vulnerability-summary-for-the-week-of-may-23,-2022

Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

Vulnerability Summary for the Week of May 23, 2022


apple — macos_monterey_and_masos_big_sur An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to gain elevated privileges. 2022-05-26 not yet calculated CVE-2022-26718

MISC

MISC
cisco — common_services_platform_collector_software Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-05-27 not yet calculated CVE-2022-20670

CISCO phpgurukul — zoo_managment_system A vulnerability classified as problematic has been found in Zoo Management System 1.0. Affected is an unknown function of the file admin/manage-ticket.php. The manipulation with the input leads to cross site scripting. It is possible to launch the attack remotely. 2022-05-26 not yet calculated CVE-2021-4232

N/A zyxel — cgi_program A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.32 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, and VPN series firmware versions 4.32 through 5.21, that could allow an authenticated attacker to bypass the second authentication phase to connect the IPsec VPN server even though the two-factor authentication (2FA) was enabled. 2022-05-24 not yet calculated CVE-2022-0910

CONFIRM 74cmsse_v3.5.1–74cmsse_v3.5.1 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist. 2022-05-26 not yet calculated CVE-2022-29721

MISC 74cmsse_v3.5.1–74cmsse_v3.5.1 74cmsSE v3.5.1 was discovered to contain an arbitrary file read vulnerability via the component indexcontrollerDownload.php. 2022-05-26 not yet calculated CVE-2022-29720

MISC academy-lm –academy-lms Academy-LMS v4.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the SEO panel. 2022-05-25 not yet calculated CVE-2022-29380

MISC action_pack — action_pack An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses. 2022-05-26 not yet calculated CVE-2022-22577

MISC action_view_tag_helpers — action_view_tag_helpers A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes. 2022-05-26 not yet calculated CVE-2022-27777

MISC aerialwei– zkeacms A cross-site scripting (XSS) vulnerability in /navigation/create?ParentID=%23 of ZKEACMS v3.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ParentID parameter. 2022-05-25 not yet calculated CVE-2022-29362

MISC agg_software — web_server The AGG Software Web Server version 4.0.40.1014 and prior is vulnerable to a path traversal attack, which may allow an attacker to read arbitrary files from the file system. 2022-05-24 not yet calculated CVE-2021-32964

MISC agg_software — web_server The AGG Software Web Server version 4.0.40.1014 and prior is vulnerable to cross-site scripting, which may allow an attacker to remotely execute arbitrary code. 2022-05-24 not yet calculated CVE-2021-32962

MISC airfield — online A vulnerability has been found in Airfield Online and classified as problematic. This vulnerability affects the path /backups/ of the MySQL backup handler. An attacker is able to get access to sensitive data without proper authentication. It is recommended to the change the configuration settings. 2022-05-24 not yet calculated CVE-2021-4230

N/A angular — angular A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 11.0.5 and 11.1.0-next.3 is able to address this issue. The name of the patch is ba8da742e3b243e8f43d4c63aa842b44e14f2b09. It is recommended to upgrade the affected component. 2022-05-26 not yet calculated CVE-2021-4231

MISC

MISC

MISC

MISC apache — archiva In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8 2022-05-25 not yet calculated CVE-2022-29405

MISC apache –maven-shared-utils In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks. 2022-05-23 not yet calculated CVE-2022-29599

MISC

MISC

MLIST apple — ios_15.5_and_ipados15.5 An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. A person with physical access to an iOS device may be able to access photos from the lock screen. 2022-05-26 not yet calculated CVE-2022-26703

MISC apple — ios_and_ipados A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26744

MISC apple — itunes A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. A local attacker may be able to elevate their privileges. 2022-05-26 not yet calculated CVE-2022-26774

MISC apple — itunes A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. An application may be able to delete files for which it does not have permission. 2022-05-26 not yet calculated CVE-2022-26773

MISC apple — macos_big_sur A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.6.6. A malicious application may disclose restricted memory. 2022-05-26 not yet calculated CVE-2022-26745

MISC apple — macos_monterey A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26750

MISC apple — macos_monterey A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26742

MISC apple — macos_monterey A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. Photo location information may persist after it is removed with Preview Inspector. 2022-05-26 not yet calculated CVE-2022-26725

MISC apple — macos_monterey A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26749

MISC apple — macos_monterey This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. A plug-in may be able to inherit the application’s permissions and access user data. 2022-05-26 not yet calculated CVE-2022-26693

MISC apple — macos_monterey A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26754

MISC apple — macos_monterey A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26772

MISC apple — macos_monterey A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26752

MISC apple — macos_monterey This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. A plug-in may be able to inherit the application’s permissions and access user data. 2022-05-26 not yet calculated CVE-2022-26694

MISC apple — macos_monterey A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26753

MISC apple — macos_monterey Description: A race condition was addressed with additional validation. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to modify protected parts of the file system. 2022-05-26 not yet calculated CVE-2022-26690

MISC apple — macos_monterey An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.4. An attacker that has already achieved code execution in macOS Recovery may be able to escalate to kernel privileges. 2022-05-26 not yet calculated CVE-2022-26743

MISC apple — macos_monterey This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. An attacker may be able to cause unexpected application termination or arbitrary code execution. 2022-05-26 not yet calculated CVE-2022-26708

MISC apple — macos_monterey A validation issue existed in the handling of symlinks and was addressed with improved validation of symlinks. This issue is fixed in macOS Monterey 12.4. An app may be able to gain elevated privileges. 2022-05-26 not yet calculated CVE-2022-26704

MISC apple — macos_monterey_and_masos_big_sur A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution. 2022-05-26 not yet calculated CVE-2022-26723

MISC

MISC apple — macos_monterey_and_masos_big_sur This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to modify protected parts of the file system. 2022-05-26 not yet calculated CVE-2022-26712

MISC

MISC apple — multiple_products An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. An attacker may be able to cause unexpected application termination or arbitrary code execution. 2022-05-26 not yet calculated CVE-2022-26775

MISC

MISC apple — multiple_products A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information. 2022-05-26 not yet calculated CVE-2022-22662

MISC

MISC apple — multiple_products A race condition was addressed with improved locking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26701

MISC

MISC

MISC apple — multiple_products A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.4 and iPadOS 15.4, Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A malicious application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-22672

MISC

MISC

MISC

MISC apple — multiple_products A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 8.6, tvOS 15.5, iOS 15.5 and iPadOS 15.5. A malicious application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26771

MISC

MISC

MISC apple — multiple_products An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26737

MISC

MISC

MISC apple — multiple_products This issue was addressed with improved checks. This issue is fixed in Security Update 2022-004 Catalina, watchOS 8.6, macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to capture a user’s screen. 2022-05-26 not yet calculated CVE-2022-26726

MISC

MISC

MISC

MISC apple — multiple_products An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26756

MISC

MISC

MISC apple — multiple_products An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26770

MISC

MISC

MISC apple — multiple_products An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. A local user may be able to read kernel memory. 2022-05-26 not yet calculated CVE-2022-22674

MISC

MISC

MISC apple — multiple_products A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26768

MISC

MISC

MISC

MISC apple — multiple_products An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26740

MISC

MISC

MISC apple — multiple_products An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26720

MISC

MISC

MISC apple — multiple_products An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26736

MISC

MISC

MISC apple — multiple_products An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26738

MISC

MISC

MISC apple — multiple_products This issue was addressed with improved environment sanitization. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to break out of its sandbox. 2022-05-26 not yet calculated CVE-2022-26755

MISC

MISC

MISC apple — multiple_products This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. A malicious application may be able to modify protected parts of the file system. 2022-05-26 not yet calculated CVE-2022-26727

MISC

MISC apple — multiple_products A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious app may be able to bypass signature validation. 2022-05-26 not yet calculated CVE-2022-26766

MISC

MISC

MISC

MISC

MISC

MISC apple — multiple_products A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26741

MISC apple — multiple_products An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing maliciously crafted web content may lead to arbitrary code execution. 2022-05-26 not yet calculated CVE-2022-26748

MISC

MISC

MISC apple — multiple_products A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious website may be able to track users in Safari private browsing mode. 2022-05-26 not yet calculated CVE-2022-26731

MISC

MISC apple — multiple_products This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to access restricted files. 2022-05-26 not yet calculated CVE-2022-26728

MISC

MISC

MISC apple — multiple_products An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to gain elevated privileges. 2022-05-26 not yet calculated CVE-2022-26715

MISC

MISC

MISC apple — multiple_products A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. 2022-05-26 not yet calculated CVE-2022-26765

MISC

MISC

MISC

MISC apple — multiple_products A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations. 2022-05-26 not yet calculated CVE-2022-26764

MISC

MISC

MISC

MISC apple — multiple_products An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. 2022-05-26 not yet calculated CVE-2022-26698

MISC

MISC

MISC apple — multiple_products A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26757

MISC

MISC

MISC

MISC

MISC

MISC apple — multiple_products This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in iOS 15.4 and iPadOS 15.4, Security Update 2022-004 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.6. A malicious application may bypass Gatekeeper checks. 2022-05-26 not yet calculated CVE-2022-22663

MISC

MISC

MISC

MISC apple — multiple_products This issue was addressed by removing the vulnerable code. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences. 2022-05-26 not yet calculated CVE-2022-26746

MISC

MISC

MISC apple — multiple_products The issue was addressed with additional permissions checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences. 2022-05-26 not yet calculated CVE-2022-26767

MISC

MISC apple — multiple_products A memory corruption issue was addressed with improved memory handling. This issue is fixed in Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26761

MISC

MISC apple — multiple_products This issue was addressed with improved checks. This issue is fixed in iOS 15.5 and iPadOS 15.5. Processing a large input may lead to a denial of service. 2022-05-26 not yet calculated CVE-2022-22673

MISC apple — multiple_products A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges. 2022-05-26 not yet calculated CVE-2022-26721

MISC

MISC

MISC apple — multiple_products An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious application may be able to execute arbitrary code with system privileges. 2022-05-26 not yet calculated CVE-2022-26763

MISC

MISC

MISC

MISC

MISC

MISC apple — multiple_products This issue was addressed with improved checks. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks. 2022-05-26 not yet calculated CVE-2022-22616

MISC

MISC

MISC apple — multiple_products An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26739

MISC

MISC

MISC apple — multiple_products An integer overflow issue was addressed with improved input validation. This issue is fixed in tvOS 15.5, iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. 2022-05-26 not yet calculated CVE-2022-26711

MISC

MISC

MISC

MISC

MISC apple — multiple_products A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 8.6, tvOS 15.5, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26702

MISC

MISC

MISC apple — multiple_products A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges. 2022-05-26 not yet calculated CVE-2022-26722

MISC

MISC

MISC apple — multiple_products A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges. 2022-05-26 not yet calculated CVE-2022-26691

MISC

MISC

MISC apple — multiple_products An access issue was addressed with additional sandbox restrictions on third-party applications. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A sandboxed process may be able to circumvent sandbox restrictions. 2022-05-26 not yet calculated CVE-2022-26706

MISC

MISC

MISC

MISC

MISC apple — multiple_products A memory corruption issue was addressed with improved input validation. This issue is fixed in iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6, macOS Monterey 12.4. Processing a maliciously crafted image may lead to arbitrary code execution. 2022-05-26 not yet calculated CVE-2022-26751

MISC

MISC

MISC

MISC

MISC apple — multiple_products This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An attacker may be able to cause unexpected application termination or arbitrary code execution. 2022-05-26 not yet calculated CVE-2022-26776

MISC

MISC apple — multiple_products An issue in the handling of symlinks was addressed with improved validation. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A malicious app with root privileges may be able to modify the contents of system files. 2022-05-26 not yet calculated CVE-2022-26688

MISC

MISC

MISC apple — multiple_products A memory corruption issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26769

MISC

MISC

MISC apple — multiple_products A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. 2022-05-26 not yet calculated CVE-2022-26714

MISC

MISC

MISC

MISC

MISC

MISC apple — multiple_products An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. 2022-05-26 not yet calculated CVE-2022-26697

MISC

MISC

MISC apple — multiple_products An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.3.1, iOS 15.4.1 and iPadOS 15.4.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. 2022-05-26 not yet calculated CVE-2022-22675

MISC

MISC

MISC

MISC

MISC apple — tvos An authentication issue was addressed with improved state management. This issue is fixed in tvOS 15.5. A local user may be able to enable iCloud Photos without authentication. 2022-05-26 not yet calculated CVE-2022-26724

MISC apple — xcode This issue was addressed with improved checks. This issue is fixed in Xcode 13.4. An app may be able to gain elevated privileges. 2022-05-26 not yet calculated CVE-2022-26747

MISC apple — xpc_services_api An event handler validation issue in the XPC Services API was addressed by removing the service. This issue is fixed in macOS Monterey 12.2. An application may be able to delete files for which it does not have permission. 2022-05-26 not yet calculated CVE-2022-22676

MISC archer — archer_platform Archer Platform 6.3 before 6.11 (6.11.0.0) contains an Improper Access Control Vulnerability within SSO ADFS functionality that could potentially be exploited by malicious users to compromise the affected system. 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6.9.3.4) are also fixed releases. 2022-05-26 not yet calculated CVE-2022-30584

MISC

MISC archer — archer_platform The REST API in Archer Platform 6.x before 6.11 (6.11.0.0) contains an Authorization Bypass Vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to view sensitive information. 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6.9.3.4) are also fixed releases. 2022-05-26 not yet calculated CVE-2022-30585

MISC

MISC archibus — web_central In Archibus Web Central before 26.2, multiple SQL Injection vulnerabilities occur in dwr/call/plaincall/workflow.runWorkflowRule.dwr. Through the injection of arbitrary SQL statements, a potential attacker can modify query syntax and perform unauthorized (and unexpected) operations against the remote database. This is fixed in all recent versions, such as version 26.2. 2022-05-25 not yet calculated CVE-2022-28862

MISC

MISC arista — eos This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to other authorized users, which could cause MACsec traffic to be decrypted or modified by other authorized users on the device. 2022-05-26 not yet calculated CVE-2021-28509

MISC arista — eos This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to other authorized users, which could cause IPsec traffic to be decrypted or modified by other authorized users on the device. 2022-05-26 not yet calculated CVE-2021-28508

MISC aveva — intouch_access_anywhere_and_plant_scada_access_anywhere_applications Windows OS can be configured to overlay a “language bar” on top of any application. When this OS functionality is enabled, the OS language bar UI will be viewable in the browser alongside the AVEVA InTouch Access Anywhere and Plant SCADA Access Anywhere applications. It is possible to manipulate the Windows OS language bar to launch an OS command prompt, resulting in a context-escape from application into OS. 2022-05-23 not yet calculated CVE-2022-1467

MISC

MISC azure — rtos_usbx Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack. Prior to version 6.1.11, he USBX DFU UPLOAD functionality may be utilized to introduce a buffer overflow resulting in overwrite of memory contents. In particular cases this may allow an attacker to bypass security features or execute arbitrary code. The implementation of `ux_device_class_dfu_control_request` function does not assure that a buffer overflow will not occur during handling of the DFU UPLOAD command. When an attacker issues the `UX_SLAVE_CLASS_DFU_COMMAND_UPLOAD` control transfer request with `wLenght` larger than the buffer size (`UX_SLAVE_REQUEST_CONTROL_MAX_LENGTH`, 256 bytes), depending on the actual implementation of `dfu -> ux_slave_class_dfu_read`, a buffer overflow may occur. In example `ux_slave_class_dfu_read` may read 4096 bytes (or more up to 65k) to a 256 byte buffer ultimately resulting in an overflow. Furthermore in case an attacker has some control over the read flash memory, this may result in execution of arbitrary code and platform compromise. A fix for this issue has been included in USBX release 6.1.11. As a workaround, align request and buffer size to assure that buffer boundaries are respected. 2022-05-24 not yet calculated CVE-2022-29246

CONFIRM

MISC

MISC azure — rtos_usbx Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack. In versions prior to 6.1.10, an attacker can cause a buffer overflow by providing the Azure RTOS USBX host stack a HUB descriptor with `bNbPorts` set to a value greater than `UX_MAX_TT` which defaults to 8. For a `bNbPorts` value of 255, the implementation of `ux_host_class_hub_descriptor_get` function will modify the contents of `hub` -> `ux_host_class_hub_device` -> `ux_device_hub_tt` array violating the end boundary by 255 – `UX_MAX_TT` items. The USB host stack needs to validate the number of ports reported by the hub, and if the value is larger than UX_MAX_TT, USB stack needs to reject the request. This fix has been included in USBX release 6.1.10. 2022-05-24 not yet calculated CVE-2022-29223

CONFIRM

MISC badmington_center — management_system A vulnerability, which was classified as problematic, was found in Badminton Center Management System. This affects the userlist module at /bcms/admin/?page=user/list. The manipulation of the argument username with the input

1 leads to an authenticated cross site scripting. Exploit details have been disclosed to the public. 2022-05-23 not yet calculated CVE-2022-1817

MISC

MISC beego — beego The route lookup process in beego through 1.12.4 and 2.x through 2.0.2 allows attackers to bypass access control. When a /p1/p2/:name route is configured, attackers can access it by appending .xml in various places (e.g., p1.xml instead of p1). 2022-05-21 not yet calculated CVE-2022-31259

MISC

MISC

MISC bentley_nevada — 3500_rack_configuration The affected Baker Hughes Bentley Nevada products (3500 System 1 6.x, Part No. 3060/00 versions 6.98 and prior, 3500 System 1, Part No. 3071/xx & 3072/xx versions 21.1 HF1 and prior, 3500 Rack Configuration, Part No. 129133-01 versions 6.4 and prior, and 3500/22M Firmware, Part No. 288055-01 versions 5.05 and prior) utilize a weak encryption algorithm for storage and transmission of sensitive data, which may allow an attacker to more easily obtain credentials used for access. 2022-05-25 not yet calculated CVE-2021-32997

MISC bfabiszewski_libmobi Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. 2022-05-27 not yet calculated CVE-2022-1907

CONFIRM

MISC bfabiszewski_libmobi Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. 2022-05-27 not yet calculated CVE-2022-1908

CONFIRM

MISC c-data — d702xw-x-r430 C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command injection vulnerability via the va_cmd parameter in formlanipv6. This vulnerability allows attackers to execute arbitrary commands via a crafted HTTP request. 2022-05-24 not yet calculated CVE-2022-29337

MISC camptocamp — terraboard SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0. 2022-05-25 not yet calculated CVE-2022-1883

MISC

CONFIRM cardo_systems — scala_rider_q3 A vulnerability classified as critical has been found in Cardo Systems Scala Rider Q3. Affected is the file /cardo/api of the Cardo-Updater. Unauthenticated remote code execution with root permissions is possible. Firewalling or disabling the service is recommended. 2022-05-24 not yet calculated CVE-2014-125001

MISC

MISC causefx_organizr Cross-site Scripting (XSS) – Stored in GitHub repository causefx/organizr prior to 2.1.2200. 2022-05-27 not yet calculated CVE-2022-1909

MISC

CONFIRM chainsafe — lodestar Lodestar is a TypeScript implementation of the Ethereum Consensus specification. Prior to version 0.36.0, there is a possible consensus split given maliciously-crafted `AttesterSlashing` or `ProposerSlashing` being included on-chain. Because the developers represent `uint64` values as native javascript `number`s, there is an issue when those variables with large (greater than 2^53) `uint64` values are included on chain. In those cases, Lodestar may view valid_`AttesterSlashing` or `ProposerSlashing` as invalid, due to rounding errors in large `number` values. This causes a consensus split, where Lodestar nodes are forked away from the main network. Similarly, Lodestar may consider invalid `ProposerSlashing` as valid, thus including in proposed blocks that will be considered invalid by the network. Version 0.36.0 contains a fix for this issue. As a workaround, use `BigInt` to represent `Slot` and `Epoch` values in `AttesterSlashing` and `ProposerSlashing` objects. `BigInt` is too slow to be used in all `Slot` and `Epoch` cases, so one may carefully use `BigInt` just where necessary for consensus. 2022-05-24 not yet calculated CVE-2022-29219

CONFIRM

MISC

MISC circutor — compact_dc-s_basic A buffer overflow vulnerability has been detected in the firewall function of the device management web portal. The device runs a CGI binary (index.cgi) to offer a management web application. Once authenticated with valid credentials in this web portal, a potential attacker could submit any “Address” value and it would be copied to a second variable with a “strcpy” vulnerable function without checking its length. Because of this, it is possible to send a long address value to overflow the process stack, controlling the function return address. 2022-05-24 not yet calculated CVE-2022-1669

MISC cisco — common_services_platform_collector Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-05-27 not yet calculated CVE-2022-20668

CISCO cisco — common_services_platform_collector Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-05-27 not yet calculated CVE-2022-20667

CISCO cisco — common_services_platform_collector Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-05-27 not yet calculated CVE-2022-20666

CISCO cisco — common_services_platform_collector_software Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-05-27 not yet calculated CVE-2022-20672

CISCO cisco — common_services_platform_collector_software Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-05-27 not yet calculated CVE-2022-20673

CISCO cisco — common_services_platform_collector_software Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-05-27 not yet calculated CVE-2022-20669

CISCO cisco — common_services_platform_collector_software Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-05-27 not yet calculated CVE-2022-20674

CISCO cisco — common_services_platform_collector_software Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-05-27 not yet calculated CVE-2022-20671

CISCO cisco — expressway_series_and_telepresence Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. 2022-05-27 not yet calculated CVE-2022-20807

CISCO cisco — expressway_series_and_telepresence Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. 2022-05-27 not yet calculated CVE-2022-20806

CISCO cisco — expressway_series_and_telepresence Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. 2022-05-26 not yet calculated CVE-2022-20809

CISCO cisco — ios_xr A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. This vulnerability exists because the health check RPM opens TCP port 6379 by default upon activation. An attacker could exploit this vulnerability by connecting to the Redis instance on the open port. A successful exploit could allow the attacker to write to the Redis in-memory database, write arbitrary files to the container filesystem, and retrieve information about the Redis database. Given the configuration of the sandboxed container that the Redis instance runs in, a remote attacker would be unable to execute remote code or abuse the integrity of the Cisco IOS XR Software host system. 2022-05-26 not yet calculated CVE-2022-20821

CISCO cisco — secure_network_analytics A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary commands as an administrator on the underlying operating system. This vulnerability is due to insufficient user input validation by the web-based management interface of the affected software. An attacker could exploit this vulnerability by injecting arbitrary commands in the web-based management interface. A successful exploit could allow the attacker to make configuration changes on the affected device or cause certain services to restart unexpectedly. 2022-05-27 not yet calculated CVE-2022-20797

CISCO cisco — web_applications A vulnerability in the web applications of Cisco UCS Director could allow an authenticated, remote attacker to conduct a cross-site scripting attack on an affected system. This vulnerability is due to unsanitized user input. An attacker could exploit this vulnerability by submitting custom JavaScript to affected web applications. A successful exploit could allow the attacker to rewrite web page content, access sensitive information stored in the applications, and alter data by submitting forms. 2022-05-27 not yet calculated CVE-2022-20765

CISCO cisco — enterprise_chat_and_email A vulnerability in the web interface of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input that is processed by the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected system. A successful exploit could allow the attacker to execute arbitrary code in the context of the interface or access sensitive, browser-based information. To successfully exploit this vulnerability, an attacker would need valid agent credentials. 2022-05-27 not yet calculated CVE-2022-20802

CISCO citrix — gateway_plug-in An improper privilege vulnerability has been discovered in Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows) <21.9.1.2 what could allow an attacker who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM. 2022-05-26 not yet calculated CVE-2022-21827

MISC claroty — secure_remote_access_site Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions 3.0 through 3.2 allows an attacker with local command line interface access to gain the secret key, subsequently allowing them to generate valid session tokens for the web user interface (UI). With access to the web UI an attacker can access assets managed by the SRA installation and could compromise the installation. 2022-05-23 not yet calculated CVE-2021-32958

MISC cognex — in-sight_opc_server Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are vulnerable to a stack-based buffer overflow, which allows an unauthorized remote attacker to execute arbitrary code with the same privileges as the server user (root). 2022-05-23 not yet calculated CVE-2021-32941

MISC cognex — in-sight_opc_server The affected Cognex product, the In-Sight OPC Server versions v5.7.4 (96) and prior, deserializes untrusted data, which could allow a remote attacker access to system level permission commands and local privilege escalation. 2022-05-23 not yet calculated CVE-2021-32935

MISC cszcms — cszcms CSZCMS v1.3.0 allows attackers to execute a Server-Side Request Forgery (SSRF) which can be leveraged to leak sensitive data via a local file inclusion at /admin/filemanager/connector/. 2022-05-23 not yet calculated CVE-2022-28997

MISC

MISC

MISC

MISC

MISC curl — curl An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only). 2022-05-26 not yet calculated CVE-2022-22576

MISC cyberlink — power_director A vulnerability in CyberLink Power Director v14 allows attackers to escalate privileges via a crafted .exe file. 2022-05-24 not yet calculated CVE-2022-29333

MISC

MISC

MISC

MISC d-link — dsl-g2452dg D-Link DSL-G2452DG HW:T1\tFW:ME_2.00 was discovered to contain insecure permissions. 2022-05-23 not yet calculated CVE-2022-28932

MISC

MISC

MISC

MISC dedecms — dedecms DedeCMS v5.7.93 was discovered to contain arbitrary file deletion vulnerability in upload.php via the delete parameter. 2022-05-26 not yet calculated CVE-2022-30508

MISC dell — bios Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. 2022-05-26 not yet calculated CVE-2022-24418

MISC dell — bios Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. 2022-05-26 not yet calculated CVE-2022-24417

MISC dell — emc_cloudlink Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use these tokens to access CloudLink server. Tokens should not be used in request URL to avoid such attacks. 2022-05-26 not yet calculated CVE-2022-24414

MISC dell — emc_networker Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port 5671 which could allow remote attackers to spoof certificates. 2022-05-26 not yet calculated CVE-2022-29082

MISC dell — idrac9 Dell iDRAC9 versions 5.00.00.00 and later but prior to 5.10.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access to the VNC Console. 2022-05-26 not yet calculated CVE-2022-24422

MISC dell — multiple_products Dell Unity, Dell UnityVSA, and Dell UnityXT versions prior to 5.2.0.0.5.173 contain a Reflected Cross-Site Scripting Vulnerability in Unisphere GUI. An Unauthenticated Remote Attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user’s web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. 2022-05-26 not yet calculated CVE-2022-29091

MISC dell — openmanage_enterprise Dell OpenManage Enterprise Versions 3.8.3 and prior contain an improper authorization vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to bypass blocked functionalities and perform unauthorized actions. 2022-05-26 not yet calculated CVE-2022-26857

MISC dell — support_assist_os_recovery Dell Support Assist OS Recovery versions before 5.5.2 contain an Authentication Bypass vulnerability. An unauthenticated attacker with physical access to the system may exploit this vulnerability by bypassing OS Recovery authentication in order to run arbitrary code on the system as Administrator. 2022-05-26 not yet calculated CVE-2022-26865

MISC delta_electronics — diascreen Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to type confusion, which may allow an attacker to remotely execute arbitrary code. 2022-05-24 not yet calculated CVE-2021-32965

MISC delta_electronics — diascreen Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to an out-of-bounds write condition, which may result in a system crash or allow an attacker to remotely execute arbitrary code. 2022-05-24 not yet calculated CVE-2021-32969

MISC dev-cpp — dev-cpp Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers to execute arbitrary code via overwriting the binary devcpp.exe. 2022-05-23 not yet calculated CVE-2022-28999

MISC divvydrives — aciklama_parameter A Stored Cross-Site Scripting (XSS) vulnerability in DivvyDrive’s “aciklama” parameter could allow anyone to gain users’ session informations. 2022-05-23 not yet calculated CVE-2022-0900

CONFIRM docker — desktop Docker Desktop 4.3.0 has Incorrect Access Control. 2022-05-25 not yet calculated CVE-2021-44719

MISC

MISC

MISC dpkg — dpkg Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs. 2022-05-26 not yet calculated CVE-2022-1664

MISC

MISC

MISC

MISC

MISC

MISC emco — emco_software Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network Inventory for Windows 5.8.22 and Network Software Scanner for Windows 2.0.8 and UnLock IT for Windows 6.1.1. The impact is: execute arbitrary code (remote). The component is: Updater. The attack vector is: To exploit this vulnerability, a user must trigger an update of an affected installation of EMCO Software. ¶¶ Multiple products from EMCO Software are affected by a remote code execution vulnerability during the update process. 2022-05-23 not yet calculated CVE-2022-28944

MISC

MISC

MISC epub2txt2 — epub2txt2 epub2txt2 v2.04 was discovered to contain an integer overflow via the function bug in _parse_special_tag at sxmlc.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted XML file. 2022-05-25 not yet calculated CVE-2022-29358

MISC erudika — para Business Logic Errors in GitHub repository erudika/para prior to 1.45.11. 2022-05-24 not yet calculated CVE-2022-1848

MISC

CONFIRM f-secure– atlant A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aemobile component can crash the scanning engine. The exploit can be triggered remotely by an attacker. 2022-05-25 not yet calculated CVE-2022-28875

MISC

MISC f-secure– atlant Multiple Denial-of-Service vulnerabilities was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files cause memory corruption and heap buffer overflow which eventually can crash the scanning engine. The exploit can be triggered remotely by an attacker. 2022-05-23 not yet calculated CVE-2022-28874

MISC

MISC filegator — filegator Path Traversal in GitHub repository filegator/filegator prior to 7.8.0. 2022-05-24 not yet calculated CVE-2022-1850

CONFIRM

MISC filegator — filegator Session Fixation in GitHub repository filegator/filegator prior to 7.8.0. 2022-05-24 not yet calculated CVE-2022-1849

MISC

CONFIRM fortiguard — fortios An improper certificate validation vulnerability [CWE-295] in FortiOS 6.0.0 through 6.0.14, 6.2.0 through 6.2.10, 6.4.0 through 6.4.8, 7.0.0 may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication between the FortiGate and some peers such as private SDNs and external cloud platforms. 2022-05-24 not yet calculated CVE-2022-22306

CONFIRM gibbon — v23 Gibbon v23 does not generate a new session ID cookie after a user authenticates, making the application vulnerable to session fixation. 2022-05-25 not yet calculated CVE-2022-27305

MISC

MISC

MISC ginadmin — ginadmin In ginadmin through 05-10-2022 the incoming path value is not filtered, resulting in directory traversal. 2022-05-25 not yet calculated CVE-2022-30427

MISC ginadmin — ginadmin In ginadmin through 05-10-2022, the incoming path value is not filtered, resulting in arbitrary file reading. 2022-05-25 not yet calculated CVE-2022-30428

MISC gitblit — gitblit Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext ‘attacker@example.comntrole = “#admin”http://us-cert.cisa.gov/” value. 2022-05-21 not yet calculated CVE-2022-31267

MISC

MISC gitblit — gitblit A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ (e.g., followed by a WEB-INF or META-INF pathname). 2022-05-21 not yet calculated CVE-2022-31268

MISC gjson — gjson GJSON <= 1.9.2 allows attackers to cause a redos via crafted JSON input. 2022-05-24 not yet calculated CVE-2021-42248

MISC gost — gost_engine GOST engine is a reference implementation of the Russian GOST crypto algorithms for OpenSSL. TLS clients using GOST engine when ciphersuite `TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC` is agreed and the server uses 512 bit GOST secret keys are vulnerable to buffer overflow. GOST engine version 3.0.1 contains a patch for this issue. Disabling ciphersuite `TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC` is a possible workaround. 2022-05-24 not yet calculated CVE-2022-29242

MISC

MISC

MISC

MISC

CONFIRM guzzle — guzzle Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 contains a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets the cookie via the Set-Cookie header, allowing a malicious server to set cookies for unrelated domains. The cookie middleware is disabled by default, so most library consumers will not be affected by this issue. Only those who manually add the cookie middleware to the handler stack or construct the client with [‘cookies’ => true] are affected. Moreover, those who do not use the same Guzzle client to call multiple domains and have disabled redirect forwarding are not affected by this vulnerability. Guzzle versions 6.5.6 and 7.4.3 contain a patch for this issue. As a workaround, turn off the cookie middleware. 2022-05-25 not yet calculated CVE-2022-29248

MISC

MISC

CONFIRM

CONFIRM h — h An issue in H v1.0 allows attackers to bypass authentication via a session replay attack. 2022-05-24 not yet calculated CVE-2022-29334

MISC halibut — halibut A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document. 2022-05-24 not yet calculated CVE-2021-42612

MISC halibut — halibut A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document. 2022-05-24 not yet calculated CVE-2021-42614

MISC halibut — halibut A double free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document. 2022-05-24 not yet calculated CVE-2021-42613

MISC hashicorp — go-getter HashiCorp go-getter through 2.0.2 does not safely perform downloads (issue 3 of 3). 2022-05-25 not yet calculated CVE-2022-30323

MISC

MISC

MISC hashicorp — go-getter HashiCorp go-getter through 2.0.2 does not safely perform downloads (issue 2 of 3). 2022-05-25 not yet calculated CVE-2022-30322

MISC

MISC

MISC hashicorp — go-getter HashiCorp go-getter through 2.0.2 does not safely perform downloads (issue 1 of 3). 2022-05-25 not yet calculated CVE-2022-30321

MISC

MISC

MISC hashicorp — go-getter HashiCorp go-getter before 2.0.2 allows Command Injection. 2022-05-25 not yet calculated CVE-2022-26945

MISC

MISC hcl_software — bigfix_mobile/modern_client_management_version The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment. 2022-05-27 not yet calculated CVE-2021-27780

CONFIRM hcl_software — bigfix_mobile/modern_client_management_version The Master operator may be able to embed script tag in HTML with alert pop-up display cookie. 2022-05-27 not yet calculated CVE-2021-27781

CONFIRM hcl_software — bigfix_mobile/modern_client_management_version User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed. 2022-05-25 not yet calculated CVE-2021-27783

MISC hcl_software –hcl_versionvault_express VersionVault Express exposes sensitive information that an attacker can use to impersonate the server or eavesdrop on communications with the server. 2022-05-25 not yet calculated CVE-2021-27779

MISC home_clean_services_management_system –home_clean_services_management_system A vulnerability, which was classified as problematic, has been found in Home Clean Services Management System 1.0. This issue affects register.php?link=registerand. The manipulation with the input leads to cross site scripting. The attack may be initiated remotely but demands authentication. Exploit details have been disclosed to the public. 2022-05-24 not yet calculated CVE-2022-1840

MISC

MISC home_clean_services_management_system –home_clean_services_management_system A vulnerability classified as critical was found in Home Clean Services Management System 1.0. This vulnerability affects the file login.php. The manipulation of the argument email with the input admin%’/**/AND/**/(SELECT/**/5383/**/FROM/**/(SELECT(SLEEP(2)))JPeh)/**/AND/**/’frfq%’=’frfq leads to sql injection. The attack can be initiated remotely but it requires authentication. Exploit details have been disclosed to the public. 2022-05-24 not yet calculated CVE-2022-1839

MISC

MISC home_clean_services_management_system –home_clean_services_management_system A vulnerability was found in Home Clean Services Management System 1.0. It has been rated as critical. Affected by this issue is register.php?link=registerand. The manipulation with the input leads to code execution. The attack may be launched remotely but demands an authentication. Exploit details have been disclosed to the public. 2022-05-24 not yet calculated CVE-2022-1837

MISC

MISC home_clean_services_management_system –home_clean_services_management_system A vulnerability classified as critical has been found in Home Clean Services Management System 1.0. This affects an unknown part of admin/login.php. The manipulation of the argument username with the input admin%’/**/AND/**/(SELECT/**/5383/**/FROM/**/(SELECT(SLEEP(5)))JPeh)/**/AND/**/’frfq%’=’frfq leads to sql injection. It is possible to initiate the attack remotely but it requires authentication. Exploit details have been disclosed to the public. 2022-05-24 not yet calculated CVE-2022-1838

MISC

MISC hospital-management-system — hospital-management-system In Hospital-Management-System v1.0, the editid parameter in the doctor.php page is vulnerable to SQL injection attacks. 2022-05-26 not yet calculated CVE-2022-30516

MISC ibm — aspera_faspex IBM Aspera Faspex 4.4.1 and 5.0.0 could allow unauthorized access due to an incorrectly computed security token. IBM X-Force ID: 226951. 2022-05-24 not yet calculated CVE-2022-22497

XF

CONFIRM ibm — elastic_storage_system A vulnerability in the Spectrum Scale 5.1 core component and IBM Elastic Storage System 6.1 could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. IBM X-Force ID: 191600. 2022-05-24 not yet calculated CVE-2020-4926

XF

CONFIRM

CONFIRM ibm — i IBM i 7.3, 7.4, and 7.5 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 226941. 2022-05-24 not yet calculated CVE-2022-22495

XF

CONFIRM ibm — power_systems The POWER systems FSP is vulnerable to unauthenticated logins through the serial port/TTY interface. This vulnerability can be more critical if the serial port is connected to a serial-over-lan device. IBM X-Force ID: 217095. 2022-05-24 not yet calculated CVE-2022-22309

CONFIRM

XF java — javaez JavaEZ is a library that adds new functions to make Java easier. A weakness in JavaEZ 1.6 allows force decryption of locked text by unauthorized actors. The issue is NOT critical for non-secure applications, however may be critical in a situation where the highest levels of security are required. This issue ONLY affects v1.6 and does not affect anything pre-1.6. The vulnerability has been patched in release 1.7. Currently, there is no way to fix the issue without upgrading. 2022-05-24 not yet calculated CVE-2022-29249

CONFIRM

MISC jfinal — jfinal_cms Jfinal cms 5.1.0 is vulnerable to SQL Injection. 2022-05-26 not yet calculated CVE-2022-30500

MISC jfrog — artifactory JFrog Artifactory prior to version 7.28.0 and 6.23.38, is vulnerable to Broken Access Control, the copy functionality can be used by a low-privileged user to read and copy any artifact that exists in the Artifactory deployment due to improper permissions validation. 2022-05-23 not yet calculated CVE-2021-41834

CONFIRM jgraph — drawio Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2. 2022-05-25 not yet calculated CVE-2022-1815

CONFIRM

MISC kkfileview — kkfileview kkFileView v4.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the url parameter at /controller/OnlinePreviewController.java. 2022-05-25 not yet calculated CVE-2022-29349

MISC kuka — kr_c4 An attacker can gain full access (read/write/delete) to sensitive folders due to hard-coded credentials on KUKA KR C4 control software for versions prior to 8.7 or any product running KSS. 2022-05-26 not yet calculated CVE-2021-33016

MISC kuka — kr_c4 An attacker can gain VxWorks Shell after login due to hard-coded credentials on a KUKA KR C4 control software for versions prior to 8.7 or any product running KSS. 2022-05-26 not yet calculated CVE-2021-33014

MISC lcds– laquis_scada_application When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) returns error messages which may allow reflected cross-site scripting. 2022-05-25 not yet calculated CVE-2021-32989

MISC limesurvey — limesurvey A cross-site scripting (XSS) vulnerability in uploadConfirm.php of LimeSurvey v5.3.9 and below allows attackers to execute arbitrary web scripts or HTML via a crafted plugin. 2022-05-25 not yet calculated CVE-2022-29710

MISC linglong — linglong An access control issue in Linglong v1.0 allows attackers to access the background of the application via a crafted cookie. 2022-05-26 not yet calculated CVE-2022-29633

MISC linux — linux_kernel An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients. 2022-05-25 not yet calculated CVE-2022-1678

MISC

CONFIRM

MISC

MISC linux — linux_kernel A flaw use after free in the Linux kernel pipes functionality was found in the way user do some manipulations with pipe ex. with the post_one_notification() after free_pipe_info() already called. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. 2022-05-26 not yet calculated CVE-2022-1882

MISC logrotate — logrotate A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist, it is created with world-readable permission, allowing an unprivileged user to lock the state file, stopping any rotation. This flaw affects logrotate versions before 3.20.0. 2022-05-25 not yet calculated CVE-2022-1348

MISC

MLIST

MLIST

MLIST luxsoft — luxcal_web_calendar In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a POST request. This allows the attacker’s session to be authenticated as any registered LuxCal user, including the site administrator. 2022-05-24 not yet calculated CVE-2021-45914

MISC

MISC

MISC

CONFIRM luxsoft — luxcal_web_calendar In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a cookie value. This allows the attacker’s session to be authenticated as any registered LuxCal user, including the site administrator. 2022-05-24 not yet calculated CVE-2021-45915

MISC

MISC

MISC

CONFIRM manageengine — appmanager15 ManageEngine AppManager15 (Build No:15510) allows an authenticated admin user to upload a DLL file to perform a DLL hijack attack inside the ‘working’ folder through the ‘Upload Files / Binaries’ functionality. 2022-05-24 not yet calculated CVE-2022-23050

MISC

MISC mastodon — mastodon app/models/user.rb in Mastodon before 3.5.0 allows a bypass of e-mail restrictions. 2022-05-24 not yet calculated CVE-2022-31263

CONFIRM

CONFIRM matrikon — matrikon_opc_server Matrikon, a subsidary of Honeywell Matrikon OPC Server (all versions) is vulnerable to a condition where a low privileged user allowed to connect to the OPC server to use the functions of the IPersisFile to execute operating system processes with system-level privileges. 2022-05-26 not yet calculated CVE-2022-1261

CONFIRM mindoc — mindoc An arbitrary file upload vulnerability in Mindoc v2.1-beta.5 allows attackers to execute arbitrary commands via a crafted Zip file. 2022-05-26 not yet calculated CVE-2022-29637

MISC mini-xml — mini-xml A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxml_string_getc:2611. 2022-05-26 not yet calculated CVE-2021-42860

MISC mini-xml — mini-xml A memory leak issue was discovered in Mini-XML v3.2 that could cause a denial of service. 2022-05-26 not yet calculated CVE-2021-42859

MISC morpheus — morpheus An XXE issue was discovered in Morpheus through 5.2.16 and 5.4.x through 5.4.4. A successful attack requires a SAML identity provider to be configured. In order to exploit the vulnerability, the attacker must know the unique SAML callback ID of the configured identity source. A remote attacker can send a request crafted with an XXE payload to invoke a malicious DTD hosted on a system that they control. This results in reading local files that the application has access to. 2022-05-24 not yet calculated CVE-2022-31261

MISC

MISC mysiteforme — mysistefome mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery. 2022-05-24 not yet calculated CVE-2022-29309

MISC nginx — njs Nginx NJS v0.7.3 was discovered to contain a stack overflow in the function njs_default_module_loader at /src/njs/src/njs_module.c. 2022-05-25 not yet calculated CVE-2022-29379

MISC

MISC

MISC nokia — broadcast_message_center Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user, database name, and database version information, and potentially database data. 2022-05-25 not yet calculated CVE-2021-35487

MISC

MISC oas — oas_platform An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this vulnerability. 2022-05-25 not yet calculated CVE-2022-26833

MISC oas — oas_platform An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of an OAS user account. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-25 not yet calculated CVE-2022-26303

MISC oas — oas_platform An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to a disclosure of sensitive information. An attacker can send a network request to trigger this vulnerability. 2022-05-25 not yet calculated CVE-2022-27169

MISC oas — oas_platform An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of a custom Security Group. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-25 not yet calculated CVE-2022-26043

MISC oas — oas_platform An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to arbitrary file read. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-25 not yet calculated CVE-2022-26067

MISC oas — oas_platform A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability. 2022-05-25 not yet calculated CVE-2022-26077

MISC oas — oas_platform A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-25 not yet calculated CVE-2022-26082

MISC oas — oas_platform A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to loss of communications. An attacker can send a network request to trigger this vulnerability. 2022-05-25 not yet calculated CVE-2022-26026

MISC online_food — ordering_system Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the Search parameter at /online-food-order/food-search.php. 2022-05-25 not yet calculated CVE-2022-29650

MISC online_food — ordering_system An arbitrary file upload vulnerability in the Select Image function of Online Food Ordering System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. 2022-05-25 not yet calculated CVE-2022-29651

MISC opencast — opencast Opencast is a free and open source solution for automated video capture and distribution at scale. Prior to Opencast 10.14 and 11.7, users could pass along URLs for files belonging to organizations other than the user’s own, which Opencast would then import into the current organization, bypassing organizational barriers. Attackers must have full access to Opencast’s ingest REST interface, and also know internal links to resources in another organization of the same Opencast cluster. Users who do not run a multi-tenant cluster are not affected by this issue. This issue is fixed in Opencast 10.14 and 11.7. 2022-05-24 not yet calculated CVE-2022-29237

CONFIRM

MISC oretnom23 — automotive_shop_management_system In oretnom23 Automotive Shop Management System v1.0, the product id parameter suffers from a blind SQL Injection Vulnerability allowing remote attackers to dump all database credential and gain admin access(privilege escalation). 2022-05-26 not yet calculated CVE-2022-30493

MISC oretnom23 — automotive_shop_management_system In oretnom23 Automotive Shop Management System v1.0, the name id parameter is vulnerable to IDOR – Broken Access Control allowing attackers to change the admin password(vertical privilege escalation) 2022-05-26 not yet calculated CVE-2022-30495

MISC oretnom23 — automotive_shop_management_system In oretnom23 Automotive Shop Management System v1.0, the first and last name user fields suffer from a stored XSS Injection Vulnerability allowing remote attackers to gain admin access and view internal IPs. 2022-05-26 not yet calculated CVE-2022-30494

MISC pallets — werkzeug Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. 2022-05-25 not yet calculated CVE-2022-29361

MISC philips — interoperability_solution_xds Philips Interoperability Solution XDS versions 2.5 through 3.11 and 2018-1 through 2021-1 are vulnerable to clear text transmission of sensitive information when configured to use LDAP via TLS and where the domain controller returns LDAP referrals, which may allow an attacker to remotely read LDAP system credentials. 2022-05-25 not yet calculated CVE-2021-32966

MISC php — zoo_management_system A vulnerability, which was classified as problematic, has been found in Zoo Management System 1.0. Affected by this issue is /zoo/admin/public_html/view_accounts?type=zookeeper of the content module. The manipulation of the argument admin_name with the input leads to an authenticated cross site scripting. Exploit details have been disclosed to the public. 2022-05-23 not yet calculated CVE-2022-1816

MISC

MISC pillow — pyhton_pillow libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files. 2022-05-25 not yet calculated CVE-2022-30595

MISC

MISC piwigo — piwigo Piwigo 11.5.0 is affected by a SQL injection vulnerability via admin.php and the id parameter. 2022-05-26 not yet calculated CVE-2021-40317

MISC protobufjs — protobufjs The package protobufjs before 6.11.3 are vulnerable to Prototype Pollution which can allow an attacker to add/modify properties of the Object.prototype. This vulnerability can occur in multiple ways: 1. by providing untrusted user input to util.setProperty or to ReflectionObject.setParsedOption functions 2. by parsing/loading .proto files 2022-05-27 not yet calculated CVE-2022-25878

CONFIRM

CONFIRM

CONFIRM

CONFIRM

CONFIRM publify — publify Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to 9.2.9. 2022-05-23 not yet calculated CVE-2022-1811

MISC

CONFIRM pyjwt — python PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT token can choose the used signing algorithm. The PyJWT library requires that the application chooses what algorithms are supported. The application can specify `jwt.algorithms.get_default_algorithms()` to get support for all algorithms, or specify a single algorithm. The issue is not that big as `algorithms=jwt.algorithms.get_default_algorithms()` has to be used. Users should upgrade to v2.4.0 to receive a patch for this issue. As a workaround, always be explicit with the algorithms that are accepted and expected when decoding. 2022-05-24 not yet calculated CVE-2022-29217

CONFIRM

MISC

MISC qnap –qnap_nas_running_proxy_server A cross-site request forgery (CSRF) vulnerability has been reported to affect QNAP device running Proxy Server. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Proxy Server: QTS 4.5.x: Proxy Server 1.4.2 ( 2021/12/30 ) and later QuTS hero h5.0.0: Proxy Server 1.4.3 ( 2022/01/18 ) and later QuTScloud c4.5.6: Proxy Server 1.4.2 ( 2021/12/30 ) and later 2022-05-26 not yet calculated CVE-2021-34360

MISC quick_heal — total_security Quick Heal Total Security before 12.1.1.27 allows DLL hijacking during installation. 2022-05-23 not yet calculated CVE-2022-31467

MISC quick_heal — total_security Quick Heal Total Security before 12.1.1.27 has a TOCTOU race condition that leads to privilege escalation. It may follow a symlink that was created after a malware check. 2022-05-23 not yet calculated CVE-2022-31466

MISC radareorg — radare2 Access of Uninitialized Pointer in GitHub repository radareorg/radare2 prior to 5.7.0. 2022-05-21 not yet calculated CVE-2022-1809

CONFIRM

MISC radereorg — radare radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser. 2022-05-25 not yet calculated CVE-2021-44974

MISC

MISC

MLIST radereorg — radare radareorg radare2 5.5.2 is vulnerable to Buffer Overflow via /libr/core/anal_objc.c mach-o parser. 2022-05-24 not yet calculated CVE-2021-44975

MISC

MISC

MLIST radereorg — radare2 Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. 2022-05-26 not yet calculated CVE-2022-1899

CONFIRM

MISC rails — active_storage A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments. 2022-05-26 not yet calculated CVE-2022-21831

MISC roncoo — roncoo_education An arbitrary file upload vulnerability in the component /course/api/upload/pic of Roncoo Education v9.0.0 allows attackers to execute arbitrary code via a crafted file. 2022-05-26 not yet calculated CVE-2022-29632

MISC school_club_application_system –school_club_application_system A stored cross-site scripting (XSS) vulnerability in /scas/?page=clubs/application_form&id=7 of School Club Application System v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter. 2022-05-25 not yet calculated CVE-2022-29359

MISC

MISC sharp — sharp sharp is an application for Node.js image processing. Prior to version 0.30.5, there is a possible vulnerability in logic that is run only at `npm install` time when installing versions of `sharp` prior to the latest v0.30.5. If an attacker has the ability to set the value of the `PKG_CONFIG_PATH` environment variable in a build environment then they might be able to use this to inject an arbitrary command at `npm install` time. This is not part of any runtime code, does not affect Windows users at all, and is unlikely to affect anyone that already cares about the security of their build environment. This problem is fixed in version 0.30.5. 2022-05-25 not yet calculated CVE-2022-29256

CONFIRM

MISC siteserver — cms SiteServer CMS V6.15.51 is affected by a SQL injection vulnerability. 2022-05-24 not yet calculated CVE-2021-42655

MISC

MISC

MISC siteserver — cms SiteServer CMS < V5.1 is affected by an unrestricted upload of a file with dangerous type (getshell), which could be used to execute arbitrary code. 2022-05-24 not yet calculated CVE-2021-42654

MISC

MISC

MISC siteserver — cms SiteServer CMS V6.15.51 is affected by a Cross Site Scripting (XSS) vulnerability. 2022-05-24 not yet calculated CVE-2021-42656

MISC

MISC

MISC smarty-php — smarty Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious {block} name or {include} file name. Sites that cannot fully trust template authors should upgrade to versions 3.1.45 or 4.1.1 to receive a patch for this issue. There are currently no known workarounds. 2022-05-24 not yet calculated CVE-2022-29221

MISC

CONFIRM

MISC

MISC solana — solana_rbpf Solana solana_rbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program. 2022-05-21 not yet calculated CVE-2022-31264

MISC

MISC sox — sox In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in libsox.a. 2022-05-25 not yet calculated CVE-2022-31651

MISC sox — sox In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a. 2022-05-25 not yet calculated CVE-2022-31650

MISC student_information_system — student_information_system A vulnerability, which was classified as problematic, was found in Student Information System 1.0. Affected is admin/?page=students of the Student Roll module. The manipulation with the input leads to authenticated cross site scripting. Exploit details have been disclosed to the public. 2022-05-24 not yet calculated CVE-2022-1819

MISC

MISC suse — rancher A Missing Encryption of Sensitive Data vulnerability in SUSE Rancher, Rancher allows attackers on the network to read and change network data due to missing encryption of data transmitted via the network when a cluster is created from an RKE template with the CNI value overridden This issue affects: SUSE Rancher Rancher versions prior to 2.5.14; Rancher versions prior to 2.6.5. 2022-05-25 not yet calculated CVE-2022-21951

CONFIRM

CONFIRM tableau — tableau_server Tableau is aware of a broken access control vulnerability present in Tableau Server affecting Tableau Server customers using Local Identity Store for managing users. The vulnerability allows a malicious site administrator to change passwords for users in different sites hosted on the same Tableau Server, resulting in the potential for unauthorized access to data.Tableau Server versions affected are:2020.4.16, 2021.1.13, 2021.2.10, 2021.3.9, 2021.4.4 and earlierNote: All future releases of Tableau Server will address this security issue. Versions that are no longer supported are not tested and may be vulnerable. 2022-05-25 not yet calculated CVE-2022-22127

MISC talend_administration_center — sso_login_endpoint Talend Administration Center is vulnerable to a reflected Cross-Site Scripting (XSS) issue in the SSO login endpoint. The issue is fixed for versions 8.0.x in TPS-5233, for versions 7.3.x in TPS-5324, and for versions 7.2.x in TPS-5235. Earlier versions of Talend Administration Center may also be impacted; users are encouraged to update to a supported version. 2022-05-26 not yet calculated CVE-2022-31648

MISC

MISC telecommunication_software_gmbh — software_samwin_contact_center_suite A vulnerability classified as critical was found in Telecommunication Software SAMwin Contact Center Suite 5.1. This vulnerability affects the function passwordScramble in the library SAMwinLIBVB.dll of the component Password Handler. Incorrect implementation of a hashing function leads to predictable authentication possibilities. Upgrading to version 6.2 is able to address this issue. It is recommended to upgrade the affected component. 2022-05-24 not yet calculated CVE-2013-10004

MISC

MISC telecommunication_software_gmbh — software_samwin_contact_center_suite A vulnerability was found in Telecommunication Software SAMwin Contact Center Suite 5.1. It has been rated as critical. Affected by this issue is the function getCurrentDBVersion in the library SAMwinLIBVB.dll of the credential handler. Authentication is possible with hard-coded credentials. Upgrading to version 6.2 is able to address this issue. It is recommended to upgrade the affected component. 2022-05-24 not yet calculated CVE-2013-10002

MISC

MISC telecommunication_software_gmbh — software_samwin_contact_center_suite A vulnerability classified as critical has been found in Telecommunication Software SAMwin Contact Center Suite 5.1. This affects the function getCurrentDBVersion in the library SAMwinLIBVB.dll of the database handler. The manipulation leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 6.2 is able to address this issue. It is recommended to upgrade the affected component. 2022-05-24 not yet calculated CVE-2013-10003

MISC

MISC tenda — web_server_httpd There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs. 2022-05-24 not yet calculated CVE-2021-42659

MISC

MISC tenda — ac_series_router Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request. 2022-05-26 not yet calculated CVE-2022-30474

MISC tenda — ac_series_router Tenda AC Seris Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function fromAddressNat 2022-05-26 not yet calculated CVE-2022-30472

MISC tenda — ac_series_router Tenda AC Series Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function form_fast_setting_wifi_set 2022-05-26 not yet calculated CVE-2022-30473

MISC tenda — ac_series_router Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/WifiExtraSet request. 2022-05-26 not yet calculated CVE-2022-30475

MISC tenda — ac_series_router Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request. 2022-05-26 not yet calculated CVE-2022-30476

MISC tenda — ac_series_router Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request. 2022-05-26 not yet calculated CVE-2022-30477

MISC thorfdbg — libjpeg In libjpeg before 1.64, BitStream::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan. 2022-05-25 not yet calculated CVE-2022-31620

MISC

MISC tinytoml — tinytoml There is a stack-overflow vulnerability in tinytoml v0.4 that can cause a crash or DoS. 2022-05-26 not yet calculated CVE-2021-42692

MISC tipask — tipask In Tipask < 3.5.9, path parameters entered by the user are not validated when downloading attachments, a registered user can download arbitrary files on the Tipask server such as .env, /etc/passwd, laravel.log, causing infomation leakage. 2022-05-23 not yet calculated CVE-2021-41714

MISC

MISC

MISC totolink — a3600r Totolink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a stacker overflow in the fread function at infostat.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via the parameter CONTENT_LENGTH. 2022-05-24 not yet calculated CVE-2022-29377

MISC tp-link — tl-wr840n TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console. This vulnerability allows attackers to connect to the UART port via a serial connection and execute commands as the root user without authentication. 2022-05-25 not yet calculated CVE-2022-29402

MISC trend_micro — maximum_security Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a low privileged local user to manipulate the product’s secure erase feature to delete arbitrary files. 2022-05-27 not yet calculated CVE-2022-30687

N/A

N/A trend_micro — apex_one  An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. 2022-05-27 not yet calculated CVE-2022-30700

N/A

N/A trend_micro — apex_one An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to craft a special configuration file to load an untrusted library with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. 2022-05-27 not yet calculated CVE-2022-30701

N/A

N/A trend_micro — password_manager

  EOL Product CVE – Installer of Trend Micro Password Manager (Consumer) versions 3.7.0.1223 and below provided by Trend Micro Incorporated contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). Please note that this was reported on an EOL version of the product, and users are advised to upgrade to the latest supported version (5.x). 2022-05-27 not yet calculated CVE-2022-28394

N/A

N/A

N/A truestack — direct_connect TrueStack Direct Connect 1.4.7 has Incorrect Access Control. 2022-05-25 not yet calculated CVE-2022-23775

MISC

MISC tuxera — ntfs-3g An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite. 2022-05-26 not yet calculated CVE-2022-30783

MISC

MISC tuxera — ntfs-3g A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22. 2022-05-26 not yet calculated CVE-2022-30786

MISC

MISC tuxera — ntfs-3g A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22. 2022-05-26 not yet calculated CVE-2022-30784

MISC

MISC tuxera — ntfs-3g A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite. 2022-05-26 not yet calculated CVE-2022-30785

MISC

MISC tuxera — ntfs-3g An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite. 2022-05-26 not yet calculated CVE-2022-30787

MISC

MISC tuxera — ntfs-3g A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22. 2022-05-26 not yet calculated CVE-2022-30789

MISC

MISC tuxera — ntfs-3g A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22. 2022-05-26 not yet calculated CVE-2022-30788

MISC

MISC ua-parser-js — ua-parser-js A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component. 2022-05-24 not yet calculated CVE-2021-4229

MISC

MISC

MISC undertow — undertow A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.35.SP1, prior to 2.2.6.SP1, prior to 2.2.7.SP1, prior to 2.0.36.SP1, prior to 2.2.9.Final and prior to 2.0.39.Final. 2022-05-24 not yet calculated CVE-2021-3597

MISC undertow — undertow A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final and prior to 2.2.11.Final. 2022-05-24 not yet calculated CVE-2021-3629

MISC vaadin — vaadin The default configuration of a TreeGrid component uses Object::toString as a key on the client-side and server communication in Vaadin 14.8.5 through 14.8.9, 22.0.6 through 22.0.14, 23.0.0.beta2 through 23.0.8 and 23.1.0.alpha1 through 23.1.0.alpha4, resulting in potential information disclosure of values that should not be available on the client-side. 2022-05-24 not yet calculated CVE-2022-29567

MISC

MISC vim — vim Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. 2022-05-25 not yet calculated CVE-2022-1851

MISC

CONFIRM vim — vim Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. 2022-05-26 not yet calculated CVE-2022-1886

CONFIRM

MISC vim — vim Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. 2022-05-27 not yet calculated CVE-2022-1897

CONFIRM

MISC vim — vim Use After Free in GitHub repository vim/vim prior to 8.2. 2022-05-27 not yet calculated CVE-2022-1898

MISC

CONFIRM vmware — vmware_tools_for_windows VMware Tools for Windows(12.0.0, 11.x.y and 10.x.y) contains an XML External Entity (XXE) vulnerability. A malicious actor with non-administrative local user privileges in the Windows guest OS, where VMware Tools is installed, may exploit this issue leading to a denial-of-service condition or unintended information disclosure. 2022-05-24 not yet calculated CVE-2022-22977

MISC wildfly — wildfly A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability. This flaw affects wildfly-core versions prior to 17.0. 2022-05-24 not yet calculated CVE-2021-3717

MISC wondercms — simple_blog_plugin The Simple Blog plugin in Wondercms 3.4.1 is vulnerable to stored cross-site scripting (XSS) vulnerability. When any user opens a particular blog hosted on an attackers’ site, XSS may occur. 2022-05-23 not yet calculated CVE-2021-42233

MISC

MISC

MISC wordpress — vsourz_digitial_advanced_contact_form Persistent Cross-Site Scripting (XSS) vulnerability in Vsourz Digital’s Advanced Contact form 7 DB plugin <= 1.8.7 at WordPress. 2022-05-25 not yet calculated CVE-2022-29408

CONFIRM

CONFIRM world_of_warships — wargaming The replay feature in the client in Wargaming World of Warships 0.11.4 allows remote attackers to execute code when a user launches a replay from an untrusted source. 2022-05-26 not yet calculated CVE-2022-31265

MISC xampp_for_windows — xampp_for_windows Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install directory, allowing attackers to execute arbitrary code via overwriting binaries located in the directory. 2022-05-23 not yet calculated CVE-2022-29376

MISC xlight — ftp Xlight FTP v3.9.3.2 was discovered to contain a stack-based buffer overflow which allows attackers to leak sensitive information via crafted code. 2022-05-23 not yet calculated CVE-2022-28998

MISC

MISC

MISC

MISC xwiki — xwiki_platform XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting with version 8.3-rc-1 and prior to versions 12.10.3 and 14.0, one can ask for any file located in the classloader using the template API and a path with “..” in it. The issue is patched in versions 14.0 and 13.10.3. There is no easy workaround for this issue. 2022-05-25 not yet calculated CVE-2022-29253

MISC

CONFIRM

MISC xwiki — xwiki_platform_flamingo_theme_ui XWiki Platform Wiki UI Main Wiki is a package for managing subwikis. Starting with version 5.3-milestone-2, XWiki Platform Wiki UI Main Wiki contains a possible cross-site scripting vector in the `WikiManager.JoinWiki ` wiki page related to the “requestJoin” field. The issue is patched in versions 12.10.11, 14.0-rc-1, 13.4.7, and 13.10.3. The easiest available workaround is to edit the wiki page `WikiManager.JoinWiki` (with wiki editor) according to the suggestion provided in the GitHub Security Advisory. 2022-05-25 not yet calculated CVE-2022-29252

MISC

MISC

CONFIRM xwiki — xwiki_platform_flamingo_theme_ui XWiki Platform Flamingo Theme UI is a tool that allows customization and preview of any Flamingo-based skin. Starting with versions 6.2.4 and 6.3-rc-1, a possible cross-site scripting vector is present in the `FlamingoThemesCode.WebHomeSheet` wiki page related to the “newThemeName” form field. The issue is patched in versions 12.10.11, 14.0-rc-1, 13.4.7, and 13.10.3. The easiest available workaround is to edit the wiki page `FlamingoThemesCode.WebHomeSheet` (with wiki editor) according to the suggestion provided in the GitHub Security Advisory. 2022-05-25 not yet calculated CVE-2022-29251

MISC

MISC

CONFIRM xxl-job — xxl-job A Cross-Site Request Forgery (CSRF) in XXL-Job v2.3.0 allows attackers to arbitrarily create administrator accounts via the component /gaia-job-admin/user/add. 2022-05-23 not yet calculated CVE-2022-29002

MISC zyxel — cgi_program A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35 through 5.20, that could allow an attacker to obtain some information stored in the user’s browser, such as cookies or session tokens, via a malicious script. 2022-05-24 not yet calculated CVE-2022-0734

CONFIRM zyxel — multiple_products A argument injection vulnerability in the ‘packet-trace’ CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to execute arbitrary OS commands by including crafted arguments to the CLI command. 2022-05-24 not yet calculated CVE-2022-26532

CONFIRM zyxel — multiple_products Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload. 2022-05-24 not yet calculated CVE-2022-26531

CONFIRM

Related News

Top 6 Cell Phone Tracker Apps for Parental Control

Top 6 Cell Phone Tracker Apps for Parental Control

Do you have difficulty knowing what your kids are up to when you’re not around? Do you want to ensure…
Moses Staff Hackers Publish Footage of Jerusalem Explosion

Moses Staff Hackers Publish Footage of Jerusalem Explosion

In a dramatic series of events, an Iranian hacker group by the name of Moses Staff published footage of the…
Watch Out Gamers: Hackers Exploiting MSI Afterburner to Deliver Coin Miner

Watch Out Gamers: Hackers Exploiting MSI Afterburner to Deliver Coin Miner

Cyble Research & Intelligence Labs (CRIL) recently uncovered a phishing campaign used by threat actors to deliver cryptocurrency miner softwares…