PostImage. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted file. | 2022-07-20 | not yet calculated | CVE-2022-35569 MISC |
| bytecode_alliance — webassembly |
Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime’s code generator, Cranelift, where functions using reference types may be incorrectly missing metadata required for runtime garbage collection. This means that if a GC happens at runtime then the GC pass will mistakenly think these functions do not have live references to GC’d values, reclaiming them and deallocating them. The function will then subsequently continue to use the values assuming they had not been GC’d, leading later to a use-after-free. This bug was introduced in the migration to the `regalloc2` register allocator that occurred in the Wasmtime 0.37.0 release on 2022-05-20. This bug has been patched and users should upgrade to Wasmtime version 0.38.2. Mitigations for this issue can be achieved by disabling the reference types proposal by passing `false` to `wasmtime::Config::wasm_reference_types` or downgrading to Wasmtime 0.36.0 or prior. | 2022-07-21 | not yet calculated | CVE-2022-31146 CONFIRM MISC MISC |
| bytecode_alliance — webassembly |
Wasmtime is a standalone runtime for WebAssembly. There is a bug in Wasmtime’s code generator, Cranelift, for AArch64 targets where constant divisors can result in incorrect division results at runtime. This affects Wasmtime prior to version 0.38.2 and Cranelift prior to 0.85.2. This issue only affects the AArch64 platform. Other platforms are not affected. The translation rules for constants did not take into account whether sign or zero-extension should happen which resulted in an incorrect value being placed into a register when a division was encountered. The impact of this bug is that programs executing within the WebAssembly sandbox would not behave according to the WebAssembly specification. This means that it is hypothetically possible for execution within the sandbox to go awry and WebAssembly programs could produce unexpected results. This should not impact hosts executing WebAssembly but does affect the correctness of guest programs. This bug has been patched in Wasmtime version 0.38.2 and cranelift-codegen 0.85.2. There are no known workarounds. | 2022-07-22 | not yet calculated | CVE-2022-31169 CONFIRM MISC |
| caddy — caddy |
An out-of-bounds read in the rewrite function at /modules/caddyhttp/rewrite/rewrite.go in Caddy v2.5.1 allows attackers to cause a Denial of Service (DoS) via a crafted URI. | 2022-07-22 | not yet calculated | CVE-2022-34037 MISC |
| cellinx — cellinx_nvt_-_ip_ptz_camera_firmware | Allows a remote user to read files on the camera’s OS “GetFileContent.cgi”. Reading arbitrary files on the camera’s OS as root user. | 2022-07-18 | not yet calculated | CVE-2022-30621 MISC |
| cellinx — cellinx_nvt_-_ip_ptz_camera_firmware | On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: “1” to “0” privileges by changing the following cookie values from “is_admin”, “showConfig”. Administrative Privileges which allows changing various configuration in the camera. | 2022-07-18 | not yet calculated | CVE-2022-30620 MISC |
| chcnav — p5e_gnss_firmware | The server checks the user’s cookie in a non-standard way, and a value is entered in the cookie value name of the status and its value is set to true to bypass the identification with the system using a username and password. | 2022-07-18 | not yet calculated | CVE-2022-30623 MISC |
| chcnav — p5e_gnss_firmware | Browsing the admin.html page allows the user to reset the admin password. Also appears in the JS code for the password. | 2022-07-18 | not yet calculated | CVE-2022-30624 MISC |
| chcnav — p5e_gnss_firmware | Browsing the path: http://ip/wifi_ap_pata_get.cmd, will show in the name of the existing access point on the component, and a password in clear text. | 2022-07-18 | not yet calculated | CVE-2022-30626 MISC |
| chcnav — p5e_gnss_firmware | This vulnerability affects all of the company’s products that also include the FW versions: update_i90_cv2.021_b20210104, update_i50_v1.0.55_b20200509, update_x6_v2.1.2_b202001127, update_b5_v2.0.9_b20200706. This vulnerability makes it possible to extract from the FW the existing user passwords on their operating systems and passwords. | 2022-07-18 | not yet calculated | CVE-2022-30627 MISC |
| chcnav — p5e_gnss_firmware | Directory listing is a web server function that displays the directory contents when there is no index file in a specific website directory. A directory listing provides an attacker with the complete index of all the resources located inside of the directory. The specific risks and consequences vary depending on which files are listed and accessible. | 2022-07-18 | not yet calculated | CVE-2022-30625 MISC |
| chcnav — p5e_gnss_firmware |
Disclosure of information – the system allows you to view usernames and passwords without permissions, thus it will be possible to enter the system. Path access: http://api/sys_username_passwd.cmd – The server loads the request clearly by default. Disclosure of hard-coded credit information within the JS code sent to the customer within the Login.js file is a strong user (which is not documented) and also the password, which allow for super-user access. Username: chcadmin, Password: chcpassword. | 2022-07-17 | not yet calculated | CVE-2022-30622 MISC |
| chips_alliance — rocket-chip |
Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain insufficient cryptography via the component /rocket/RocketCore.scala. | 2022-07-18 | not yet calculated | CVE-2022-34632 MISC MISC MISC |
| cisco — cisco_iot_control_center |
A vulnerability in the web-based management interface of Cisco IoT Control Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. | 2022-07-22 | not yet calculated | CVE-2022-20916 CISCO |
| cisco — cisco_nexus_dashboard |
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device. | 2022-07-22 | not yet calculated | CVE-2022-20908 CISCO |
| cisco — cisco_nexus_dashboard |
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device. | 2022-07-22 | not yet calculated | CVE-2022-20906 CISCO |
| cisco — cisco_nexus_dashboard |
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device. | 2022-07-22 | not yet calculated | CVE-2022-20909 CISCO |
| cisco — cisco_nexus_dashboard |
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to insufficient input validation in the web-based management interface of Cisco Nexus Dashboard. An attacker with Administrator credentials could exploit this vulnerability by uploading a crafted file. A successful exploit could allow the attacker to overwrite arbitrary files on an affected device. | 2022-07-22 | not yet calculated | CVE-2022-20913 CISCO |
| cisco — cisco_nexus_dashboard |
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the Details section of this advisory. | 2022-07-21 | not yet calculated | CVE-2022-20858 CISCO |
| cisco — cisco_nexus_dashboard |
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the Details section of this advisory. | 2022-07-21 | not yet calculated | CVE-2022-20861 CISCO |
| cisco — cisco_nexus_dashboard |
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device. | 2022-07-22 | not yet calculated | CVE-2022-20907 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20898 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20886 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20888 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20887 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20873 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20883 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20879 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20880 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20890 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20878 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20902 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20877 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20876 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20875 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20889 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20891 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20901 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20911 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20903 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20904 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20900 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20899 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20897 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20910 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20874 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20912 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20896 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20892 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20893 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20894 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-22 | not yet calculated | CVE-2022-20895 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20882 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20884 CISCO |
| cisco — cisco_nexus_dashboard |
A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to alter communications with associated controllers or view sensitive information. This vulnerability exists because SSL server certificates are not validated when Cisco Nexus Dashboard is establishing a connection to Cisco Application Policy Infrastructure Controller (APIC), Cisco Cloud APIC, or Cisco Nexus Dashboard Fabric Controller, formerly Data Center Network Manager (DCNM) controllers. An attacker could exploit this vulnerability by using man-in-the-middle techniques to intercept the traffic between the affected device and the controllers, and then using a crafted certificate to impersonate the controllers. A successful exploit could allow the attacker to alter communications between devices or view sensitive information, including Administrator credentials for these controllers. | 2022-07-21 | not yet calculated | CVE-2022-20860 CISCO |
| cisco — cisco_nexus_dashboard |
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the Details section of this advisory. | 2022-07-21 | not yet calculated | CVE-2022-20857 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20885 CISCO |
| cisco — cisco_small_business_rv_series_router_firmware |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | 2022-07-21 | not yet calculated | CVE-2022-20881 CISCO |
| citilog — citilog_server |
The server in Citilog 8.0 allows an attacker (in a man in the middle position between the server and its smart camera Axis M1125) to see FTP credentials in a cleartext HTTP traffic. These can be used for FTP access to the server. | 2022-07-21 | not yet calculated | CVE-2022-28861 MISC MISC |
| citilog — citilog_server |
An authentication downgrade in the server in Citilog 8.0 allows an attacker (in a man in the middle position between the server and its smart camera Axis M1125) to achieve HTTP access to the camera. | 2022-07-21 | not yet calculated | CVE-2022-28860 MISC MISC |
| containrrr — shoutrrr | The package github.com/containrrr/shoutrrr/pkg/util before 0.6.0 are vulnerable to Denial of Service (DoS) via the util.PartitionMessage function. Exploiting this vulnerability is possible by sending exactly 2000, 4000, or 6000 characters messages. | 2022-07-15 | not yet calculated | CVE-2022-25891 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| couchbase — couchbase_server | In Couchbase Server 7.1.x before 7.1.1, an encrypted Private Key passphrase may be leaked in the logs. | 2022-07-15 | not yet calculated | CVE-2022-34826 MISC |
| couchbase — couchbase_server |
An issue was discovered in Couchbase Server before 7.0.4. A private key is leaked to the log files with certain crashes. | 2022-07-21 | not yet calculated | CVE-2022-32556 MISC MISC MISC |
| cva6 — cva6 | CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a treats non-standard fence instructions as illegal which can affect the function of the application. | 2022-07-18 | not yet calculated | CVE-2022-34639 MISC MISC |
| cva6 — cva6 |
CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted sfence.vma instructions rather create an exception. | 2022-07-18 | not yet calculated | CVE-2022-34633 MISC MISC |
| cva6 — cva6 |
The *tval of ecall/ebreak in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a was discovered to be incorrect. | 2022-07-18 | not yet calculated | CVE-2022-34640 MISC |
| cva6 — cva6 |
CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a implements an incorrect exception type when an illegal virtual address is loaded. | 2022-07-18 | not yet calculated | CVE-2022-34637 MISC |
| cva6 — cva6 |
CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a and RISCV-Boom commit ad64c5419151e5e886daee7084d8399713b46b4b implements the incorrect exception type when a PMA violation occurs during address translation. | 2022-07-18 | not yet calculated | CVE-2022-34636 MISC MISC |
| cva6 — cva6 |
The mstatus.sd field in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a does not update when the mstatus.fs field is set to Dirty. | 2022-07-18 | not yet calculated | CVE-2022-34635 MISC |
| cva6 — cva6 |
CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted det instructions rather create an exception. | 2022-07-18 | not yet calculated | CVE-2022-34634 MISC MISC |
| cva6 — cva6 |
CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a and RISCV-Boom commit ad64c5419151e5e886daee7084d8399713b46b4b implements the incorrect exception type when a PMP violation occurs during address translation. | 2022-07-18 | not yet calculated | CVE-2022-34641 MISC MISC MISC |
| dataease — dataease |
Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId. | 2022-07-22 | not yet calculated | CVE-2022-34115 MISC |
| dataease — dataease |
Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId. | 2022-07-22 | not yet calculated | CVE-2022-34114 MISC |
| dataease — dataease |
An issue in the component /api/plugin/upload of Dataease v1.11.1 allows attackers to execute arbitrary code via a crafted plugin. | 2022-07-22 | not yet calculated | CVE-2022-34113 MISC |
| dataease — dataease |
An access control issue in the component /api/plugin/uninstall Dataease v1.11.1 allows attackers to arbitrarily uninstall the plugin, a right normally reserved for the administrator. | 2022-07-22 | not yet calculated | CVE-2022-34112 MISC |
| dbus-broker — dbus-broker |
An issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service’s Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied. | 2022-07-17 | not yet calculated | CVE-2022-31212 MISC MISC |
| dbus-broker — dbus-broker |
An issue was discovered in dbus-broker before 31. Multiple NULL pointer dereferences can be found when supplying a malformed XML config file. | 2022-07-17 | not yet calculated | CVE-2022-31213 MISC MISC |
| dell — data_protection_central |
Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contain(s) a Cross-Site Request Forgery Vulnerability. A(n) remote unauthenticated attacker could potentially exploit this vulnerability, leading to processing of unintended server operations. | 2022-07-21 | not yet calculated | CVE-2022-34367 MISC |
| dell — emc_powerstore |
Dell EMC PowerStore, Versions prior to v3.0.0.0 contain a DLL Hijacking vulnerability in PSTCLI. A local attacker can potentially exploit this vulnerability to execute arbitrary code, escalate privileges, and bypass software allow list solutions, leading to system takeover or IP exposure. | 2022-07-21 | not yet calculated | CVE-2022-32498 MISC |
| dell — emc_powerstore |
Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the PowerStore underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege. | 2022-07-21 | not yet calculated | CVE-2022-22555 MISC |
| dell — emc_powerstore |
Dell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts Vulnerability in PowerStore Manager GUI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to password brute-forcing. Account takeover is possible if weak passwords are used by users. | 2022-07-21 | not yet calculated | CVE-2022-31234 MISC |
| dell — powerstore |
Dell PowerStore, versions prior to 3.0.0.0, contains an OS Command Injection vulnerability in PowerStore T environment. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may lead to a system take over by an attacker. | 2022-07-21 | not yet calculated | CVE-2022-33923 MISC |
| denx_software_engineering — u-boot |
squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service (DoS) condition or arbitrary code execution. | 2022-07-20 | not yet calculated | CVE-2022-33967 MISC MISC MISC MISC |
| digital_watchdog — dw_megapix_ip_cameras | Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/vca/license/license_tok.cgi. This vulnerability is exploitable via a crafted POST request. | 2022-07-19 | not yet calculated | CVE-2022-34540 MISC |
| digital_watchdog — dw_megapix_ip_cameras |
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/vca/bia/addacph.cgi. This vulnerability is exploitable via a crafted POST request. | 2022-07-19 | not yet calculated | CVE-2022-34538 MISC |
| digital_watchdog — dw_megapix_ip_cameras |
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a cross-site scripting (XSS) vulnerability via the component bia_oneshot.cgi. | 2022-07-19 | not yet calculated | CVE-2022-34537 MISC |
| digital_watchdog — dw_megapix_ip_cameras |
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows unauthenticated attackers to view internal paths and scripts via web files. | 2022-07-19 | not yet calculated | CVE-2022-34535 MISC |
| digital_watchdog — dw_megapix_ip_cameras |
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/curltest.cgi. This vulnerability is exploitable via a crafted POST request. | 2022-07-19 | not yet calculated | CVE-2022-34539 MISC |
| digital_watchdog — dw_megapix_ip_cameras |
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows attackers to access the core log file and perform session hijacking via a crafted session token. | 2022-07-19 | not yet calculated | CVE-2022-34536 MISC |
| digital_watchdog — dw_spectrum_server |
Digital Watchdog DW Spectrum Server 4.2.0.32842 allows attackers to access sensitive infromation via a crafted API call. | 2022-07-19 | not yet calculated | CVE-2022-34534 MISC |
| digiwin_bpm — digiwin_bpm |
Digiwin BPM has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform Blind SSRF attack to discover internal network topology base on URL error response. | 2022-07-20 | not yet calculated | CVE-2022-32457 CONFIRM |
| digiwin_bpm — digiwin_bpm |
Digiwin BPM’s function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify, delete database or disrupt service. | 2022-07-20 | not yet calculated | CVE-2022-32456 CONFIRM |
| digiwin_bpm — digiwin_bpm |
Digiwin BPM has a XML External Entity Injection (XXE) vulnerability due to insufficient validation for user input. An unauthenticated remote attacker can perform XML injection attack to access arbitrary system files. | 2022-07-20 | not yet calculated | CVE-2022-32458 CONFIRM |
| django — django_rest_framework |
Django REST framework (aka django-rest-framework) before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping. | 2022-07-23 | not yet calculated | CVE-2018-25045 MISC MISC MISC |
| dompdf_project — dompdf | External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0. | 2022-07-18 | not yet calculated | CVE-2022-2400 CONFIRM MISC |
| dotcms — dotcms |
An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. Attackers can craft a multipart form request to post a file whose filename is not initially sanitized. This allows directory traversal, in which the file is saved outside of the intended storage location. If anonymous content creation is enabled, this allows an unauthenticated attacker to upload an executable file, such as a .jsp file, that can lead to remote code execution. | 2022-07-17 | not yet calculated | CVE-2022-26352 MISC MISC |
| dotnetnuke — dotnetnuke |
DotNetNuke (DNN) 9.9.1 CMS is vulnerable to a Stored Cross-Site Scripting vulnerability in the user profile biography section which allows remote authenticated users to inject arbitrary code via a crafted payload. | 2022-07-20 | not yet calculated | CVE-2021-31858 MISC MISC |
| dovecot — dovecot |
An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user. | 2022-07-17 | not yet calculated | CVE-2022-30550 CONFIRM MISC MISC |
| dsk_systems — dsknet |
An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A PresAbs.php SQL Injection vulnerability allows unauthenticated users to taint database data and extract sensitive information via crafted HTTP requests. The type of SQL Injection is blind boolean based. (An unauthenticated attacker can discover the endpoint by abusing a Broken Access Control issue with further SQL injection attacks to gather all user’s badge numbers and PIN codes.) | 2022-07-18 | not yet calculated | CVE-2022-24690 MISC MISC |
| dsk_systems — dsknet |
An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. It mishandles access control. This allows a remote attacker to access account information pages (including personal data) without being authenticated. The collected information includes the badge numbers that operate as user login names. They have a PIN code. The PIN code is 4 digits and thus can be guessed in 10000 brute force attempts. | 2022-07-18 | not yet calculated | CVE-2022-24689 MISC MISC |
| dsk_systems — dsknet |
An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. The Touch settings allow unrestricted file upload (and consequently Remote Code Execution) via PDF upload with PHP content and a .php extension. The attacker must hijack or obtain privileged user access to the Parameters page in order to exploit this issue. (That can be easily achieved by exploiting the Broken Access Control with further Brute-force attack or SQL Injection.) The uploaded file is stored within the database and copied to the sync web folder if the attacker visits a certain .php?action= page. | 2022-07-18 | not yet calculated | CVE-2022-24688 MISC MISC |
| dsk_systems — dsknet |
An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A SQL Injection vulnerability allows authenticated users to taint database data and extract sensitive information via crafted HTTP requests. The type of SQL Injection is blind boolean based. | 2022-07-18 | not yet calculated | CVE-2022-24691 MISC MISC |
| dsk_systems — dsknet |
An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. The new menu option within the general Parameters page is vulnerable to stored XSS. The attacker can create a menu option, make it visible to every application user, and conduct session hijacking, account takeover, or malicious code delivery, with the final goal of achieving client-side code execution. | 2022-07-18 | not yet calculated | CVE-2022-24692 MISC MISC |
| eveo — urve_web_manager | A vulnerability was found in URVE Web Manager. It has been classified as critical. This affects an unknown part of the file kreator.html5/img_upload.php. The manipulation leads to unrestricted upload. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used. | 2022-07-15 | not yet calculated | CVE-2022-2418 N/A N/A |
| eveo — urve_web_manager | A vulnerability was found in URVE Web Manager. It has been declared as critical. This vulnerability affects unknown code of the file _internal/collector/upload.php. The manipulation leads to unrestricted upload. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used. | 2022-07-15 | not yet calculated | CVE-2022-2419 N/A N/A |
| eveo — urve_web_manager | A vulnerability was found in URVE Web Manager. It has been rated as critical. This issue affects some unknown processing of the file _internal/uploader.php. The manipulation leads to unrestricted upload. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used. | 2022-07-15 | not yet calculated | CVE-2022-2420 N/A N/A |
| ferdi — ferdi |
A Cross-Site Request Forgery (CSRF) in Ferdi through 5.8.1 and Ferdium through 6.0.0-nightly.98 allows attackers to read files via an uploaded file such as a settings/preferences file. | 2022-07-17 | not yet calculated | CVE-2022-32320 MISC MISC MISC |
| file-type — file-type |
An issue was discovered in the file-type package before 16.5.4 and 17.x before 17.1.3 for Node.js. A malformed MKV file could cause the file type detector to get caught in an infinite loop. This would make the application become unresponsive and could be used to cause a DoS attack. | 2022-07-21 | not yet calculated | CVE-2022-36313 CONFIRM CONFIRM MISC |
| filezilla_client — filezilla_client |
A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:Program FilesFileZilla FTP Clientuninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-07-18 | not yet calculated | CVE-2016-15003 MISC MISC MISC |
| filezilla_server — filezilla_server |
A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50. This affects an unknown part of the component PORT Handler. The manipulation leads to unintended intermediary. It is possible to initiate the attack remotely. Upgrading to version 0.9.51 is able to address this issue. It is recommended to upgrade the affected component. | 2022-07-17 | not yet calculated | CVE-2015-10003 MISC MISC |
| fortinet — fortiap-u |
A path traversal vulnerability [CWE-22] in FortiAP-U CLI 6.2.0 through 6.2.3, 6.0.0 through 6.0.4, 5.4.0 through 5.4.6 may allow an admin user to delete and access unauthorized files and data via specifically crafted CLI commands. | 2022-07-19 | not yet calculated | CVE-2022-30301 CONFIRM |
| fortinet — fortiauthenticator_agent_for_microsoft_outlook_web_access | An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiAuthenticator OWA Agent for Microsoft version 2.2 and 2.1 may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests. | 2022-07-18 | not yet calculated | CVE-2022-22304 CONFIRM |
| fortinet — forticlient_for_windows |
A relative path traversal vulnerability [CWE-23] in FortiClient for Windows versions 7.0.2 and prior, 6.4.6 and prior and 6.2.9 and below may allow a local unprivileged attacker to escalate their privileges to SYSTEM via the named pipe responsible for FortiESNAC service. | 2022-07-18 | not yet calculated | CVE-2021-41031 CONFIRM |
| fortinet — fortiddos_api |
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API 5.5.0 through 5.5.1, 5.4.0 through 5.4.2, 5.3.0 through 5.3.1, 5.2.0, 5.1.0 may allow an attacker who managed to retrieve the key from one device to sign JWT tokens for any device. | 2022-07-19 | not yet calculated | CVE-2022-29060 CONFIRM |
| fortinet — fortideceptor |
Multiple relative path traversal vulnerabilities [CWE-23] in FortiDeceptor management interface 1.0.0 through 3.2.x, 3.3.0 through 3.3.2, 4.0.0 through 4.0.1 may allow a remote and authenticated attacker to retrieve and delete arbitrary files from the underlying filesystem via specially crafted web requests. | 2022-07-19 | not yet calculated | CVE-2022-30302 CONFIRM |
| fortinet — fortinac |
An empty password in configuration file vulnerability [CWE-258] in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.3 and below may allow an authenticated attacker to access the MySQL databases via the CLI. | 2022-07-18 | not yet calculated | CVE-2022-26117 CONFIRM |
| fortinet — fortinet_fortiadc |
Multiple improper neutralization of special elements used in an SQL Command (‘SQL Injection’) vulnerabilities [CWE-89] in FortiADC management interface 7.0.0 through 7.0.1, 5.0.0 through 6.2.2 may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests. | 2022-07-18 | not yet calculated | CVE-2022-26120 CONFIRM |
| fortinet — fortinet_forticlientwindows |
An execution with unnecessary privileges vulnerability [CWE-250] in FortiClientWindows 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.0 through 6.2.9, 6.0.0 through 6.0.10 may allow a local attacker to perform an arbitrary file write on the system. | 2022-07-19 | not yet calculated | CVE-2022-26113 CONFIRM |
| fortinet — fortinet_fortiedr |
A improper neutralization of input during web page generation (‘cross-site scripting’) in Fortinet FortiEDR version 5.1.0, 5.0.0 through 5.0.3 Patch 6 and 4.0.0 allows a remote authenticated attacker to perform a reflected cross site scripting attack (XSS) by injecting malicious payload into the Management Console via various endpoints. | 2022-07-19 | not yet calculated | CVE-2022-29057 CONFIRM |
| fortinet — fortinet_fortios |
An improper neutralization of input during web page generation (‘Cross-site Scripting’) [CWE-79] vulnerability in FortiOS version 7.0.5 and prior and 6.4.9 and prior may allow an unauthenticated remote attacker to perform a reflected cross site scripting (XSS) attack in the captive portal authentication replacement page. | 2022-07-18 | not yet calculated | CVE-2022-23438 CONFIRM |
| fortinet — fortitokenmobile |
A improper validation of certificate with host mismatch in Fortinet FortiTokenAndroid version 5.0.3 and below, Fortinet FortiTokeniOS version 5.2.0 and below, Fortinet FortiTokenWinApp version 4.0.3 and below allows attacker to retrieve information disclosed via man-in-the-middle attacks. | 2022-07-18 | not yet calculated | CVE-2021-22131 CONFIRM |
| fortinet — multiple_products |
A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments. | 2022-07-18 | not yet calculated | CVE-2021-44170 CONFIRM |
| fortinet — multiple_products |
An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service. | 2022-07-18 | not yet calculated | CVE-2021-42755 CONFIRM |
| fortinet — multiple_products |
A privilege chaining vulnerability [CWE-268] in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4.0 through 6.4.7, 7.0.0 through 7.0.3 may allow a local and authenticated attacker with a restricted shell to escalate their privileges to root due to incorrect permissions of some folders and executable files on the system. | 2022-07-18 | not yet calculated | CVE-2022-26118 CONFIRM |
| fortinet — multiple_products |
A improper neutralization of special elements used in an os command (‘os command injection’) in Fortinet FortiManager version 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.x and 6.0.x and FortiAnalyzer version 7.0.0 through 7.0.3, version 6.4.0 through 6.4.7, 6.2.x and 6.0.x allows attacker to execute arbitrary shell code as `root` user via `diagnose system` CLI commands. | 2022-07-19 | not yet calculated | CVE-2022-27483 CONFIRM |
| foxit — pdf_editor | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16821. | 2022-07-18 | not yet calculated | CVE-2022-28680 MISC MISC |
| foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16805. | 2022-07-18 | not yet calculated | CVE-2022-28678 MISC MISC |
| foxit — pdf_reader | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the deletePages method. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16825. | 2022-07-18 | not yet calculated | CVE-2022-28681 MISC MISC |
| foxit — pdf_reader | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-17474. | 2022-07-18 | not yet calculated | CVE-2022-34874 MISC MISC |
| foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the deletePages method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16828. | 2022-07-18 | not yet calculated | CVE-2022-28683 MISC MISC |
| foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16663. | 2022-07-18 | not yet calculated | CVE-2022-28677 MISC MISC |
| foxit — pdf_reader | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16777. | 2022-07-18 | not yet calculated | CVE-2022-34873 MISC MISC |
| foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16420. | 2022-07-18 | not yet calculated | CVE-2022-28669 MISC MISC |
| foxit — pdf_reader | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of AcroForms. Crafted data in an AcroForm can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16523. | 2022-07-18 | not yet calculated | CVE-2022-28670 MISC MISC |
| foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16639. | 2022-07-18 | not yet calculated | CVE-2022-28671 MISC MISC |
| foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16640. | 2022-07-18 | not yet calculated | CVE-2022-28672 MISC MISC |
| foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16641. | 2022-07-18 | not yet calculated | CVE-2022-28673 MISC MISC |
| foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16861. | 2022-07-18 | not yet calculated | CVE-2022-28679 MISC MISC |
| foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16643. | 2022-07-18 | not yet calculated | CVE-2022-28676 MISC MISC |
| foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16642. | 2022-07-18 | not yet calculated | CVE-2022-28675 MISC MISC |
| foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16644. | 2022-07-18 | not yet calculated | CVE-2022-28674 MISC MISC |
| foxit — pdf_reader | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of ADBC objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16981. | 2022-07-18 | not yet calculated | CVE-2022-34875 MISC MISC |
| foxit — pdf_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16778. | 2022-07-18 | not yet calculated | CVE-2022-28682 MISC MISC |
| garage_management_system — garage_management_system |
A vulnerability was found in SourceCodester Garage Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /editbrand.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-07-19 | not yet calculated | CVE-2022-2468 MISC MISC |
| garage_management_system — garage_management_system |
A vulnerability has been found in SourceCodester Garage Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument username with the input 1@a.com’ AND (SELECT 6427 FROM (SELECT(SLEEP(5)))LwLu) AND ‘hsvT’=’hsvT leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-07-19 | not yet calculated | CVE-2022-2467 MISC MISC |
| gentics — gentics_cms | An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description and in the username. | 2022-07-17 | not yet calculated | CVE-2022-30982 MISC |
| gentics — gentics_cms | An issue was discovered in Gentics CMS before 5.43.1. By uploading a malicious ZIP file, an attacker is able to deserialize arbitrary data and hence can potentially achieve Java code execution. | 2022-07-17 | not yet calculated | CVE-2022-30981 MISC |
| gnu — gnu_sasl |
GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client | 2022-07-19 | not yet calculated | CVE-2022-2469 CONFIRM MISC DEBIAN |
| golang — go | Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 – 1 bytes. | 2022-07-15 | not yet calculated | CVE-2022-30634 MISC MISC MISC MISC |
| goldshellminer — goldshellminer |
Goldshell ASIC Miners v2.2.1 and below was discovered to contain a path traversal vulnerability which allows unauthenticated attackers to retrieve arbitrary files from the device. | 2022-07-20 | not yet calculated | CVE-2022-24659 MISC MISC |
| goldshellminer — goldshellminer |
Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol (port 22). | 2022-07-20 | not yet calculated | CVE-2022-24657 MISC MISC |
| goldshellminer — goldshellminer |
The debug interface of Goldshell ASIC Miners v2.2.1 and below was discovered to be exposed publicly on the web interface, allowing attackers to access passwords and other sensitive information in plaintext. | 2022-07-20 | not yet calculated | CVE-2022-24660 MISC MISC |
| gollum_project — gollum | Cross site scripting (XSS) in gollum 5.0 to 5.1.2 via the filename parameter to the ‘New Page’ dialog. | 2022-07-15 | not yet calculated | CVE-2020-35305 MISC MISC MISC MISC |
| google — capsule_workspace_android_app |
A potential memory corruption issue was found in Capsule Workspace Android app (running on GrapheneOS). This could result in application crashing but could not be used to gather any sensitive information. | 2022-07-18 | not yet calculated | CVE-2022-23745 MISC |
| google — chrome |
Use after free in Tab Strip in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific set of user gestures. | 2022-07-23 | not yet calculated | CVE-2022-1136 MISC MISC |
| google — chrome |
Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions. | 2022-07-22 | not yet calculated | CVE-2022-0980 MISC MISC |
| google — chrome |
Use after free in Safe Browsing in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | 2022-07-22 | not yet calculated | CVE-2022-0979 MISC MISC |
| google — chrome |
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1129 MISC MISC |
| google — chrome |
Insufficient validation of trust input in WebOTP in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to send arbitrary intents from any app via a malicious app. | 2022-07-23 | not yet calculated | CVE-2022-1130 MISC MISC |
| google — chrome |
Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device. | 2022-07-23 | not yet calculated | CVE-2022-1132 MISC MISC |
| google — chrome |
Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1137 MISC MISC |
| google — chrome |
Type confusion in V8 in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1134 MISC MISC |
| google — chrome |
Use after free in Browser UI in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | 2022-07-21 | not yet calculated | CVE-2022-0977 MISC MISC |
| google — chrome |
Use after free in WebRTC Perf in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1133 MISC MISC |
| google — chrome |
Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1096 MISC MISC |
| google — chrome |
Use after free in Shopping Cart in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via standard feature user interaction. | 2022-07-23 | not yet calculated | CVE-2022-1135 MISC MISC |
| google — chrome |
Inappropriate implementation in Resource Timing in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1146 MISC MISC |
| google — chrome |
Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | 2022-07-23 | not yet calculated | CVE-2022-1142 MISC MISC |
| google — chrome |
Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | 2022-07-23 | not yet calculated | CVE-2022-1143 MISC MISC |
| google — chrome |
Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user gesture. | 2022-07-23 | not yet calculated | CVE-2022-1141 MISC MISC |
| google — chrome |
Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1139 MISC MISC |
| google — chrome |
Use after free in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | 2022-07-23 | not yet calculated | CVE-2022-1144 MISC MISC |
| google — chrome |
Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interaction and profile destruction. | 2022-07-23 | not yet calculated | CVE-2022-1145 MISC MISC |
| google — chrome |
Use after free in QR Code Generator in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. | 2022-07-23 | not yet calculated | CVE-2022-1127 MISC MISC |
| google — chrome |
Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-21 | not yet calculated | CVE-2022-0975 MISC MISC |
| google — chrome |
Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 2022-07-21 | not yet calculated | CVE-2022-0971 MISC MISC |
| google — chrome |
Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1138 MISC MISC |
| google — chrome |
Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-21 | not yet calculated | CVE-2022-0976 MISC MISC |
| google — chrome |
Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | 2022-07-21 | not yet calculated | CVE-2022-0974 MISC MISC |
| google — chrome |
Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-21 | not yet calculated | CVE-2022-0973 MISC MISC |
| google — chrome |
Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | 2022-07-21 | not yet calculated | CVE-2022-0972 MISC MISC |
| google — h96_smart_tv_box_h96_pro_plus |
An issue was discovered in H96 Smart TV Box H96 Pro Plus allows attackers to corrupt files via calls to the saveDeepColorAttr service.unk | 2022-07-20 | not yet calculated | CVE-2020-21405 MISC |
| google — multiple_products |
An issue was discovered in RK Smart TV Box MAX and V88 SmartTV box that allows attackers to cause a denial of service via the switchNextDisplayInterface service. | 2022-07-20 | not yet calculated | CVE-2020-21406 MISC |
| google — chrome |
Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1128 MISC MISC |
| google — chrome |
Use after free in Portals in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. | 2022-07-23 | not yet calculated | CVE-2022-1125 MISC MISC |
| google — chrome |
Use after free in Cast UI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-23 | not yet calculated | CVE-2022-1131 MISC MISC |
| google — chrome |
Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2022-07-22 | not yet calculated | CVE-2022-0978 MISC MISC |
| gpac — gpac/gpac |
Use After Free in GitHub repository gpac/gpac prior to 2.1-DEV. | 2022-07-19 | not yet calculated | CVE-2022-2453 CONFIRM MISC |
| gpac — gpac/gpac |
Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV. | 2022-07-19 | not yet calculated | CVE-2022-2454 MISC CONFIRM |
| grafana — grafana | Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user’s external user id is not already associated with an account in Grafana, the malicious user’s email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user’s Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address. | 2022-07-15 | not yet calculated | CVE-2022-31107 MISC MISC CONFIRM MISC |
| grafana — grafana | Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting. | 2022-07-15 | not yet calculated | CVE-2022-31097 MISC CONFIRM MISC MISC |
| grails — grails |
In grails-databinding in Grails before 3.3.15, 4.x before 4.1.1, 5.x before 5.1.9, and 5.2.x before 5.2.1 (at least when certain Java 8 configurations are used), data binding allows a remote attacker to execute code by gaining access to the class loader. | 2022-07-19 | not yet calculated | CVE-2022-35912 CONFIRM CONFIRM CONFIRM MLIST |
| grunt — grunt-util-property |
This affects all versions of package grunt-util-property. The function call could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload. | 2022-07-17 | not yet calculated | CVE-2020-7641 MISC MISC |
| gstreamer — gstreamer |
DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can’t be triggered, however the matroskaparse element has no size checks. | 2022-07-19 | not yet calculated | CVE-2022-1925 MISC |
| gstreamer — gstreamer |
DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. | 2022-07-19 | not yet calculated | CVE-2022-2122 MISC |
| gstreamer — gstreamer |
Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite. | 2022-07-19 | not yet calculated | CVE-2022-1920 MISC |
| gstreamer — gstreamer |
DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite. | 2022-07-19 | not yet calculated | CVE-2022-1924 MISC |
| gstreamer — gstreamer |
DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite. | 2022-07-19 | not yet calculated | CVE-2022-1923 MISC |
| gstreamer — gstreamer |
DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_matroska_decompress_data function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite. | 2022-07-19 | not yet calculated | CVE-2022-1922 MISC |
| gstreamer — gstreamer |
Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite. | 2022-07-19 | not yet calculated | CVE-2022-1921 MISC |
| h3c — magic_r200 |
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm. | 2022-07-20 | not yet calculated | CVE-2022-34599 MISC |
| h3c — magic_r200 |
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the URL /ihomers/app. | 2022-07-20 | not yet calculated | CVE-2022-34610 MISC |
| h3c — magic_r200 |
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /doping.asp. | 2022-07-20 | not yet calculated | CVE-2022-34609 MISC |
| h3c — magic_r200 |
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ajaxmsg parameter at /AJAX/ajaxget. | 2022-07-20 | not yet calculated | CVE-2022-34608 MISC |
| h3c — magic_r200 |
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /doping.asp. | 2022-07-20 | not yet calculated | CVE-2022-34607 MISC |
| h3c — magic_r200 |
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditvsList parameter at /dotrace.asp. | 2022-07-20 | not yet calculated | CVE-2022-34606 MISC |
| h3c — magic_r200 |
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /dotrace.asp. | 2022-07-20 | not yet calculated | CVE-2022-34605 MISC |
| h3c — magic_r200 |
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /dotrace.asp. | 2022-07-20 | not yet calculated | CVE-2022-34604 MISC |
| h3c — magic_r200 |
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm. | 2022-07-20 | not yet calculated | CVE-2022-34603 MISC |
| h3c — magic_r200 |
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm. | 2022-07-20 | not yet calculated | CVE-2022-34602 MISC |
| h3c — magic_r200 |
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm. | 2022-07-20 | not yet calculated | CVE-2022-34601 MISC |
| h3c — magic_r200 |
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm. | 2022-07-20 | not yet calculated | CVE-2022-34600 MISC |
| hallo_welt!_gmbh — bluespice |
Cross-site Scripting (XSS) vulnerability in the “commonuserinterface” component of BlueSpice allows an attacker to inject arbitrary HTML into a page using the title parameter of the call URL. | 2022-07-22 | not yet calculated | CVE-2022-2511 CONFIRM |
| hallo_welt!_gmbh — bluespice |
Cross-site Scripting (XSS) vulnerability in “Extension:ExtendedSearch” of Hallo Welt! GmbH BlueSpice allows attacker to inject arbitrary HTML (XSS) on page “Special:SearchCenter”, using the search term in the URL. | 2022-07-22 | not yet calculated | CVE-2022-2510 CONFIRM |
| hcl_software — hcl_bigfix |
BigFix Web Reports authorized users may perform HTML injection for the email administrative configuration page. | 2022-07-19 | not yet calculated | CVE-2022-27545 MISC |
| hcl_software — hcl_bigfix |
BigFix Web Reports authorized users may see SMTP credentials in clear text. | 2022-07-19 | not yet calculated | CVE-2022-27544 MISC |
| hicos — hicos |
HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for card number. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system data or terminate service. | 2022-07-20 | not yet calculated | CVE-2022-32960 CONFIRM |
| hicos — hicos |
HICOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for token information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system data or terminate service. | 2022-07-20 | not yet calculated | CVE-2022-32961 CONFIRM |
| hicos — hicos |
HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for OS information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system data or terminate service. | 2022-07-20 | not yet calculated | CVE-2022-32959 CONFIRM |
| hicos — hicos |
HiCOS’ client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service. | 2022-07-20 | not yet calculated | CVE-2022-32962 CONFIRM |
| honeywell — alerton_ascent_control_module_firmware | Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be store on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller’s function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function. | 2022-07-15 | not yet calculated | CVE-2022-30244 MISC MISC MISC |
| honeywell — alerton_ascent_control_module_firmware | Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller configuration without the knowledge of other users, altering the controller’s function capabilities. The changed configuration is not updated in the User Interface, which creates an inconsistency between the configuration display and the actual configuration on the controller. After the configuration change, remediation requires reverting to the correct configuration, requiring either physical or remote access depending on the configuration that was altered. | 2022-07-15 | not yet calculated | CVE-2022-30242 MISC MISC MISC |
| honeywell — alterton_visual_logic_firmware | Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be stored on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller’s function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function. | 2022-07-15 | not yet calculated | CVE-2022-30243 MISC MISC MISC |
| hospital_management_system — hospital_management_system |
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in /HMS/admin.php. | 2022-07-20 | not yet calculated | CVE-2022-34590 MISC |
| htmldoc — htmldoc |
HTMLDoc v1.9.12 and below was discovered to contain a heap overflow via e_node htmldoc/htmldoc/html.cxx:588. | 2022-07-18 | not yet calculated | CVE-2022-34035 MISC MISC MISC |
| htmldoc — htmldoc |
HTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_header) /htmldoc/htmldoc/html.cxx:273. | 2022-07-18 | not yet calculated | CVE-2022-34033 MISC MISC MISC |
| hudson — hudson |
Hudson (aka org.jvnet.hudson.main:hudson-core) before 3.3.2 allows XXE attacks. | 2022-07-18 | not yet calculated | CVE-2015-8031 MISC MISC MISC |
| hypr — hypr_server |
Forced Browsing vulnerability in HYPR Server version 6.10 to 6.15.1 allows remote attackers with a valid one-time recovery token to elevate privileges via path tampering in the Magic Link page. This issue affects: HYPR Server versions later than 6.10; version 6.15.1 and prior versions. | 2022-07-19 | not yet calculated | CVE-2022-2192 MISC |
| hypr — hypr_server |
Insecure Direct Object Reference vulnerability in HYPR Server before version 6.14.1 allows remote authenticated attackers to add a FIDO2 authenticator to arbitrary accounts via parameter tampering in the Device Manager page. This issue affects: HYPR Server versions prior to 6.14.1. | 2022-07-19 | not yet calculated | CVE-2022-2193 MISC |
| hypr — hypr_windows_wfa |
This issue affects: HYPR Windows WFA versions prior to 7.2; Unsafe Deserialization vulnerability in HYPR Workforce Access (WFA) before version 7.2 may allow local authenticated attackers to elevate privileges via a malicious serialized payload. | 2022-07-19 | not yet calculated | CVE-2022-1984 MISC |
| ibm — ibm-qradar-siem |
IBM QRadar SIEM 7.3, 7.4, and 7.5 could disclose highly sensitive information to a privileged user. IBM X-Force ID: 210893. | 2022-07-20 | not yet calculated | CVE-2021-38936 XF CONFIRM |
| ibm — ibm_engineering_requirements_quality_assistant_on-premises |
IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 203310. | 2022-07-18 | not yet calculated | CVE-2021-29788 CONFIRM XF |
| ibm — ibm_engineering_requirements_quality_assistant_on-premises |
IBM Engineering Requirements Quality Assistant On-Premises (All versions) could allow an authenticated user to obtain sensitive information due to improper client side validation. IBM X-Force ID: 203738. | 2022-07-18 | not yet calculated | CVE-2021-29799 XF CONFIRM |
| ibm — ibm_engineering_requirements_quality_assistant_on-premises |
IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force Id: 208310. | 2022-07-18 | not yet calculated | CVE-2021-38868 XF CONFIRM |
| ibm — ibm_engineering_requirements_quality_assistant_on-premises |
IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 203440. | 2022-07-18 | not yet calculated | CVE-2021-29790 CONFIRM XF |
| ibm — ibm_qradar_siem |
IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information from the TLS key file due to incorrect file permissions. IBM X-Force ID: 223597. | 2022-07-20 | not yet calculated | CVE-2022-22424 CONFIRM XF |
| ibm — ibm_qradar_siem |
IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter-host communications. IBM X-Force ID: 202015. | 2022-07-20 | not yet calculated | CVE-2021-29755 CONFIRM XF |
| ibm — multiple_products |
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 223127. | 2022-07-19 | not yet calculated | CVE-2022-22417 XF CONFIRM |
| ibm — multiple_products |
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 223126. | 2022-07-19 | not yet calculated | CVE-2022-22416 XF CONFIRM |
| ibm — multiple_products |
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability and could result in in granting permission to unauthorized resources. IBM X-Force ID: 220782. | 2022-07-19 | not yet calculated | CVE-2022-22360 CONFIRM XF |
| ibm — multiple_products |
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 220652. | 2022-07-19 | not yet calculated | CVE-2022-22359 XF CONFIRM |
| ibm — multiple_products |
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 220651. | 2022-07-19 | not yet calculated | CVE-2022-22358 CONFIRM XF |
| ibm — powervm_hypervisor |
An attacker that gains service access to the FSP (POWER9 only) or gains admin authority to a partition can compromise partition firmware. | 2022-07-18 | not yet calculated | CVE-2022-22445 XF CONFIRM |
| ics-cert — rockwell_automation_micrologix_1100/1400 |
The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks. | 2022-07-20 | not yet calculated | CVE-2022-2179 CONFIRM CONFIRM |
| inductive_automation — ignition |
An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and integrity. | 2022-07-22 | not yet calculated | CVE-2022-1655 MISC |
| inductive_automation — ignition |
The affected product may allow an attacker with access to the Ignition web configuration to run arbitrary code. | 2022-07-20 | not yet calculated | CVE-2022-1264 MISC |
| inductiveautomation — ignition | An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. The ScriptInvoke function allows remote attackers to execute arbitrary code by supplying a Python script. | 2022-07-16 | not yet calculated | CVE-2022-36126 MISC MISC MISC |
| inductiveautomation — ignition | An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. Designer and Vision Client Session IDs are mishandled. An attacker can determine which session IDs were generated in the past and then hijack sessions assigned to these IDs via Randy. | 2022-07-15 | not yet calculated | CVE-2022-35890 MISC MISC |
| infinitewp_client_plugin — infinitewp_client_plugin |
A vulnerability was found in InfiniteWP Client Plugin 1.5.1.3/1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to injection. The attack can be launched remotely. Upgrading to version 1.6.1.1 is able to address this issue. It is recommended to upgrade the affected component. | 2022-07-23 | not yet calculated | CVE-2016-15004 MISC MISC MISC |
| irfanview — irfanview | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000002cba. | 2022-07-18 | not yet calculated | CVE-2020-23563 MISC MISC |
| irfanview — irfanview |
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000005722. | 2022-07-18 | not yet calculated | CVE-2020-23561 MISC MISC |
| irfanview — irfanview |
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000aefe. | 2022-07-18 | not yet calculated | CVE-2020-23562 MISC MISC |
| itechscripts — dating_script | A vulnerability classified as critical was found in Itech Dating Script 3.26. Affected by this vulnerability is an unknown functionality of the file /see_more_details.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-16 | not yet calculated | CVE-2017-20135 MISC MISC |
| itechscripts — freelancer_script | A vulnerability, which was classified as critical, has been found in Itech Freelancer Script 5.13. Affected by this issue is some unknown functionality of the file /category.php. The manipulation of the argument sk leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-16 | not yet calculated | CVE-2017-20134 MISC MISC |
| itechscripts — job_portal_script | A vulnerability, which was classified as critical, was found in Itech Job Portal Script 9.13. This affects an unknown part of the file /admin. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. | 2022-07-16 | not yet calculated | CVE-2017-20133 MISC |
| itechscripts — movie_portal_script |
A vulnerability was found in Itech Movie Portal Script 7.36. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /movie.php. The manipulation of the argument f with the input <img src=i onerror=prompt(1)> leads to basic cross site scripting (Reflected). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-22 | not yet calculated | CVE-2017-20140 N/A N/A |
| itechscripts — movie_portal_script |
A vulnerability was found in Itech Movie Portal Script 7.36. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /show_news.php. The manipulation of the argument id with the input AND (SELECT 1222 FROM(SELECT COUNT(*),CONCAT(0x71786b7a71,(SELECT (ELT(1222=1222,1))),0x717a627871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) leads to sql injection (Error). The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-22 | not yet calculated | CVE-2017-20139 N/A N/A |
| itechscripts — movie_portal_script |
A vulnerability classified as critical was found in Itech Movie Portal Script 7.36. This vulnerability affects unknown code of the file /artist-display.php. The manipulation of the argument act leads to sql injection (Union). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-07-22 | not yet calculated | CVE-2017-20142 N/A N/A |
| itechscripts — movie_portal_script |
A vulnerability, which was classified as critical, has been found in Itech Movie Portal Script 7.36. This issue affects some unknown processing of the file /film-rating.php. The manipulation of the argument v leads to sql injection (Error). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-07-22 | not yet calculated | CVE-2017-20143 N/A N/A |
| itechscripts — movie_portal_script |
A vulnerability classified as critical has been found in Itech Movie Portal Script 7.36. This affects an unknown part of the file /movie.php. The manipulation of the argument f leads to sql injection (Union). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2022-07-22 | not yet calculated | CVE-2017-20141 N/A N/A |
| itechscripts — multi_vendor_script | A vulnerability was found in Itech Multi Vendor Script 6.49 and classified as critical. This issue affects some unknown processing of the file /multi-vendor-shopping-script/product-list.php. The manipulation of the argument pl leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-07-16 | not yet calculated | CVE-2017-20132 MISC MISC |
| itechscripts — news_portal_script | A vulnerability was found in Itech News Portal 6.28. It has been classified as critical. Affected is an unknown function of the file /news-portal-script/information.php. The manipulation of the argument inf leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2022-07-16 | not yet calculated | CVE-2017-20131 MISC MISC |
| itechscripts — real_estate_script | A vulnerability was found in Itech Real Estate Script 3.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /real-estate-script/search_property.php. The manipulation of the argument property_for leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-16 | not yet calculated | CVE-2017-20130 MISC MISC |
| itsourcecode — advanced_school_management_system |
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via the grade parameter at /school/view/student_grade_wise.php. | 2022-07-20 | not yet calculated | CVE-2022-34586 MISC |
| itsourcecode — advanced_school_management_system |
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via the grade parameter at /school/view/timetable_insert_form.php. | 2022-07-20 | not yet calculated | CVE-2022-34588 MISC |
| jetbrains — teamcity |
In JetBrains TeamCity before 2022.04.2 build parameter injection was possible | 2022-07-20 | not yet calculated | CVE-2022-36322 MISC |
| jetbrains — teamcity |
In JetBrains TeamCity before 2022.04.2 the private SSH key could be written to the build log in some cases | 2022-07-20 | not yet calculated | CVE-2022-36321 MISC |
| johnson_controls — api_for_metasys_ads/adx/oas |
Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.2 and enumerate users. | 2022-07-22 | not yet calculated | CVE-2021-36200 CONFIRM CERT |
| jquery — jquery |
jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. Calling `.checkboxradio( “refresh” )` on such a widget and the initial HTML contained encoded HTML entities will make them erroneously get decoded. This can lead to potentially executing JavaScript code. The bug has been patched in jQuery UI 1.13.2. To remediate the issue, someone who can change the initial HTML can wrap all the non-input contents of the `label` in a `span`. | 2022-07-20 | not yet calculated | CVE-2022-31160 CONFIRM MISC MISC |
| juniper_networks — junos_os | A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS). Continued gathering of AF interface statistics will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on MX Series: 20.1 versions later than 20.1R1; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R2. | 2022-07-20 | not yet calculated | CVE-2022-22207 CONFIRM |
| juniper_networks — junos_os |
An Improper Release of Memory Before Removing Last Reference vulnerability in the Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Juniper Networks Junos OS allows unauthenticated network-based attacker to cause a partial Denial of Service (DoS). On all MX and SRX platforms, if the SIP ALG is enabled, receipt of a specific SIP packet will create a stale SIP entry. Sustained receipt of such packets will cause the SIP call table to eventually fill up and cause a DoS for all SIP traffic. The SIP call usage can be monitored by “show security alg sip calls”. To be affected the SIP ALG needs to be enabled, either implicitly / by default or by way of configuration. Please verify on SRX with: user@host> show security alg status | match sip SIP : Enabled Please verify on MX whether the following is configured: [ services … rule <rule-name> (term <term-name>) from/match application/application-set <name> ] where either a. name = junos-sip or an application or application-set refers to SIP: b. [ applications application <name> application-protocol sip ] or c. [ applications application-set <name> application junos-sip ] This issue affects Juniper Networks Junos OS on SRX Series and MX Series: 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3-S2; 21.2 versions prior to 21.2R2-S2; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. | 2022-07-20 | not yet calculated | CVE-2022-22204 CONFIRM |
| juniper_networks — junos_os |
An Improper Handling of Exceptional Conditions vulnerability on specific PTX Series devices, including the PTX1000, PTX3000 (NextGen), PTX5000, PTX10002-60C, PTX10008, and PTX10016 Series, in Juniper Networks Junos OS allows an unauthenticated MPLS-based attacker to cause a Denial of Service (DoS) by triggering the dcpfe process to crash and FPC to restart. On affected PTX Series devices, processing specific MPLS packets received on an interface with multiple units configured may cause FPC to restart unexpectedly. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects PTX Series devices utilizing specific FPCs found on PTX1000, PTX3000 (NextGen), PTX5000, PTX10002-60C, PTX10008, and PTX10016 Series devices, only if multiple units are configured on the ingress interface, and at least one unit has ‘family mpls’ *not* configured. See the configuration sample below for more information. No other platforms are affected by this vulnerability. This issue affects: Juniper Networks Junos OS on PTX Series: All versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S6; 19.4 versions prior to 19.4R3-S8; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S2; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R2. | 2022-07-20 | not yet calculated | CVE-2022-22202 CONFIRM |
| juniper_networks — junos_os |
A Buffer Overflow vulnerability in the PFE of Juniper Networks Junos OS on SRX series allows an unauthenticated network based attacker to cause a Denial of Service (DoS). The PFE will crash when specific traffic is scanned by Enhanced Web Filtering safe-search feature of UTM (Unified Threat management). Continued receipt of this specific traffic will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS: 20.2 versions prior to 20.2R3-S4 on SRX Series; 20.3 versions prior to 20.3R3-S3 on SRX Series; 20.4 versions prior to 20.4R3-S3 on SRX Series; 21.1 versions prior to 21.1R3-S1 on SRX Series; 21.2 versions prior to 21.2R2-S2, 21.2R3 on SRX Series; 21.3 versions prior to 21.3R2 on SRX Series; 21.4 versions prior to 21.4R2 on SRX Series. This issue does not affect Juniper Networks Junos OS versions prior to 20.2R1. | 2022-07-20 | not yet calculated | CVE-2022-22206 CONFIRM |
| juniper_networks — junos_os |
A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a Denial of Service (DoS). On all Junos platforms, the Kernel Routing Table (KRT) queue can get stuck due to a memory leak triggered by interface flaps or route churn leading to RIB and PFEs getting out of sync. The memory leak causes RTNEXTHOP/route and next-hop memory pressure issue and the KRT queue will eventually get stuck with the error- ‘ENOMEM — Cannot allocate memory’. The out-of-sync state between RIB and FIB can be seen with the “show route” and “show route forwarding-table” command. This issue will lead to failures for adding new routes. The KRT queue status can be checked using the CLI command “show krt queue”: user@host > show krt state High-priority add queue: 1 queued ADD nhtype Router index 0 (31212) error ‘ENOMEM — Cannot allocate memory’ kqp ‘0x8ad5e40’ The following messages will be observed in /var/log/messages, which indicate high memory for routes/nexthops: host rpd[16279]: RPD_RT_HWM_NOTICE: New RIB highwatermark for routes: 266 [2022-03-04 05:06:07] host rpd[16279]: RPD_KRT_Q_RETRIES: nexthop ADD: Cannot allocate memory host rpd[16279]: RPD_KRT_Q_RETRIES: nexthop ADD: Cannot allocate memory host kernel: rts_veto_net_delayed_unref_limit: Route/nexthop memory is severe pressure. User Application to perform recovery actions. O p 8 err 12, rtsm_id 0:-1, msg type 10, veto simulation: 0. host kernel: rts_veto_net_delayed_unref_limit: Memory usage of M_RTNEXTHOP type = (806321208) Max size possible for M_RTNEXTHOP type = (689432176) Current delayed unref = (0), Max delayed unref on this platform = (120000) Current delayed weight unref = (0) Max delayed weight unref on this platform = (400000) curproc = rpd. This issue affects: Juniper Networks Junos OS 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2-S1, 21.3R3; 21.4 versions prior to 21.4R1-S2, 21.4R2; This issue does not affect Juniper Networks Junos OS versions prior to 21.2R1. | 2022-07-20 | not yet calculated | CVE-2022-22209 CONFIRM |
| juniper_networks — junos_os |
A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX5000 Series and MX Series allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). On QFX5K Series and MX Series, when the PFE receives a specific VxLAN packet the Layer 2 Address Learning Manager (L2ALM) process will crash leading to an FPC reboot. Continued receipt of this specific packet will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on QFX5000 Series, MX Series: 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.2 versions prior to 21.2R2-S1. This issue does not affect Juniper Networks Junos OS: All versions prior to 20.3R1; 21.1 version 21.1R1 and later versions. | 2022-07-20 | not yet calculated | CVE-2022-22210 CONFIRM |
| juniper_networks — junos_os |
A Missing Release of Memory after Effective Lifetime vulnerability in the Application Quality of Experience (appqoe) subsystem of the PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated network based attacker to cause a Denial of Service (DoS). Upon receiving specific traffic a memory leak will occur. Sustained processing of such specific traffic will eventually lead to an out of memory condition that prevents all services from continuing to function, and requires a manual restart to recover. A device is only vulnerable when advance(d) policy based routing (APBR) is configured and AppQoE (sla rule) is not configured for these APBR rules. This issue affects Juniper Networks Junos OS on SRX Series: 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2-S1, 21.2R3; 21.3 versions prior to 21.3R1-S2, 21.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.3R1. | 2022-07-20 | not yet calculated | CVE-2022-22205 CONFIRM |
| juniper_networks — junos_os |
An Incorrect Comparison vulnerability in PFE of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS). On QFX5000 Series, and EX4600 and EX4650 platforms, the fxpc process will crash followed by the FPC reboot upon receipt of a specific hostbound packet. Continued receipt of these specific packets will create a sustained Denial of Service (DoS) condition. This issue only affects Juniper Networks Junos OS 19.4 version 19.4R3-S4. | 2022-07-20 | not yet calculated | CVE-2022-22203 CONFIRM |
| juniper_networks — junos_os_evolved |
An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows unauthenticated network based attacker to cause a Denial of Service (DoS). On all Junos Evolved platforms hostbound protocols will be impacted by a high rate of specific hostbound traffic from ports on a PFE. Continued receipt of this amount of traffic will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS Evolved: 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 21.2R1. | 2022-07-20 | not yet calculated | CVE-2022-22212 CONFIRM |
| juniper_networks — junos_os |
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the PFE of Juniper Networks Junos OS on PTX Series and QFX10k Series allows an adjacent unauthenticated attacker to gain access to sensitive information. PTX1000 and PTX10000 Series, and QFX10000 Series and PTX5000 Series devices sometimes do not reliably pad Ethernet packets, and thus some packets can contain fragments of system memory or data from previous packets. This issue is also known as ‘Etherleak’ and often detected as CVE-2003-0001. This issue affects: Juniper Networks Junos OS on PTX1000 and PTX10000 Series: All versions prior to 18.4R3-S11; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R2-S5, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2. Juniper Networks Junos OS on QFX10000 Series and PTX5000 Series: All versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R2-S6, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2. | 2022-07-20 | not yet calculated | CVE-2022-22216 CONFIRM |
| juniper_networks — junos_os |
An Improper Neutralization of Special Elements vulnerability in the download manager of Juniper Networks Junos OS on SRX Series and EX Series allows a locally authenticated attacker with low privileges to take full control over the device. One aspect of this vulnerability is that the attacker needs to be able to execute any of the “request …” or “show system download …” commands. This issue affects Juniper Networks Junos OS on SRX Series and EX Series: All versions prior to 19.2R1-S9, 19.2R3-S5; 19.3 versions prior to 19.3R3-S6; 19.4 versions prior to 19.4R3-S8; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2, 20.4R3-S3; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R2-S2, 21.2R3; 21.3 versions prior to 21.3R2, 21.3R3; 21.4 versions prior to 21.4R1-S1, 21.4R2. | 2022-07-20 | not yet calculated | CVE-2022-22221 CONFIRM |
| juniper_networks — junos_os |
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS). The issue is caused by malformed MLD packets looping on a multi-homed Ethernet Segment Identifier (ESI) when VXLAN is configured. These MLD packets received on a multi-homed ESI are sent to the peer, and then incorrectly forwarded out the same ESI, violating the split horizon rule. This issue only affects QFX10K Series switches, including the QFX10002, QFX10008, and QFX10016. Other products and platforms are unaffected by this vulnerability. This issue affects Juniper Networks Junos OS on QFX10K Series: All versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R1-S9, 19.2R3-S5; 19.3 versions prior to 19.3R3-S6; 19.4 versions prior to 19.4R2-S7, 19.4R3-S8; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2-S1, 21.2R3; 21.3 versions prior to 21.3R2. | 2022-07-20 | not yet calculated | CVE-2022-22217 CONFIRM |
| juniper_networks — multiple_products |
A Missing Release of File Descriptor or Handle after Effective Lifetime vulnerability in plugable authentication module (PAM) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). It is possible that after the termination of a gRPC connection the respective/var/run/<pid>.env file is not getting deleted which if occurring repeatedly can cause inode exhaustion. Inode exhaustion can present itself in two different ways: 1. The following log message can be observed: host kernel: pid <pid> (<process>), uid <uid> inumber <number> on /.mount/var: out of inodes which by itself is a clear indication. 2. The following log message can be observed: host <process>[<pid>]: … : No space left on device which is not deterministic and just a representation of a write error which could have several reasons. So the following check needs to be done: user@host> show system storage no-forwarding Filesystem Size Used Avail Capacity Mounted on /dev/ada1p1 475M 300M 137M 69% /.mount/var which indicates that the write error is not actually due to a lack of disk space. If either 1. or 2. has been confirmed, then the output of: user@host> file list /var/run/*.env | count need to be checked and if it indicates a high (>10000) number of files the system has been affected by this issue. This issue affects: Juniper Networks Junos OS All versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S6, 19.4R3-S7; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-EVO; 21.1 versions prior to 21.1R3-S1-EVO; 21.2 versions prior to 21.2R1-S1-EVO, 21.2R2-EVO. | 2022-07-20 | not yet calculated | CVE-2022-22215 CONFIRM |
| juniper_networks — multiple_products |
A vulnerability in Handling of Undefined Values in the routing protocol daemon (RPD) process of Juniper Networks Junos OS and Junos OS Evolved may allow an unauthenticated network-based attacker to crash the RPD process by sending a specific BGP update while the system is under heavy load, leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Malicious exploitation of this issue requires a very specific combination of load, timing, and configuration of the vulnerable system which is beyond the direct control of the attacker. Internal reproduction has only been possible through artificially created load and specially instrumented source code. Systems are only vulnerable to this issue if BGP multipath is enabled. Routers not configured for BGP multipath are not vulnerable to this issue. This issue affects: Juniper Networks Junos OS: 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R2-S2, 21.2R3; 21.3 versions prior to 21.3R2, 21.3R3; 21.4 versions prior to 21.4R1-S1, 21.4R2. Juniper Networks Junos OS Evolved: 21.1 versions prior to 21.1R3-S1-EVO; 21.2 version 21.2R1-EVO and later versions; 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R1-S1-EVO, 21.4R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 21.1. Juniper Networks Junos OS Evolved versions prior to 21.1-EVO. | 2022-07-20 | not yet calculated | CVE-2022-22213 CONFIRM |
| juniper_networks — multiple_products |
An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent attacker to cause a PFE crash and thereby a Denial of Service (DoS). An FPC will crash and reboot after receiving a specific transit IPv6 packet over MPLS. Continued receipt of this packet will create a sustained Denial of Service (DoS) condition. This issue does not affect systems configured for IPv4 only. This issue affects: Juniper Networks Junos OS All versions prior to 12.3R12-S21; 15.1 versions prior to 15.1R7-S10; 17.3 versions prior to 17.3R3-S12; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S7, 19.3R3-S4; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-S1-EVO, 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO. | 2022-07-20 | not yet calculated | CVE-2022-22214 CONFIRM |
| kentico — kentico | In Kentico before 13.0.66, attackers can achieve Denial of Service via a crafted request to the GetResource handler. | 2022-07-18 | not yet calculated | CVE-2022-32387 MISC |
| lemonldap-ng — lemonldap-ng |
In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. | 2022-07-18 | not yet calculated | CVE-2020-16093 MISC MISC |
| lemonldap-ng — lemonldap-ng |
An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. When using the RESTServer plug-in to operate a REST password validation service (for another LemonLDAP::NG instance, for example) and using the Kerberos authentication method combined with another method with the Combination authentication plug-in, any password will be recognized as valid for an existing user. | 2022-07-18 | not yet calculated | CVE-2021-40874 MISC |
| library_management_system — library_management_system |
A vulnerability has been found in SourceCodester Library Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file lab.php. The manipulation of the argument Section with the input 1′ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x71716b7171,0x546e4444736b7743575a666d4873746a6450616261527a67627944426946507245664143694c6a4c,0x7162706b71),NULL,NULL,NULL,NULL# leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-07-20 | not yet calculated | CVE-2022-2491 MISC MISC |
| library_management_system — library_management_system |
A vulnerability was found in SourceCodester Library Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /index.php. The manipulation of the argument RollNo with the input admin’ AND (SELECT 2625 FROM (SELECT(SLEEP(5)))MdIL) AND ‘KXmq’=’KXmq&Password=1231312312 leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-07-20 | not yet calculated | CVE-2022-2492 MISC MISC |
| libtirpc — libtirpc |
In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections. | 2022-07-20 | not yet calculated | CVE-2021-46828 MISC |
| lin-cms-spring-boot — lin-cms-spring-boot |
An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the application. | 2022-07-21 | not yet calculated | CVE-2022-32430 MISC MISC |
| linux — linux-kernel |
io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859 | 2022-07-22 | not yet calculated | CVE-2022-2327 CONFIRM CONFIRM |
| linux — linux_kernel | When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds. | 2022-07-18 | not yet calculated | CVE-2021-33655 MISC MLIST |
| linux — linux_kernel |
A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault. | 2022-07-21 | not yet calculated | CVE-2020-36558 MISC MISC |
| linux — linux_kernel |
A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free. | 2022-07-21 | not yet calculated | CVE-2020-36557 MISC MISC |
| linux — linux_kernel |
When setting font with malicious data by ioctl cmd PIO_FONT, kernel will write memory out of bounds. | 2022-07-18 | not yet calculated | CVE-2021-33656 MISC MISC MLIST |
| micodus — micodus_mv720_gps_tracker |
SMS-based GPS commands can be executed by MiCODUS MV720 GPS tracker without authentication. | 2022-07-20 | not yet calculated | CVE-2022-2141 CONFIRM |
| micodus — micodus_mv720_gps_tracker_api_server |
The MiCODUS MV720 GPS tracker API server has an authentication mechanism that allows devices to use a hard-coded master password. This may allow an attacker to send SMS commands directly to the GPS tracker as if they were coming from the GPS owner’s mobile number. | 2022-07-20 | not yet calculated | CVE-2022-2107 CONFIRM |
| micodus — micodus_mv720_gps_tracker_web_server |
The main MiCODUS MV720 GPS tracker web server has an authenticated insecure direct object references vulnerability on endpoint and POST parameter “Device ID,” which accepts arbitrary device IDs. | 2022-07-20 | not yet calculated | CVE-2022-33944 CONFIRM |
| micodus — micodus_mv720_gps_tracker_web_server |
The main MiCODUS MV720 GPS tracker web server has a reflected cross-site scripting vulnerability that could allow an attacker to gain control by tricking a user into making a request. | 2022-07-20 | not yet calculated | CVE-2022-2199 CONFIRM |
| micodus — micodus_mv720_gps_tracker_web_server |
The main MiCODUS MV720 GPS tracker web server has an authenticated insecure direct object reference vulnerability on endpoint and parameter device IDs, which accept arbitrary device IDs without further verification. | 2022-07-20 | not yet calculated | CVE-2022-34150 CONFIRM |
| microweber — microweber/microweber |
Cross-site Scripting (XSS) – Stored in GitHub repository microweber/microweber prior to 1.2.21. | 2022-07-22 | not yet calculated | CVE-2022-2495 CONFIRM MISC |
| microweber — microweber/microweber |
Cross-site Scripting (XSS) – Reflected in GitHub repository microweber/microweber prior to 1.2.21. | 2022-07-22 | not yet calculated | CVE-2022-2470 CONFIRM MISC |
| mitsubishi_electric — iconics_genesis64 | Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes. | 2022-07-20 | not yet calculated | CVE-2022-33320 MISC MISC |
| mitsubishi_electric — iconics_genesis64 |
Inclusion of Functionality from Untrusted Control Sphere vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious script codes. | 2022-07-20 | not yet calculated | CVE-2022-33317 MISC MISC |
| mitsubishi_electric — iconics_genesis64 |
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in ICONICS GENESIS64 versions 10.97 to 10.97.1 allows a remote unauthenticated attacker to access to arbitrary files in the GENESIS64 server and disclose information stored in the files by embedding a malicious URL parameter in the URL of the monitoring screen delivered to the GENESIS64 mobile monitoring application and accessing the monitoring screen. | 2022-07-20 | not yet calculated | CVE-2022-29834 MISC MISC |
| mitsubishi_electric — iconics_genesis64 |
Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious XAML codes. | 2022-07-20 | not yet calculated | CVE-2022-33316 MISC MISC |
| mitsubishi_electric — iconics_genesis64 |
Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows a remote unauthenticated attacker to execute an arbitrary malicious code by sending specially crafted packets to the GENESIS64 server. | 2022-07-20 | not yet calculated | CVE-2022-33318 MISC MISC |
| mitsubishi_electric — iconics_genesis64 |
Out-of-bounds Read vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows a remote unauthenticated attacker to disclose information on memory or cause a Denial of Service (DoS) condition by sending specially crafted packets to the GENESIS64 server. | 2022-07-20 | not yet calculated | CVE-2022-33319 MISC MISC |
| mitsubishi_electric — iconics_genesis64 |
Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious XAML codes. | 2022-07-20 | not yet calculated | CVE-2022-33315 MISC MISC |
| monitoringsoft — softguard_web | The export function in SoftGuard Web (SGW) before 5.1.5 allows directory traversal to read an arbitrary local file via export or man.tcl. | 2022-07-17 | not yet calculated | CVE-2022-31202 MISC |
| monitoringsoft — softguard_web | SoftGuard Web (SGW) before 5.1.5 allows HTML injection. | 2022-07-17 | not yet calculated | CVE-2022-31201 MISC |
| montala resourcespace |
In Montala ResourceSpace through 9.8 before r19636, csv_export_results_metadata.php allows attackers to export collection metadata via a non-NULL k value. | 2022-07-17 | not yet calculated | CVE-2022-31260 MISC MISC |
| nexans — ftto_gigaswitch |
libnx_apl.so on Nexans FTTO GigaSwitch before 6.02N and 7.x before 7.02 implements a Backdoor Account for SSH logins on port 50200 or 50201. | 2022-07-17 | not yet calculated | CVE-2022-32985 MISC MISC |
| nginx — njs | Nginx NJS v0.7.4 was discovered to contain a segmentation violation via njs_value_property at njs_value.c. | 2022-07-18 | not yet calculated | CVE-2022-34027 MISC |
| nginx — njs |
Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h. | 2022-07-18 | not yet calculated | CVE-2022-34029 MISC |
| nginx — njs |
Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_value_to_number at src/njs_value_conversion.h. | 2022-07-18 | not yet calculated | CVE-2022-34031 MISC |
| nginx — njs |
Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_djb_hash at src/njs_djb_hash.c. | 2022-07-18 | not yet calculated | CVE-2022-34030 MISC |
| nginx — njs |
Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_utf8_next at src/njs_utf8.h. | 2022-07-18 | not yet calculated | CVE-2022-34028 MISC |
| nginx — njs |
Nginx NJS v0.7.5 was discovered to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.c. | 2022-07-18 | not yet calculated | CVE-2022-34032 MISC |
| node.js — node.js |
Authorization headers are cleared on cross-origin redirect. However, cookie headers which are sensitive headers and are official headers found in the spec, remain uncleared. There are active users using cookie headers in undici. This may lead to accidental leakage of cookie to a 3rd-party site or a malicious attacker who can control the redirection target (ie. an open redirector) to leak the cookie to the 3rd party site. This was patched in v5.7.1. By default, this vulnerability is not exploitable. Do not enable redirections, i.e. `maxRedirections: 0` (the default). | 2022-07-21 | not yet calculated | CVE-2022-31151 CONFIRM MISC MISC |
| node.js — node.js |
undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate `rn` is a workaround for this issue. | 2022-07-19 | not yet calculated | CVE-2022-31150 CONFIRM MISC MISC |
| octobot — octobot | WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled. | 2022-07-16 | not yet calculated | CVE-2021-36711 MISC MISC MISC MISC MISC MISC |
| octopus — deploy | In affected versions of Octopus Deploy, there is no logging of changes to artifacts within Octopus Deploy. | 2022-07-19 | not yet calculated | CVE-2022-30532 MISC |
| octopus — server | In affected versions of Octopus Server an Insecure Direct Object Reference vulnerability exists where it is possible for a user to download Project Exports from a Project they do not have permissions to access. This vulnerability only impacts projects within the same Space. | 2022-07-15 | not yet calculated | CVE-2022-1881 MISC |
| octopus — server | In affected versions of Octopus Server the help sidebar can be customized to include a Cross-Site Scripting payload in the support link. | 2022-07-15 | not yet calculated | CVE-2022-29890 MISC |
| oda — open_design_alliance_drawings_sdk | An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. An Out-of-Bounds Read vulnerability exists when reading DWG files in a recovery mode. An attacker can leverage this vulnerability to execute code in the context of the current process. | 2022-07-17 | not yet calculated | CVE-2022-28808 MISC |
| oda — open_design_alliance_drawings_sdk |
An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. An Out-of-Bounds Read vulnerability exists when reading a DWG file with an invalid vertex number in a recovery mode. An attacker can leverage this vulnerability to execute code in the context of the current process. | 2022-07-17 | not yet calculated | CVE-2022-28809 MISC |
| oda — open_design_alliance_drawings_sdk |
An issue was discovered in Open Design Alliance Drawings SDK before 2023.2. An Out-of-Bounds Read vulnerability exists when rendering a .dwg file after it’s opened in the recovery mode. An attacker can leverage this vulnerability to execute code in the context of the current process. | 2022-07-17 | not yet calculated | CVE-2022-28807 MISC |
| openemr — openemr/openemr |
Data Access from Outside Expected Data Manager Component in GitHub repository openemr/openemr prior to 7.0.0. | 2022-07-22 | not yet calculated | CVE-2022-2493 MISC CONFIRM |
| openemr — openemr/openemr |
Cross-site Scripting (XSS) – Stored in GitHub repository openemr/openemr prior to 7.0.0. | 2022-07-22 | not yet calculated | CVE-2022-2494 CONFIRM MISC |
| openzeppelin — openzeppelin-contracts | OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Version 0.2.0 is vulnerable to an error that renders account contracts unusable on live networks. This issue affects all accounts (vanilla and ethereum flavors) in the v0.2.0 release of OpenZeppelin Contracts for Cairo, which are not whitelisted on StarkNet mainnet. Only goerli deployments of v0.2.0 accounts are affected. This faulty behavior is not observed in StarkNet’s testing framework. This bug has been patched in v0.2.1. | 2022-07-15 | not yet calculated | CVE-2022-31153 MISC MISC MISC CONFIRM MISC MISC |
| openzeppelin — openzeppelin-contracts |
OpenZeppelin Contracts is a library for smart contract development. Versions 4.1.0 until 4.7.1 are vulnerable to the SignatureChecker reverting. `SignatureChecker.isValidSignatureNow` is not expected to revert. However, an incorrect assumption about Solidity 0.8’s `abi.decode` allows some cases to revert, given a target contract that doesn’t implement EIP-1271 as expected. The contracts that may be affected are those that use `SignatureChecker` to check the validity of a signature and handle invalid signatures in a way other than reverting. The issue was patched in version 4.7.1. | 2022-07-22 | not yet calculated | CVE-2022-31172 CONFIRM MISC |
| openzeppelin — openzeppelin-contracts |
OpenZeppelin Contracts is a library for smart contract development. Versions 4.0.0 until 4.7.1 are vulnerable to ERC165Checker reverting instead of returning `false`. `ERC165Checker.supportsInterface` is designed to always successfully return a boolean, and under no circumstance revert. However, an incorrect assumption about Solidity 0.8’s `abi.decode` allows some cases to revert, given a target contract that doesn’t implement EIP-165 as expected, specifically if it returns a value other than 0 or 1. The contracts that may be affected are those that use `ERC165Checker` to check for support for an interface and then handle the lack of support in a way other than reverting. The issue was patched in version 4.7.1. | 2022-07-22 | not yet calculated | CVE-2022-31170 CONFIRM MISC |
| oracle — bi_publisher | Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle BI Publisher accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21523 MISC |
| oracle — communications_billing_and_revenue_management | Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Billing Care). Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. Successful attacks of this vulnerability can result in takeover of Oracle Communications Billing and Revenue Management. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21429 MISC |
| oracle — database | Vulnerability in the Oracle Database – Enterprise Edition RDBMS Security component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having DBA role privilege with network access via Oracle Net to compromise Oracle Database – Enterprise Edition RDBMS Security. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Database – Enterprise Edition RDBMS Security. CVSS 3.1 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21432 MISC |
| oracle — enterprise_manager_base_platform | Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Manager Install). Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data as well as unauthorized read access to a subset of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21516 MISC |
| oracle — enterprise_manager_base_platform | Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Policy Framework). Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in takeover of Enterprise Manager Base Platform. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21536 MISC |
| oracle — essbase | Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.3. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Essbase executes to compromise Oracle Essbase. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Essbase accessible data as well as unauthorized access to critical data or complete access to all Oracle Essbase accessible data. CVSS 3.1 Base Score 5.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21508 MISC |
| oracle — flexcube_universal_banking | Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized access to critical data or complete access to all Oracle FLEXCUBE Universal Banking accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Universal Banking. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21428 MISC |
| oracle — health_sciences_data_management_workbench | Vulnerability in the Oracle Health Sciences Data Management Workbench product of Oracle Health Sciences Applications (component: User Interface). Supported versions that are affected are 2.4.8.7 and 2.5.2.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Health Sciences Data Management Workbench. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Health Sciences Data Management Workbench accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21518 MISC |
| oracle — jd_edwards_enterpriseone_orchestrator | Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards (component: E1 IOT Orchestrator). Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Orchestrator. Successful attacks of this vulnerability can result in unauthorized read access to a subset of JD Edwards EnterpriseOne Orchestrator accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21532 MISC |
| oracle — jd_edwards_enterpriseone_tools | Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime). Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. While the vulnerability is in JD Edwards EnterpriseOne Tools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of JD Edwards EnterpriseOne Tools accessible data as well as unauthorized read access to a subset of JD Edwards EnterpriseOne Tools accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 7.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21542 MISC |
| oracle — jre | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21540 MISC DEBIAN |
| oracle — jre | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21541 MISC DEBIAN |
| oracle — mysql_cluster | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Cluster. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21519 MISC |
| oracle — mysql_server | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21528 MISC |
| oracle — mysql_server | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21526 MISC |
| oracle — mysql_server | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21517 MISC |
| oracle — mysql_server | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21530 MISC |
| oracle — mysql_server | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21534 MISC |
| oracle — mysql_server | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21529 MISC |
| oracle — mysql_server | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21525 MISC |
| oracle — mysql_server | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21527 MISC |
| oracle — mysql_server | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21509 MISC |
| oracle — mysql_server | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21531 MISC |
| oracle — mysql_server | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21522 MISC |
| oracle — mysql_server | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PAM Auth Plugin). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data. CVSS 3.1 Base Score 4.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21455 MISC |
| oracle — mysql_server | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21537 MISC |
| oracle — mysql_server | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 5.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21539 MISC |
| oracle — mysql_server | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 5.7.38 and prior and 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21515 MISC |
| oracle — mysql_server | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21538 MISC |
| oracle — mysql_shell | Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: General/Core Client). Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Shell. CVSS 3.1 Base Score 2.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21535 MISC |
| oracle — oracle_commerce |
Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Commerce Platform executes to compromise Oracle Commerce Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Commerce Platform accessible data. CVSS 3.1 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21559 MISC |
| oracle — oracle_communications_applications |
Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager). Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Communications Billing and Revenue Management. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21574 MISC |
| oracle — oracle_communications_applications |
Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Billing Care). Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Communications Billing and Revenue Management, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Communications Billing and Revenue Management accessible data as well as unauthorized read access to a subset of Oracle Communications Billing and Revenue Management accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21572 MISC |
| oracle — oracle_communications_applications |
Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Billing Care). Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Communications Billing and Revenue Management. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21573 MISC |
| oracle — oracle_construction_and_engineering |
Vulnerability in the Oracle Crystal Ball product of Oracle Construction and Engineering (component: Installation). Supported versions that are affected are 11.1.2.0.000-11.1.2.4.900. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Crystal Ball executes to compromise Oracle Crystal Ball. While the vulnerability is in Oracle Crystal Ball, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle Crystal Ball. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21558 MISC MISC |
| oracle — oracle_database_server |
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java VM accessible data. CVSS 3.1 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21565 MISC |
| oracle — oracle_database_server |
Vulnerability in the Oracle Database – Enterprise Edition Recovery component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows high privileged attacker having EXECUTE ON DBMS_IR.EXECUTESQLSCRIPT privilege with network access via Oracle Net to compromise Oracle Database – Enterprise Edition Recovery. Successful attacks of this vulnerability can result in takeover of Oracle Database – Enterprise Edition Recovery. Note: None of the supported versions are affected. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21511 MISC |
| oracle — oracle_database_server |
Vulnerability in the Oracle Database – Enterprise Edition Sharding component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Oracle Database – Enterprise Edition Sharding executes to compromise Oracle Database – Enterprise Edition Sharding. While the vulnerability is in Oracle Database – Enterprise Edition Sharding, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle Database – Enterprise Edition Sharding. Note: None of the supported versions are affected. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21510 MISC |
| oracle — oracle_e-business_suite |
Vulnerability in the Oracle iRecruitment product of Oracle E-Business Suite (component: Candidate Self Service Registration). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iRecruitment. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle iRecruitment accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21545 MISC |
| oracle — oracle_e-business_suite |
Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Worklist). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Workflow. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Workflow accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21567 MISC |
| oracle — oracle_e-business_suite |
Vulnerability in the Oracle iReceivables product of Oracle E-Business Suite (component: Access Request). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iReceivables. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iReceivables accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21568 MISC |
| oracle — oracle_e-business_suite |
Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Diagnostics). Supported versions that are affected are 12.2.9-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Applications Framework accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21566 MISC |
| oracle — oracle_financial_services_applications | Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized access to critical data or complete access to all Oracle FLEXCUBE Universal Banking accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21577 MISC |
| oracle — oracle_financial_services_applications | Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized access to critical data or complete access to all Oracle FLEXCUBE Universal Banking accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21579 MISC |
| oracle — oracle_financial_services_applications |
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle FLEXCUBE Universal Banking. CVSS 3.1 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21544 MISC |
| oracle — oracle_financial_services_applications |
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Banking Trade Finance. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21585 MISC |
| oracle — oracle_financial_services_applications |
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21584 MISC |
| oracle — oracle_financial_services_applications |
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.3, 12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized update, insert or delete access to some of Oracle FLEXCUBE Universal Banking accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Universal Banking. CVSS 3.1 Base Score 6.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21576 MISC |
| oracle — oracle_financial_services_applications |
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized access to critical data or complete access to all Oracle FLEXCUBE Universal Banking accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Universal Banking. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21578 MISC |
| oracle — oracle_financial_services_applications |
Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 2.9.0.0.0, 2.9.0.1.0, 3.0.0.0.0-3.2.0.0.0 and 4.0.0.0.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Revenue Management and Billing. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Financial Services Revenue Management and Billing accessible data as well as unauthorized update, insert or delete access to some of Oracle Financial Services Revenue Management and Billing accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Financial Services Revenue Management and Billing. CVSS 3.1 Base Score 5.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21580 MISC |
| oracle — oracle_financial_services_applications |
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized read access to a subset of Oracle Banking Trade Finance accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Banking Trade Finance. CVSS 3.1 Base Score 5.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21581 MISC |
| oracle — oracle_financial_services_applications |
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21586 MISC |
| oracle — oracle_financial_services_applications |
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Banking Trade Finance. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21582 MISC |
| oracle — oracle_financial_services_applications |
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data as well as unauthorized update, insert or delete access to some of Oracle Banking Trade Finance accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Banking Trade Finance. CVSS 3.1 Base Score 6.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21583 MISC |
| oracle — oracle_fusion_middleware |
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21564 MISC |
| oracle — oracle_fusion_middleware |
Vulnerability in the Oracle SOA Suite product of Oracle Fusion Middleware (component: Fabric Layer). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SOA Suite. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle SOA Suite accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21562 MISC |
| oracle — oracle_fusion_middleware |
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle WebLogic Server executes to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebLogic Server accessible data as well as unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 5.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21557 MISC |
| oracle — oracle_fusion_middleware |
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21560 MISC |
| oracle — oracle_fusion_middleware |
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 3.7.1.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle Coherence. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Coherence. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21570 MISC |
| oracle — oracle_fusion_middleware |
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. CVSS 3.1 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21548 MISC |
| oracle — oracle_fusion_middleware |
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Search). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. While the vulnerability is in Oracle WebCenter Content, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebCenter Content accessible data as well as unauthorized read access to a subset of Oracle WebCenter Content accessible data. CVSS 3.1 Base Score 7.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21552 MISC |
| oracle — oracle_fusion_middleware |
Vulnerability in the Oracle WebCenter Sites Support Tools product of Oracle Fusion Middleware (component: User Interface). The supported version that is affected is Prior to 4.4.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebCenter Sites Support Tools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Sites Support Tools accessible data as well as unauthorized update, insert or delete access to some of Oracle WebCenter Sites Support Tools accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebCenter Sites Support Tools. CVSS 3.1 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21575 MISC |
| oracle — oracle_goldengate |
Vulnerability in Oracle GoldenGate (component: Oracle GoldenGate). The supported version that is affected is 21c: prior to 21.7.0.0.0; 19c: prior to 19.1.0.0.220719. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle GoldenGate. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle GoldenGate. CVSS 3.1 Base Score 6.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21551 MISC |
| oracle — oracle_java_se |
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle GraalVM Enterprise Edition: 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21549 MISC |
| oracle — oracle_jd_edwards |
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime). Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all JD Edwards EnterpriseOne Tools accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21561 MISC |
| oracle — oracle_mysql |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21553 MISC |
| oracle — oracle_mysql |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21556 MISC |
| oracle — oracle_mysql |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Federated). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21547 MISC |
| oracle — oracle_mysql |
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.36 and prior, 7.5.26 and prior, 7.6.22 and prior and and 8.0.29 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21550 MISC |
| oracle — oracle_mysql |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21569 MISC |
| oracle — oracle_systems |
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ZFS Storage Appliance Kit executes to compromise Oracle ZFS Storage Appliance Kit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle ZFS Storage Appliance Kit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle ZFS Storage Appliance Kit. CVSS 3.1 Base Score 3.4 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L). | 2022-07-19 | not yet calculated | CVE-2022-21563 MISC |
| oracle — oracle_virtualization |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.36. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21571 MISC |
| oracle — oracle_virtualization |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.36. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21554 MISC |
| oracle — peoplesoft_enterprise_peopletools | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Fluid Core). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21520 MISC |
| oracle — peoplesoft_enterprise_peopletools | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: XML Publisher). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21521 MISC |
| oracle — peoplesoft_enterprise_peopletools | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Integration Broker). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where PeopleSoft Enterprise PeopleTools executes to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 4.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21512 MISC |
| oracle — peoplesoft_enterprise_peopletools | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Mgmt). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21543 MISC |
| oracle — solaris | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 4.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21439 MISC |
| oracle — solaris | Vulnerability in the Oracle Solaris product of Oracle Systems (component: SMB Server). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21533 MISC |
| oracle — solaris | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Remote Administration Daemon). The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21514 MISC |
| oracle — solaris | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with network access via SMB to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris as well as unauthorized update, insert or delete access to some of Oracle Solaris accessible data and unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.1 Base Score 7.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21524 MISC |
| oracle — zfs_storage_appliance_kit | Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ZFS Storage Appliance Kit executes to compromise Oracle ZFS Storage Appliance Kit. While the vulnerability is in Oracle ZFS Storage Appliance Kit, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle ZFS Storage Appliance Kit. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). | 2022-07-19 | not yet calculated | CVE-2022-21513 MISC |
| oracle — oracle_mysql |
Vulnerability in the MySQL Shell for VS Code product of Oracle MySQL (component: Shell: GUI). Supported versions that are affected are 1.1.8 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Shell for VS Code executes to compromise MySQL Shell for VS Code. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Shell for VS Code, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Shell for VS Code accessible data as well as unauthorized read access to a subset of MySQL Shell for VS Code accessible data. CVSS 3.1 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N). | 2022-07-19 | not yet calculated | CVE-2022-21555 MISC |
| packback — lti_1.3_tool_library | LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the function used to generate random nonces was not sufficiently cryptographically complex. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds. | 2022-07-15 | not yet calculated | CVE-2022-31157 CONFIRM |
| packback — lti_1.3_tool_library | LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the Nonce Claim Value was not being validated against the nonce value sent in the Authentication Request. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds. | 2022-07-15 | not yet calculated | CVE-2022-31158 CONFIRM |
| parallels — access |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Parallels service. By creating a symbolic link, an attacker can abuse the service to execute a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16134. | 2022-07-18 | not yet calculated | CVE-2022-34899 MISC MISC |
| parallels — access |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.3 (39313) Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Dispatcher service. The service loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-15213. | 2022-07-18 | not yet calculated | CVE-2022-34900 MISC MISC |
| parallels — access |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Parallels Service. The service executes files from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16137. | 2022-07-18 | not yet calculated | CVE-2022-34901 MISC MISC |
| parallels — access |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Desktop Control Agent service. The service loads Qt plugins from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-15787. | 2022-07-18 | not yet calculated | CVE-2022-34902 MISC MISC |
| parallels — parallels_desktop | This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.0 (49183). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Parallels Service. By creating a symbolic link, an attacker can abuse the service to execute a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-13932. | 2022-07-15 | not yet calculated | CVE-2021-34986 N/A N/A |
| parallels — parallels_desktop | This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.1 (49187). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the HDAudio virtual device. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-14969. | 2022-07-15 | not yet calculated | CVE-2021-34987 N/A N/A |
| parallels — parallels_desktop | This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 17.1.1 (51537). An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Parallels Tools component. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-16653. | 2022-07-18 | not yet calculated | CVE-2022-34890 MISC MISC |
| parallels — parallels_desktop
|
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the update machanism. The product sets incorrect permissions on sensitive files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16395. | 2022-07-18 | not yet calculated | CVE-2022-34891 MISC MISC |
| parallels — parallels_desktop |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the update machanism. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16396. | 2022-07-18 | not yet calculated | CVE-2022-34892 MISC MISC |
| parallels — parallels_desktop |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 17.1.1 (51537). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the ACPI virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-16554. | 2022-07-18 | not yet calculated | CVE-2022-34889 MISC MISC |
| pegasystems — pega_infinity |
If an on-premise installation of the Pega Platform is configured with the port for the JMX interface exposed to the Internet and port filtering is not properly configured, then it may be possible to upload serialized payloads to attack the underlying system. This does not affect systems running on PegaCloud due to its design and architecture. | 2022-07-19 | not yet calculated | CVE-2022-24082 MISC |
| pexip — pexip_infinity | Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719. | 2022-07-17 | not yet calculated | CVE-2022-32263 MISC |
| pexip — pexip_infinity_27 |
Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption and termination because of registrar resource mishandling. | 2022-07-17 | not yet calculated | CVE-2022-29286 MISC |
| poly — eagleeye_director_ii_firmware | An issue was discovered in Poly EagleEye Director II before 2.2.2.1. os.system command injection can be achieved by an admin. | 2022-07-17 | not yet calculated | CVE-2022-26482 MISC MISC MISC |
| poly — eagleeye_director_ii_firmware | An issue was discovered in Poly EagleEye Director II before 2.2.2.1. Existence of a certain file (which can be created via an rsync backdoor) causes all API calls to execute as admin without authentication. | 2022-07-17 | not yet calculated | CVE-2022-26479 MISC MISC MISC |
| poly — studio_x30_firmware | An issue was discovered in Poly Studio before 3.7.0. Command Injection can occur via the CN field of a Create Certificate Signing Request (CSR) action. | 2022-07-17 | not yet calculated | CVE-2022-26481 MISC MISC |
| prestashop — prestashop |
PrestaShop 1.6.0.10 through 1.7.x before 1.7.8.2 allows remote attackers to execute arbitrary code, aka a “previously unknown vulnerability chain” related to SQL injection, as exploited in the wild in July 2022. | 2022-07-22 | not yet calculated | CVE-2022-36408 MISC |
| puppet — bolt |
Puppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting in them potentially being logged when run programmatically, such as via Puppet Enterprise. | 2022-07-19 | not yet calculated | CVE-2022-2394 MISC |
| pypi — pypi
|
The eziod package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party. | 2022-07-22 | not yet calculated | CVE-2022-34982 MISC MISC MISC |
| pypi — pypi
|
The scu-captcha package in PyPI v0.0.1 to v0.0.4 included a code execution backdoor inserted by a third party. | 2022-07-22 | not yet calculated | CVE-2022-34983 MISC MISC MISC |
| pypi — pypi
|
The PyCrowdTangle package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party. | 2022-07-22 | not yet calculated | CVE-2022-34981 MISC MISC MISC |
| pypi — pypi |
The bin-collect package in PyPI before v0.1 included a code execution backdoor inserted by a third party. | 2022-07-22 | not yet calculated | CVE-2022-34500 MISC MISC MISC |
| pypi — pypi |
The bin-collection package in PyPI before v0.1 included a code execution backdoor inserted by a third party. | 2022-07-22 | not yet calculated | CVE-2022-34501 MISC MISC MISC |
| pypi — pypi |
The wikifaces package in PyPI v1.0 included a code execution backdoor inserted by a third party. | 2022-07-22 | not yet calculated | CVE-2022-34509 MISC MISC MISC |
| qpdf — qpdf |
QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | 2022-07-22 | not yet calculated | CVE-2022-34503 MISC |
| qvis — qvis_nvr_dvr |
In QVIS NVR DVR before 2021-12-13, an attacker can escalate privileges from a qvisdvr user to the root user by abusing a Sudo misconfiguration. | 2022-07-18 | not yet calculated | CVE-2021-44954 MISC MISC |
| qvis — qvis_nvr_dvr |
QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization. | 2022-07-18 | not yet calculated | CVE-2021-41419 MISC MISC MISC |
| radare — radare |
Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary file. | 2022-07-22 | not yet calculated | CVE-2022-34502 MISC |
| radare — radare |
Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service (DOS) via a crafted binary file. | 2022-07-22 | not yet calculated | CVE-2022-34520 MISC |
| redis — redis |
Redis is an in-memory database that persists on disk. A specially crafted `XAUTOCLAIM` command on a stream key in a specific state may result with heap overflow, and potentially remote code execution. This problem affects versions on the 7.x branch prior to 7.0.4. The patch is released in version 7.0.4. | 2022-07-19 | not yet calculated | CVE-2022-31144 MISC CONFIRM |
| reolink — e1_zoom_firmware | The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/ directory that is mapped to a publicly accessible path. In this way an attacker can download the entire NGINX/FastCGI configurations by querying the /conf/nginx.conf or /conf/fastcgi.conf URI. | 2022-07-17 | not yet calculated | CVE-2021-40150 MISC |
| reolink — reolink_e1_zoom_camera |
The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root web server directory. In this way an attacker can download the entire key via the /self.key URI. | 2022-07-17 | not yet calculated | CVE-2021-40149 MISC MISC MISC |
| risc-v — risc-v_isa_sim | The component mcontrol.action in RISCV ISA Sim commit ac466a21df442c59962589ba296c702631e041b5 contains the incorrect mask which can cause a Denial of Service (DoS). | 2022-07-18 | not yet calculated | CVE-2022-34642 MISC |
| risc-v — risc-v_isa_sim |
RISCV ISA Sim commit ac466a21df442c59962589ba296c702631e041b5 implements the incorrect exception priotrity when accessing memory. | 2022-07-18 | not yet calculated | CVE-2022-34643 MISC |
| roblox — roblox |
Tovy is a a staff management system for Roblox groups. A vulnerability in versions prior to 0.7.51 allows users to log in as other users, including privileged users such as the other of the instance. The problem has been patched in version 0.7.51. | 2022-07-22 | not yet calculated | CVE-2022-31164 MISC CONFIRM |
| roxy-wi — roxy-wi | Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for this issue. | 2022-07-15 | not yet calculated | CVE-2022-31161 CONFIRM MISC |
| ruby — ruby |
TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, as well as those prior to 1.2.10 when used with the Ruby data source tzinfo-data, are vulnerable to relative path traversal. With the Ruby data source, time zones are defined in Ruby files. There is one file per time zone. Time zone files are loaded with `require` on demand. In the affected versions, `TZInfo::Timezone.get` fails to validate time zone identifiers correctly, allowing a new line character within the identifier. With Ruby version 1.9.3 and later, `TZInfo::Timezone.get` can be made to load unintended files with `require`, executing them within the Ruby process. Versions 0.3.61 and 1.2.10 include fixes to correctly validate time zone identifiers. Versions 2.0.0 and later are not vulnerable. Version 0.3.61 can still load arbitrary files from the Ruby load path if their name follows the rules for a valid time zone identifier and the file has a prefix of `tzinfo/definition` within a directory in the load path. Applications should ensure that untrusted files are not placed in a directory on the load path. As a workaround, the time zone identifier can be validated before passing to `TZInfo::Timezone.get` by ensuring it matches the regular expression `A[A-Za-z0-9+-_]+(?:/[A-Za-z0-9+-_]+)*z`. | 2022-07-22 | not yet calculated | CVE-2022-31163 MISC CONFIRM MISC MISC |
| rust — rust |
Slack Morphism is an async client library for Rust. Prior to 0.41.0, it was possible for Slack OAuth client information to leak in application debug logs. Stricter and more secure debug formatting was introduced in v0.41.0 for OAuth secret types to reduce the possibility of printing sensitive information in application logs. As a workaround, do not print/output requests and responses for OAuth and client configurations in logs. | 2022-07-22 | not yet calculated | CVE-2022-31162 CONFIRM MISC |
| scooter — beyond_compare |
A DLL hijacking vulnerability exists in the uninstaller in Scooter Beyond Compare 1.8a through 4.4.2 before 4.4.3 when installed via the EXE installer. The uninstaller attempts to load DLLs out of a Windows Temp folder. If a standard user places malicious DLLs in the C:WindowsTemp folder, and then the uninstaller is run as SYSTEM, the DLLs will execute with elevated privileges. | 2022-07-23 | not yet calculated | CVE-2022-36415 MISC |
| scooter — beyond_compare |
There is an elevation of privilege breakout vulnerability in the Windows EXE installer in Scooter Beyond Compare 4.2.0 through 4.4.2 before 4.4.3. Affected versions allow a logged-in user to run applications with elevated privileges via the Clipboard Compare tray app after installation. | 2022-07-23 | not yet calculated | CVE-2022-36414 MISC |
| shanghai_feixun_data_communication_technology_co — ltd_router_fir302b_a2 |
Shanghai Feixun Data Communication Technology Co., Ltd router fir302b A2 was discovered to contain a remote command execution (RCE) vulnerability via the Ping function. | 2022-07-19 | not yet calculated | CVE-2022-27373 MISC |
| sick — flexi_soft_designer |
A deserialization vulnerability in a .NET framework class used and not properly checked by Flexi Soft Designer in all versions up to and including 1.9.4 SP1 allows an attacker to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary code with the privileges of the current user when opened or imported by the Flexi Soft Designer. This compromises confidentiality integrity and availability. For the attack to succeed a user must manually open a malicious project file. | 2022-07-19 | not yet calculated | CVE-2022-27579 MISC |
| sick — safety_designer |
A deserialization vulnerability in a .NET framework class used and not properly checked by Safety Designer all versions up to and including 1.11.0 allows an attacker to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary code with the privileges of the current user when opened or imported by the Safety Designer. This compromises confidentiality integrity and availability. For the attack to succeed a user must manually open a malicious project file. | 2022-07-19 | not yet calculated | CVE-2022-27580 MISC |
| sick_sensor_intelligence — sick_ftmg |
Unauthenticated users can access sensitive web URLs through GET request, which should be restricted to maintenance users only. A malicious attacker could use this sensitive information’s to launch further attacks on the system. | 2022-07-19 | not yet calculated | CVE-2021-32504 MISC |
| simple_e-learning_system — simple_e-learning_system |
A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1’||(SELECT 0x6770715a WHERE 8795=8795 AND (SELECT 8342 FROM(SELECT COUNT(*),CONCAT(0x7171786b71,(SELECT (ELT(8342=8342,1))),0x717a7a7671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a))||’ leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-07-20 | not yet calculated | CVE-2022-2489 MISC MISC |
| simple_e-learning_system — simple_e-learning_system |
A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument classCode with the input 1’||(SELECT 0x74666264 WHERE 5610=5610 AND (SELECT 7504 FROM(SELECT COUNT(*),CONCAT(0x7171627a71,(SELECT (ELT(7504=7504,1))),0x71717a7071,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a))||’ leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2022-07-20 | not yet calculated | CVE-2022-2490 MISC MISC |
| snyk — convert-svg-core |
The package convert-svg-core before 0.6.2 are vulnerable to Remote Code Injection via sending an SVG file containing the payload. | 2022-07-22 | not yet calculated | CVE-2022-25759 CONFIRM CONFIRM CONFIRM CONFIRM |
| squid — squid |
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses. | 2022-07-17 | not yet calculated | CVE-2021-46784 MISC CONFIRM MISC MISC MISC |
| supersmart — supersmart.me |
It was possible to download all receipts without authentication. Must first access the API https://XXXX.supersmart.me/services/v4/customer/signin to get a TOKEN. Then you can then access the API that provides invoice images based on the URL https://XXXX.supersmart.me/services/v4/invoiceImg?orderId=XXXXX | 2022-07-21 | not yet calculated | CVE-2022-30628 MISC |
| suse — tumbleweed |
A UNIX Symbolic Link (Symlink) Following vulnerability in keylime of openSUSE Tumbleweed allows local attackers to escalate from the keylime user to root. This issue affects: openSUSE Tumbleweed keylime versions prior to 6.4.2-1.1. | 2022-07-20 | not yet calculated | CVE-2022-31250 CONFIRM |
| teamplus_pro — teamplus_pro |
A remote attacker with general user privilege can send a message to Teamplus Pro’s chat group that exceeds message size limit, to terminate other recipients’ Teamplus Pro chat process. | 2022-07-20 | not yet calculated | CVE-2022-32958 CONFIRM |
| terser — terser | The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions. | 2022-07-15 | not yet calculated | CVE-2022-25858 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| tibco — tibco_data_virtualization_and_tibco_data_virtualization_for_aws_marketplace |
The Column Based Security component of TIBCO Software Inc.’s TIBCO Data Virtualization and TIBCO Data Virtualization for AWS Marketplace contains an easily exploitable vulnerability that allows a low privileged attacker with network access to obtain read access to application information on the affected system. Affected releases are TIBCO Software Inc.’s TIBCO Data Virtualization: versions 8.5.2 and below and TIBCO Data Virtualization for AWS Marketplace: versions 8.5.2 and below. | 2022-07-19 | not yet calculated | CVE-2022-30570 CONFIRM CONFIRM |
| tor — tor |
Tor 0.4.7.x before 0.4.7.8 allows a denial of service via the wedging of RTT estimation. | 2022-07-17 | not yet calculated | CVE-2022-33903 MISC MISC |
| unit4 — enterprise_resource_planning_software |
Unit4 ERP through 7.9 allows XXE via ExecuteServerProcessAsynchronously. | 2022-07-19 | not yet calculated | CVE-2022-34001 MISC |
| unit4_teta — unit4_teta_mobile_edition |
UNIT4 TETA Mobile Edition (ME) before 29.5.HF17 was discovered to contain a SQL injection vulnerability via the ProfileName parameter in the errorReporting page. | 2022-07-18 | not yet calculated | CVE-2022-27434 MISC MISC |
| vesta — vesta |
Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the post function at /web/api/v1/upload/UploadHandler.php. | 2022-07-19 | not yet calculated | CVE-2022-34025 MISC |
| vesta — vesta |
Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the generate_response function at /web/api/v1/upload/UploadHandler.php. | 2022-07-19 | not yet calculated | CVE-2022-36304 MISC |
| vesta — vesta |
Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the handle_file_upload function at /web/api/v1/upload/UploadHandler.php. | 2022-07-19 | not yet calculated | CVE-2022-36303 MISC |
| vesta — vesta |
Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the body function at /web/api/v1/upload/UploadHandler.php. | 2022-07-19 | not yet calculated | CVE-2022-36305 MISC |
| wavlink — multiple_products |
A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlist_sync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used. | 2022-07-20 | not yet calculated | CVE-2022-2488 MISC MISC |
| wavlink — multiple_products |
A vulnerability has been found in WAVLINK WN535K2 and WN535K3 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/nightled.cgi. The manipulation of the argument start_hour leads to os command injection. The exploit has been disclosed to the public and may be used. | 2022-07-20 | not yet calculated | CVE-2022-2487 MISC MISC |
| wavlink — multiple_products |
A vulnerability, which was classified as critical, was found in WAVLINK WN535K2 and WN535K3. This affects an unknown part of the file /cgi-bin/mesh.cgi?page=upgrade. The manipulation of the argument key leads to os command injection. The exploit has been disclosed to the public and may be used. | 2022-07-20 | not yet calculated | CVE-2022-2486 MISC MISC |
| wavlink — wavlink |
Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etc_ro/lighttpd/www/cgi-bin/ExportAllSettings.sh. | 2022-07-20 | not yet calculated | CVE-2022-34045 MISC |
| wavlink — wavlink |
An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers to download log files and configuration data. | 2022-07-20 | not yet calculated | CVE-2022-34049 MISC MISC |
| wavlink — wavlink |
An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);]. | 2022-07-20 | not yet calculated | CVE-2022-34046 MISC |
| wavlink — wavlink |
An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd]. | 2022-07-20 | not yet calculated | CVE-2022-34047 MISC |
| wavlink — wavlink |
Wavlink WN533A8 M33A8.V5030.190716 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the login_page parameter. | 2022-07-20 | not yet calculated | CVE-2022-34048 MISC MISC |
| wavpack — wavpack |
A null pointer dereference bug was found in wavpack-5.4.0 The results from the ASAN log: AddressSanitizer:DEADLYSIGNAL ===================================================================84257==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x561b47a970c6 bp 0x7fff13952fb0 sp 0x7fff1394fca0 T0) ==84257==The signal is caused by a WRITE memory access. ==84257==Hint: address points to the zero page. #0 0x561b47a970c5 in main cli/wvunpack.c:834 #1 0x7efc4f5c0082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) #2 0x561b47a945ed in _start (/usr/local/bin/wvunpack+0xa5ed) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV cli/wvunpack.c:834 in main ==84257==ABORTING | 2022-07-19 | not yet calculated | CVE-2022-2476 MISC |
| windows — showmypc_3606 |
ShowMyPC 3606 on Windows suffers from a DLL hijack vulnerability. If an attacker overwrites the file %temp%ShowMyPC-ShowMyPC3606wodVPN.dll, it will run any malicious code contained in that file. The code will run with normal user privileges unless the user specifically runs ShowMyPC as administrator. | 2022-07-18 | not yet calculated | CVE-2021-42923 MISC MISC |
| withsecure — multiple_products | A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed APK file it is possible that can crash the scanning engine. | 2022-07-22 | not yet calculated | CVE-2022-28878 MISC MISC |
| withsecure — multiple_products |
This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure & WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to successful exploitation. | 2022-07-21 | not yet calculated | CVE-2022-28877 MISC MISC |
| withsecure — multiple_products |
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aepack.dll component can crash the scanning engine. | 2022-07-22 | not yet calculated | CVE-2022-28879 MISC MISC |
| wordpress — wordpress | Multiple Authenticated (contributor or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress. | 2022-07-22 | not yet calculated | CVE-2022-34853 CONFIRM CONFIRM |
| wordpress — wordpress | Authenticated Stored Cross-Site Scripting (XSS) vulnerability in Florent Maillefaud’s WP Maintenance plugin <= 6.0.7 at WordPress. | 2022-07-21 | not yet calculated | CVE-2022-30536 CONFIRM CONFIRM |
| wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Sygnoos Popup Builder plugin <= 4.1.0 at WordPress leading to popup status change. | 2022-07-21 | not yet calculated | CVE-2022-32289 CONFIRM CONFIRM |
| wordpress — wordpress | Authentication Bypass vulnerability in CodexShaper’s WP OAuth2 Server plugin <= 1.0.1 at WordPress. | 2022-07-22 | not yet calculated | CVE-2022-34839 CONFIRM CONFIRM |
| wordpress — wordpress | Cross-Site Request Forgery (CSRF) vulnerability in JoomUnited WP Meta SEO plugin <= 4.4.8 at WordPress allows an attacker to update the social settings. | 2022-07-21 | not yet calculated | CVE-2022-30337 CONFIRM CONFIRM |
| wordpress — wordpress | Authenticated Arbitrary File Creation via Export function vulnerability in GiveWP’s GiveWP plugin <= 2.20.2 at WordPress. | 2022-07-21 | not yet calculated | CVE-2022-28700 CONFIRM CONFIRM |
| wordpress — wordpress | The Button Widget Smartsoft plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing nonce validation on the smartsoftbutton_settings page. This makes it possible for unauthenticated attackers to update the plugins settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2022-07-18 | not yet calculated | CVE-2022-1912 MISC MISC |
| wordpress — wordpress |
The GiveWP plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions up to, and including, 2.20.2 via the /donor-wall REST-API endpoint which provides unauthenticated users with donor information even when the donor wall is not enabled. This functionality has been completely removed in version 2.20.2. | 2022-07-18 | not yet calculated | CVE-2022-2117 MISC MISC |
| wordpress — wordpress |
Cross-Site Request Forgery (CSRF) vulnerability in WordPlus Better Messages plugin <= 1.9.9.148 at WordPress allows attackers to upload files. File attachment to messages must be activated. | 2022-07-20 | not yet calculated | CVE-2022-29454 CONFIRM CONFIRM |
| wordpress — wordpress |
Broken Access Control vulnerability in YIKES Inc. Custom Product Tabs for WooCommerce plugin <= 1.7.7 at WordPress leading to &yikes-the-content-toggle option update. | 2022-07-21 | not yet calculated | CVE-2022-28666 CONFIRM CONFIRM |
| wordpress — wordpress |
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in René Hermenau’s Social Media Share Buttons plugin <= 3.8.1 at WordPress. | 2022-07-20 | not yet calculated | CVE-2021-36849 CONFIRM CONFIRM |
| wordpress — wordpress |
Cross-Site Request Forgery (CSRF) vulnerability in Sygnoos Popup Builder plugin <= 4.1.11 at WordPress allows an attacker to update plugin settings. | 2022-07-22 | not yet calculated | CVE-2022-29495 CONFIRM CONFIRM |
| wordpress — wordpress |
Authenticated (admin or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in ThingsForRestaurants Quick Restaurant Reservations plugin <= 1.4.1 at WordPress. | 2022-07-20 | not yet calculated | CVE-2022-29923 CONFIRM CONFIRM |
| wordpress — wordpress |
Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co’s Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress. | 2022-07-22 | not yet calculated | CVE-2022-30998 CONFIRM CONFIRM |
| wordpress — wordpress |
Authenticated (custom plugin role) Arbitrary File Read via Export function vulnerability in GiveWP’s GiveWP plugin <= 2.20.2 at WordPress. | 2022-07-21 | not yet calculated | CVE-2022-31475 CONFIRM CONFIRM |
| wordpress — wordpress |
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress. | 2022-07-22 | not yet calculated | CVE-2022-34650 CONFIRM CONFIRM |
| wordpress — wordpress |
Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Chinmoy Paul’s Testimonials plugin <= 3.0.1 at WordPress. | 2022-07-22 | not yet calculated | CVE-2022-33191 CONFIRM CONFIRM |
| wordpress — wordpress |
Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari’s Accordions plugin <= 2.0.2 at WordPress. | 2022-07-21 | not yet calculated | CVE-2022-33198 CONFIRM CONFIRM |
| wordpress — wordpress |
Unauthenticated Arbitrary File Read vulnerability in MultiSafepay plugin for WooCommerce plugin <= 4.13.1 at WordPress. | 2022-07-22 | not yet calculated | CVE-2022-33901 CONFIRM CONFIRM |
| wordpress — wordpress |
Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. | 2022-07-22 | not yet calculated | CVE-2022-33960 CONFIRM CONFIRM |
| wordpress — wordpress |
The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `file[files][]` parameter in versions up to, and including, 3.2.46 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor level permissions and above to inject arbitrary web scripts on the file’s page that will execute whenever an administrator accesses the editor area for the injected file page. | 2022-07-18 | not yet calculated | CVE-2022-2101 MISC MISC MISC MISC |
| wordpress — wordpress |
The plugin Wbcom Designs – BuddyPress Group Reviews for WordPress is vulnerable to unauthorized settings changes and review modification due to missing capability checks and improper nonce checks in several functions related to said actions in versions up to, and including, 2.8.3. This makes it possible for unauthenticated attackers to modify reviews and plugin settings on the affected site. | 2022-07-18 | not yet calculated | CVE-2022-2108 MISC MISC |
| wordpress — wordpress |
The Free Live Chat Support plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.0.11. This is due to missing nonce protection on the livesupporti_settings() function found in the ~/livesupporti.php file. This makes it possible for unauthenticated attackers to inject malicious web scripts into the page, granted they can trick a site’s administrator into performing an action such as clicking on a link. | 2022-07-18 | not yet calculated | CVE-2022-2039 MISC MISC |
| wordpress — wordpress |
Unauthenticated Arbitrary Option Update vulnerability in biplob018’s Shortcode Addons plugin <= 3.0.2 at WordPress. | 2022-07-21 | not yet calculated | CVE-2022-34487 CONFIRM CONFIRM |
| wordpress — wordpress |
Multiple Broken Access Control vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. | 2022-07-22 | not yet calculated | CVE-2022-27235 CONFIRM CONFIRM |
| wordpress — wordpress |
The DX Share Selection plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.4. This is due to missing nonce protection on the dxss_admin_page() function found in the ~/dx-share-selection.php file. This makes it possible for unauthenticated attackers to inject malicious web scripts into the page, granted they can trick a site’s administrator into performing an action such as clicking on a link. | 2022-07-18 | not yet calculated | CVE-2022-2001 MISC MISC |
| wordpress — wordpress |
The WordPress plugin Image Slider is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.1.121 due to failure to properly check for the existence of a nonce in the function ewic_duplicate_slider. This make it possible for unauthenticated attackers to duplicate existing posts or pages granted they can trick a site administrator into performing an action such as clicking on a link. | 2022-07-18 | not yet calculated | CVE-2022-2223 MISC MISC |
| wordpress — wordpress |
The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to deserialization of untrusted input via the ‘remote_data’ parameter in versions up to, and including 3.7.9. This makes it possible for authenticated attackers with contributor privileges and above to call files using a PHAR wrapper that will deserialize the data and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. It also requires that the attacker is successful in uploading a file with the serialized payload. | 2022-07-18 | not yet calculated | CVE-2022-2444 MISC MISC MISC MISC MISC |
| wordpress — wordpress |
The Feed Them Social – for Twitter feed, Youtube and more plugin for WordPress is vulnerable to deserialization of untrusted input via the ‘fts_url’ parameter in versions up to, and including 2.9.8.5. This makes it possible for unauthenticated attackers to call files using a PHAR wrapper that will deserialize the data and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. It also requires that the attacker is successful in uploading a file with the serialized payload. | 2022-07-18 | not yet calculated | CVE-2022-2437 MISC MISC |
| wordpress — wordpress |
The FreeMind WP Browser plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.2. This is due to missing nonce protection on the FreemindOptions() function found in the ~/freemind-wp-browser.php file. This makes it possible for unauthenticated attackers to inject malicious web scripts into the page, granted they can trick a site’s administrator into performing an action such as clicking on a link. | 2022-07-18 | not yet calculated | CVE-2022-2443 MISC MISC |
| wordpress — wordpress |
The AnyMind Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.1. This is due to missing nonce protection on the createDOMStructure() function found in the ~/anymind-widget-id.php file. This makes it possible for unauthenticated attackers to inject malicious web scripts into the page, granted they can trick a site’s administrator into performing an action such as clicking on a link. | 2022-07-18 | not yet calculated | CVE-2022-2435 MISC MISC |
| wordpress — wordpress |
The WordPress plugin Gallery for Social Photo is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.0.0.27 due to failure to properly check for the existence of a nonce in the function gifeed_duplicate_feed. This make it possible for unauthenticated attackers to duplicate existing posts or pages granted they can trick a site administrator into performing an action such as clicking on a link. | 2022-07-18 | not yet calculated | CVE-2022-2224 MISC MISC |
| wpallimport — wp_all_import | The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz.php file in versions up to, and including, 3.6.7. This makes it possible for authenticated attackers, with administrator level permissions and above, to upload arbitrary files on the affected sites server which may make remote code execution possible. | 2022-07-18 | not yet calculated | CVE-2022-1565 MISC MISC |
| xiaomi — mi_sound |
Information leakage vulnerability exists in the Mi Sound APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information. | 2022-07-22 | not yet calculated | CVE-2020-14126 MISC |
| xiaomi — smarthome |
information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information. | 2022-07-22 | not yet calculated | CVE-2020-14114 MISC |
| yokogawa_rental_&_lease_corporation — passage_drive |
Passage Drive versions v1.4.0 to v1.5.1.0 and Passage Drive for Box version v1.0.0 contain an insufficient data verification vulnerability for interprocess communication. By running a malicious program, an arbitrary OS command may be executed with LocalSystem privilege of the Windows system where the product is running. | 2022-07-20 | not yet calculated | CVE-2022-34866 MISC MISC |
| zoho — manageengine_password_manager_pro_and_opmanager |
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine. | 2022-07-18 | not yet calculated | CVE-2022-35404 MISC MISC |
| zoho — manageengine_password_manager_pro_and_pam360 |
Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus before 4303 with authentication.) | 2022-07-19 | not yet calculated | CVE-2022-35405 MISC |
| zte — zxen_cg200_firmware | ZXEN CG200 has a DoS vulnerability. An attacker could construct and send a large number of HTTP GET requests in a short time, which can make the product management websites not accessible. | 2022-07-18 | not yet calculated | CVE-2022-23142 MISC |
| zte — zxmp_m721_firmware | ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information. | 2022-07-15 | not yet calculated | CVE-2022-23141 MISC |
| zulip — zulip_server |
Zulip is an open source team chat tool. Due to an incorrect authorization check in Zulip Server 5.4 and earlier, a member of an organization could craft an API call that grants organization administrator privileges to one of their bots. The vulnerability is fixed in Zulip Server 5.5. Members who don’t own any bots, and lack permission to create them, can’t exploit the vulnerability. As a workaround for the vulnerability, an organization administrator can restrict the `Who can create bots` permission to administrators only, and change the ownership of existing bots. | 2022-07-22 | not yet calculated | CVE-2022-31168 MISC MISC CONFIRM |
| zyxel — multiple_products |
A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.09 through 4.72, which could allow a local attacker to execute some OS commands with root privileges in some directories on a vulnerable device. | 2022-07-19 | not yet calculated | CVE-2022-30526 CONFIRM |
| zyxel_corporation — multiple_products |
A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.11 through 4.72, that could allow an authenticated attacker to access some restricted files on a vulnerable device. | 2022-07-19 | not yet calculated | CVE-2022-2030 CONFIRM |
This product is provided subject to this Notification and this Privacy & Use policy.
The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifies DDoS attacks today. This is a dangerous warning that the possibility of a sophisticated DDoS attack and a prolonged service outage will prevent businesses from growing.
Original release date: July 20, 2022 | Last revised: July 21, 2022
Oracle has released its Critical Patch Update for July 2022 to address 349 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the Oracle July 2022 Critical Patch Update and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
Internet of Things Targeted by Campaigns and Attacks of Opportunity
July 19, 2022
It should come as no surprise that an ever-expanding threat landscape brings with it an increased number of attack vectors for threat bad actors’ use and, subsequently, an inevitable increase in exploitation. The Internet of Things (IoT) is a common term used to describe devices that are connected to a network in one manner or another but are not typical network devices such as computers, mobile devices, tablets, or servers. When we refer to IoT, we are talking about many common items integrated into your home or office network that you often do not think about. Do you own a Ring Security system or similar product that connects to your wireless network? How about an Alexa device? Do you have a “smart” refrigerator or television, an iRobot Roomba vacuum perhaps? These devices, and so many more, are all potentially included within the internet of things provided they have the capacity to connect to your network in one way or another.
Whereas a home or office (or your home office) used to be comprised of a server, routers, and computers, that entire attack surface has drastically expanded to include all of these IoT devices. This brings us to the targeting of the internet of things by threat actors both in campaigns and in targets of opportunity. Over the past few years, the exploitation of IoT devices has been on the rise. This is no surprise to individuals familiar with the topic, however, the efforts appear to be more concerted. If you look at the recent Common Vulnerability and Exposures (CVEs), what you will find, more and more, is an increased number of IoT-related CVEs. Thankfully, many of these are being found by the efforts of researchers and blue team actors, but not all.
In the past month, multiple CVEs were reported within a host of IoT devices, and we can look at a few examples. Digital Video Recorder (DVR) systems for closed circuit television systems (CCTV) have been found vulnerable to buffer overflow exploits that can result in lateral movement of malicious data or privilege escalation as seen in CVE-2021-44954. This week, Programmable Logic Controllers (PLCs), which are the computing devices behind industrial manufacturing control, were found lacking in authentication and security measures with easy-to-crack passwords. Subsequently, they have been targeted by malware campaigns to tie them into botnets for distributed denial of service attacks as reported with CVE-2022-33971. And, lest we forget about cameras, infrared security cameras have also been exploited through buffer overflow vulnerabilities (CVE-2022-31209) and have a history of privilege escalation concerns both remotely and through a direct hack of security cameras.
As noted, these incidents are not few and far between. A few weeks back, the Defending the Edge podcast covered the story of security doors being bypassed by tapping into and exploiting vulnerabilities in external control panels. Once inside, a research team was able to escalate privilege and move laterally in the network, going so far as to open and close doors and shut down cameras. It took a good bit of groundwork and some reverse engineering, but it was doable, and in theory, a threat actor could be just as savvy to successfully make such an attack in the wild. As much as this sounds like science fiction or something out of a spy novel, hackers have been exploiting physical security systems, primarily thanks to a lack of segmentation, compartmentalization, and lack of purposely designed security measures for the past two decades in one form or another.
The ever-increasing move to wireless networks and wireless access points is only increasing the attack surface by linking in more devices that may not be properly secured or not tested properly to avoid the same types of pitfalls that traditional computers and servers have been hardened against (or at least attempt to do so) for many years. We add these devices to our networks because they have convenience features. I can turn on my vacuum remotely, adjust my thermostat, or access my security system from anywhere in the world. This leaves us with only a few options. We can throw away technology, move into the woods, and avoid the chance of a bad guy exploiting some device. We could, perhaps, migrate away from IoT devices and lessen our use of these convenience items. Or we could deal with the challenge, and in doing so, accept risk, but employ our best practices to manage that risk.
Cyber security is all about risk assessment and risk management. You will never fully remove risk, but you can manage it. With IoT, especially in a work setting or even a home office, we should start by taking the simple actions. Apply strong passwords even to your seemingly harmless devices. Did you update your WiFi router password? Does your robot vacuum have a complex password? Is the PLC in your manufacturing and assembly line updated with the most recent firmware and has a solid password and maybe an authentication measure in place?
Aside from trying to keep up with manufacture notifications for any vulnerabilities, or skimming CVE lists that nobody outside of our research team is doing, just ask yourself how your device connects, what else is connected on that network, and what security measures are in place to stop someone from using that device as a conduit. Does it have a password? Can it? If not, is it on the same network as your other more sensitive devices, such as your home computer or your work or company office network? Remove the low-hanging fruit and keep your systems up to date and you can still enjoy the convenience of these devices with far less risk.
Calvin Bryant is a Cyber Security and Cyber Threat Intelligence analyst for DefendEdge and the Producer and Host of the Defending the Edge Podcast.
Original release date: July 18, 2022 | Last revised: July 19, 2022
High Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| ceneo-web-scrapper_project — ceneo-web-scrapper | The adriankoczuruek/ceneo-web-scrapper repository through 2021-03-15 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 7.5 | CVE-2022-31570 MISC |
| clinic’s_patient_management_system_project — clinic’s_patient_management_system | A vulnerability has been found in SourceCodester Clinics Patient Management System 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /pms/index.php of the component Login Page. The manipulation of the argument user_name with the input admin’ or ‘1’=’1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-12 | 7.5 | CVE-2022-2298 MISC MISC |
| google — android | Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of Finder. | 2022-07-12 | 7.2 | CVE-2022-30756 MISC |
| google — android | Implicit Intent hijacking vulnerability in AppLinker prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of AppLinker. | 2022-07-12 | 7.2 | CVE-2022-30754 MISC |
| huawei — ese620x_vess_firmware | There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service condition. | 2022-07-12 | 7.8 | CVE-2021-39999 MISC |
| microsoft — windows_10 | Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-30206, CVE-2022-30226. | 2022-07-12 | 9 | CVE-2022-22041 MISC |
| microsoft — windows_10 | Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30202, CVE-2022-30224. | 2022-07-12 | 8.5 | CVE-2022-22037 MISC |
| microsoft — windows_10 | Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026, CVE-2022-22049. | 2022-07-12 | 7.2 | CVE-2022-22047 MISC |
| microsoft — windows_10 | Windows Fast FAT File System Driver Elevation of Privilege Vulnerability. | 2022-07-12 | 7.2 | CVE-2022-22043 MISC |
| microsoft — windows_10 | Windows Graphics Component Elevation of Privilege Vulnerability. | 2022-07-12 | 7.2 | CVE-2022-22034 MISC |
| microsoft — windows_10 | Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability. | 2022-07-12 | 7.2 | CVE-2022-22031 MISC |
| microsoft — windows_10 | Internet Information Services Dynamic Compression Module Denial of Service Vulnerability. | 2022-07-12 | 7.5 | CVE-2022-22040 MISC |
| microsoft — windows_10 | Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22047, CVE-2022-22049. | 2022-07-12 | 7.2 | CVE-2022-22026 MISC |
| microweber — microweber | Business Logic Errors in GitHub repository microweber/microweber prior to 1.2.20. | 2022-07-11 | 7.5 | CVE-2022-2368 CONFIRM MISC |
| redhat — keycloak | A privilege escalation flaw was found in the token exchange feature of keycloak. Missing authorization allows a client application holding a valid access token to exchange tokens for any target client by passing the client_id of the target. This could allow a client to gain unauthorized access to additional services. | 2022-07-08 | 7.5 | CVE-2022-1245 MISC |
| roxy-wi — roxy-wi | Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 6.1.1.0 are subject to a remote code execution vulnerability. System commands can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Attackers need not be authenticated to exploit this vulnerability. Users are advised to upgrade. There are no known workarounds for this vulnerability. | 2022-07-08 | 10 | CVE-2022-31137 CONFIRM MISC |
| rpc.py_project — rpc.py | rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the “serializer: pickle” HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle. | 2022-07-08 | 7.5 | CVE-2022-35411 MISC MISC MISC |
| samsung — galaxy_store | Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | 2022-07-12 | 7.2 | CVE-2022-33708 MISC |
| samsung — galaxy_store | Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | 2022-07-12 | 7.2 | CVE-2022-33709 MISC |
| samsung — galaxy_store | Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | 2022-07-12 | 7.2 | CVE-2022-33710 MISC |
| siemens — scalance_x200-4p_irt_firmware | A vulnerability has been identified in SCALANCE X200-4P IRT (All versions), SCALANCE X200-4P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS (All versions < V5.2.6), SCALANCE X204-2TS (All versions < V5.2.6), SCALANCE X204IRT (All versions), SCALANCE X204IRT (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X206-1 (All versions < V5.2.6), SCALANCE X206-1LD (All versions < V5.2.6), SCALANCE X208 (All versions < V5.2.6), SCALANCE X208PRO (All versions < V5.2.6), SCALANCE X212-2 (All versions < V5.2.6), SCALANCE X212-2LD (All versions < V5.2.6), SCALANCE X216 (All versions < V5.2.6), SCALANCE X224 (All versions < V5.2.6), SCALANCE XF201-3P IRT (All versions), SCALANCE XF202-2P IRT (All versions), SCALANCE XF204 (All versions < V5.2.6), SCALANCE XF204-2 (All versions < V5.2.6), SCALANCE XF204-2BA IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF206-1 (All versions < V5.2.6), SCALANCE XF208 (All versions < V5.2.6). The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions. | 2022-07-12 | 7.5 | CVE-2022-26647 CONFIRM |
| siemens — scalance_x204-2_firmware | A vulnerability has been identified in SCALANCE X200-4P IRT (All versions), SCALANCE X200-4P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS (All versions < V5.2.6), SCALANCE X204-2TS (All versions < V5.2.6), SCALANCE X204IRT (All versions), SCALANCE X204IRT (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X206-1 (All versions < V5.2.6), SCALANCE X206-1LD (All versions < V5.2.6), SCALANCE X208 (All versions < V5.2.6), SCALANCE X208PRO (All versions < V5.2.6), SCALANCE X212-2 (All versions < V5.2.6), SCALANCE X212-2LD (All versions < V5.2.6), SCALANCE X216 (All versions < V5.2.6), SCALANCE X224 (All versions < V5.2.6), SCALANCE XF201-3P IRT (All versions), SCALANCE XF202-2P IRT (All versions), SCALANCE XF204 (All versions < V5.2.6), SCALANCE XF204-2 (All versions < V5.2.6), SCALANCE XF204-2BA IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF206-1 (All versions < V5.2.6), SCALANCE XF208 (All versions < V5.2.6). Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices. | 2022-07-12 | 7.8 | CVE-2022-26649 CONFIRM |
| siemens — scalance_x204-2_firmware | A vulnerability has been identified in SCALANCE X200-4P IRT (All versions), SCALANCE X200-4P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS (All versions < V5.2.6), SCALANCE X204-2TS (All versions < V5.2.6), SCALANCE X204IRT (All versions), SCALANCE X204IRT (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X206-1 (All versions < V5.2.6), SCALANCE X206-1LD (All versions < V5.2.6), SCALANCE X208 (All versions < V5.2.6), SCALANCE X208PRO (All versions < V5.2.6), SCALANCE X212-2 (All versions < V5.2.6), SCALANCE X212-2LD (All versions < V5.2.6), SCALANCE X216 (All versions < V5.2.6), SCALANCE X224 (All versions < V5.2.6), SCALANCE XF201-3P IRT (All versions), SCALANCE XF202-2P IRT (All versions), SCALANCE XF204 (All versions < V5.2.6), SCALANCE XF204-2 (All versions < V5.2.6), SCALANCE XF204-2BA IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF206-1 (All versions < V5.2.6), SCALANCE XF208 (All versions < V5.2.6). Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices. | 2022-07-12 | 7.8 | CVE-2022-26648 CONFIRM |
| siemens — simatic_cp_1242-7_v2_firmware | A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions). The application lacks proper validation of user-supplied data when parsing specific messages. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of device. | 2022-07-12 | 9.3 | CVE-2022-34819 CONFIRM |
| siemens — simatic_cp_1242-7_v2_firmware | A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges. | 2022-07-12 | 9.3 | CVE-2022-34821 CONFIRM |
| siemens — simatic_cp_1242-7_v2_firmware | A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions). The application does not correctly escape some user provided fields during the authentication process. This could allow an attacker to inject custom commands and execute arbitrary code with elevated privileges. | 2022-07-12 | 9.3 | CVE-2022-34820 CONFIRM |
| syntactics — free_booking_plugin_for_hotels,_restaurant_and_car_rental | The Free Booking Plugin for Hotels, Restaurant and Car Rental WordPress plugin before 1.1.16 suffers from insufficient input validation which leads to arbitrary file upload and subsequently to remote code execution. An AJAX action accessible to unauthenticated users is affected by this issue. An allowlist of valid file extensions is defined but is not used during the validation steps. | 2022-07-11 | 7.5 | CVE-2022-1952 MISC |
| varktech — pricing_deals_for_woocommerce | The Pricing Deals for WooCommerce WordPress plugin through 2.0.2.02 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection | 2022-07-11 | 7.5 | CVE-2022-1057 MISC |
| zimbra — collaboration | Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created password (from the “zmprove ca” command). It is visible in cleartext on port UDP 514 (aka the syslog port). | 2022-07-11 | 7.5 | CVE-2022-32294 MISC MISC MISC MISC |
Medium Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| admin_management_xtended_project — admin_management_xtended | The Admin Management Xtended WordPress plugin before 2.4.5 does not have CSRF checks in some of its AJAX actions, allowing attackers to make a logged users with the right capabilities to call them. This can lead to changes in post status (draft, published), slug, post date, comment status (enabled, disabled) and more. | 2022-07-11 | 4.3 | CVE-2022-1599 MISC |
| anuvaad-corpus_project — anuvaad-corpus | The project-anuvaad/anuvaad-corpus repository through 2020-11-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31552 MISC |
| audio_aligner_app_project — audio_aligner_app | The longmaoteamtf/audio_aligner_app repository through 2020-01-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31577 MISC |
| automatedquizeval_project — automatedquizeval | The sravaniboinepelli/AutomatedQuizEval repository through 2020-04-27 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31583 MISC |
| averta — shortcodes_and_extra_features_for_phlox_theme | The Shortcodes and extra features for Phlox WordPress plugin before 2.9.8 does not sanitise and escape a parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting | 2022-07-11 | 4.3 | CVE-2022-1910 MISC |
| awin — awin_data_feed | The Awin Data Feed WordPress plugin through 1.6 does not sanitise and escape a parameter before outputting it back via an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting | 2022-07-11 | 4.3 | CVE-2022-1937 MISC |
| baiduwenkuspider_flaskweb_project — baiduwenkuspider_flaskweb | The ChangeWeDer/BaiduWenkuSpider_flaskWeb repository before 2021-11-29 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31504 MISC MISC |
| barry_voice_assistant_project — barry_voice_assistant | The lyubolp/Barry-Voice-Assistant repository through 2021-01-18 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31541 MISC |
| bonn_activity_maps_annotation_tool_project — bonn_activity_maps_annotation_tool | The bonn-activity-maps/bam_annotation_tool repository through 2021-08-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31528 MISC |
| bt_lnmp_project — bt_lnmp | The piaoyunsoft/bt_lnmp repository through 2019-10-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 5 | CVE-2022-31578 MISC |
| carceresbe_project — carceresbe | The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31515 MISC |
| caretakerr-api_project — caretakerr-api | The sanojtharindu/caretakerr-api repository through 2021-05-17 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31580 MISC |
| chainer — chainerrl-visualizer | The chainer/chainerrl-visualizer repository through 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31573 MISC |
| changepop-back_project — changepop-back | The unizar-30226-2019-06/ChangePop-Back repository through 2019-06-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31586 MISC |
| clinic’s_patient_management_system_project — clinic’s_patient_management_system | A vulnerability, which was classified as critical, was found in SourceCodester Clinics Patient Management System 2.0. Affected is an unknown function of the file /pms/update_user.php?user_id=1. The manipulation of the argument profile_picture with the input <?php phpinfo();?> leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2022-07-12 | 6.5 | CVE-2022-2297 MISC MISC |
| cmu — opendiamond | The cmusatyalab/opendiamond repository through 10.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31506 MISC MISC |
| cockybook_project — cockybook | The ceee-vip/cockybook repository through 2015-04-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31572 MISC |
| codesys — opc_da_server | The CODESYS OPC DA Server prior V3.5.18.20 stores PLC passwords as plain text in its configuration file so that it is visible to all authorized Microsoft Windows users of the system. | 2022-07-11 | 4.7 | CVE-2022-1794 CONFIRM |
| comment_license_project — comment_license | The Comment License WordPress plugin before 1.4.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 2022-07-11 | 4.3 | CVE-2022-1957 MISC |
| csm_server_project — csm_server | The csm-aut/csm repository through 3.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31530 MISC |
| cuyz — valinor | Valinor is a PHP library that helps to map any input into a strongly-typed value object structure. Prior to version 0.12.0, Valinor can use `Throwable#getMessage()` when it should not have permission to do so. This is a problem with cases such as an SQL exception showing an SQL snippet, a database connection exception showing database IP address/username/password, or a timeout detail / out of memory detail. Attackers could use this information for potential data exfiltration, denial of service attacks, enumeration attacks, etc. Version 0.12.0 contains a patch for this vulnerability. | 2022-07-11 | 6.4 | CVE-2022-31140 CONFIRM MISC |
| cybozu — garoon | Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files. | 2022-07-11 | 5.5 | CVE-2022-30602 MISC MISC |
| cybozu — garoon | Browsing restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data of Bulletin. | 2022-07-11 | 4 | CVE-2022-30943 MISC MISC |
| cybozu — garoon | Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to obtain the data of Cabinet. | 2022-07-11 | 4 | CVE-2022-31472 MISC MISC |
| cybozu — garoon | Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing privilege. | 2022-07-11 | 4 | CVE-2022-29512 MISC MISC |
| dainst — cilantro | The dainst/cilantro repository through 0.0.4 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31531 MISC |
| data_stream_algorithm_benchmark_project — data_stream_algorithm_benchmark | The DSAB-local/DSAB repository through 2019-02-18 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 5 | CVE-2022-31566 MISC |
| data_stream_algorithm_benchmark_project — data_stream_algorithm_benchmark | The DSABenchmark/DSAB repository through 2.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31567 MISC |
| deep_learning_studio_project — deep_learning_studio | The SummaLabs/DLS repository through 0.1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31525 MISC |
| eclipse — equinox_p2 | In Eclipse p2, installable units are able to alter the Eclipse Platform installation and the local machine via touchpoints during installation. Those touchpoints can, for example, alter the command-line used to start the application, injecting things like agent or other settings that usually require particular attention in term of security. Although p2 has built-in strategies to ensure artifacts are signed and then to help establish trust, there is no such strategy for the metadata part that does configure such touchpoints. As a result, it’s possible to install a unit that will run malicious code during installation without user receiving any warning about this installation step being risky when coming from untrusted source. | 2022-07-08 | 6.8 | CVE-2021-41037 CONFIRM |
| equanimity_project — equanimity | The AFDudley/equanimity repository through 2014-04-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31511 MISC |
| fan_platform_project — fan_platform | The Caoyongqi912/Fan_Platform repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31514 MISC |
| fishtank_project — fishtank | The freefood89/Fishtank repository through 2015-06-24 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31535 MISC |
| flask-file-server_project — flask-file-server | The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31527 MISC |
| flask-mongo-skel_project — flask-mongo-skel | The pleomax00/flask-mongo-skel repository through 2012-11-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31551 MISC |
| flask-mvc_project — flask-mvc | The Atom02/flask-mvc repository through 2020-09-14 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31512 MISC |
| flask-yeoman_project — flask-yeoman | The tsileo/flask-yeoman repository through 2013-09-13 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31559 MISC |
| foxy-shop — foxyshop | The FoxyShop WordPress plugin before 4.8.2 does not sanitise and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting | 2022-07-11 | 4.3 | CVE-2022-1220 MISC |
| ganga_project — ganga | The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31507 MISC MISC MISC |
| glance_project — glance | The nlpweb/glance repository through 2014-06-27 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31546 MISC |
| golem_project — golem | The seveas/golem repository through 2016-05-17 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31557 MISC |
| google — android | Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent. | 2022-07-12 | 4.6 | CVE-2022-30755 MISC |
| google — android | Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities. | 2022-07-12 | 4.6 | CVE-2022-33704 MISC |
| google — android | Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows unauthorized access to the service. | 2022-07-12 | 4.6 | CVE-2022-33695 MISC |
| google — android | Improper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities. | 2022-07-12 | 4.6 | CVE-2022-33703 MISC |
| h3c — ssl_vpn | H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS. | 2022-07-11 | 4.3 | CVE-2022-35416 MISC |
| harveyzyh_python_project — harveyzyh_python | The Harveyzyh/Python repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31516 MISC |
| helm-flask-celery_project — helm-flask-celery | The olmax99/helm-flask-celery repository before 2022-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31549 MISC MISC |
| hin-eng-preprocessing_project — hin-eng-preprocessing | The kumardeepak/hin-eng-preprocessing repository through 2019-07-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31540 MISC |
| home__internet_project — home__internet | The umeshpatil-dev/Home__internet repository through 2020-08-28 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31585 MISC |
| homepage_project — homepage | The nrlakin/homepage repository through 2017-03-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31548 MISC |
| hotel_management_system_project — hotel_management_system | A vulnerability was found in SourceCodester Hotel Management System 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /ci_hms/search of the component Search. The manipulation of the argument search with the input “><script>alert(“XSS”)</script> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-07-12 | 4.3 | CVE-2022-2291 MISC MISC |
| huawei — emui | Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality. | 2022-07-12 | 5 | CVE-2021-40012 MISC |
| iasset_project — iasset | The ralphjzhang/iasset repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31579 MISC |
| ibm — cics_tx | IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim’s Web browser within the security context of the hosting site. IBM X-Force ID: 229330. | 2022-07-08 | 5.8 | CVE-2022-34160 CONFIRM CONFIRM XF |
| ibm — cics_tx | IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 229435. | 2022-07-08 | 5.5 | CVE-2022-34306 XF CONFIRM CONFIRM |
| ibm — open_liberty | IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. IBM X-Force ID: 225604. | 2022-07-08 | 6 | CVE-2022-22476 CONFIRM XF |
| ibm — qradar_network_security | IBM QRadar Network Security 5.4.0 and 5.5.0 discloses sensitive information to unauthorized users which could be used to mount further attacks against the system. IBM X-Force ID: 174339. | 2022-07-12 | 5 | CVE-2020-4159 XF CONFIRM |
| ibm — qradar_network_security | IBM QRadar Network Security 5.4.0 and 5.5.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174337. | 2022-07-12 | 5 | CVE-2020-4157 CONFIRM XF |
| ibm — qradar_security_information_and_event_manager | IBM QRadar SIEM 7.3, 7.4, and 7.5 may be vulnerable to partial denial of service attack, resulting in some protocols not listening to specified ports. IBM X-Force ID: 214028. | 2022-07-12 | 5 | CVE-2021-39041 CONFIRM XF |
| ibm — security_verify_access | IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 225079. | 2022-07-08 | 6.4 | CVE-2022-22463 CONFIRM XF |
| ibm — security_verify_access | IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225081. | 2022-07-08 | 5 | CVE-2022-22464 CONFIRM XF |
| ibm — security_verify_access | IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 could allow a local user to obtain elevated privileges due to improper access permissions. IBM X-Force ID: 225082. | 2022-07-08 | 4.6 | CVE-2022-22465 CONFIRM XF |
| idayrus — e-voting | The idayrus/evoting repository before 2022-05-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31508 MISC MISC |
| iedadata — usap-dc_web_submission_and_dataset_search | The iedadata/usap-dc-website repository through 1.0.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31509 MISC |
| internshipsystem_project — internshipsystem | The waveyan/internshipsystem repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31562 MISC |
| karaokey_project — karaokey | The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31522 MISC |
| kg-fashion-chatbot_project — kg-fashion-chatbot | The yuriyouzhou/KG-fashion-chatbot repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31587 MISC |
| kitestudio — core_plugin_for_kitestudio_themes | The core plugin for kitestudio WordPress plugin before 2.3.1 does not sanitise and escape some parameters before outputting them back in a response of an AJAX action, available to both unauthenticated and authenticated users when a premium theme from the vendor is active, leading to a Reflected Cross-Site Scripting. | 2022-07-11 | 4.3 | CVE-2022-1951 MISC |
| kotekan_project — kotekan | The kotekan/kotekan repository through 2021.11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31539 MISC |
| krypton_project — krypton | The BolunHan/Krypton repository through 2021-06-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31513 MISC |
| linuxfoundation — kubeedge | KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, a large response received by the viaduct WSClient can cause a DoS from memory exhaustion. The entire body of the response is being read into memory which could allow an attacker to send a request that returns a response with a large body. The consequence of the exhaustion is that the process which invokes a WSClient will be in a denial of service. The software is affected If users who are authenticated to the edge side connect to `cloudhub` from the edge side through WebSocket protocol. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. There are currently no known workarounds. | 2022-07-11 | 4 | CVE-2022-31080 CONFIRM |
| linuxfoundation — kubeedge | KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, several endpoints in the Cloud AdmissionController may be susceptible to a DoS attack if an HTTP request containing a very large Body is sent to it. The consequence of the exhaustion is that the Cloud AdmissionController will be in denial of service. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. There is currently no known workaround. | 2022-07-11 | 4 | CVE-2022-31074 CONFIRM |
| linuxfoundation — kubeedge | KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the ServiceBus server on the edge side may be susceptible to a DoS attack if an HTTP request containing a very large Body is sent to it. It is possible for the node to be exhausted of memory. The consequence of the exhaustion is that other services on the node, e.g. other containers, will be unable to allocate memory and thus causing a denial of service. Malicious apps accidentally pulled by users on the host and have the access to send HTTP requests to localhost may make an attack. It will be affected only when users enable the `ServiceBus` module in the config file `edgecore.yaml`. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. As a workaround, disable the `ServiceBus` module in the config file `edgecore.yaml`. | 2022-07-11 | 4.3 | CVE-2022-31073 MISC CONFIRM MISC MISC |
| litecart — litecart | Cross-site scripting vulnerability in LiteCart versions prior to 2.4.2 allows a remote attacker to inject an arbitrary script via unspecified vectors. | 2022-07-11 | 4.3 | CVE-2022-27168 MISC MISC MISC MISC |
| livro_python_project — livro_python | The duducosmos/livro_python repository through 2018-06-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31575 MISC |
| logstash-management-api_project — logstash-management-api | The Luxas98/logstash-management-api repository through 2020-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31520 MISC |
| mdweb_project — mdweb | The mandoku/mdweb repository through 2015-05-07 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31542 MISC |
| mercadoenlineaback_project — mercadoenlineaback | The cheo0/MercadoEnLineaBack repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31505 MISC |
| mercury_sample_manager_project — mercury_sample_manager | The HolgerGraef/MSM repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31517 MISC |
| microsoft — windows_10 | Windows Hyper-V Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30223. | 2022-07-12 | 4 | CVE-2022-22042 MISC |
| microsoft — windows_10 | Windows.Devices.Picker.dll Elevation of Privilege Vulnerability. | 2022-07-12 | 6.9 | CVE-2022-22045 MISC |
| microsoft — windows_10 | Remote Procedure Call Runtime Remote Code Execution Vulnerability. | 2022-07-12 | 6.8 | CVE-2022-22038 MISC |
| microsoft — windows_10 | Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability. | 2022-07-12 | 6.9 | CVE-2022-22023 MISC |
| microsoft — windows_10 | Windows Internet Information Services Cachuri Module Denial of Service Vulnerability. | 2022-07-12 | 5 | CVE-2022-22025 MISC |
| microsoft — windows_10 | Windows Kernel Information Disclosure Vulnerability. | 2022-07-12 | 4.7 | CVE-2022-21845 MISC |
| microsoft — windows_10 | Performance Counters for Windows Elevation of Privilege Vulnerability. | 2022-07-12 | 4.4 | CVE-2022-22036 MISC |
| microsoft — windows_10 | Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22024. | 2022-07-12 | 6.8 | CVE-2022-22027 MISC |
| microsoft — windows_10 | Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22027. | 2022-07-12 | 5.1 | CVE-2022-22024 MISC |
| microsoft — windows_server_2008 | Windows Network File System Information Disclosure Vulnerability. | 2022-07-12 | 4.3 | CVE-2022-22028 MISC |
| microsoft — windows_server_2008 | Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22039. | 2022-07-12 | 6.8 | CVE-2022-22029 MISC |
| microsoft — windows_server_2008 | Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22029. | 2022-07-12 | 6 | CVE-2022-22039 MISC |
| microweber — microweber | Prior to microweber/microweber v1.2.20, due to improper neutralization of input, an attacker can steal tokens to perform cross-site request forgery, fetch contents from same-site and redirect a user. | 2022-07-09 | 4.3 | CVE-2022-2353 MISC CONFIRM |
| modelconverter_project — modelconverter | The ml-inory/ModelConverter repository through 2021-04-26 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31545 MISC |
| monorepo_project — monorepo | The cinemaproject/monorepo repository through 2021-03-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31529 MISC |
| mosaic_project — mosaic | The Niyaz-Mohamed/mosaic repository through 1.0.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31521 MISC |
| movie-review-sentiment-analysis_project — movie-review-sentiment-analysis | The rohitnayak/movie-review-sentiment-analysis repository through 2017-05-07 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31554 MISC |
| mp-m08-interface_project — mp-m08-interface | The joaopedro-fg/mp-m08-interface repository through 2020-12-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31538 MISC |
| munhak — munhak-moa | The woduq1414/munhak-moa repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31564 MISC MISC |
| novastar — novaicare | An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete users, view roles, and other unspecified impacts. | 2022-07-12 | 6.5 | CVE-2021-38289 MISC MISC |
| nurse_quest_project — nurse_quest | The romain20100/nursequest repository through 2018-02-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31555 MISC |
| onyxforum_project — onyxforum | The ChaoticOnyx/OnyxForum repository before 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31501 MISC MISC |
| orchest — orchest | The orchest/orchest repository before 2022.05.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31503 MISC MISC MISC |
| paddlepaddle — anakin | The PaddlePaddle/Anakin repository through 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31523 MISC |
| photo_tag_project — photo_tag | The uncleYiba/photo_tag repository through 2020-08-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31560 MISC |
| portswigger — burp_suite | A URL disclosure issue was discovered in Burp Suite before 2022.6. If a user views a crafted response in the Repeater or Intruder, it may be incorrectly interpreted as a redirect. | 2022-07-08 | 4.3 | CVE-2022-35406 MISC |
| projects_project — projects | The RipudamanKaushikDal/projects repository through 2022-04-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31569 MISC |
| purestorage — pure_swagger | The PureStorage-OpenConnect/swagger repository through 1.1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31524 MISC |
| python-flask-restful-api_project — python-flask-restful-api | The akashtalole/python-flask-restful-api repository through 2019-09-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31571 MISC |
| python-recipe-database_project — python-recipe-database | The JustAnotherSoftwareDeveloper/Python-Recipe-Database repository through 2021-03-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31518 MISC |
| python_athena_stack_project — python_athena_stack | The olmax99/pyathenastack repository through 2019-11-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31550 MISC |
| pythonweb_project — pythonweb | The echoleegroup/PythonWeb repository through 2018-10-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31534 MISC |
| realestate_project — realestate | The deepaliupadhyay/RealEstate repository through 2018-11-30 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31574 MISC |
| rename_wp-login_project — rename_wp-login | The Rename wp-login.php WordPress plugin through 2.6.0 does not have CSRF check in place when updating the secret login URL, which could allow attackers to make a logged in admin change them via a CSRF attack | 2022-07-11 | 4.3 | CVE-2022-1732 MISC |
| rexians — rex-web | The Rexians/rex-web repository through 2022-06-05 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31568 MISC |
| s3label_project — s3label | The stonethree/s3label repository through 2019-08-14 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31584 MISC |
| samsung — find_my_mobile | Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to identify the device. | 2022-07-12 | 5 | CVE-2022-33707 MISC |
| sap — business_objects_business_intelligence_platform | Due to insufficient input validation, SAP Business Objects – version 420, allows an authenticated attacker to submit a malicious request through an allowed operation. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application. | 2022-07-12 | 4.9 | CVE-2022-31598 MISC MISC |
| sap — business_one | SAP Business One client – version 10.0 allows an attacker with low privileges, to inject code that can be executed by the application. An attacker could thereby control the behavior of the application. | 2022-07-12 | 6.5 | CVE-2022-31593 MISC MISC |
| sap — businessobjects_business_intelligence_platform | SAP BusinessObjects CMC allows an unauthenticated attacker to retrieve token information over the network which would otherwise be restricted. This can be achieved only when a legitimate user accesses the application and a local compromise occurs, like sniffing or social engineering. On successful exploitation, the attacker can completely compromise the application. | 2022-07-12 | 6.8 | CVE-2022-35228 MISC MISC |
| sap — businessobjects_business_intelligence_platform | Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x – versions 420,430 allows user Administrator to view, edit or modify rights of objects it doesn’t own and which would otherwise be restricted. | 2022-07-12 | 5.5 | CVE-2022-29619 MISC MISC |
| sap — businessobjects_bw_publisher_service | SAP BusinessObjects BW Publisher Service – versions 420, 430, uses a search path that contains an unquoted element. A local attacker can gain elevated privileges by inserting an executable file in the path of the affected service | 2022-07-12 | 4.6 | CVE-2022-31591 MISC MISC |
| sap — enterprise_extension_defense_forces_&_public_security | The application SAP Enterprise Extension Defense Forces & Public Security – versions 605, 606, 616,617,618, 802, 803, 804, 805, 806, does not perform necessary authorization checks for an authenticated user over the network, resulting in escalation of privileges leading to a limited impact on confidentiality. | 2022-07-12 | 4 | CVE-2022-31592 MISC MISC |
| sap — enterprise_portal | SAP Enterprise Portal – versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. This attack can be used to non-permanently deface or modify portal content. The execution of script content by a victim registered on the portal could compromise the confidentiality and integrity of victim?s web browser session. | 2022-07-12 | 4.3 | CVE-2022-35224 MISC MISC |
| scorelab — openmf | The scorelab/OpenMF repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31581 MISC MISC |
| setupbox_project — setupbox | The maxtortime/SetupBox repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31543 MISC |
| shackerpanel_project — shackerpanel | The heidi-luong1109/shackerpanel repository through 2021-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31576 MISC |
| shiva-server_project — shiva-server | The tooxie/shiva-server repository through 0.10.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31558 MISC |
| shortcut_macros_project — shortcut_macros | The Shortcut Macros WordPress plugin through 1.3 does not have authorisation and CSRF checks in place when updating its settings, which could allow any authenticated users, such as subscriber, to update them. | 2022-07-11 | 4 | CVE-2022-1956 MISC |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to execute code in the context of the current process. (FG-VD-22-037, FG-VD-22-059) | 2022-07-12 | 6.8 | CVE-2022-34272 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-038) | 2022-07-12 | 6.8 | CVE-2022-34273 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-039) | 2022-07-12 | 6.8 | CVE-2022-34274 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-040) | 2022-07-12 | 6.8 | CVE-2022-34275 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-041) | 2022-07-12 | 6.8 | CVE-2022-34276 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-042) | 2022-07-12 | 6.8 | CVE-2022-34277 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-055) | 2022-07-12 | 4.3 | CVE-2022-34290 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-051) | 2022-07-12 | 6.8 | CVE-2022-34286 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-057, FG-VD-22-058, FG-VD-22-060) | 2022-07-12 | 4.3 | CVE-2022-34291 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-047) | 2022-07-12 | 4.3 | CVE-2022-34282 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-054) | 2022-07-12 | 6.8 | CVE-2022-34289 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-052, FG-VD-22-056) | 2022-07-12 | 4.3 | CVE-2022-34287 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-050) | 2022-07-12 | 4.3 | CVE-2022-34285 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-048) | 2022-07-12 | 4.3 | CVE-2022-34283 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-043) | 2022-07-12 | 6.8 | CVE-2022-34278 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to execute code in the context of the current process. (FG-VD-22-044) | 2022-07-12 | 6.8 | CVE-2022-34279 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to execute code in the context of the current process. (FG-VD-22-045) | 2022-07-12 | 6.8 | CVE-2022-34280 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to execute code in the context of the current process. (FG-VD-22-046) | 2022-07-12 | 6.8 | CVE-2022-34281 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-049) | 2022-07-12 | 6.8 | CVE-2022-34284 CONFIRM |
| siemens — pads_viewer | A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-053) | 2022-07-12 | 4.3 | CVE-2022-34288 CONFIRM |
| siemens — simatic_easie_core_package | A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The underlying MQTT service of affected systems does not perform authentication in the default configuration. This could allow an unauthenticated remote attacker to send arbitrary messages to the service and thereby issue arbitrary requests in the affected system. | 2022-07-12 | 6.4 | CVE-2021-44222 CONFIRM |
| siemens — simatic_easie_core_package | A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The affected systems do not properly validate input that is sent to the underlying message passing framework. This could allow an remote attacker to trigger a denial of service of the affected system. | 2022-07-12 | 5 | CVE-2021-44221 CONFIRM |
| siemens — simatic_mv540_h_firmware | A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). Affected devices do not perform authentication for several web API endpoints. This could allow an unauthenticated remote attacker to read and download data from the device. | 2022-07-12 | 5 | CVE-2022-33138 CONFIRM |
| siemens — simatic_mv540_h_firmware | A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). The web session management of affected devices does not invalidate session ids in certain logout scenarios. This could allow an authenticated remote attacker to hijack other users’ sessions. | 2022-07-12 | 6 | CVE-2022-33137 CONFIRM |
| siemens — simcenter_femap | A vulnerability has been identified in Simcenter Femap (All versions < V2022.2). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17293) | 2022-07-12 | 6.8 | CVE-2022-34748 CONFIRM |
| simple-rat_project — simple-rat | The sergeKashkin/Simple-RAT repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31510 MISC MISC |
| sleep_learner_project — sleep_learner | The rainsoupah/sleep-learner repository through 2021-02-21 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31553 MISC |
| solar-system-simulator_project — solar-system-simulator | The jmcginty15/Solar-system-simulator repository through 2021-07-26 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31537 MISC |
| sphere_imagebackend_project — sphere_imagebackend | The varijkapil13/Sphere_ImageBackend repository through 2019-10-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31561 MISC |
| sphere_project — sphere | The noamezekiel/sphere repository through 2020-05-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31547 MISC |
| syrabond_project — syrabond | The yogson/syrabond repository through 2020-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31565 MISC |
| testplatform_project — testplatform | The zippies/testplatform repository through 2016-07-19 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31588 MISC |
| themeisle — wp_maintenance_mode_&_coming_soon | The WP Maintenance Mode & Coming Soon WordPress plugin before 2.4.5 is lacking CSRF when emptying the subscribed users list, which could allow attackers to make a logged in admin perform such action via a CSRF attack | 2022-07-11 | 4.3 | CVE-2022-1576 MISC |
| thunderatz — thunderdocs | The ThundeRatz/ThunderDocs repository through 2020-05-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31526 MISC |
| trainenergyserver_project — trainenergyserver | The rusyasoft/TrainEnergyServer repository through 2017-08-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31556 MISC |
| travel_blahg_project — travel_blahg | The dankolbman/travel_blahg repository through 2016-01-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31532 MISC |
| umbral_project — umbral | The decentraminds/umbral repository through 2020-01-15 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31533 MISC |
| videoserver_project — videoserver | The shaolo1/VideoServer repository through 2019-09-21 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31582 MISC |
| vim — vim | Use After Free in GitHub repository vim/vim prior to 9.0.0046. | 2022-07-08 | 6.8 | CVE-2022-2345 CONFIRM MISC |
| vim — vim | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. | 2022-07-08 | 6.8 | CVE-2022-2344 MISC CONFIRM |
| visser — woocommerce_-_product_importer | The WooCommerce – Product Importer WordPress plugin through 1.5.2 does not sanitise and escape the imported data before outputting it back in the page, leading to a Reflected Cross-Site Scripting | 2022-07-11 | 4.3 | CVE-2022-1546 MISC |
| vprj_project — vprj | The whmacmac/vprj repository through 2022-04-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31563 MISC |
| webswing — webswing | Webswing before 22.1.3 allows X-Forwarded-For header injection. The client IP address is associated with a variable in the configuration page. The {clientIp} variable can be used as an application startup argument. The X-Forwarded-For header can be manipulated by a client to store an arbitrary value that is used to replace the clientIp variable (without sanitization). A client can thus inject multiple arguments into the session startup. Systems that do not use the clientIP variable in the configuration are not vulnerable. The vulnerability is fixed in these versions: 20.1.16, 20.2.19, 21.1.8, 21.2.12, and 22.1.3. | 2022-07-08 | 6.8 | CVE-2022-34914 MISC MISC |
| windmill_project — windmill | The Lukasavicus/WindMill repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31519 MISC |
| withknown — known | An issue in the isSVG() function of Known v1.2.2+2020061101 allows attackers to execute arbitrary code via a crafted SVG file. | 2022-07-08 | 4.3 | CVE-2022-32115 MISC MISC MISC |
| withknown — known | Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR). | 2022-07-08 | 4 | CVE-2022-30852 MISC MISC MISC |
| wormnest_project — wormnest | The operatorequals/wormnest repository through 0.4.7 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31502 MISC MISC |
| wp-eventmanager — wp_event_manager | The WP Event Manager WordPress plugin before 3.1.28 does not sanitise and escape its search before outputting it back in an attribute on the event dashboard, leading to a Reflected Cross-Site Scripting | 2022-07-11 | 4.3 | CVE-2022-1474 MISC |
| wp_opt-in_project — wp_opt-in | The WP Opt-in WordPress plugin through 1.4.1 is vulnerable to CSRF which allows changed plugin settings and can be used for sending spam emails. | 2022-07-11 | 4.3 | CVE-2022-2123 MISC |
| xtomo — robo-tom | The meerstein/rbtm repository through 1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31544 MISC |
| ytdl-sync_project — ytdl-sync | The jaygarza1982/ytdl-sync repository through 2021-01-02 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 2022-07-11 | 6.4 | CVE-2022-31536 MISC |
Low Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| awin — awin_data_feed | The Awin Data Feed WordPress plugin through 1.6 does not sanitise and escape a header when processing request to generate analytics data, allowing unauthenticated users to perform Stored Cross-Site Scripting attacks against a logged in admin viewing the plugin’s settings | 2022-07-11 | 3.5 | CVE-2022-1938 MISC |
| bold-themes — bold_page_builder | The Bold Page Builder WordPress plugin before 4.3.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed. | 2022-07-11 | 3.5 | CVE-2022-2089 MISC |
| digitalguardian — digital_guardian | Digital Guardian Agent 7.7.4.0042 allows an administrator (who ordinarily does not have a supported way to uninstall the product) to disable some of the agent functionality and then exfiltrate files to an external USB device. | 2022-07-08 | 3.6 | CVE-2022-35412 MISC MISC |
| google — android | Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected by using WIFI_AP_STA_STATE_CHANGED action. | 2022-07-12 | 2.1 | CVE-2022-30752 MISC |
| google — android | Improper authorization vulnerability in Knoxguard prior to SMR Jul-2022 Release 1 allows local attacker to disable keyguard and bypass Knoxguard lock by factory reset. | 2022-07-12 | 2.1 | CVE-2022-33702 MISC |
| google — android | Improper access control vulnerability in KnoxCustomManagerService prior to SMR Jul-2022 Release 1 allows attacker to call PowerManaer.goToSleep method which is protected by system permission by sending braodcast intent. | 2022-07-12 | 2.1 | CVE-2022-33701 MISC |
| google — android | Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log. | 2022-07-12 | 2.1 | CVE-2022-33700 MISC |
| google — android | Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log. | 2022-07-12 | 2.1 | CVE-2022-33699 MISC |
| google — android | Exposure of Sensitive Information in Telecom application prior to SMR Jul-2022 Release 1 allows local attackers to access ICCID via log. | 2022-07-12 | 2.1 | CVE-2022-33698 MISC |
| google — android | Sensitive information exposure vulnerability in ImsServiceSwitchBase in ImsCore prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log. | 2022-07-12 | 2.1 | CVE-2022-33697 MISC |
| google — android | Exposure of Sensitive Information in Telephony service prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log. | 2022-07-12 | 2.1 | CVE-2022-33696 MISC |
| google — android | Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting. | 2022-07-12 | 2.1 | CVE-2022-33694 MISC |
| google — android | Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log. | 2022-07-12 | 2.1 | CVE-2022-33693 MISC |
| google — android | Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected by using WIFI_AP_STA_DHCPACK_EVENT action. | 2022-07-12 | 2.1 | CVE-2022-30751 MISC |
| google — android | Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log. | 2022-07-12 | 2.1 | CVE-2022-33692 MISC |
| google — android | Improper authorization in isemtelephony prior to SMR Jul-2022 Release 1 allows attacker to obtain CID without ACCESS_FINE_LOCATION permission. | 2022-07-12 | 2.1 | CVE-2022-30757 MISC |
| google — android | A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations. | 2022-07-12 | 1.9 | CVE-2022-33691 MISC |
| google — android | Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to access arbitrary file. | 2022-07-12 | 2.1 | CVE-2022-33690 MISC |
| google — android | Improper use of a unique device ID in unprotected SecSoterService prior to SMR Jul-2022 Release 1 allows local attackers to get the device ID without permission. | 2022-07-12 | 2.1 | CVE-2022-30753 MISC |
| google — android | Improper access control vulnerability in updateLastConnectedClientInfo function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected. | 2022-07-12 | 2.1 | CVE-2022-30750 MISC |
| google — android | Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to access some protected information with privilege of Finder. | 2022-07-12 | 2.1 | CVE-2022-30758 MISC |
| google — android | Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information. | 2022-07-12 | 2.1 | CVE-2022-33685 MISC |
| google — android | Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log. | 2022-07-12 | 2.1 | CVE-2022-33686 MISC |
| google — android | Exposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows local attackers to access IMSI via log. | 2022-07-12 | 2.1 | CVE-2022-33687 MISC |
| google — android | Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log. | 2022-07-12 | 2.1 | CVE-2022-33688 MISC |
| google — android | Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows attackers to change preferred network type by unprotected binder call. | 2022-07-12 | 2.1 | CVE-2022-33689 MISC |
| hotel_management_system_project — hotel_management_system | A vulnerability classified as problematic has been found in SourceCodester Hotel Management System 2.0. Affected is an unknown function of the file /ci_hms/massage_room/edit/1 of the component Room Edit Page. The manipulation of the argument massageroomDetails with the input “><script>alert(“XSS”)</script> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2022-07-12 | 3.5 | CVE-2022-2292 MISC MISC |
| hpe — flexnetwork_5130_ei_firmware | A potential security vulnerability has been identified in certain HPE FlexNetwork and FlexFabric switch products. The vulnerability could be remotely exploited to allow cross site scripting (XSS). HPE has made the following software updates to resolve the vulnerability. HPE FlexNetwork 5130EL_7.10.R3507P02 and HPE FlexFabric 5945_7.10.R6635. | 2022-07-08 | 3.5 | CVE-2022-28624 MISC |
| huawei — magic_ui | Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality. | 2022-07-12 | 3.3 | CVE-2021-40016 MISC |
| huawei — magic_ui | Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity. | 2022-07-12 | 3.3 | CVE-2021-40013 MISC |
| ibm — cics_tx | IBM CICS TX Standard and Advanced 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229430. | 2022-07-08 | 3.5 | CVE-2022-34166 CONFIRM XF CONFIRM |
| ibm — cics_tx | IBM CICS TX Standard and Advanced 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229432. | 2022-07-08 | 3.5 | CVE-2022-34167 CONFIRM XF CONFIRM |
| linuxfoundation — kubeedge | KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the Cloud Stream server and the Edge Stream server reads the entire message into memory without imposing a limit on the size of this message. An attacker can exploit this by sending a large message to exhaust memory and cause a DoS. The Cloud Stream server and the Edge Stream server are under DoS attack in this case. The consequence of the exhaustion is that the CloudCore and EdgeCore will be in a denial of service. Only an authenticated user can cause this issue. It will be affected only when users enable `cloudStream` module in the config file `cloudcore.yaml` and enable `edgeStream` module in the config file `edgecore.yaml`. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. As a workaround, disable cloudStream module in the config file `cloudcore.yaml` and disable edgeStream module in the config file `edgecore.yaml`. | 2022-07-11 | 3.5 | CVE-2022-31079 CONFIRM |
| linuxfoundation — kubeedge | KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the CloudCore Router does not impose a limit on the size of responses to requests made by the REST handler. An attacker could use this weakness to make a request that will return an HTTP response with a large body and cause DoS of CloudCore. In the HTTP Handler API, the rest handler makes a request to a pre-specified handle. The handle will return an HTTP response that is then read into memory. The consequence of the exhaustion is that CloudCore will be in a denial of service. Only an authenticated user of the cloud can make an attack. It will be affected only when users enable `router` module in the config file `cloudcore.yaml`. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. As a workaround, disable the router switch in the config file `cloudcore.yaml`. | 2022-07-11 | 3.5 | CVE-2022-31078 CONFIRM |
| linuxfoundation — kubeedge | KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, EdgeCore may be susceptible to a DoS attack on CloudHub if an attacker was to send a well-crafted HTTP request to `/edge.crt`. If an attacker can send a well-crafted HTTP request to CloudHub, and that request has a very large body, that request can crash the HTTP service through a memory exhaustion vector. The request body is being read into memory, and a body that is larger than the available memory can lead to a successful attack. Because the request would have to make it through authorization, only authorized users may perform this attack. The consequence of the exhaustion is that CloudHub will be in denial of service. KubeEdge is affected only when users enable the CloudHub module in the file `cloudcore.yaml`. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. As a workaround, disable the CloudHub switch in the config file `cloudcore.yaml`. | 2022-07-11 | 3.5 | CVE-2022-31075 CONFIRM |
| maxfoundry — wp-paginate | The WP-Paginate WordPress plugin before 2.1.9 does not escape one of its settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when unfiltered_html is disallowed | 2022-07-11 | 3.5 | CVE-2022-2050 MISC |
| microsoft — windows_10 | Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22041, CVE-2022-30206, CVE-2022-30226. | 2022-07-12 | 3.6 | CVE-2022-22022 MISC |
| ninjateam — wp_duplicate_page | The WP Duplicate Page WordPress plugin before 1.3 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed. | 2022-07-11 | 3.5 | CVE-2022-2093 MISC |
| pagebar_project — pagebar | The Pagebar WordPress plugin through 2.65 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of sanitisation in some of them, it could also lead to Stored XSS issues | 2022-07-11 | 3.5 | CVE-2022-1757 MISC |
| samsung — samsung_gallery | Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical attackers to access the pictures using S Pen air gesture. | 2022-07-12 | 2.1 | CVE-2022-33706 MISC |
| sharebar_project — sharebar | The Sharebar WordPress plugin through 1.4.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and also lead to Stored Cross-Site Scripting issue due to the lack of sanitisation and escaping in some of them | 2022-07-11 | 3.5 | CVE-2022-1626 MISC |
| simple_parking_management_system_project — simple_parking_management_system | A vulnerability, which was classified as problematic, has been found in SourceCodester Simple Parking Management System 1.0. Affected by this issue is some unknown functionality of the file /ci_spms/admin/search/searching/. The manipulation of the argument search with the input “><script>alert(“XSS”)</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-12 | 3.5 | CVE-2022-2363 MISC MISC |
| simple_parking_management_system_project — simple_parking_management_system | A vulnerability, which was classified as problematic, was found in SourceCodester Simple Parking Management System 1.0. This affects an unknown part of the file /ci_spms/admin/category. The manipulation of the argument vehicle_type with the input “><script>alert(“XSS”)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2022-07-12 | 3.5 | CVE-2022-2364 MISC MISC |
| simple_sales_management_system_project — simple_sales_management_system | A vulnerability classified as problematic was found in SourceCodester Simple Sales Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ci_ssms/index.php/orders/create. The manipulation of the argument customer_name with the input <script>alert(“XSS”)</script> leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-12 | 3.5 | CVE-2022-2293 MISC MISC |
| sygnoos — popup_builder | The Popup Builder WordPress plugin before 4.1.11 does not escape and sanitize some settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when the unfiltred_html is disallowed | 2022-07-11 | 3.5 | CVE-2022-1894 MISC |
| synology — calendar | Improper neutralization of input during web page generation (‘Cross-site Scripting’) vulnerability in Event Management in Synology Calendar before 2.4.5-10930 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 2022-07-12 | 3.5 | CVE-2022-22682 CONFIRM |
| trilium_project — trilium | Cross-site Scripting (XSS) – Stored in GitHub repository zadam/trilium prior to 0.53.3. | 2022-07-10 | 3.5 | CVE-2022-2365 MISC CONFIRM |
| vmware — vrealize_log_insight | VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations. | 2022-07-12 | 3.5 | CVE-2022-31654 MISC |
| vmware — vrealize_log_insight | VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts. | 2022-07-12 | 3.5 | CVE-2022-31655 MISC |
| withknown — known | A cross-site scripting (XSS) vulnerability in Known v1.2.2+2020061101 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text field. | 2022-07-08 | 3.5 | CVE-2022-31290 MISC MISC MISC MISC |
Severity Not Yet Assigned
adobe — acrobat_reader
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34219 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34230 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Resource Using Incompatible Type (‘Type Confusion’) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34221 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34222 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34223 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34225 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34220 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34228 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34229 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34226 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34215 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34233 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34216 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34234 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34236 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.. | 2022-07-15 | not yet calculated | CVE-2022-34237 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34239 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34217 MISC |
| adobe — acrobat_reader | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34232 MISC |
| adobe — character_animator | Adobe Character Animator version 4.4.7 (and earlier) and 22.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34241 MISC |
| adobe — character_animator | Adobe Character Animator version 4.4.7 (and earlier) and 22.4 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34242 MISC |
| adobe — incopy | Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34252 MISC |
| adobe — incopy | Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34249 MISC |
| adobe — incopy | Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34250 MISC |
| adobe — incopy | Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34251 MISC |
| adobe — indesign | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34247 MISC |
| adobe — indesign | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34245 MISC |
| adobe — indesign | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34248 MISC |
| adobe — indesign | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34246 MISC |
| adobe — photoshop | Adobe Photoshop versions 22.5.7 (and earlier) and 23.3.2 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34244 MISC |
| adobe — photoshop | Adobe Photoshop versions 22.5.7 (and earlier) and 23.3.2 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2022-07-15 | not yet calculated | CVE-2022-34243 MISC |
| adobe — robohelp |
Adobe RoboHelp versions 2020.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser. | 2022-07-15 | not yet calculated | CVE-2022-23201 MISC |
| amazon_eks — aws-iam-authenticator |
A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges. | 2022-07-12 | not yet calculated | CVE-2022-2385 MISC MISC |
| amd — branch_predictor |
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. | 2022-07-14 | not yet calculated | CVE-2022-23825 MISC FEDORA FEDORA DEBIAN FEDORA |
| amd — microprocessor_families |
AMD microprocessor families 15h to 18h are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions. | 2022-07-12 | not yet calculated | CVE-2022-29900 CONFIRM MLIST CONFIRM MLIST MLIST MLIST FEDORA FEDORA DEBIAN FEDORA |
| amd — system_management_interface |
A malformed SMI (System Management Interface) command may allow an attacker to establish a corrupted SMI Trigger Info data structure, potentially leading to out-of-bounds memory reads and writes when triggering an SMI resulting in a potential loss of resources. | 2022-07-14 | not yet calculated | CVE-2021-26384 MISC |
| amd — audio_co-processor_firmware | An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor (ACP,) irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting in a denial of service. | 2022-07-14 | not yet calculated | CVE-2021-26382 MISC |
| apache — hive |
Apache Hive before 3.1.3 “CREATE” and “DROP” function operations does not check for necessary authorization of involved entities in the query. It was found that an unauthorized user can manipulate an existing UDF without having the privileges to do so. This allowed unauthorized or underprivileged users to drop and recreate UDFs pointing them to new jars that could be potentially malicious. | 2022-07-16 | not yet calculated | CVE-2021-34538 CONFIRM |
| apache — tapestry |
Apache Tapestry up to version 5.8.1 is vulnerable to Regular Expression Denial of Service (ReDoS) in the way it handles Content Types. Specially crafted Content Types may cause catastrophic backtracking, taking exponential time to complete. Specifically, this is about the regular expression used on the parameter of the org.apache.tapestry5.http.ContentType class. Apache Tapestry 5.8.2 has a fix for this vulnerability. Notice the vulnerability cannot be triggered by web requests in Tapestry code alone. It would only happen if there’s some non-Tapestry codepath passing some outside input to the ContentType class constructor. | 2022-07-13 | not yet calculated | CVE-2022-31781 MISC |
| argo_project — argo_cd | All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level. | 2022-07-12 | not yet calculated | CVE-2022-1025 MISC |
| argo_project — argo_cd |
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with 2.3.0 and prior to 2.3.6 and 2.4.5 is vulnerable to a cross-site scripting (XSS) bug which could allow an attacker to inject arbitrary JavaScript in the `/auth/callback` page in a victim’s browser. This vulnerability only affects Argo CD instances which have single sign on (SSO) enabled. The exploit also assumes the attacker has 1) access to the API server’s encryption key, 2) a method to add a cookie to the victim’s browser, and 3) the ability to convince the victim to visit a malicious `/auth/callback` link. The vulnerability is classified as low severity because access to the API server’s encryption key already grants a high level of access. Exploiting the XSS would allow the attacker to impersonate the victim, but would not grant any privileges which the attacker could not otherwise gain using the encryption key. A patch for this vulnerability has been released in the following Argo CD versions 2.4.5 and 2.3.6. There is currently no known workaround. | 2022-07-12 | not yet calculated | CVE-2022-31102 CONFIRM MISC MISC |
| argo_project — argo_cd |
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.4.0 and prior to 2.2.11, 2.3.6, and 2.4.5 is vulnerable to an improper certificate validation bug which could cause Argo CD to trust a malicious (or otherwise untrustworthy) OpenID Connect (OIDC) provider. A patch for this vulnerability has been released in Argo CD versions 2.4.5, 2.3.6, and 2.2.11. There are no complete workarounds, but a partial workaround is available. Those who use an external OIDC provider (not the bundled Dex instance), can mitigate the issue by setting the `oidc.config.rootCA` field in the `argocd-cm` ConfigMap. This mitigation only forces certificate validation when the API server handles login flows. It does not force certificate verification when verifying tokens on API calls. | 2022-07-12 | not yet calculated | CVE-2022-31105 CONFIRM MISC MISC |
| arox — arox_school_erp_pro | Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the dispatchcategory parameter in backoffice.inc.php. | 2022-07-15 | not yet calculated | CVE-2022-32118 MISC MISC |
| arox — arox_school_erp_pro | Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1finance_master.inc.php. | 2022-07-15 | not yet calculated | CVE-2022-32119 MISC MISC MISC |
|
atlassian — jira |
The Transition Scheduler add-on 6.5.0 for Atlassian Jira is prone to stored XSS via the project name to the creation function. | 2022-07-13 | not yet calculated | CVE-2022-32274 MISC MISC |
| autotrace — autotrace | AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660. | 2022-07-14 | not yet calculated | CVE-2022-32323 MISC |
| aws — aws_sdk_for_java |
The AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the `downloadDirectory` method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK control the `destinationDirectory` argument, but S3 object keys are determined by the application that uploaded the objects. The `downloadDirectory` method allows the caller to pass a filesystem object in the object key but contained an issue in the validation logic for the key name. A knowledgeable actor could bypass the validation logic by including a UNIX double-dot in the bucket key. Under certain conditions, this could permit them to retrieve a directory from their S3 bucket that is one level up in the filesystem from their working directory. This issue’s scope is limited to directories whose name prefix matches the destinationDirectory. E.g. for destination directory`/tmp/foo`, the actor can cause a download to `/tmp/foo-bar`, but not `/tmp/bar`. If `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory` is used to download an untrusted buckets contents, the contents of that bucket can be written outside of the intended destination directory. Version 1.12.261 contains a patch for this issue. As a workaround, when calling `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory`, pass a `KeyFilter` that forbids `S3ObjectSummary` objects that `getKey` method return a string containing the substring `..` . | 2022-07-15 | not yet calculated | CVE-2022-31159 CONFIRM |
| aws –aws_credentials |
Implemented protections on AWS credentials that were not properly protected. | 2022-07-12 | not yet calculated | CVE-2022-22998 MISC |
| bentley — bentley_microstation | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a DGN file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of DGN files could enable an attacker to read information in the context of the current process. | 2022-07-15 | not yet calculated | CVE-2022-35906 MISC |
| bentley — bentley_microstation | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a JP2 file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of JP2 files could enable an attacker to read information in the context of the current process. | 2022-07-15 | not yet calculated | CVE-2022-35900 MISC |
| bentley — bentley_microstation | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an OBJ file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of OBJ files could enable an attacker to read information in the context of the current process. | 2022-07-15 | not yet calculated | CVE-2022-35902 MISC |
| bentley — bentley_microstation | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a 3DS file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of 3DS files could enable an attacker to read information in the context of the current process. | 2022-07-15 | not yet calculated | CVE-2022-35903 MISC |
| bentley — bentley_microstation | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an FBX file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of FBX files could enable an attacker to read information in the context of the current process. | 2022-07-15 | not yet calculated | CVE-2022-35905 MISC |
| bentley — bentley_microstation | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an IFC file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of IFC files could enable an attacker to read information in the context of the current process. | 2022-07-15 | not yet calculated | CVE-2022-35904 MISC |
| bentley — bentley_microstation | An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a J2K file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of J2K files could enable an attacker to read information in the context of the current process. | 2022-07-15 | not yet calculated | CVE-2022-35901 MISC |
| best_practical_solutions — best_practical_request_tracker |
Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment. | 2022-07-14 | not yet calculated | CVE-2022-25802 MISC CONFIRM CONFIRM |
| best_practical_solutions — best_practical_request_tracker |
Best Practical Request Tracker (RT) before 5.0.3 has an Open Redirect via a ticket search. | 2022-07-14 | not yet calculated | CVE-2022-25803 MISC CONFIRM |
| best_practical_solutions — best_practical_rt_for_incident_response |
Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via Scripted Action tools. | 2022-07-14 | not yet calculated | CVE-2022-25801 MISC CONFIRM CONFIRM |
| best_practical_solutions — best_practical_rt_for_incident_response |
Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via the whois lookup tool. | 2022-07-14 | not yet calculated | CVE-2022-25800 MISC CONFIRM CONFIRM |
| codecov — codecov |
This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method. | 2022-07-13 | not yet calculated | CVE-2019-10800 MISC MISC |
| codesys — codesys |
In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected. | 2022-07-11 | not yet calculated | CVE-2022-30791 CONFIRM |
| codesys — codesys |
In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected. | 2022-07-11 | not yet calculated | CVE-2022-30792 CONFIRM |
| couchbase — couchbase_server | An algorithm-downgrade issue was discovered in Couchbase Server before 7.0.4. Analytics Remote Links may temporarily downgrade to non-TLS connection to determine the TLS port number, using SCRAM-SHA instead. | 2022-07-12 | not yet calculated | CVE-2022-33173 MISC MISC MISC |
| couchbase — couchbase_server | In Couchbase Server 7.1.x before 7.1.1, an encrypted Private Key passphrase may be leaked in the logs. | 2022-07-15 | not yet calculated | CVE-2022-34826 MISC |
| couchbase — couchbase_server | An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in logged validation messages for Analytics Service. An Unauthorized Actor may be able to obtain Sensitive Information. | 2022-07-12 | not yet calculated | CVE-2022-33911 MISC MISC MISC |
| debian — mat2 | mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows ../ directory traversal during the ZIP archive cleaning process. This primarily affects mat2 web instances, in which clients could obtain sensitive information via a crafted archive. | 2022-07-08 | not yet calculated | CVE-2022-35410 MISC MISC MISC DEBIAN |
| dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. | 2022-07-11 | not yet calculated | CVE-2020-35166 CONFIRM |
| dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. | 2022-07-11 | not yet calculated | CVE-2020-35168 CONFIRM |
| dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Improper Input Validation Vulnerability. | 2022-07-11 | not yet calculated | CVE-2020-35169 CONFIRM |
| dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. | 2022-07-11 | not yet calculated | CVE-2020-35167 CONFIRM |
| dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use of Insufficiently Random Values Vulnerability. | 2022-07-11 | not yet calculated | CVE-2020-35163 CONFIRM |
| dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. | 2022-07-11 | not yet calculated | CVE-2020-35164 CONFIRM |
| dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Improper Input Validation Vulnerability. | 2022-07-11 | not yet calculated | CVE-2020-29508 CONFIRM |
| dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability. | 2022-07-11 | not yet calculated | CVE-2020-29507 CONFIRM |
| dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Key Management Error Vulnerability. | 2022-07-11 | not yet calculated | CVE-2020-29505 CONFIRM |
| dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability. | 2022-07-11 | not yet calculated | CVE-2020-29506 CONFIRM |
| druva — druva |
An issue was discovered in Druva 6.9.0 for MacOS, allows attackers to gain escalated local privileges via the inSyncDecommission. | 2022-07-12 | not yet calculated | CVE-2021-36666 MISC MISC MISC |
| druva — druva |
An issue was discovered in Druva 6.9.0 for macOS, allows attackers to gain escalated local privileges via the inSyncUpgradeDaemon. | 2022-07-12 | not yet calculated | CVE-2021-36665 MISC MISC MISC |
| druva — druva_insync | URL injection in Druva inSync 6.9.0 for MacOS, allows attackers to force a visit to an arbitrary url via the port parameter to the Electron App. | 2022-07-12 | not yet calculated | CVE-2021-36668 MISC MISC MISC |
| druva — druva_insync |
Command injection vulnerability in Druva inSync 6.9.0 for MacOS, allows attackers to execute arbitrary commands via crafted payload to the local HTTP server due to un-sanitized call to the python os.system library. | 2022-07-12 | not yet calculated | CVE-2021-36667 MISC MISC MISC |
| egt-kommunikationstechnik_ug — mediacenter |
EGT-Kommunikationstechnik UG Mediacenter before v2.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Online_Update.php. | 2022-07-12 | not yet calculated | CVE-2022-31904 MISC MISC MISC |
| eip_stack_group — opener | EIPStackGroup OpENer v2.3.0 was discovered to contain a stack overflow via /bin/posix/src/ports/POSIX/OpENer+0x56073d. | 2022-07-15 | not yet calculated | CVE-2022-32434 MISC MISC |
| fast_food_ordering_system — fast_food_ordering_system | Fast Food Ordering System v1.0 was discovered to contain a persistent cross-site scripting (XSS) vulnerability via the component /ffos/classes/Master.php?f=save_category. | 2022-07-14 | not yet calculated | CVE-2022-32318 MISC |
| fastify — fastify |
@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750, the bearer token has only base64 valid characters, reducing the range of characters for a brute force attack. Version 7.0.2 and 8.0.1 of @fastify/bearer-auth contain a patch. There are currently no known workarounds. The package fastify-bearer-auth, which covers versions 6.0.3 and prior, is also vulnerable starting at version 5.0.1. Users of fastify-bearer-auth should upgrade to a patched version of @fastify/bearer-auth. | 2022-07-14 | not yet calculated | CVE-2022-31142 MISC MISC CONFIRM MISC MISC |
| flyte — flyte |
FlyteAdmin is the control plane for Flyte responsible for managing entities and administering workflow executions. In versions 1.1.30 and prior, authenticated users using an external identity provider can continue to use Access Tokens and ID Tokens even after they expire. Users who use FlyteAdmin as the OAuth2 Authorization Server are unaffected by this issue. A patch is available on the `master` branch of the repository. As a workaround, rotating signing keys immediately will invalidate all open sessions and force all users to attempt to obtain new tokens. Those who use this workaround should continue to rotate keys until FlyteAdmin has been upgraded and hide FlyteAdmin deployment ingress URL from the internet. | 2022-07-13 | not yet calculated | CVE-2022-31145 MISC CONFIRM MISC |
| git — git |
Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks. | 2022-07-12 | not yet calculated | CVE-2022-29187 MISC MISC CONFIRM MLIST |
| git — git |
Git for Windows is a fork of Git that contains Windows-specific patches. This vulnerability in versions prior to 2.37.1 lets Git for Windows’ installer execute a binary into `C:mingw64bingit.exe` by mistake. This only happens upon a fresh install, not when upgrading Git for Windows. A patch is included in version 2.37.1. Two workarounds are available. Create the `C:mingw64` folder and remove read/write access from this folder, or disallow arbitrary authenticated users to create folders in `C:`. | 2022-07-12 | not yet calculated | CVE-2022-31012 MISC CONFIRM |
| golang — go | Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 – 1 bytes. | 2022-07-15 | not yet calculated | CVE-2022-30634 MISC MISC MISC MISC |
| gollum — gollum |
Cross site scripting (XSS) in gollum 5.0 to 5.1.2 via the filename parameter to the ‘New Page’ dialog. | 2022-07-15 | not yet calculated | CVE-2020-35305 MISC MISC MISC MISC |
| google — android |
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-223578534 | 2022-07-13 | not yet calculated | CVE-2022-20223 MISC |
| google — android |
A drm driver have oob problem, could cause the system crash or EOPProduct: AndroidVersions: Android SoCAndroid ID: A-233124709 | 2022-07-13 | not yet calculated | CVE-2022-20236 MISC |
| google — android |
In Car Settings app, the NotificationAccessConfirmationActivity is exported. In NotificationAccessConfirmationActivity, it gets both ‘mComponentName’ and ‘pkgTitle’ from user.An unprivileged app can use a malicous mComponentName with a benign pkgTitle (e.g. Settings app) to make users enable notification access permission for the malicious app. That is, users believe they enable the notification access permission for the Settings app, but actually they enable the notification access permission for the malicious app.Once the malicious app gets the notification access permission, it can read all notifications, including users’ personal information.Product: AndroidVersions: Android-12LAndroid ID: A-225189301 | 2022-07-13 | not yet calculated | CVE-2022-20234 MISC |
| google — android |
In choosePrivateKeyAlias of KeyChain.java, there is a possible access to the user’s certificate due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221859869 | 2022-07-13 | not yet calculated | CVE-2022-20230 MISC |
| google — android |
In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224536184 | 2022-07-13 | not yet calculated | CVE-2022-20229 MISC |
| google — android |
In various functions of C2DmaBufAllocator.cpp, there is a possible memory corruption due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-213850092 | 2022-07-13 | not yet calculated | CVE-2022-20228 MISC |
| google — android |
In USB driver, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216825460References: Upstream kernel | 2022-07-13 | not yet calculated | CVE-2022-20227 MISC |
| google — android |
In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-213644870 | 2022-07-13 | not yet calculated | CVE-2022-20226 MISC |
| google — android |
In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220732646 | 2022-07-13 | not yet calculated | CVE-2022-20224 MISC |
| google — android |
In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-219015884 | 2022-07-13 | not yet calculated | CVE-2022-20220 MISC |
| google — android |
In avrc_ctrl_pars_vendor_cmd of avrc_pars_ct.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-205571133 | 2022-07-13 | not yet calculated | CVE-2022-20221 MISC |
| google — android |
In read_attr_value of gatt_db.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-228078096 | 2022-07-13 | not yet calculated | CVE-2022-20222 MISC |
| google — android |
In multiple functions of StorageManagerService.java and UserManagerService.java, there is a possible way to leave user’s directories unencrypted due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224585613 | 2022-07-13 | not yet calculated | CVE-2022-20219 MISC |
| google — android |
In PermissionController, there is a possible way to get and retain permissions without user’s consent due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-223907044 | 2022-07-13 | not yet calculated | CVE-2022-20218 MISC |
| google — android |
There is a unauthorized broadcast in the SprdContactsProvider. A third-party app could use this issue to delete Fdn contact.Product: AndroidVersions: Android SoCAndroid ID: A-232441378 | 2022-07-13 | not yet calculated | CVE-2022-20217 MISC |
| google — android |
android exported is used to set third-party app access permissions, and the default value of intent-filter is true. com.sprd.firewall has set exported as true.Product: AndroidVersions: Android SoCAndroid ID: A-231911916 | 2022-07-13 | not yet calculated | CVE-2022-20216 MISC |
| google — android |
In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-182282630 | 2022-07-13 | not yet calculated | CVE-2022-20212 MISC |
| google — android |
‘remap_pfn_range’ here may map out of size kernel memory (for example, may map the kernel area), and because the ‘vma->vm_page_prot’ can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID: A-233154555 | 2022-07-13 | not yet calculated | CVE-2022-20238 MISC |
| google — android |
In getSubscriptionProperty of SubscriptionController.java, there is a possible read of a sensitive identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-213457638 | 2022-07-13 | not yet calculated | CVE-2022-20225 MISC |
| gradle — gradle |
Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This can occur in two ways. When signature verification is disabled but the verification metadata contains entries for dependencies that only have a `gpg` element but no `checksum` element. When signature verification is enabled, the verification metadata contains entries for dependencies with a `gpg` element but there is no signature file on the remote repository. In both cases, the verification will accept the dependency, skipping signature verification and not complaining that the dependency has no checksum entry. For builds that are vulnerable, there are two risks. Gradle could download a malicious binary from a repository outside your organization due to name squatting. For those still using HTTP only and not HTTPS for downloading dependencies, the build could download a malicious library instead of the expected one. Gradle 7.5 patches this issue by making sure to run checksum verification if signature verification cannot be completed, whatever the reason. Two workarounds are available: Remove all `gpg` elements from dependency verification metadata if you disable signature validation and/or avoid adding `gpg` entries for dependencies that do not have signature files. | 2022-07-14 | not yet calculated | CVE-2022-31156 MISC CONFIRM |
| grafana — grafana |
Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user’s external user id is not already associated with an account in Grafana, the malicious user’s email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user’s Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address. | 2022-07-15 | not yet calculated | CVE-2022-31107 MISC MISC CONFIRM MISC |
| grafana — grafana |
Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting. | 2022-07-15 | not yet calculated | CVE-2022-31097 MISC CONFIRM MISC MISC |
| gtkradiant — gtkradiant |
GtkRadiant v1.6.6 was discovered to contain a buffer overflow via the component q3map2. This vulnerability can cause a Denial of Service (DoS) via a crafted MAP file. | 2022-07-14 | not yet calculated | CVE-2022-32406 MISC |
| honeywell — honeywell_alerton_ascent_control_module | Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller configuration without the knowledge of other users, altering the controller’s function capabilities. The changed configuration is not updated in the User Interface, which creates an inconsistency between the configuration display and the actual configuration on the controller. After the configuration change, remediation requires reverting to the correct configuration, requiring either physical or remote access depending on the configuration that was altered. | 2022-07-15 | not yet calculated | CVE-2022-30242 MISC MISC MISC |
| honeywell — honeywell_alerton_ascent_control_module | Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be store on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller’s function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function. | 2022-07-15 | not yet calculated | CVE-2022-30244 MISC MISC MISC |
| honeywell — honeywell_alerton_compass_software | Honeywell Alerton Compass Software 1.6.5 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller configuration without the knowledge of other users, altering the controller’s function capabilities. The changed configuration is not updated in the User Interface, which creates an inconsistency between the configuration display and the actual configuration on the controller. After the configuration change, remediation requires reverting to the correct configuration, requiring either physical or remote access depending on the configuration that was altered. | 2022-07-15 | not yet calculated | CVE-2022-30245 MISC MISC MISC |
| honeywell — honeywell_alerton_visual_logic | Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be stored on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller’s function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function. | 2022-07-15 | not yet calculated | CVE-2022-30243 MISC MISC MISC |
| huawei — emui/magic_ui | The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality. | 2022-07-12 | not yet calculated | CVE-2022-34737 MISC MISC |
| huawei — emui/magic_ui | The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability. | 2022-07-12 | not yet calculated | CVE-2022-34736 MISC MISC |
| huawei — emui/magic_ui | The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability. | 2022-07-12 | not yet calculated | CVE-2022-34735 MISC MISC |
| huawei — harmony_os | The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity. | 2022-07-12 | not yet calculated | CVE-2021-46741 MISC MISC |
| huawei — harmonyos | The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background. | 2022-07-12 | not yet calculated | CVE-2022-34738 MISC MISC |
| huawei — harmonyos | The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings. | 2022-07-12 | not yet calculated | CVE-2022-34739 MISC MISC |
| huawei — harmonyos | The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation. | 2022-07-12 | not yet calculated | CVE-2022-34740 MISC MISC |
| huawei — harmonyos | The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation. | 2022-07-12 | not yet calculated | CVE-2022-34741 MISC MISC |
| huawei — harmonyos | The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | 2022-07-12 | not yet calculated | CVE-2022-34742 MISC MISC |
| huawei — harmonyos | The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability. | 2022-07-12 | not yet calculated | CVE-2022-34743 MISC MISC |
| ibm — digital_certificate_manager | IBM i 7.2, 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 230516. | 2022-07-13 | not yet calculated | CVE-2022-34358 CONFIRM XF |
| ibm — engineering_lifecycle_optimization_publishing | IBM Engineering Lifecycle Optimization – Publishing 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213655. | 2022-07-14 | not yet calculated | CVE-2021-39015 CONFIRM XF |
| ibm — engineering_lifecycle_optimization_publishing | IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the software to transmit more traffic than should be allowed for that actor. IBM X-Force ID: 213722. | 2022-07-14 | not yet calculated | CVE-2021-39016 XF CONFIRM |
| ibm — engineering_lifecycle_optimization_publishing | IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 213725. | 2022-07-14 | not yet calculated | CVE-2021-39017 CONFIRM XF |
| ibm — engineering_lifecycle_optimization_publishing | IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose sensitive information in a SQL error message that could aid in further attacks against the system. IBM X-Force ID: 213726. | 2022-07-14 | not yet calculated | CVE-2021-39018 CONFIRM XF |
| ibm — engineering_lifecycle_optimization_publishing | IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose highly sensitive information through an HTTP GET request to an authenticated user. IBM X-Force ID: 213728. | 2022-07-14 | not yet calculated | CVE-2021-39019 CONFIRM XF |
| ibm — engineering_lifecycle_optimization_publishing | IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 213866. | 2022-07-14 | not yet calculated | CVE-2021-39028 XF CONFIRM |
| ibm — security_verify_access |
IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 221194. | 2022-07-08 | not yet calculated | CVE-2022-22370 CONFIRM XF |
|
ibm — security_verify_identify_manager |
IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security in an HTTP request. IBM X-Force ID: 224916. | 2022-07-14 | not yet calculated | CVE-2022-22450 CONFIRM XF |
| ibm — security_verify_identify_manager
|
IBM Security Verify Identity Manager 10.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 224919. | 2022-07-14 | not yet calculated | CVE-2022-22453 XF CONFIRM |
| ibm — security_verify_identify_manager
|
IBM Security Verify Identity Manager 10.0 contains sensitive information in the source code repository that could be used in further attacks against the system. IBM X-Force ID: 225013. | 2022-07-14 | not yet calculated | CVE-2022-22460 XF CONFIRM |
| ibm — security_verify_identify_manager |
IBM Security Verify Identity Manager 10.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 224918. | 2022-07-14 | not yet calculated | CVE-2022-22452 CONFIRM XF |
| ibm — security_verify_information_queue | IBM Security Verify Information Queue 10.0.2 could allow an authenticated user to cause a denial of service with a specially crafted HTTP request. | 2022-07-14 | not yet calculated | CVE-2022-35283 XF CONFIRM |
| ibm — siteprotector_appliance |
IBM SiteProtector Appliance 3.1.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174142. | 2022-07-11 | not yet calculated | CVE-2020-4150 XF CONFIRM |
| ibm — siteprotector_appliance |
IBM SiteProtector Appliance 3.1.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174049. | 2022-07-11 | not yet calculated | CVE-2020-4138 XF CONFIRM |
| ibm — websphere_application_server |
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console data. This information could be used in further attacks against the system. IBM X-Force ID: 225347. | 2022-07-14 | not yet calculated | CVE-2022-22473 XF CONFIRM |
| ibm — websphere_application_server |
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 225605. | 2022-07-14 | not yet calculated | CVE-2022-22477 CONFIRM XF |
| inductive_automation — inductive_automation_ignition | An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. Designer and Vision Client Session IDs are mishandled. An attacker can determine which session IDs were generated in the past and then hijack sessions assigned to these IDs via Randy. | 2022-07-15 | not yet calculated | CVE-2022-35890 MISC MISC |
| inductive_automation — inductive_automation_ignition | An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. The ScriptInvoke function allows remote attackers to execute arbitrary code by supplying a Python script. | 2022-07-16 | not yet calculated | CVE-2022-36126 MISC MISC MISC |
| intel — intel_microprocessor |
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions. | 2022-07-12 | not yet calculated | CVE-2022-29901 MLIST CONFIRM CONFIRM MLIST MLIST MLIST FEDORA FEDORA |
| isode — swift |
Isode SWIFT v4.0.2 was discovered to contain hard-coded credentials in the Registry Editor. This allows attackers to access sensitive information such as user credentials and certificates. | 2022-07-14 | not yet calculated | CVE-2022-32389 MISC MISC MISC |
| itechscripts — auction_script |
A vulnerability was found in Itech Auction Script 6.49. It has been classified as critical. This affects an unknown part of the file /mcategory.php. The manipulation of the argument mcid with the input 4′ AND 1734=1734 AND ‘Ggks’=’Ggks leads to sql injection (Blind). It is possible to initiate the attack remotely. | 2022-07-16 | not yet calculated | CVE-2017-20138 MISC |
| itechscripts — b2b_script |
A vulnerability was found in Itech B2B Script 4.28. It has been rated as critical. This issue affects some unknown processing of the file /catcompany.php. The manipulation of the argument token with the input 704667c6a1e7ce56d3d6fa748ab6d9af3fd7′ AND 6539=6539 AND ‘Fakj’=’Fakj leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-07-16 | not yet calculated | CVE-2017-20137 MISC MISC |
| itechscripts — classifieds_script |
A vulnerability classified as critical has been found in Itech Classifieds Script 7.27. Affected is an unknown function of the file /subpage.php. The manipulation of the argument scat with the input =51′ AND 4941=4941 AND ‘hoCP’=’hoCP leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2022-07-16 | not yet calculated | CVE-2017-20136 MISC MISC |
| itechscripts — dating_script |
A vulnerability classified as critical was found in Itech Dating Script 3.26. Affected by this vulnerability is an unknown functionality of the file /see_more_details.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-16 | not yet calculated | CVE-2017-20135 MISC MISC |
| itechscripts — freelancer_script |
A vulnerability, which was classified as critical, has been found in Itech Freelancer Script 5.13. Affected by this issue is some unknown functionality of the file /category.php. The manipulation of the argument sk leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-16 | not yet calculated | CVE-2017-20134 MISC MISC |
| itechscripts — job_portal_script |
A vulnerability, which was classified as critical, was found in Itech Job Portal Script 9.13. This affects an unknown part of the file /admin. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. | 2022-07-16 | not yet calculated | CVE-2017-20133 MISC |
| itechscripts — multi_vendor_script |
A vulnerability was found in Itech Multi Vendor Script 6.49 and classified as critical. This issue affects some unknown processing of the file /multi-vendor-shopping-script/product-list.php. The manipulation of the argument pl leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2022-07-16 | not yet calculated | CVE-2017-20132 MISC MISC |
| itechscripts — news_portal |
A vulnerability was found in Itech News Portal 6.28. It has been classified as critical. Affected is an unknown function of the file /news-portal-script/information.php. The manipulation of the argument inf leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2022-07-16 | not yet calculated | CVE-2017-20131 MISC MISC |
| itechscripts — real_estate_script |
A vulnerability was found in Itech Real Estate Script 3.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /real-estate-script/search_property.php. The manipulation of the argument property_for leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-16 | not yet calculated | CVE-2017-20130 MISC MISC |
| jerryscript — jerryscript | Jerryscript v2.4.0 was discovered to contain a stack buffer overflow via the function jerryx_print_unhandled_exception in /util/print.c. | 2022-07-13 | not yet calculated | CVE-2022-32117 MISC |
| joomla — joomlatools_docman | In Joomla component ‘Joomlatools – DOCman 3.5.13 (and likely most versions below)’ are affected to an reflected Cross-Site Scripting (XSS) in an image upload function | 2022-07-10 | not yet calculated | CVE-2022-27910 MISC |
| jquery_validation — jquery_validation |
The jQuery Validation Plugin (jquery-validation) provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service (ReDoS) when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix for CVE-2021-43306. Users should upgrade to version 1.19.5 to receive a patch. | 2022-07-14 | not yet calculated | CVE-2022-31147 MISC CONFIRM MISC |
| kb_software — login_authentication |
A vulnerability was found in KB Login Authentication Script 1.1 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument username/password with the input ‘or”=’ leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-13 | not yet calculated | CVE-2017-20127 MISC MISC |
| kb_software — messages_php_script |
A vulnerability has been found in KB Messages PHP Script 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username/password with the input ‘or”=’ leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-13 | not yet calculated | CVE-2017-20128 MISC MISC |
| kb_software — referral_script |
A vulnerability was found in KB Affiliate Referral Script 1.0. It has been classified as critical. This affects an unknown part of the file /index.php. The manipulation of the argument username/password with the input ‘or”=’ leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2022-07-13 | not yet calculated | CVE-2017-20126 MISC MISC |
| kvf-admin — kvf-admin | kvf-admin through 2022-02-12 allows remote attackers to execute arbitrary code because deserialization is mishandled. The rememberMe parameter is encrypted with a hardcoded key from the com.kalvin.kvf.common.shiro.ShiroConfig file. | 2022-07-13 | not yet calculated | CVE-2022-35857 MISC |
| lacuna_software — pki-core |
A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content. | 2022-07-14 | not yet calculated | CVE-2022-2393 MISC |
| lenze — cabinet_series |
Multiple Lenze products of the cabinet series skip the password verification upon second login. After a user has been logged on to the device once, a remote attacker can get full access without knowledge of the password. | 2022-07-11 | not yet calculated | CVE-2022-2302 CONFIRM |
| libguestfs — libguestfs |
A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor. | 2022-07-12 | not yet calculated | CVE-2022-2211 MISC |
| linux — kernel | A memory leak vulnerability was found in the Linux kernel’s eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data. | 2022-07-14 | not yet calculated | CVE-2021-4135 MISC |
| linux — linux_kernel |
The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel. | 2022-07-13 | not yet calculated | CVE-2022-2380 MISC |
| linux — linux_kernel |
Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*. | 2022-07-12 | not yet calculated | CVE-2011-4916 MISC MISC |
| live555 — live555 | Live555 through 1.08 does not handle socket connections properly. A huge number of incoming socket connections in a short time invokes the error-handling module, in which a heap-based buffer overflow happens. An attacker can leverage this to launch a DoS attack. | 2022-07-12 | not yet calculated | CVE-2021-41396 MISC MISC |
| logostore — logostore |
A vulnerability was found in LogoStore. It has been classified as critical. Affected is an unknown function of the file /LogoStore/search.php. The manipulation of the argument query with the input test’ UNION ALL SELECT CONCAT(CONCAT(‘qqkkq’,’VnPVWVaYxljWqGpLLbEIyPIHBjjjjASQTnaqfKaV’),’qvvpq’),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL– oCrh&search= leads to sql injection. It is possible to launch the attack remotely. | 2022-07-14 | not yet calculated | CVE-2017-20129 MISC |
| mailcow — mailcow |
mailcow is a mailserver suite. Prior to mailcow-dockerized version 2022-06a, an extended privilege vulnerability can be exploited by manipulating the custom parameters regexmess, skipmess, regexflag, delete2foldersonly, delete2foldersbutnot, regextrans2, pipemess, or maxlinelengthcmd to execute arbitrary code. Users should update their mailcow instances with the `update.sh` script in the mailcow root directory to 2022-06a or newer to receive a patch for this issue. As a temporary workaround, the Syncjob ACL can be removed from all mailbox users, preventing changes to those settings. | 2022-07-11 | not yet calculated | CVE-2022-31138 MISC MISC CONFIRM MISC |
| mattermost — guest_account_feature |
The Guest account feature in Mattermost version 6.7.0 and earlier fails to properly restrict the permissions, which allows a guest user to fetch a list of all public channels in the team, in spite of not being part of those channels. | 2022-07-14 | not yet calculated | CVE-2022-2408 MISC |
| mattermost — legacy_slack_import_feature |
The legacy Slack import feature in Mattermost version 6.7.0 and earlier fails to properly limit the sizes of imported files, which allows an authenticated attacker to crash the server by importing large files via the Slack import REST API. | 2022-07-14 | not yet calculated | CVE-2022-2406 MISC |
| mattermost — mattermost |
Unrestricted information disclosure of all users in Mattermost version 6.7.0 and earlier allows team members to access some sensitive information by directly accessing the APIs. | 2022-07-14 | not yet calculated | CVE-2022-2401 MISC |
| mattermost — trusted_ip_header |
Incorrect default configuration for trusted IP header in Mattermost version 6.7.0 and earlier allows attacker to bypass some of the rate limitations in place or use manipulated IPs for audit logging via manipulating the request headers. | 2022-07-12 | not yet calculated | CVE-2022-2366 MISC |
| mealie — mealie | The login function of Mealie v1.0.0beta-2 allows attackers to enumerate existing usernames by timing the server’s response time. | 2022-07-14 | not yet calculated | CVE-2022-32425 MISC |
| mendix — mendix |
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (All versions < V8.18.18), Mendix Applications using Mendix 9 (All versions < V9.14.0), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.2), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.12). In case of access to an active user session in an application that is built with an affected version, it’s possible to change that user’s password bypassing password validations within a Mendix application. This could allow to set weak passwords. | 2022-07-12 | not yet calculated | CVE-2022-31257 CONFIRM |
| microsoft — active_directory_federation_services | Active Directory Federation Services Elevation of Privilege Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-30215 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33667 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33663 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33664 MISC |
| microsoft — azure | Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-33678. | 2022-07-12 | not yet calculated | CVE-2022-33676 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33665 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33675 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33666 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33671 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33668 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33669 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675. | 2022-07-12 | not yet calculated | CVE-2022-33677 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33673 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33658 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-30181 MISC |
| microsoft — azure | Azure Storage Library Information Disclosure Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-30187 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33662 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33650 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33661 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33652 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33674 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33657 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33641 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33642 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33643 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33660 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33651 MISC |
| microsoft — azure | Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-33676. | 2022-07-12 | not yet calculated | CVE-2022-33678 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33653 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33654 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33655 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33656 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33659 MISC |
| microsoft — azure | Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677. | 2022-07-12 | not yet calculated | CVE-2022-33672 MISC |
| microsoft — bitlocker | BitLocker Security Feature Bypass Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-22048 MISC |
| microsoft — bitlocker |
Windows BitLocker Information Disclosure Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-22711 MISC |
| microsoft — defender_for_endpoint_for_linux | Microsoft Defender for Endpoint Tampering Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-33637 MISC |
| microsoft — microsoft_office | Microsoft Office Security Feature Bypass Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-33632 MISC |
| microsoft — microsoft_system_center | A reflected DOM-Based XSS vulnerability has been discovered in the Help directory of Veeam Management Pack for Microsoft System Center 8.0. This vulnerability could be exploited by an attacker by convincing a legitimate user to visit a crafted URL on a Veeam Management Pack for Microsoft System Center server, allowing for the execution of arbitrary scripts. | 2022-07-14 | not yet calculated | CVE-2022-32225 MISC |
| microsoft — skype_and_lync | Skype for Business and Lync Remote Code Execution Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-33633 MISC |
| microsoft — windows_advanced_local_procedure_call | Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22037, CVE-2022-30202. | 2022-07-12 | not yet calculated | CVE-2022-30224 MISC |
| microsoft — windows_advanced_local_procedure_call | Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22037, CVE-2022-30224. | 2022-07-12 | not yet calculated | CVE-2022-30202 MISC |
| microsoft — windows_boot_manager | Windows Boot Manager Security Feature Bypass Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-30203 MISC |
| microsoft — windows_common_log_file_system_driver | Windows Common Log File System Driver Elevation of Privilege Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-30220 MISC |
| microsoft — windows_connected_devices_platform_service | Windows Connected Devices Platform Service Information Disclosure Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-30212 MISC |
| microsoft — windows_csrss | Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026, CVE-2022-22047. | 2022-07-12 | not yet calculated | CVE-2022-22049 MISC |
| microsoft — windows_dns_server | Windows DNS Server Remote Code Execution Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-30214 MISC |
| microsoft — windows_fax_service | Windows Fax Service Elevation of Privilege Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-22050 MISC |
| microsoft — windows_gdi+ | Windows GDI+ Information Disclosure Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-30213 MISC |
| microsoft — windows_graphics_component | Windows Graphics Component Remote Code Execution Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-30221 MISC |
| microsoft — windows_group_policy | Windows Group Policy Elevation of Privilege Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-30205 MISC |
| microsoft — windows_hyper-v | Windows Hyper-V Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22042. | 2022-07-12 | not yet calculated | CVE-2022-30223 MISC |
| microsoft — windows_iis_server | Windows IIS Server Elevation of Privilege Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-30209 MISC |
| microsoft — windows_layer_2_tunneling_protocol | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-30211 MISC |
| microsoft — windows_media_player_network_sharing_service | Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-30225 MISC |
| microsoft — windows_print_spooler | Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-22041, CVE-2022-30206. | 2022-07-12 | not yet calculated | CVE-2022-30226 MISC |
| microsoft — windows_print_spooler | Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-22041, CVE-2022-30226. | 2022-07-12 | not yet calculated | CVE-2022-30206 MISC |
| microsoft — windows_security_account_manager | Windows Security Account Manager (SAM) Denial of Service Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-30208 MISC |
| microsoft — windows_server | Windows Server Service Tampering Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-30216 MISC |
| microsoft — windows_shell | Windows Shell Remote Code Execution Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-30222 MISC |
| microsoft — xbox | Xbox Live Save Service Elevation of Privilege Vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-33644 MISC |
| microweber — microweber | An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini. | 2022-07-15 | not yet calculated | CVE-2021-36461 MISC |
| mogu_blog — mogu_blog | Mogu blog 5.2 is vulnerable to Cross Site Scripting (XSS). | 2022-07-12 | not yet calculated | CVE-2022-30517 MISC |
| mplayer_project — mplayer_project | The MPlayer Project v1.5 was discovered to contain a heap use-after-free resulting in a double free in the preinit function at libvo/vo_v4l2.c. This vulnerability can lead to a Denial of Service (DoS) via a crafted file. | 2022-07-14 | not yet calculated | CVE-2022-32317 MISC |
| multi_restaurant_table_reservation_system — multi_restaurant_table_reservation_system | Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Area(food_type) field to /dashboard/menu-list.php. | 2022-07-15 | not yet calculated | CVE-2020-36553 MISC MISC MISC MISC |
| multi_restaurant_table_reservation_system — multi_restaurant_table_reservation_system | Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Item Name field to /dashboard/menu-list.php. | 2022-07-15 | not yet calculated | CVE-2020-36551 MISC MISC MISC MISC |
| multi_restaurant_table_reservation_system — multi_restaurant_table_reservation_system | Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Table Name field to /dashboard/table-list.php. | 2022-07-15 | not yet calculated | CVE-2020-36550 MISC MISC MISC MISC |
| multi_restaurant_table_reservation_system — multi_restaurant_table_reservation_system | Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Made field to /dashboard/menu-list.php. | 2022-07-15 | not yet calculated | CVE-2020-36552 MISC MISC MISC MISC |
| multi_restaurant_table_reservation_system — multi_restaurant_table_reservation_system |
Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Restaurant Name field to /dashboard/profile.php. | 2022-07-15 | not yet calculated | CVE-2020-35261 MISC MISC MISC MISC |
| nautilus — multiple_treadmills | Nautilus treadmills T616 S/N 100672PRO21140001 through 100672PRO21171980 and T618 S/N 100647PRO21130111 through 100647PRO21183960 with software before 2022-06-09 allow physically proximate attackers to cause a denial of service (fall) by connecting the power cord to a 120V circuit (which may lead to self-starting at an inopportune time). | 2022-07-12 | not yet calculated | CVE-2022-35648 MISC MISC MISC |
| october_cms — october_cms | October/System is the system module for October CMS, a self-hosted CMS platform based on the Laravel PHP Framework. Prior to versions 1.0.476, 1.1.12, and 2.2.15, when the developer allows the user to specify their own filename in the `fromData` method, an unauthenticated user can perform remote code execution (RCE) by exploiting a race condition in the temporary storage directory. This vulnerability affects plugins that expose the `OctoberRainDatabaseAttachFile::fromData` as a public interface and does not affect vanilla installations of October CMS since this method is not exposed or used by the system internally or externally. The issue has been patched in Build 476 (v1.0.476), v1.1.12, and v2.2.15. Those who are unable to upgrade may apply with patch to their installation manually as a workaround. | 2022-07-12 | not yet calculated | CVE-2022-24800 CONFIRM MISC |
| octobot — octobot | WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled. | 2022-07-16 | not yet calculated | CVE-2021-36711 MISC MISC MISC MISC MISC |
| octopus — octopus_server | In affected versions of Octopus Server the help sidebar can be customized to include a Cross-Site Scripting payload in the support link. | 2022-07-15 | not yet calculated | CVE-2022-29890 MISC |
| octopus — octopus_server |
In affected versions of Octopus Server an Insecure Direct Object Reference vulnerability exists where it is possible for a user to download Project Exports from a Project they do not have permissions to access. This vulnerability only impacts projects within the same Space. | 2022-07-15 | not yet calculated | CVE-2022-1881 MISC |
| online_hotel_booking_system — online_hotel_booking_system |
A vulnerability has been found in Online Hotel Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file edit_all_room.php of the component Room Handler. The manipulation of the argument id with the input 2828%27%20AND%20(SELECT%203766%20FROM%20(SELECT(SLEEP(5)))BmIK)%20AND%20%27YLPl%27=%27YLPl leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-12 | not yet calculated | CVE-2022-2262 MISC MISC |
| online_hotel_booking_system — online_hotel_booking_system |
A vulnerability was found in Online Hotel Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file edit_room_cat.php of the component Room Handler. The manipulation of the argument roomname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-12 | not yet calculated | CVE-2022-2263 MISC MISC |
| openjs_foundation — node.js | A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks. | 2022-07-14 | not yet calculated | CVE-2022-32212 MISC MISC MISC |
| openjs_foundation — node.js | The llhttp parser in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). | 2022-07-14 | not yet calculated | CVE-2022-32214 MISC MISC |
| openjs_foundation — node.js | The llhttp parser in the http module in Node v17.6.0 does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS). | 2022-07-14 | not yet calculated | CVE-2022-32215 MISC MISC |
| openjs_foundation — node.js | A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3. | 2022-07-14 | not yet calculated | CVE-2022-32222 MISC |
| openjs_foundation — node.js | Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine:* OpenSSL has been installed and “C:Program FilesCommon FilesSSLopenssl.cnf” exists.Whenever the above conditions are present, `node.exe` will search for `providers.dll` in the current user directory.After that, `node.exe` will try to search for `providers.dll` by the DLL Search Order in Windows.It is possible for an attacker to place the malicious file `providers.dll` under a variety of paths and exploit this vulnerability. | 2022-07-14 | not yet calculated | CVE-2022-32223 MISC MISC |
| openjs_foundation — node.js | The llhttp parser in the http module in Node.js v17.x does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS). | 2022-07-14 | not yet calculated | CVE-2022-32213 MISC |
| openzeppelin — contracts_for_cairo |
OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Version 0.2.0 is vulnerable to an error that renders account contracts unusable on live networks. This issue affects all accounts (vanilla and ethereum flavors) in the v0.2.0 release of OpenZeppelin Contracts for Cairo, which are not whitelisted on StarkNet mainnet. Only goerli deployments of v0.2.0 accounts are affected. This faulty behavior is not observed in StarkNet’s testing framework. This bug has been patched in v0.2.1. | 2022-07-15 | not yet calculated | CVE-2022-31153 MISC MISC MISC CONFIRM MISC MISC |
| osticket — osticket | A stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins – Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file. | 2022-07-13 | not yet calculated | CVE-2022-32074 MISC MISC MISC |
| oxygen_xml_webhelp — oxygen_xml_webhelp | An issue was discovered in Oxygen XML WebHelp before 22.1 build 2021082006 and 23.x before 23.1 build 2021090310. An XSS vulnerability in search terms proposals (in online documentation generated using Oxygen XML WebHelp) allows attackers to execute JavaScript by convincing a user to type specific text in the WebHelp output search field. | 2022-07-13 | not yet calculated | CVE-2021-46827 MISC |
| packback — lti_1.3_tool_library |
LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the Nonce Claim Value was not being validated against the nonce value sent in the Authentication Request. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds. | 2022-07-15 | not yet calculated | CVE-2022-31158 CONFIRM |
| packback — lti_1.3_tool_library |
LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the function used to generate random nonces was not sufficiently cryptographically complex. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds. | 2022-07-15 | not yet calculated | CVE-2022-31157 CONFIRM |
| parallels — parallels_desktop |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.1 (49187). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the HDAudio virtual device. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-14969. | 2022-07-15 | not yet calculated | CVE-2021-34987 N/A N/A |
| parallels — parallels_desktop |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.0 (49183). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Parallels Service. By creating a symbolic link, an attacker can abuse the service to execute a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-13932. | 2022-07-15 | not yet calculated | CVE-2021-34986 N/A N/A |
| pbootcms — pbootcms |
PbootCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the function parserIfLabel at function.php. | 2022-07-14 | not yet calculated | CVE-2022-32417 MISC |
| piwigo — piwigo | Piwigo v12.2.0 was discovered to contain SQL injection vulnerability via the Search function. | 2022-07-14 | not yet calculated | CVE-2022-32297 MISC |
| prestashop — prestashop |
File upload vulnerability in the Catalog feature in Prestashop 1.7.6.7 allows remote attackers to run arbitrary code via the add new file page. | 2022-07-13 | not yet calculated | CVE-2020-21967 MISC MISC |
| product_show_room_site — product_show_room_site |
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_product. | 2022-07-14 | not yet calculated | CVE-2022-32416 MISC |
| product_show_room_site — product_show_room_site |
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/?p=products/view_product&id=. | 2022-07-14 | not yet calculated | CVE-2022-32415 MISC |
| pyramid_solutions — ethernet/ip_adapter_and_ethernet/ip_scanner | Pyramid Solutions’ affected products, the Developer and DLL kits for EtherNet/IP Adapter and EtherNet/IP Scanner, are vulnerable to an out-of-bounds write, which may allow an unauthorized attacker to send a specially crafted packet that may result in a denial-of-service condition. | 2022-07-12 | not yet calculated | CVE-2022-1737 MISC |
| qemu — qemu | softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash. | 2022-07-11 | not yet calculated | CVE-2022-35414 MISC MISC MISC MISC MISC MISC MISC MISC |
| redhat — convert2rhel | In convert2rhel, there’s an ansible playbook named ansible/run-convert2rhel.yml which passes the Red Hat Subscription Manager user password via the CLI to convert2rhel. This could allow unauthorized local users to view the password via the process list while convert2rhel is running. However, this ansible playbook is only an example in the upstream repository and it is not shipped in officially supported versions of convert2rhel. | 2022-07-14 | not yet calculated | CVE-2022-1662 MISC |
| rhonabwy — rhonabwy | Rhonabwy before v1.1.5 was discovered to contain a buffer overflow via the component r_jwe_aesgcm_key_unwrap. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted JWE token. | 2022-07-13 | not yet calculated | CVE-2022-32096 MISC MISC |
| roxy-wi — roxy-wi |
Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for this issue. | 2022-07-15 | not yet calculated | CVE-2022-31161 CONFIRM MISC |
| ruoyi — ruoyi | An arbitrary file upload vulnerability in the background management module of RuoYi v4.7.3 and below allows attackers to execute arbitrary code via a crafted HTML file. | 2022-07-13 | not yet calculated | CVE-2022-32065 MISC MISC MISC MISC |
| sage — sage300 |
In Sage 300 ERP (formerly accpac) through 6.8.x, the installer configures the C:SageSage300Runtime directory to be the first entry in the system-wide PATH environment variable. However, this directory is writable by unprivileged users because the Sage installer fails to set explicit permissions and therefore inherits weak permissions from the C: folder. Because entries in the system-wide PATH variable are included in the search order for DLLs, an attacker could perform DLL search-order hijacking to escalate their privileges to SYSTEM. Furthermore, if the Global Search or Web Screens functionality is enabled, then privilege escalation is possible via the GlobalSearchService and Sage.CNA.WindowsService services, again via DLL search-order hijacking because unprivileged users would have modify permissions on the application directory. Note that while older versions of the software default to installing in %PROGRAMFILES(X86)% (which would allow the Sage folder to inherit strong permissions, making the installation not vulnerable), the official Sage 300 installation guides for those versions recommend installing in C:Sage, which would make the installation vulnerable. | 2022-07-14 | not yet calculated | CVE-2021-45492 MISC MISC |
| samsung — calendar | Information exposure in Calendar prior to version 12.3.05.10000 allows attacker to access calendar schedule without READ_CALENDAR permission. | 2022-07-12 | not yet calculated | CVE-2022-33705 MISC |
| samsung — samsung_camera | Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information. | 2022-07-12 | not yet calculated | CVE-2022-33712 MISC |
| samsung — samsung_cloud | Implicit Intent hijacking vulnerability in Samsung Cloud prior to version 5.2.0 allows attacker to get sensitive information. | 2022-07-12 | not yet calculated | CVE-2022-33713 MISC |
| samsung — usb_driver_windows_installer_for_mobile_phones | Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for Mobile Phones prior to version 1.7.56.0 allows local attackers to delete arbitrary directory using directory junction. | 2022-07-12 | not yet calculated | CVE-2022-33711 MISC |
| sap — 3d_visual_enterprise_viewer | When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant information can be found below | 2022-07-12 | not yet calculated | CVE-2022-35171 MISC MISC |
| sap — busines_objects_business_intelligence_platform | SAP BusinessObjects Business Intelligence Platform (LCM) – versions 420, 430, allows an attacker with an admin privilege to read and decrypt LCMBIAR file’s password under certain conditions, enabling the attacker to modify the password or import the file into another system causing high impact on confidentiality but a limited impact on the availability and integrity of the application. | 2022-07-12 | not yet calculated | CVE-2022-35169 MISC MISC |
| sap — busines_objects_business_intelligence_platform | SAP Busines Objects Business Intelligence Platform (Visual Difference Application) – versions 420, 430, allows an authenticated attacker who has access to BI admin console to send crafted queries and extract data from the SQL backend. On successful exploitation, the attacker can cause limited impact on confidentiality and integrity of the application | 2022-07-12 | not yet calculated | CVE-2022-32246 MISC MISC |
| sap — busines_one | Due to improper input sanitization of XML input in SAP Business One – version 10.0, an attacker can perform a denial-of-service attack rendering the system temporarily inoperative. | 2022-07-12 | not yet calculated | CVE-2022-35168 MISC MISC |
| sap — hana | Under special integration scenario of SAP Business one and SAP HANA – version 10.0, an attacker can exploit HANA cockpit?s data volume to gain access to highly sensitive information (e.g., high privileged account credentials) | 2022-07-12 | not yet calculated | CVE-2022-32249 MISC MISC |
| sap — netweaver_enterprise_portal | A vulnerability in SAP NW EP (WPC) – versions 7.30, 7.31, 7.40, 7.50, which does not sufficiently validate user-controlled input, allows a remote attacker to conduct a Cross-Site (XSS) scripting attack. A successful exploit could allow the attacker to execute arbitrary script code which could lead to stealing or modifying of authentication information of the user, such as data relating to his or her current session. | 2022-07-12 | not yet calculated | CVE-2022-35227 MISC MISC |
| sap — netweaver_enterprise_portal | SAP NetWeaver Enterprise Portal – versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to limited impact on confidentiality and integrity of data. | 2022-07-12 | not yet calculated | CVE-2022-35225 MISC MISC |
| sap — netweaver_enterprise_portal | SAP NetWeaver Enterprise Portal – versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability. | 2022-07-12 | not yet calculated | CVE-2022-35172 MISC MISC |
| sap — netweaver_enterprise_portal | SAP NetWeaver Enterprise Portal does – versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to limited impact on confidentiality and integrity of data. | 2022-07-12 | not yet calculated | CVE-2022-35170 MISC MISC |
| sap — netweaver_enterprise_portal | SAP NetWeaver Enterprise Portal – versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the User inputs while interacting on the Network. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application. | 2022-07-12 | not yet calculated | CVE-2022-32247 MISC MISC |
| sap — s/4hana | Due to missing input validation in the Manage Checkbooks component of SAP S/4HANA – version 101, 102, 103, 104, 105, 106, an attacker could insert or edit the value of an existing field in the database. This leads to an impact on the integrity of the data. | 2022-07-12 | not yet calculated | CVE-2022-32248 MISC MISC |
| sap — s/4hana |
Within SAP S/4HANA – versions S4CORE 101, 102, 103, 104, 105, 106, SAPSCORE 127, the application business partner extension for Spain/Slovakia does not perform necessary authorization checks for a low privileged authenticated user over the network, resulting in escalation of privileges leading to low impact on confidentiality and integrity of the data. | 2022-07-12 | not yet calculated | CVE-2022-31597 MISC MISC |
| sap_se — sap_business_one_license_service_api | Due to missing authentication check, SAP Business one License service API – version 10.0 allows an unauthenticated attacker to send malicious http requests over the network. On successful exploitation, an attacker can break the whole application making it inaccessible. | 2022-07-12 | not yet calculated | CVE-2022-28771 MISC MISC |
| schneider_electric — acti9_powertag_link_c | A CWE-269: Improper Privilege Management vulnerability exists that could allow elevated functionality when guessing credentials. Affected Products: Acti9 PowerTag Link C (A9XELC10-A) (V1.7.5 and prior), Acti9 PowerTag Link C (A9XELC10-B) (V2.12.0 and prior) | 2022-07-13 | not yet calculated | CVE-2022-34754 CONFIRM |
| schneider_electric — easergy_p5 | A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution or the crash of HTTPs stack which is used for the device Web HMI. Affected Products: Easergy P5 (V01.401.102 and prior) | 2022-07-13 | not yet calculated | CVE-2022-34756 CONFIRM |
| schneider_electric — easergy_p5 | A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak cipher suites can be used for the SSH connection between Easergy Pro software and the device, which may allow an attacker to observe protected communication details. Affected Products: Easergy P5 (V01.401.102 and prior) | 2022-07-13 | not yet calculated | CVE-2022-34757 CONFIRM |
| schneider_electric — easergy_p5 | A CWE-20: Improper Input Validation vulnerability exists that could cause the device watchdog function to be disabled if the attacker had access to privileged user credentials. Affected Products: Easergy P5 (V01.401.102 and prior) | 2022-07-13 | not yet calculated | CVE-2022-34758 CONFIRM |
| schneider_electric — spacelogic_c-bus_home_controller | A CWE-78: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability exists that could cause remote root exploit when the command is compromised. Affected Products: SpaceLogic C-Bus Home Controller (5200WHC2), formerly known as C-Bus Wiser Homer Controller MK2 (V1.31.460 and prior) | 2022-07-13 | not yet calculated | CVE-2022-34753 CONFIRM |
| schneider_electric — x80_advanced_rtu_communication_module_and_opc_ua_modicon_communication_module | A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause loading of unauthorized firmware images due to improper verification of the firmware signature. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior) | 2022-07-13 | not yet calculated | CVE-2022-34763 CONFIRM |
| schneider_electric — x80_advanced_rtu_communication_module_and_opc_ua_modicon_communication_module | A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior) | 2022-07-13 | not yet calculated | CVE-2022-34765 CONFIRM |
| schneider_electric — x80_advanced_rtu_communication_module_and_opc_ua_modicon_communication_module | A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service when parsing the URL. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V1.0), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior) | 2022-07-13 | not yet calculated | CVE-2022-34764 CONFIRM |
| schneider_electric — x80_advanced_rtu_communication_module_and_opc_ua_modicon_communication_module | A CWE-476: NULL Pointer Dereference vulnerability exists that could cause a denial of service of the webserver when parsing JSON content type. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior) | 2022-07-13 | not yet calculated | CVE-2022-34761 CONFIRM |
| schneider_electric — x80_advanced_rtu_communication_module_and_opc_ua_modicon_communication_module | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior) | 2022-07-13 | not yet calculated | CVE-2022-34762 CONFIRM |
| schneider_electric — x80_advanced_rtu_communication_module_and_opc_ua_modicon_communication_module | A CWE-835: Loop with Unreachable Exit Condition (‘Infinite Loop’) vulnerability exists that could cause a denial of service of the webserver due to improper handling of the cookies. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V1.0), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior) | 2022-07-13 | not yet calculated | CVE-2022-34760 CONFIRM |
| schneider_electric — x80_advanced_rtu_communication_module_and_opc_ua_modicon_communication_module | A CWE-787: Out-of-bounds Write vulnerability exists that could cause a denial of service of the webserver due to improper parsing of the HTTP Headers. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V1.0), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior) | 2022-07-13 | not yet calculated | CVE-2022-34759 CONFIRM |
| schutzwerk — spryker_commerce_os | Spryker Commerce OS 1.4.2 allows Remote Command Execution. | 2022-07-13 | not yet calculated | CVE-2022-28888 MISC MISC |
| shoutrrr — shoutrrr |
The package github.com/containrrr/shoutrrr/pkg/util before 0.6.0 are vulnerable to Denial of Service (DoS) via the util.PartitionMessage function. Exploiting this vulnerability is possible by sending exactly 2000, 4000, or 6000 characters messages. | 2022-07-15 | not yet calculated | CVE-2022-25891 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| siemens — en100_ethernet_module |
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.40), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). Affected applications contains a memory corruption vulnerability while parsing specially crafted HTTP packets to /txtrace endpoint manupulating a specific argument. This could allow an attacker to crash the affected application leading to a denial of service condition | 2022-07-12 | not yet calculated | CVE-2022-30938 CONFIRM |
| siemens — mendix | A vulnerability has been identified in Mendix Excel Importer Module (Mendix 8 compatible) (All versions < V9.2.2), Mendix Excel Importer Module (Mendix 9 compatible) (All versions < V10.1.2). The affected component is vulnerable to XML Entity Expansion Injection. An attacker may use this to compromise the availability of the affected component. | 2022-07-12 | not yet calculated | CVE-2022-34467 CONFIRM |
| siemens — mendix | A vulnerability has been identified in Mendix Applications using Mendix 9 (All versions >= V9.11 < V9.15), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.3). An expression injection vulnerability was discovered in the Workflow subsystem of Mendix Runtime, that can affect the running applications. The vulnerability could allow a malicious user to leak sensitive information in a certain configuration. | 2022-07-12 | not yet calculated | CVE-2022-34466 CONFIRM |
| siemens — multiple_products |
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions < CPC80 V16.30), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions < CPC80 V16.30), CP-8021 MASTER MODULE (All versions < CPC80 V16.30), CP-8022 MASTER MODULE WITH GPRS (All versions < CPC80 V16.30). When using the HTTPS server under specific conditions, affected devices do not properly free resources. This could allow an unauthenticated remote attacker to put the device into a denial of service condition. | 2022-07-12 | not yet calculated | CVE-2022-29884 CONFIRM |
| siemens — opcenter_quality | A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcenter Quality V13.2 (All versions < V13.2.20220624). The affected applications do not properly validate login information during authentication. This could lead to denial of service condition for existing users or allow unauthenticated remote attackers to successfully login without credentials. | 2022-07-12 | not yet calculated | CVE-2022-33736 CONFIRM |
| siemens — parasolid_and_simcenter_femap | A vulnerability has been identified in Parasolid V33.1 (All versions), Parasolid V34.0 (All versions < V34.0.250), Parasolid V34.1 (All versions < V34.1.233), Simcenter Femap (All versions). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15420) | 2022-07-12 | not yet calculated | CVE-2022-34465 CONFIRM |
| siemens — ruggedcom_ros |
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < V5.6.0), RUGGEDCOM ROS RST2228 (All versions < V5.6.0), RUGGEDCOM ROS RST2228P (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < V5.6.0), RUGGEDCOM ROS RST916P (All versions < V5.6.0), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). Affected devices are vulnerable to a web-based code injection attack via the console. An attacker could exploit this vulnerability to inject code into the web server and cause malicious behavior in legitimate users accessing certain web resources on the affected device. | 2022-07-12 | not yet calculated | CVE-2022-34663 CONFIRM |
| siemens — ruggedcom_rox_mx5000 |
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < 2.15.1), RUGGEDCOM ROX MX5000RE (All versions < 2.15.1), RUGGEDCOM ROX RX1400 (All versions < 2.15.1), RUGGEDCOM ROX RX1500 (All versions < 2.15.1), RUGGEDCOM ROX RX1501 (All versions < 2.15.1), RUGGEDCOM ROX RX1510 (All versions < 2.15.1), RUGGEDCOM ROX RX1511 (All versions < 2.15.1), RUGGEDCOM ROX RX1512 (All versions < 2.15.1), RUGGEDCOM ROX RX1524 (All versions < 2.15.1), RUGGEDCOM ROX RX1536 (All versions < 2.15.1), RUGGEDCOM ROX RX5000 (All versions < 2.15.1). Affected devices do not properly validate user input, making them susceptible to command injection. An attacker with access to either the shell or the web CLI with administrator privileges could access the underlying operating system as the root user. | 2022-07-12 | not yet calculated | CVE-2022-29560 CONFIRM |
| siemens — sicam_gridedge_essential |
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions), SICAM GridEdge Essential Intel (All versions < V2.7.3), SICAM GridEdge Essential with GDS ARM (All versions), SICAM GridEdge Essential with GDS Intel (All versions < V2.7.3). Affected software uses an improperly protected file to import SSH keys. Attackers with access to the filesystem of the host on which SICAM GridEdge runs, are able to inject a custom SSH key to that file. | 2022-07-12 | not yet calculated | CVE-2022-34464 CONFIRM |
| simple_e-learning_system — simple_e-learning_system |
A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claire_blake. The manipulation of the argument Bio with the input “><script>alert(document.cookie)</script> leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2022-07-14 | not yet calculated | CVE-2022-2396 N/A N/A |
| snyk — package_angular |
All versions of package angular are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of <textarea> elements. | 2022-07-15 | not yet calculated | CVE-2022-25869 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| snyk — package_svelte |
The package svelte before 3.49.0 are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization and to improper escape of attributes when using objects during SSR (Server-Side Rendering). Exploiting this vulnerability is possible via objects with a custom toString() function. | 2022-07-12 | not yet calculated | CVE-2022-25875 MISC MISC MISC |
| snyk — package_terser |
The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions. | 2022-07-15 | not yet calculated | CVE-2022-25858 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| software_publico_brasileiro — i3geo | Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via request_token.php. | 2022-07-14 | not yet calculated | CVE-2022-34094 MISC MISC MISC MISC MISC |
| software_publico_brasileiro — i3geo | A local file inclusion (LFI) vulnerability in the component codemirror.php of Portal do Software Publico Brasileiro i3geo v7.0.5 allows attackers to execute arbitrary PHP code via a crafted HTTP request. | 2022-07-14 | not yet calculated | CVE-2022-32409 MISC MISC |
| software_publico_brasileiro — i3geo | Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via access_token.php. | 2022-07-14 | not yet calculated | CVE-2022-34093 MISC MISC MISC MISC MISC |
| software_publico_brasileiro — i3geo | Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via svg2img.php. | 2022-07-14 | not yet calculated | CVE-2022-34092 MISC MISC MISC MISC MISC |
| strapi — strapi | An unrestricted file upload vulnerability in the Add New Assets function of Strapi v4.1.12 allows attackers to execute arbitrary code via a crafted file. | 2022-07-13 | not yet calculated | CVE-2022-32114 MISC MISC |
| toybox — toybox | Toybox v0.8.7 was discovered to contain a NULL pointer dereference via the component httpd.c. This vulnerability can lead to a Denial of Service (DoS) via unspecified vectors. | 2022-07-14 | not yet calculated | CVE-2022-32298 MISC |
| tp-link — tp-link_tl-wr841n | A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841N(EU)_V12_160624 and TL-WR841 V11 TL-WR841N(EU)_V11_160325 , TL-WR841N_V11_150616 and TL-WR841 V10 TL-WR841N_V10_150310 are also affected. | 2022-07-14 | not yet calculated | CVE-2022-30024 MISC MISC MISC |
| trusted_firmware — mbed_tls | An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information disclosure based on error responses. Affected configurations have MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled and MBEDTLS_SSL_IN_CONTENT_LEN less than a threshold that depends on the configuration: 258 bytes if using mbedtls_ssl_cookie_check, and possibly up to 571 bytes with a custom cookie check function. | 2022-07-15 | not yet calculated | CVE-2022-35409 MISC MISC |
| trustwave — dingtian_dt-r002_2ch_relay_devices |
relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request. | 2022-07-14 | not yet calculated | CVE-2022-29593 MISC MISC |
| typo3 — gridelements_extension |
The gridelements (aka Grid Elements) extension through 7.6.1, 8.x through 8.7.0, 9.x through 9.7.0, and 10.x through 10.2.0 extension for TYPO3 allows XSS. | 2022-07-12 | not yet calculated | CVE-2022-29602 MISC MISC |
| typo3 — oelib_extension |
The oelib (aka One is Enough Library) extension through 4.1.5 for TYPO3 allows SQL Injection. | 2022-07-12 | not yet calculated | CVE-2022-29600 MISC MISC |
| typo3 — seminar_manager |
The seminars (aka Seminar Manager) extension through 4.1.3 for TYPO3 allows SQL Injection. | 2022-07-12 | not yet calculated | CVE-2022-29601 MISC MISC |
| typo3 — typo3 | The libconnect extension before 7.0.8 and 8.x before 8.1.0 for TYPO3 allows XSS. | 2022-07-12 | not yet calculated | CVE-2022-33157 MISC |
| typo3 — typo3 | A SQL injection issue was discovered in the lux extension before 17.6.1, and 18.x through 24.x before 24.0.2, for TYPO3. | 2022-07-12 | not yet calculated | CVE-2022-35628 MISC |
| typo3 — typo3 | The schema (aka Embedding schema.org vocabulary) extension before 1.13.1 and 2.x before 2.5.1 for TYPO3 allows XSS. | 2022-07-12 | not yet calculated | CVE-2022-33154 MISC |
| typo3 — typo3 | The matomo_integration (aka Matomo Integration) extension before 1.3.2 for TYPO3 allows XSS. | 2022-07-12 | not yet calculated | CVE-2022-33156 MISC |
| typo3 — typo3 | The ameos_tarteaucitron (aka AMEOS – TarteAuCitron GDPR cookie banner and tracking management / French RGPD compatible) extension before 1.2.23 for TYPO3 allows XSS. | 2022-07-12 | not yet calculated | CVE-2022-33155 MISC |
| ublock_origin_project — ublock_origin | Cross Site Scripting (XSS) vulnerability in uBlock Origin extension before 1.41.1 allows remote attackers to run arbitrary code via a spoofed ‘MessageSender.url’ to the browser renderer process. | 2022-07-13 | not yet calculated | CVE-2022-32308 MISC |
| undici — undici | `Undici.ProxyAgent` never verifies the remote server’s certificate, and always exposes all request & response data to the proxy. This unexpectedly means that proxies can MitM all HTTPS traffic, and if the proxy’s URL is HTTP then it also means that nominally HTTPS requests are actually sent via plain-text HTTP between Undici and the proxy server. | 2022-07-14 | not yet calculated | CVE-2022-32210 MISC MISC |
| unsafeaccessor — unsafeaccessor |
UnsafeAccessor (UA) is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA’s standard API. The main application can set up `SecurityCheck.AccessLimiter` for UA to limit access to UA. Starting with version 1.4.0 and prior to version 1.7.0, when `SecurityCheck.AccessLimiter` is set up, untrusted code can access UA without limitation, even when UA is loaded as a named module. This issue does not affect those for whom `SecurityCheck.AccessLimiter` is not set up. Version 1.7.0 contains a patch. | 2022-07-11 | not yet calculated | CVE-2022-31139 MISC MISC CONFIRM |
| urve_web_manager — urve_web_manager | A vulnerability was found in URVE Web Manager. It has been declared as critical. This vulnerability affects unknown code of the file _internal/collector/upload.php. The manipulation leads to unrestricted upload. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used. | 2022-07-15 | not yet calculated | CVE-2022-2419 N/A N/A |
| urve_web_manager — urve_web_manager |
A vulnerability was found in URVE Web Manager. It has been classified as critical. This affects an unknown part of the file kreator.html5/img_upload.php. The manipulation leads to unrestricted upload. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used. | 2022-07-15 | not yet calculated | CVE-2022-2418 N/A N/A |
| urve_web_manager — urve_web_manager |
A vulnerability was found in URVE Web Manager. It has been rated as critical. This issue affects some unknown processing of the file _internal/uploader.php. The manipulation leads to unrestricted upload. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used. | 2022-07-15 | not yet calculated | CVE-2022-2420 N/A N/A |
| verizon — verizon_5g_home_lvskihp_indoorunit | On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the CRTC and ODU RPC endpoints rely on a static certificate for access control. This certificate is embedded in the firmware, and is identical across the fleet of devices. An attacker need only download this firmware and extract the private components of these certificates (from /etc/lighttpd.d/ca.pem and /etc/lighttpd.d/server.pem) to gain access. (The firmware download location is shown in a device’s upgrade logs.) | 2022-07-14 | not yet calculated | CVE-2022-28371 MISC MISC |
| verizon — verizon_5g_home_lvskihp_indoorunit |
Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 does not validate the user-provided URL within the crtcmode function’s enable_ssh sub-operation of the crtcrpc JSON listener (found at /lib/functions/wnc_jsonsh/crtcmode.sh) A remote attacker on the local network can provide a malicious URL. The data (found at that URL) is written to /usr/sbin/dropbear and then executed as root. | 2022-07-14 | not yet calculated | CVE-2022-28369 MISC MISC |
| verizon — verizon_5g_home_lvskihp_indoorunit |
On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the CRTC and ODU RPC endpoints rely on a static account username/password for access control. This password can be generated via a binary included in the firmware, after ascertaining the MAC address of the IDU’s base Ethernet interface, and adding the string DEVICE_MANUFACTURER=’Wistron_NeWeb_Corp.’ to /etc/device_info to replicate the host environment. This occurs in /etc/init.d/wnc_factoryssidkeypwd (IDU). | 2022-07-14 | not yet calculated | CVE-2022-28377 MISC MISC |
| verizon — verizon_5g_home_lvskihp_indoorunit |
Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 does not properly sanitize user-controlled parameters within the crtcreadpartition function of the crtcrpc JSON listener in /usr/lib/lua/luci/crtc.lua. A remote attacker on the local network can inject shell metacharacters to achieve remote code execution as root. | 2022-07-14 | not yet calculated | CVE-2022-28373 MISC MISC |
| verizon — verizon_5g_home_lvskihp_indoorunit |
On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the CRTC and ODU RPC endpoints provide a means of provisioning a firmware update for the device via crtc_fw_upgrade or crtcfwimage. The URL provided is not validated, and thus allows for arbitrary file upload to the device. This occurs in /lib/lua/luci/crtc.lua (IDU) and /lib/functions/wnc_jsonsh/wnc_crtc_fw.sh (ODU). | 2022-07-14 | not yet calculated | CVE-2022-28372 MISC MISC |
| verizon — verizon_5g_home_lvskihp_outdoorunit |
Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 does not property sanitize user-controlled parameters within the crtcswitchsimprofile function of the crtcrpc JSON listener. A remote attacker on the local network can inject shell metacharacters into /usr/lib/lua/5.1/luci/controller/rpc.lua to achieve remote code execution as root, | 2022-07-14 | not yet calculated | CVE-2022-28375 MISC MISC |
| verizon — verizon_5g_home_lvskihp_outdoorunit |
Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 does not property sanitize user-controlled parameters within the DMACC URLs on the Settings page of the Engineering portal. An authenticated remote attacker on the local network can inject shell metacharacters into /usr/lib/lua/5.1/luci/controller/admin/settings.lua to achieve remote code execution as root. | 2022-07-14 | not yet calculated | CVE-2022-28374 MISC MISC |
| verizon — verizon_5g_home_lvskihp_outdoorunit |
On Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 devices, the RPC endpoint crtc_fw_upgrade provides a means of provisioning a firmware update for the device. /lib/functions/wnc_jsonsh/wnc_crtc_fw.sh has no cryptographic validation of the image, thus allowing an attacker to modify the installed firmware. | 2022-07-14 | not yet calculated | CVE-2022-28370 MISC MISC |
| vim — heap-based_buffer_overflow |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. | 2022-07-08 | not yet calculated | CVE-2022-2343 CONFIRM MISC |
| vm2 — vm2 |
This affects the package vm2 before 3.6.11. It is possible to trigger a RangeError exception from the host rather than the “sandboxed” context by reaching the stack call limit with an infinite recursion. The returned object is then used to reference the mainModule property of the host code running the script allowing it to spawn a child_process and execute arbitrary code. | 2022-07-13 | not yet calculated | CVE-2019-10761 MISC MISC MISC |
| vmware — vcenter_server |
The vCenter Server contains a server-side request forgery (SSRF) vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service. | 2022-07-13 | not yet calculated | CVE-2022-22982 MISC |
| western_digital — my_cloud_home |
Addressed a remote code execution vulnerability by resolving a command injection vulnerability and closing an AWS S3 bucket that potentially allowed an attacker to execute unsigned code on My Cloud Home devices. | 2022-07-12 | not yet calculated | CVE-2022-22997 MISC |
| whoogle-search — whoogle-search |
The package whoogle-search before 0.7.2 are vulnerable to Cross-site Scripting (XSS) via the query string parameter q. In the case where it does not contain the http string, it is used to build the error_message that is then rendered in the error.html template, using the [flask.render_template](https://flask.palletsprojects.com/en/2.1.x/api/flask.render_template) function. However, the error_message is rendered using the [| safe filter](https://jinja.palletsprojects.com/en/3.1.x/templates/working-with-automatic-escaping), meaning the user input is not escaped. | 2022-07-12 | not yet calculated | CVE-2022-25303 MISC MISC MISC |
| withsecure — multiple_products |
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aeheur.dll component can crash the scanning engine. The exploit can be triggered remotely by an attacker. | 2022-07-14 | not yet calculated | CVE-2022-28876 MISC MISC |
| wolfssh — wolfssh | WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSH_SFTP_RecvRMDIR. | 2022-07-13 | not yet calculated | CVE-2022-32073 MISC |
| wordpress — wordpress |
The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.16.0 doesn’t escape a parameter on its setting page, making it possible for attackers to conduct reflected cross-site scripting attacks. | 2022-07-11 | not yet calculated | CVE-2022-2092 MISC |
| wordpress — wordpress |
The Cache Images WordPress plugin before 3.2.1 does not implement nonce checks, which could allow attackers to make any logged user upload images via a CSRF attack. | 2022-07-11 | not yet calculated | CVE-2022-2091 MISC |
| xiaomi_technology — xiaomi_phones |
A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is caused by heap overflow and can be exploited by attackers to make remote denial of service. | 2022-07-14 | not yet calculated | CVE-2020-14127 MISC |
|
yunzhongzhuan — electronic_mall_system |
Electronic mall system 1.0_build20200203 is affected vulnerable to SQL Injection. | 2022-07-14 | not yet calculated | CVE-2022-30113 MISC MISC |
| zoho — manageengine_servicedes_plus | Zoho ManageEngine ServiceDesk Plus before 13008, ServiceDesk Plus MSP before 10606, and SupportCenter Plus before 11022 are affected by an unauthenticated local file disclosure vulnerability via ticket-creation email. (This also affects Asset Explorer before 6977 with authentication.) | 2022-07-12 | not yet calculated | CVE-2022-35403 MISC |
| zulip — zulip |
Zulip is an open-source team collaboration tool. Zulip Server versions 2.1.0 above have a user interface tool, accessible only to server owners and server administrators, which provides a way to download a “public data” export. While this export is only accessible to administrators, in many configurations server administrators are not expected to have access to private messages and private streams. However, the “public data” export which administrators could generate contained the attachment contents for all attachments, even those from private messages and streams. Zulip Server version 5.4 contains a patch for this issue. | 2022-07-12 | not yet calculated | CVE-2022-31134 MISC CONFIRM MISC |
| zxmp_m721 — zboot_interface |
ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information. | 2022-07-15 | not yet calculated | CVE-2022-23141 MISC |
This product is provided subject to this Notification and this Privacy & Use policy.
Original release date: July 19, 2022
CISA has released an Industrial Controls Systems Advisory (ICSA) detailing six vulnerabilities that were discovered in MiCODUS MV720 Global Positioning System Tracker. Successful exploitation of these vulnerabilities may allow a remote actor to exploit access and gain control the global positioning system tracker. These vulnerabilities could impact access to a vehicle fuel supply, vehicle control, or allow locational surveillance of vehicles in which the device is installed.
CISA encourages users and technicians to review ICS Advisory ICSA-22-200-01: MiCODUS MV720 GPS Tracker for technical details and mitigations and the Bitsight Report: Critical Vulnerabilities in Widely Used Vehicle GPS Tracker for additional information.
This product is provided subject to this Notification and this Privacy & Use policy.
Original release date: July 18, 2022
CISA has updated the joint CISA-United States Coast Guard Cyber Command (CGCYBER) Cybersecurity Advisory AA22-174A: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon, originally released June 23, 2022. The advisory now includes IOCs provided in Malware Analysis Report (MAR)-10382580-2.
CISA and CGCYBER encourage users and administrators to update all affected VMware Horizon and Unified Access Gateway (UAG) systems to the latest versions. If updates or workarounds were not promptly applied following VMware’s release of updates for Log4Shell, treat all affected VMware systems as compromised. See the joint advisory for more information and additional recommendations.
This product is provided subject to this Notification and this Privacy & Use policy.
Feds urge U.S. agencies to patch a Microsoft July Patch Tuesday 2022 bug that is being exploited in the wild by August 2.