Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

Vulnerability Summary for the Week of May 9, 2022

admesh — admesg

  ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_connects_remove_1 (called from stl_remove_degenerate) in connect.c in libadmesh.a. 2022-05-08 not yet calculated CVE-2018-25033

MISC wordpress — wpgraphql_wordpress_plugin

  The WPGraphQL WordPress plugin before 0.3.5 doesn’t properly restrict access to information about other users’ roles on the affected site. Because of this, a remote attacker could forge a GraphQL query to retrieve the account roles of every user on the site. 2022-05-09 not yet calculated CVE-2019-25060

MISC

MISC bludit — bludit

  An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows attackers to upload arbitrary files. 2022-05-11 not yet calculated CVE-2020-19228

MISC

MISC microstrategy — web_sdk A Server-Side Request Forgery (SSRF) vulnerability exists in MicroStrategy Web SDK 11.1 and earlier, allows remote unauthenticated attackers to conduct a server-side request forgery (SSRF) attack via the srcURL parameter to the shortURL task. 2022-05-13 not yet calculated CVE-2020-22983

MISC

MISC

MISC

MISC

MISC microstrategy — web_sdk Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via key parameter to the getGoogleExtraConfig task. 2022-05-12 not yet calculated CVE-2020-22984

MISC

MISC

MISC

MISC microstrategy — web_sdk

  Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task. 2022-05-12 not yet calculated CVE-2020-22985

MISC

MISC

MISC

MISC microstrategy — web_sdk

  Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the searchString parameter to the wikiScrapper task. 2022-05-12 not yet calculated CVE-2020-22986

MISC

MISC

MISC

MISC

MISC microstrategy — web_sdk

  Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the fileToUpload parameter to the uploadFile task. 2022-05-12 not yet calculated CVE-2020-22987

MISC

MISC

MISC

MISC intel — manageability_commander

  Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. 2022-05-12 not yet calculated CVE-2021-0126

MISC intel — bios_firmware

  Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-0153

MISC intel — bios_firmware

  Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-0154

MISC intel — bios_firmware

  Unchecked return value in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. 2022-05-12 not yet calculated CVE-2021-0155

MISC intel — bios_authenticated_code_module

  Improper input validation in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-0159

MISC intel — bios_firmware

  Return of pointer value outside of expected range in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-0188

MISC intel — bios_firmware

  Use of out-of-range pointer offset in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-0189

MISC intel — bios_firmware

  Uncaught exception in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-0190

MISC intel — in-band_manageability_software

  Improper authentication in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access. 2022-05-12 not yet calculated CVE-2021-0193

MISC intel — in-band_manageability_software

  Improper access control in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access. 2022-05-12 not yet calculated CVE-2021-0194

MISC ibm — cloud_pak_system

  IBM Cloud Pak System 2.3.0 through 2.3.3.3 Interim Fix 1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 197498. 2022-05-09 not yet calculated CVE-2021-20479

XF

CONFIRM b&r — automation_runtime_webserver

  Buffer Overflow vulnerability in B&R Automation Runtime webserver allows an unauthenticated network-based attacker to stop the cyclic program on the device and cause a denial of service. 2022-05-13 not yet calculated CVE-2021-22275

MISC microfocus — access_manager

  A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0 2022-05-12 not yet calculated CVE-2021-22531

MISC intel — killer_control_center_software

  Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4.3337.0 may allow an authorized user to potentially enable escalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-26258

MISC amd — smm

  Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify SPI flash resulting in a potential arbitrary code execution. 2022-05-12 not yet calculated CVE-2021-26317

MISC amd — sev-es_tmr

  A bug with the SEV-ES TMR may lead to a potential loss of memory integrity for SNP-active VMs. 2022-05-10 not yet calculated CVE-2021-26324

MISC amd — sev-es_tmr

  Failure to verify SEV-ES TMR is not in MMIO space, SEV-ES FW could result in a potential loss of integrity or availability. 2022-05-10 not yet calculated CVE-2021-26332

MISC amd — core_logic

  A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers. 2022-05-11 not yet calculated CVE-2021-26339

MISC

MISC amd — sev

  In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for disclosure of SEV guest memory contents. Users of SEV-ES/SEV-SNP guest VMs are not impacted by this vulnerability. 2022-05-11 not yet calculated CVE-2021-26342

MISC amd — system_management_unit

  TOCTOU (time-of-check to time-of-use) issue in the System Management Unit (SMU) may result in a DMA (Direct Memory Access) to invalid DRAM address that could result in denial of service. 2022-05-11 not yet calculated CVE-2021-26347

MISC amd — gen_amd_epyc

  Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity. 2022-05-11 not yet calculated CVE-2021-26348

MISC amd — gen_amd_epyc

  Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA). 2022-05-11 not yet calculated CVE-2021-26349

MISC amd — gen_amd_epyc

  A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a message port register which may result in a potential denial of service. 2022-05-11 not yet calculated CVE-2021-26350

MISC amd — system_management_unit

  Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA (Direct Memory Access) read/write from/to invalid DRAM address that could result in denial of service. 2022-05-12 not yet calculated CVE-2021-26351

MISC amd — system_management_unit

  Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service. 2022-05-10 not yet calculated CVE-2021-26352

MISC amd — gen_amd_epyc

  Due to a mishandled error, it is possible to leave the DRTM UApp in a partially initialized state, which can result in unchecked memory writes when the UApp handles subsequent mailbox commands. 2022-05-10 not yet calculated CVE-2021-26353

MISC amd — gen_amd_epyc

  A malicious or compromised User Application (UApp) or AGESA Boot Loader (ABL) could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure. 2022-05-12 not yet calculated CVE-2021-26361

MISC amd — gen_amd_epyc

  A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call which results in mapping sensitive System Management Network (SMN) registers leading to a loss of integrity and availability. 2022-05-12 not yet calculated CVE-2021-26362

MISC amd — gen_amd_epyc A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the fenced area, potentially leading to data exposure. 2022-05-12 not yet calculated CVE-2021-26363

MISC amd — gen_amd_epyc

  Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service. 2022-05-11 not yet calculated CVE-2021-26364

MISC amd — gen_amd_epyc

  An attacker, who gained elevated privileges via some other vulnerability, may be able to read data from Boot ROM resulting in a loss of system integrity. 2022-05-12 not yet calculated CVE-2021-26366

MISC amd — trusted_os

  Insufficient check of the process type in Trusted OS (TOS) may allow an attacker with privileges to enable a lesser privileged process to unmap memory owned by a higher privileged process resulting in a denial of service. 2022-05-12 not yet calculated CVE-2021-26368

MISC amd — gen_amd_epyc

  A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses. 2022-05-12 not yet calculated CVE-2021-26369

MISC amd — gen_amd_epyc

  Improper validation of destination address in SVC_LOAD_FW_IMAGE_BY_INSTANCE and SVC_LOAD_BINARY_BY_ATTRIB in a malicious UApp or ABL may allow an attacker to overwrite arbitrary bootloader memory with SPI ROM contents resulting in a loss of integrity and availability. 2022-05-10 not yet calculated CVE-2021-26370

MISC amd — system_management_unit

  Insufficient bound checks related to PCIE in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service. 2022-05-11 not yet calculated CVE-2021-26372

MISC

MISC simple_management_unit — simple_management_unit Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service. 2022-05-11 not yet calculated CVE-2021-26373

MISC

MISC system_management_unit — system_management_unit Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service. 2022-05-11 not yet calculated CVE-2021-26375

MISC

MISC system_management_unit — system_management_unit Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling features potentially resulting in denial of resources and/or denial of service. 2022-05-11 not yet calculated CVE-2021-26376

MISC

MISC system_management_unit — system_management_unit Insufficient bound checks in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service. 2022-05-11 not yet calculated CVE-2021-26378

MISC

MISC amd — amd_ryzen

  A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call to the Stage 2 Bootloader potentially leading to corrupt memory and code execution. 2022-05-12 not yet calculated CVE-2021-26386

MISC amd — bios_directory

  Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial of service. 2022-05-11 not yet calculated CVE-2021-26388

MISC

MISC amd — amd_ryzen A malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data. 2022-05-10 not yet calculated CVE-2021-26390

MISC amd — amd_ryzen AMD processors may speculatively re-order load instructions which can result in stale data being observed when multiple processors are operating on shared memory, resulting in potential data leakage. 2022-05-11 not yet calculated CVE-2021-26400

MISC amd — sev-legacy

  Insufficient validation of elliptic curve points in SEV-legacy firmware may compromise SEV-legacy guest migration potentially resulting in loss of guest’s integrity or confidentiality. 2022-05-10 not yet calculated CVE-2021-26408

MISC eipstackgroup — opener_ethernet/ip

  A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may cause a denial-of-service condition. 2022-05-12 not yet calculated CVE-2021-27478

CONFIRM

CONFIRM eipstackgroup — opener_ethernet/ip A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may allow the attacker to read arbitrary data. 2022-05-12 not yet calculated CVE-2021-27482

CONFIRM

CONFIRM eipstackgroup — opener_ethernet/ip A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition. 2022-05-12 not yet calculated CVE-2021-27498

CONFIRM

CONFIRM eipstackgroup — opener_ethernet/ip A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition. 2022-05-12 not yet calculated CVE-2021-27500

CONFIRM

CONFIRM myscada — mypro

  mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive directory listing information. 2022-05-13 not yet calculated CVE-2021-27505

MISC

CONFIRM hcl_software — hcl_bigfix_webui

  Cookie without HTTPONLY flag set. NUMBER cookie(s) was set without Secure or HTTPOnly flags. The images show the cookie with the missing flag. (WebUI) 2022-05-06 not yet calculated CVE-2021-27764

CONFIRM hcl_software — hcl_bigfix_server_api

  The BigFix Server API installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed. 2022-05-06 not yet calculated CVE-2021-27765

CONFIRM

MISC hcl_software — hcl_bigfix_client_installer

  The BigFix Client installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed. 2022-05-06 not yet calculated CVE-2021-27766

CONFIRM

MISC hcl_software — hcl_bigfix_console_installer

  The BigFix Console installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed. 2022-05-06 not yet calculated CVE-2021-27767

CONFIRM

MISC hcl_software — android

  Using the ability to perform a Man-in-the-Middle (MITM) attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted. In this specific scenario, the application’s network traffic was intercepted using a proxy server set up in ‘transparent’ mode while a certificate with an invalid hostname was active. The Android application was found to have hostname verification issues during the server setup and login flows; however, the application did not process requests post-login. 2022-05-12 not yet calculated CVE-2021-27768

MISC hcl_software — sametime

  Information leakage occurs when a website reveals information that could aid an attacker to further exploit the system. This information may or may not be sensitive and does not automatically mean a breach is likely to occur. Overall, any information that could be used for an attack should be limited whenever possible. 2022-05-12 not yet calculated CVE-2021-27769

MISC hcl_software — sametime

  The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded URL which is then requested by the webserver. We assume this service is used by the “meetings”-function where users can specify an external URL where the online meeting will take place. 2022-05-12 not yet calculated CVE-2021-27770

MISC hcl_software — sametime

  User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID (SID). This value is also used when sending chat messages, receiving notifications and/or transferring files. 2022-05-12 not yet calculated CVE-2021-27771

MISC hcl_software — sametime

  Users are able to read group conversations without actively taking part in them. Next to one to one conversations, users are able to start group conversations with multiple users. It was found possible to obtain the contents of these group conversations without being part of it. This could lead to information leakage where confidential information discussed in private groups is read by other users without the users knowledge. 2022-05-12 not yet calculated CVE-2021-27772

MISC hcl_software — sametime This vulnerability allows users to execute a clickjacking attack in the meeting’s chat. 2022-05-12 not yet calculated CVE-2021-27773

MISC hcl_software — unica_platform

  XML External Entity (XXE) injection vulnerabilities occur when poorly configured XML parsers process user supplied input without sufficient validation. Attackers can exploit this vulnerability to manipulate XML content and inject malicious external entity references. 2022-05-12 not yet calculated CVE-2021-27777

MISC skoruba — skoruba

  A cross-site scripting (XSS) vulnerability in Skoruba IdentityServer4.Admin before 2.0.0 via unencoded value passed to the data-secret-value parameter. 2022-05-11 not yet calculated CVE-2021-28290

MISC gaia_portal — multiple_products The Check Point Gaia Portal’s GUI Clients allowed authenticated administrators with permission for the GUI Clients settings to inject a command that would run on the Gaia OS. 2022-05-11 not yet calculated CVE-2021-30361

MISC review_board — review_board

  A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent. 2022-05-11 not yet calculated CVE-2021-31330

MISC

MISC

MISC

MISC asus — dsl-n14u-b1

  Asus DSL-N14U-B1 1.1.2.3_805 allows remote attackers to cause a Denial of Service (DoS) via a TCP SYN scan using nmap. 2022-05-11 not yet calculated CVE-2021-3254

MISC

MISC myscada — mypro

  mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to arbitrary directories. 2022-05-13 not yet calculated CVE-2021-33005

MISC

CONFIRM myscada — mypro

  mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to the file system. 2022-05-13 not yet calculated CVE-2021-33009

MISC

CONFIRM myscada — mypro

  mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive system information. 2022-05-13 not yet calculated CVE-2021-33013

MISC

CONFIRM intel — multiple_products

  Improper resource shutdown or release in firmware for some Intel(R) SSD, Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC may allow a privileged user to potentially enable denial of service via local access. 2022-05-12 not yet calculated CVE-2021-33069

MISC intel — multiple_products Protection mechanism failure in firmware for some Intel(R) SSD, Intel(R) SSD DC and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access. 2022-05-12 not yet calculated CVE-2021-33074

MISC intel — multiple_products

  Race condition in firmware for some Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products may allow a privileged user to potentially enable denial of service via local access. 2022-05-12 not yet calculated CVE-2021-33075

MISC intel — multiple_products

  Insufficient control flow management in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access. 2022-05-12 not yet calculated CVE-2021-33077

MISC intel — multiple_products

  Race condition within a thread in firmware for some Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow a privileged user to potentially enable denial of service via local access. 2022-05-12 not yet calculated CVE-2021-33078

MISC intel — multiple_products

  Exposure of sensitive system information due to uncleared debug information in firmware for some Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products may allow an unauthenticated user to potentially enable information disclosure or escalation of privilege via physical access. 2022-05-12 not yet calculated CVE-2021-33080

MISC intel — multiple_products

  Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access. 2022-05-12 not yet calculated CVE-2021-33082

MISC intel — multiple_products Improper authentication in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products may allow an privileged user to potentially enable information disclosure via local access. 2022-05-12 not yet calculated CVE-2021-33083

MISC intel — bios

  Unintended intermediary in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-33103

MISC intel — in-band_manageability_softwae

  Improper input validation in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-33108

MISC intel — xeon

  Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access. 2022-05-12 not yet calculated CVE-2021-33117

MISC intel — bios

  Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-33122

MISC intel — bios Improper access control in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-33123

MISC intel — bios Out-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. 2022-05-12 not yet calculated CVE-2021-33124

MISC intel — realsense_id_solution_f450

  Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical access. 2022-05-12 not yet calculated CVE-2021-33130

MISC intel — linux_kernel_drivers

  Uncontrolled resource consumption in the Linux kernel drivers for Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access. 2022-05-12 not yet calculated CVE-2021-33135

MISC intel — processors

  Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. 2022-05-12 not yet calculated CVE-2021-33149

MISC trendnet — ti-pg1284i_switch

  The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of PortID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access. 2022-05-11 not yet calculated CVE-2021-33315

MISC trendnet — ti-pg1284i_switch

  The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of ChassisID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access. 2022-05-11 not yet calculated CVE-2021-33316

MISC trendnet — ti-pg1284i_switch The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if ChassisID TLV is contained in the packet, by sending a crafted lldp packet to the device, an attacker can crash the process due to null pointer dereference. 2022-05-11 not yet calculated CVE-2021-33317

MISC mp3gain — mp3gain

  Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, a different vulnerability than CVE-2017-9872. CVE-2017-14409, and CVE-2018-10778. 2022-05-11 not yet calculated CVE-2021-34085

MISC xinje — xinje

  A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file. This vulnerability can be triggered by manually opening an infected project file, or by initiating an upload program request from an infected Xinje PLC. This can result in remote code execution, information disclosure and denial of service of the system running the XINJE XD/E Series PLC Program Tool. 2022-05-11 not yet calculated CVE-2021-34605

CONFIRM xinje — xinje

  A vulnerability exists in XINJE XD/E Series PLC Program Tool in versions up to v3.5.1 that can allow an authenticated, local attacker to load a malicious DLL. Local access is required to successfully exploit this vulnerability. This means the potential attacker must have access to the system and sufficient file-write privileges. If exploited, the attacker could place a malicious DLL file on the system, that when running XINJE XD/E Series PLC Program Tool will allow the attacker to execute arbitrary code with the privileges of another user’s account. 2022-05-11 not yet calculated CVE-2021-34606

CONFIRM qemu — intel_hd_audio_device

  A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0. 2022-05-11 not yet calculated CVE-2021-3611

MISC

MISC mikrotik — routeros

  Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). 2022-05-11 not yet calculated CVE-2021-36613

MISC mikrotik — routeros

  Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). 2022-05-11 not yet calculated CVE-2021-36614

MISC eset — multiple_products

  Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0; 6.0 versions prior to 8.1.2050.0; 6.0 versions prior to 8.0.2053.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0; 6.0 versions prior to 8.1.2050.0; 6.0 versions prior to 8.0.2053.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0. 2022-05-11 not yet calculated CVE-2021-37851

MISC ibm — spectrum_virtualize

  IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. IBM X-Force ID: 212609. 2022-05-11 not yet calculated CVE-2021-38969

CONFIRM

XF ibm — guardian_data_encryption

  IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213862. 2022-05-10 not yet calculated CVE-2021-39024

XF

CONFIRM ibm — jazz_foundation

  IBM Jazz Foundation (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214619. 2022-05-11 not yet calculated CVE-2021-39059

CONFIRM

XF android — setstream

  In setStream of WallpaperManager.java, there is a possible way to cause a permanent DoS due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-204087139 2022-05-10 not yet calculated CVE-2021-39670

MISC android — android

  In the policies of adbd.te, there was a logic error which caused the CTS Listening Ports Test to report invalid results. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-201645790 2022-05-10 not yet calculated CVE-2021-39700

MISC android — carsetting

  In CarSetings, there is a possible to pair BT device bypassing user’s consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-216190509 2022-05-10 not yet calculated CVE-2021-39738

MISC cisco — wps_spreadsheets

  An exploitable use-after-free vulnerability exists in WPS Spreadsheets ( ET ) as part of WPS Office, version 11.2.0.10351. A specially-crafted XLS file can cause a use-after-free condition, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. 2022-05-12 not yet calculated CVE-2021-40399

MISC

CONFIRM siemens — desigo

  A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). When the controller receives a specific BACnet protocol packet, an exception causes the BACnet communication function to go into a “out of work” state and could result in the controller going into a “factory reset” state. 2022-05-10 not yet calculated CVE-2021-41545

MISC ramda — ramda

  Prototype poisoning in function mapObjIndexed in Ramda 0.27.0 and earlier allows attackers to compromise integrity or availability of application via supplying a crafted object (that contains an own property “__proto__”) as an argument to the function. 2022-05-10 not yet calculated CVE-2021-42581

MISC

MISC cmsimple-xh — cmsimple-xh CMSimple_XH 1.7.4 is affected by a remote code execution (RCE) vulnerability. To exploit this vulnerability, an attacker must use the “File” parameter to upload a PHP payload to get a reverse shell from the vulnerable host. 2022-05-10 not yet calculated CVE-2021-42645

MISC

MISC wso2 — multiple_products

  XML External Entity (XXE) vulnerability in the file based service provider creation feature of the Management Console in WSO2 API Manager 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; and WSO2 IS as Key Manager 5.7.0, 5.9.0, and 5.10.0; and WSO2 Identity Server 5.7.0, 5.8.0, 5.9.0, 5.10.0, and 5.11.0. Allows attackers to gain read access to sensitive information or cause a denial of service via crafted GET requests. 2022-05-11 not yet calculated CVE-2021-42646

MISC

MISC coder — coder-server

  Cross-site scripting (XSS) vulnerability exists in Coder Code-Server before 3.12.0, allows attackers to execute arbitrary code via crafted URL. 2022-05-11 not yet calculated CVE-2021-42648

MISC pentest-collaboration-framework — pentest-collaboration-framework 

  A Server Side Template Injection (SSTI) vulnerability in Pentest-Collaboration-Framework v1.0.8 allows an authenticated remote attacker to execute arbitrary code through /project/PROJECTNAME/reports/. 2022-05-11 not yet calculated CVE-2021-42651

MISC jerryscript — jerryscript

  A buffer overflow in ecma_builtin_typedarray_prototype_filter() in JerryScript version fe3a5c0 allows an attacker to construct a fake object or a fake arraybuffer with unlimited size. 2022-05-12 not yet calculated CVE-2021-42863

MISC

MISC novel-plus — novel-plus

  Unrestricted file upload in /novel-admin/src/main/java/com/java2nb/common/controller/FileController.java in novel-plus all versions allows allows an attacker to upload malicious JSP files. 2022-05-13 not yet calculated CVE-2021-42967

MISC anaconda3 — anaconda3

  Certain Anaconda3 2021.05 are affected by OS command injection. When a user installs Anaconda, an attacker can create a new file and write something in usercustomize.py. When the user opens the terminal or activates Anaconda, the command will be executed. 2022-05-13 not yet calculated CVE-2021-42969

MISC safedog_apache — safedog_apache

  In Safedog Apache v4.0.30255, attackers can bypass this product for SQL injection. Attackers can bypass access to sensitive data. 2022-05-10 not yet calculated CVE-2021-43010

MISC fortinet — forticlientwindows

  A external control of file name or path in Fortinet FortiClientWindows version 7.0.2 and below, version 6.4.6 and below, version 6.2.9 and below, version 6.0.10 and below allows attacker to escalate privilege via the MSI installer. 2022-05-11 not yet calculated CVE-2021-43066

CONFIRM fortinet — fortios

  An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests. 2022-05-11 not yet calculated CVE-2021-43081

CONFIRM openmrs — reference_application_standalone_edition

  An SQL Injection vulnerability exists in OpenMRS Reference Application Standalone Edition <=2.11 and Platform Standalone Edition <=2.4.0 via GET requests on arbitrary parameters in patient.page. 2022-05-10 not yet calculated CVE-2021-43094

MISC

MISC

MISC sourcecodester — employee_daily_task_management_system

  Stored XSS in Add New Employee Form in Sourcecodester Employee Daily Task Management System 1.0 Allows Remote Attacker to Inject/Store Arbitrary Code via the Name Field. 2022-05-09 not yet calculated CVE-2021-43712

MISC

MISC

MISC fortinet — forticlient

  An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient for Linux version 6.0.8 and below, 6.2.9 and below, 6.4.7 and below, 7.0.2 and below may allow an unauthenticated attacker to access sensitive information in log files and directories via symbolic links. 2022-05-11 not yet calculated CVE-2021-44167

CONFIRM amd — sev

  An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time. 2022-05-11 not yet calculated CVE-2021-46744

MISC amd — secure_processor_firmware Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by a compromised user application. 2022-05-10 not yet calculated CVE-2021-46771

MISC huawei — emui The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier. 2022-05-13 not yet calculated CVE-2021-46785

MISC

MISC huawei — emui The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access. 2022-05-13 not yet calculated CVE-2021-46786

MISC

MISC huawei — emui

  The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash. 2022-05-13 not yet calculated CVE-2021-46787

MISC

MISC huawei — iconnect_module

  Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations. 2022-05-13 not yet calculated CVE-2021-46788

MISC huawei — emui Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. 2022-05-13 not yet calculated CVE-2021-46789

MISC huawei — emui Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access. 2022-05-12 not yet calculated CVE-2022-0004

MISC intel — multiple_products

  Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access. 2022-05-12 not yet calculated CVE-2022-0005

MISC palo_alto_networks — pan-os

  A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committed on both hardware and virtual firewalls. This issue does not impact Panorama appliances or Prisma Access customers. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.23; PAN-OS 9.0 versions earlier than PAN-OS 9.0.16; PAN-OS 9.1 versions earlier than PAN-OS 9.1.13; PAN-OS 10.0 versions earlier than PAN-OS 10.0.10; PAN-OS 10.1 versions earlier than PAN-OS 10.1.5. 2022-05-11 not yet calculated CVE-2022-0024

MISC palo_alto_networks — cortex_xdr_agent_software

  A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:) to execute a program with elevated privileges. This issue impacts: All versions of the Cortex XDR agent when upgrading to Cortex XDR agent 7.7.0 on Windows; Cortex XDR agent 7.7.0 without content update 500 or a later version on Windows. This issue does not impact other platforms or other versions of the Cortex XDR agent. 2022-05-11 not yet calculated CVE-2022-0025

MISC palo_alto_networks — cortex_xdr_agent_software

  A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:) to execute a program with elevated privileges. This issue impacts all versions of Cortex XDR agent without content update 330 or a later content update version. 2022-05-11 not yet calculated CVE-2022-0026

MISC palo_alto_networks — cortex_xsoar_software An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the user does not have access. This issue impacts: All versions of Cortex XSOAR 6.1; All versions of Cortex XSOAR 6.2; All versions of Cortex XSOAR 6.5; Cortex XSOAR 6.6 versions earlier than Cortex XSOAR 6.6.0 build 6.6.0.2585049. 2022-05-11 not yet calculated CVE-2022-0027

MISC wordpress — popup_by_supsystic_wordpress_plugin

  The Popup by Supsystic WordPress plugin before 1.10.9 does not have any authentication and authorisation in an AJAX action, allowing unauthenticated attackers to call it and get the email addresses of subscribed users 2022-05-09 not yet calculated CVE-2022-0424

MISC wordpress — mapsvg_wordpress_plugin

  The MapSVG WordPress plugin before 6.2.20 does not validate and escape a parameter via a REST endpoint before using it in a SQL statement, leading to a SQL Injection exploitable by unauthenticated users. 2022-05-09 not yet calculated CVE-2022-0592

MISC wordpress — admin_menu_editor_wordpress_plugin The Admin Menu Editor WordPress plugin through 1.0.4 does not sanitize and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. 2022-05-09 not yet calculated CVE-2022-0625

MISC wordpress — ubigeo_de_pera_para_woocommerce_wordpress_plugin

  The Ubigeo de Perú para Woocommerce WordPress plugin before 3.6.4 does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections 2022-05-09 not yet calculated CVE-2022-0814

MISC wordpress — badgeos_wordpress_plugin

  The BadgeOS WordPress plugin through 3.7.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users 2022-05-09 not yet calculated CVE-2022-0817

MISC wordpress — wp_video_gallery_wordpress_plugin

  The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users 2022-05-09 not yet calculated CVE-2022-0826

MISC wordpress — sema_api_wordpress_plugin The SEMA API WordPress plugin through 3.64 does not properly sanitise and escape some parameters before using them in SQL statements via an AJAX action, leading to SQL Injections exploitable by unauthenticated users 2022-05-09 not yet calculated CVE-2022-0836

MISC jboss — jboss_eap

  This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the org.jboss.as.ejb3.security.RunAsPrincipalInterceptor to keep track of the current identity prior to switching to a new identity created using the RunAs principal. The exploit consist that the EJBComponent#incomingRunAsIdentity field is currently just a SecurityIdentity. This means in a concurrent environment, where multiple users are repeatedly invoking an EJB that is configured with a RunAs principal, it’s possible for the wrong the caller principal to be returned from EJBComponent#getCallerPrincipal. Similarly, it’s also possible for EJBComponent#isCallerInRole to return the wrong value. Both of these methods rely on incomingRunAsIdentity. Affects all versions of JBoss EAP from 7.1.0 and all versions of WildFly 11+ when Elytron is enabled. 2022-05-10 not yet calculated CVE-2022-0866

MISC wordpress — wp_social_buttons_wordpress_plugin

  The WP Social Buttons WordPress plugin through 2.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. 2022-05-09 not yet calculated CVE-2022-0874

MISC wordpress — igniteup_wordpress_plugin

  The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don’t have the unfiltered_html capability, which could lead to Stored Cross-Site Scripting issues 2022-05-09 not yet calculated CVE-2022-0898

MISC abb — arg600_wireless_gateway

  A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the vulnerability by remotely connecting to the serial port gateway, and/or protocol converter, depending on the configuration. 2022-05-10 not yet calculated CVE-2022-0947

MISC wordpress — woocommerce_wordpress_ plugin The Order Listener for WooCommerce WordPress plugin before 3.2.2 does not sanitise and escape the id parameter before using it in a SQL statement via a REST route available to unauthenticated users, leading to an SQL injection 2022-05-09 not yet calculated CVE-2022-0948

CONFIRM

MISC wordpress — personal_dictionary_wordpress_plugin The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability. 2022-05-09 not yet calculated CVE-2022-1013

MISC polonel — trudesk

  Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1. 2022-05-12 not yet calculated CVE-2022-1044

CONFIRM

MISC wordpress — themify_post_type_builder_search_addon_wordpress plugin

  The Themify Post Type Builder Search Addon WordPress plugin before 1.4.0 does not properly escape the current page URL before reusing it in a HTML attribute, leading to a reflected cross site scripting vulnerability. 2022-05-09 not yet calculated CVE-2022-1047

MISC keylime — keylime

  Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. This allows an attacker to use one AK, EK pair from a real TPM to pass EK validation and give the verifier an AK of a software TPM. A successful attack breaks the entire chain of trust because a not validated AK is used by the verifier. This issue is worse if the validation happens first and then the agent gets added to the verifier because the timing is easier and the verifier does not validate the regcount entry being equal to 1, 2022-05-06 not yet calculated CVE-2022-1053

MISC

MISC

MISC

FEDORA

FEDORA

FEDORA wordpress — popup_maker_wordpress_plugin

  The Popup Maker WordPress plugin before 1.16.5 does not sanitise and escape some of its Popup settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed 2022-05-09 not yet calculated CVE-2022-1104

MISC gitlab — ce/ee

  An improper authorization issue has been discovered in GitLab CE/EE affecting all versions prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0, allowing Guest project members to access trace log of jobs when it is enabled 2022-05-11 not yet calculated CVE-2022-1124

MISC

MISC

CONFIRM wordpress — vertical_scroll_wordpressplugin The Vertical scroll recent post WordPress plugin before 14.0 does not sanitise and escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting 2022-05-09 not yet calculated CVE-2022-1171

MISC wordpress — ultimate_member_plugin

  The Ultimate Member plugin for WordPress is vulnerable to open redirects due to insufficient validation on supplied URLs in the social fields of the Profile Page, which makes it possible for attackers to redirect unsuspecting victims in versions up to, and including, 2.3.1 granted the victim clicks on a social icon on a user’s profile page. 2022-05-10 not yet calculated CVE-2022-1209

MISC

MISC

MISC

MISC wordpress — slide_anything_wordpress_plugin

  The Slide Anything WordPress plugin before 2.3.44 does not sanitize and escape sliders’ description, which could allow high privilege users such as editor and above to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed 2022-05-09 not yet calculated CVE-2022-1303

MISC wordpress — easily_generate_rest_api_url_wordpress_plugin

  The Easily Generate Rest API Url WordPress plugin through 1.0.0 does not escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed 2022-05-09 not yet calculated CVE-2022-1338

MISC gitlab — gitlab

  Due to an insecure direct object reference vulnerability in Gitlab EE/CE affecting all versions from 11.0 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1, an endpoint may reveal the issue title to a user who crafted an API call with the ID of the issue from a public project that restricts access to issue only to project members. 2022-05-11 not yet calculated CVE-2022-1352

MISC

MISC

CONFIRM plantuml — plantuml

  URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. An attacker can abuse this to bypass URL restrictions that are imposed by the different security profiles and achieve server side request forgery (SSRF). This allows accessing restricted internal resources/servers or sending requests to third party servers. 2022-05-14 not yet calculated CVE-2022-1379

MISC

CONFIRM alextselegidis –easyappointments API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover. 2022-05-10 not yet calculated CVE-2022-1397

CONFIRM

MISC gitlab — gitlab

  Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0 allows a Developer to read protected Group or Project CI/CD variables by importing a malicious project 2022-05-11 not yet calculated CVE-2022-1406

CONFIRM

MISC

MISC gitlab — gitlab

  Improper access control in GitLab CE/EE affecting all versions starting from 8.12 before 14.8.6, all versions starting from 14.9 before 14.9.4, and all versions starting from 14.10 before 14.10.1 allows non-project members to access contents of Project Members-only Wikis via malicious CI jobs 2022-05-10 not yet calculated CVE-2022-1417

MISC

CONFIRM

MISC gitlab — gitlab

  An issue has been discovered in GitLab affecting all versions starting from 12.6 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly authenticating a user that had some certain amount of information which allowed an user to authenticate without a personal access token. 2022-05-11 not yet calculated CVE-2022-1426

MISC

CONFIRM

MISC gitlab — gitlab

  An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was incorrectly verifying throttling limits for authenticated package requests which resulted in limits not being enforced. 2022-05-11 not yet calculated CVE-2022-1428

CONFIRM

MISC gitlab — gitlab

  An issue has been discovered in GitLab affecting all versions starting from 12.10 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly handling malicious requests to the PyPi API endpoint allowing the attacker to cause uncontrolled resource consumption. 2022-05-10 not yet calculated CVE-2022-1431

MISC

CONFIRM

MISC gitlab — gitlab An issue has been discovered in GitLab affecting all versions starting from 14.4 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. Missing invalidation of Markdown caching causes potential payloads from a previously exploitable XSS vulnerability (CVE-2022-1175) to persist and execute. 2022-05-11 not yet calculated CVE-2022-1433

MISC

CONFIRM

MISC wordpress — metform_wordpress_plugin

  The Metform WordPress plugin is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/action.php file which can be exploited by an unauthenticated attacker to view all API keys and secrets of integrated third-party APIs like that of PayPal, Stripe, Mailchimp, Hubspot, HelpScout, reCAPTCHA and many more, in versions up to and including 2.1.3. 2022-05-10 not yet calculated CVE-2022-1442

MISC

MISC

MISC wordpress — rsvpmaker_plugin

  The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-util.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to and including 9.2.5. 2022-05-10 not yet calculated CVE-2022-1453

MISC

MISC

MISC gitlab — gitlab

  An issue has been discovered in GitLab affecting all versions starting from 9.2 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not performing correct authorizations on scheduled pipelines allowing a malicious user to run a pipeline in the context of another user. 2022-05-11 not yet calculated CVE-2022-1460

MISC

CONFIRM

MISC wordpress — booking_calendar_wordpress_plugin

  The Booking Calendar plugin for WordPress is vulnerable to PHP Object Injection via the [bookingflextimeline] shortcode in versions up to, and including, 9.1. This could be exploited by subscriber-level users and above to call arbitrary PHP objects on a vulnerable site. 2022-05-10 not yet calculated CVE-2022-1463

MISC wordpress — all-in-one_wp_migration_plugin

  The All-in-One WP Migration plugin for WordPress is vulnerable to arbitrary file deletion via directory traversal due to insufficient file validation via the ~/lib/model/class-ai1wm-backups.php file, in versions up to, and including, 7.58. This can be exploited by administrative users, and users who have access to the site’s secret key. 2022-05-10 not yet calculated CVE-2022-1476

MISC

MISC wordpress — rsvpmaker_plugin

  The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-api-endpoints.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to and including 9.2.6. 2022-05-10 not yet calculated CVE-2022-1505

MISC

MISC gitlab — gitlab

  An issue has been discovered in GitLab affecting all versions starting from 13.9 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly handling malicious text in the CI Editor and CI Pipeline details page allowing the attacker to cause uncontrolled resource consumption. 2022-05-11 not yet calculated CVE-2022-1510

MISC

CONFIRM

MISC gruntjs — grunt

  file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt prior to 1.5.3. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a lower-privileged user has write access to both source and destination directories as the lower-privileged user can create a symlink to the GruntJS user’s .bashrc file or replace /etc/shadow file if the GruntJS user is root. 2022-05-10 not yet calculated CVE-2022-1537

CONFIRM

MISC gitlab — gitlab

  It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1 if an unauthorised project member was tagged in the note. 2022-05-11 not yet calculated CVE-2022-1545

CONFIRM

MISC wordpress — wp-js_plugin

  The WP-JS plugin for WordPress contains a script called wp-js.php with the function wp_js_admin, that accepts unvalidated user input and echoes it back to the user. This can be used for reflected Cross-Site Scripting in versions up to, and including, 2.0.6. 2022-05-10 not yet calculated CVE-2022-1567

MISC

MISC vim — vim Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution 2022-05-07 not yet calculated CVE-2022-1616

MISC

CONFIRM

FEDORA

FEDORA vim — vim

  Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution 2022-05-08 not yet calculated CVE-2022-1619

CONFIRM

MISC

FEDORA

FEDORA vim — vim

  NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input. 2022-05-08 not yet calculated CVE-2022-1620

CONFIRM

MISC

FEDORA

FEDORA vim — vim Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution 2022-05-10 not yet calculated CVE-2022-1621

CONFIRM

MISC libtiff – libtiff

  LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. 2022-05-11 not yet calculated CVE-2022-1622

MISC

MISC

CONFIRM libtiff – libtiff

  LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. 2022-05-11 not yet calculated CVE-2022-1623

MISC

MISC

CONFIRM vim — vim

  Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution 2022-05-10 not yet calculated CVE-2022-1629

MISC

CONFIRM microweber — microweber

  Users Account Pre-Takeover or Users Account Takeover. in GitHub repository microweber/microweber prior to 1.2.15. Victim Account Take Over. Since, there is no email confirmation, an attacker can easily create an account in the application using the Victim’s Email. This allows an attacker to gain pre-authentication to the victim’s account. Further, due to the lack of proper validation of email coming from Social Login and failing to check if an account already exists, the victim will not identify if an account is already existing. Hence, the attacker’s persistence will remain. An attacker would be able to see all the activities performed by the victim user impacting the confidentiality and attempt to modify/corrupt the data impacting the integrity and availability factor. This attack becomes more interesting when an attacker can register an account from an employee’s email address. Assuming the organization uses G-Suite, it is much more impactful to hijack into an employee’s account. 2022-05-09 not yet calculated CVE-2022-1631

CONFIRM

MISC radareorg — radare2

  Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/476.html). 2022-05-10 not yet calculated CVE-2022-1649

MISC

CONFIRM eventsource — eventsource Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository eventsource/eventsource prior to v2.0.2. 2022-05-12 not yet calculated CVE-2022-1650

CONFIRM

MISC vim — vim

  NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. 2022-05-12 not yet calculated CVE-2022-1674

CONFIRM

MISC requarks — wiki

  Authentication Bypass Using an Alternate Path or Channel in GitHub repository requarks/wiki prior to 2.5.281. User can get root user permissions 2022-05-12 not yet calculated CVE-2022-1681

CONFIRM

MISC neorazorx — facturascripts

  Reflected Xss using url based payload in GitHub repository neorazorx/facturascripts prior to 2022.07. Xss can use to steal user’s cookies which lead to Account takeover or do any malicious activity in victim’s browser 2022-05-12 not yet calculated CVE-2022-1682

MISC

CONFIRM causefx — organizr

  Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. 2022-05-12 not yet calculated CVE-2022-1698

CONFIRM

MISC causefx — organizr

  Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. 2022-05-12 not yet calculated CVE-2022-1699

CONFIRM

MISC sonicwall — sma1000

  SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data. 2022-05-13 not yet calculated CVE-2022-1701

CONFIRM sonicwall — sma1000

  SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to Open redirection vulnerability. 2022-05-13 not yet calculated CVE-2022-1702

CONFIRM radareorg — radare2

  Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. 2022-05-13 not yet calculated CVE-2022-1714

CONFIRM

MISC neorazorx — facturascripts Account Takeover in GitHub repository neorazorx/facturascripts prior to 2022.07. 2022-05-13 not yet calculated CVE-2022-1715

CONFIRM

MISC android — android

  In checkSlicePermission of SliceManagerService.java, it is possible to access any slice URI due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-179699767 2022-05-10 not yet calculated CVE-2022-20004

MISC android — android

  In validateApkInstallLocked of PackageInstallerSession.java, there is a way to force a mismatch between running code and a parsed APK . This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-219044664 2022-05-10 not yet calculated CVE-2022-20005

MISC android — android

  In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way to briefly view what’s under the lockscreen due to a race condition. This could lead to local escalation of privilege if a Guest user is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-151095871 2022-05-10 not yet calculated CVE-2022-20006

MISC android — android

  In startActivityForAttachedApplicationIfNeeded of RootWindowContainer.java, there is a possible way to overlay an app that believes it’s still in the foreground, when it is not, due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-211481342 2022-05-10 not yet calculated CVE-2022-20007

MISC android — android

  In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216481035References: Upstream kernel 2022-05-10 not yet calculated CVE-2022-20008

MISC android — android

  In various functions of the USB gadget subsystem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213172319References: Upstream kernel 2022-05-10 not yet calculated CVE-2022-20009

MISC android — android

  In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-213519176 2022-05-10 not yet calculated CVE-2022-20010

MISC android — android

  In getArray of NotificationManagerService.java , there is a possible leak of one user notifications to another due to missing check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-214999128 2022-05-10 not yet calculated CVE-2022-20011

MISC android — android

  In getAvailabilityStatus of PrivateDnsPreferenceController.java, there is a possible way for a guest user to change private DNS settings due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-206987762 2022-05-10 not yet calculated CVE-2022-20112

MISC android — android

  In mPreference of DefaultUsbConfigurationPreferenceController.java, there is a possible way to enable file transfer mode due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-205996517 2022-05-10 not yet calculated CVE-2022-20113

MISC android — android

  In placeCall of TelecomManager.java, there is a possible way for an application to keep itself running with foreground service importance due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-211114016 2022-05-10 not yet calculated CVE-2022-20114

MISC android — android

  In broadcastServiceStateChanged of TelephonyRegistry.java, there is a possible way to learn base station information without location permission due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-210118427 2022-05-10 not yet calculated CVE-2022-20115

MISC android — android

  In onEntryUpdated of OngoingCallController.kt, it is possible to launch non-exported activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-212467440 2022-05-10 not yet calculated CVE-2022-20116

MISC android — android

  In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-217475903References: N/A 2022-05-10 not yet calculated CVE-2022-20117

MISC android — android

  In ion_ioctl and related functions of ion.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205707793References: N/A 2022-05-10 not yet calculated CVE-2022-20118

MISC android — android

  In private_handle_t of mali_gralloc_buffer.h, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213170715References: N/A 2022-05-10 not yet calculated CVE-2022-20119

MISC android — android

  Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A 2022-05-10 not yet calculated CVE-2022-20120

MISC android — android

  In getNodeValue of USCCDMPlugin.java, there is a possible disclosure of ICCID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-212573046References: N/A 2022-05-10 not yet calculated CVE-2022-20121

MISC intel — advisor_software

  Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access. 2022-05-12 not yet calculated CVE-2022-21128

MISC intel — xeon

  Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 2022-05-12 not yet calculated CVE-2022-21131

MISC intel — xeon

  Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial of service via local access. 2022-05-12 not yet calculated CVE-2022-21136

MISC cisco — estsoft_alyac

  An out of bounds read vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.7.7. A specially-crafted PE file can trigger this vulnerability to cause denial of service and termination of malware scan. An attacker can provide a malicious file to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-21147

MISC

CONFIRM intel — processors

  Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 2022-05-12 not yet calculated CVE-2022-21151

MISC cisco — inhand_networks_inrouter302 A privilege escalation vulnerability exists in the router configuration import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-21182

MISC

CONFIRM mozilla — mozilla

  This affects the package convict before 6.2.3. This is a bypass of [CVE-2022-22143](https://security.snyk.io/vuln/SNYK-JS-CONVICT-2340604). The [fix](https://github.com/mozilla/node-convict/commit/3b86be087d8f14681a9c889d45da7fe3ad9cd880) introduced, relies on the startsWith method and does not prevent the vulnerability: before splitting the path, it checks if it starts with __proto__ or this.constructor.prototype. To bypass this check it’s possible to prepend the dangerous paths with any string value followed by a dot, like for example foo.__proto__ or foo.this.constructor.prototype. 2022-05-13 not yet calculated CVE-2022-21190

CONFIRM

CONFIRM

CONFIRM

CONFIRM

CONFIRM intel — nuc

  Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. 2022-05-12 not yet calculated CVE-2022-21237

MISC cisco — inhand_networks_inrouter302

  A cross-site scripting (xss) vulnerability exists in the info.jsp functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-21238

CONFIRM

MISC cisco — inhand_networks_inrouter302

  A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can upload a malicious file to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-21809

MISC

CONFIRM microsoft — point-to-point_tunneling_protocol Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23270. 2022-05-10 not yet calculated CVE-2022-21972

MISC microsoft — exchange_server Microsoft Exchange Server Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-21978

MISC micosoft — graphics

  Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-26934, CVE-2022-29112. 2022-05-10 not yet calculated CVE-2022-22011

MISC microsoft — ldap

  Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-22012

MISC microsoft — ldap

  Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-22013

MISC microsoft — ldap

  Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-22014

MISC microsoft — remote_desktop_protocol

  Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability. 2022-05-10 not yet calculated CVE-2022-22015

MISC microsoft — playtomanager

  Windows PlayToManager Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-22016

MISC microsoft — remote_desktop_client

  Remote Desktop Client Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-22017

MISC microsoft — remote_procedure_call Remote Procedure Call Runtime Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-22019

MISC intel — xtu_software Uncontrolled search path in the Intel(R) XTU software before version 7.3.0.33 may allow an authenticated user to potentially enable escalation of privilege via local access. 2022-05-12 not yet calculated CVE-2022-22139

MISC huawei — dfx_module

  The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability. 2022-05-13 not yet calculated CVE-2022-22252

MISC

MISC huawei — kernel_module

  The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability. 2022-05-13 not yet calculated CVE-2022-22260

MISC

MISC huawei — hialserver

  The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. 2022-05-13 not yet calculated CVE-2022-22261

MISC

MISC sonicwall — ssl-vpn_netextender_windows_client A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender Windows Client (32 and 64 bit) in 10.2.322 and earlier versions, allows an attacker to potentially execute arbitrary code in the host windows operating system. 2022-05-13 not yet calculated CVE-2022-22281

CONFIRM sonicwall — sma1000

  SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts access to a resource using HTTP connections from an unauthorized actor leading to Improper Access Control vulnerability. 2022-05-13 not yet calculated CVE-2022-22282

CONFIRM ibm — robotic_process_automation

  IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disruption for any scripts dependent on the queue. IBM X-Force ID: 218366. 2022-05-09 not yet calculated CVE-2022-22319

XF

CONFIRM

CONFIRM ibm — qradar_siem

  IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 218367. 2022-05-11 not yet calculated CVE-2022-22320

XF

CONFIRM ibm — mq

  IBM MQ (IBM MQ for HPE NonStop 8.1.0) can inadvertently disclose sensitive information under certain circumstances to a local user from a stack trace. IBM X-Force ID: 218853. 2022-05-13 not yet calculated CVE-2022-22325

CONFIRM

XF ibm — websphere_application_server_liberty

  IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ID: 222078. 2022-05-13 not yet calculated CVE-2022-22393

CONFIRM

XF ibm — robotic_process_automation

  IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 223022. 2022-05-12 not yet calculated CVE-2022-22413

XF

CONFIRM ibm — infosphere_information_server

  IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. 2022-05-10 not yet calculated CVE-2022-22454

XF

CONFIRM ibm — navigator

  IBM Navigator for i 7.2, 7.3, and 7.4 (heritage version) could allow a remote attacker to obtain access to the web interface without valid credentials. By modifying the sign on request, an attacker can gain visibility to the fully qualified domain name of the target system and the navigator tasks page, however they do not gain the ability to perform those tasks on the system or see any specific system data. IBM X-Force ID: 225899. 2022-05-09 not yet calculated CVE-2022-22481

CONFIRM

XF microsoft — hyper-v

  Windows Hyper-V Denial of Service Vulnerability. 2022-05-10 not yet calculated CVE-2022-22713

MISC tibco_software_inc — multiple_products

  The DOM XML parser and SAX XML parser components of TIBCO Software Inc.’s TIBCO Managed File Transfer Command Center, TIBCO Managed File Transfer Command Center, TIBCO Managed File Transfer Internet Server, and TIBCO Managed File Transfer Internet Server contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to execute XML External Entity (XXE) attacks on the affected system. Affected releases are TIBCO Software Inc.’s TIBCO Managed File Transfer Command Center: versions 8.3.1 and below, TIBCO Managed File Transfer Command Center: versions 8.4.0 and 8.4.1, TIBCO Managed File Transfer Internet Server: versions 8.3.1 and below, and TIBCO Managed File Transfer Internet Server: versions 8.4.0 and 8.4.1. 2022-05-10 not yet calculated CVE-2022-22774

CONFIRM

CONFIRM sysaid — sysaid_system_takeover

  Sysaid – Sysaid System Takeover – An attacker can bypass the authentication process by accessing to: /wmiwizard.jsp, Then to: /ConcurrentLogin.jsp, then click on the login button, and it will redirect you to /home.jsp without any authentication. 2022-05-12 not yet calculated CVE-2022-22796

MISC sysaid — sysaid_open_redirect

  Sysaid – sysaid Open Redirect – An Attacker can change the redirect link at the parameter “redirectURL” from”GET” request from the url location: /CommunitySSORedirect.jsp?redirectURL=https://google.com. Unvalidated redirects and forwards are possible when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input. By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. 2022-05-12 not yet calculated CVE-2022-22797

MISC sysaid — multiple_products

  Sysaid – Pro Plus Edition, SysAid Help Desk Broken Access Control v20.4.74 b10, v22.1.20 b62, v22.1.30 b49 – An attacker needs to log in as a guest after that the system redirects him to the service portal or EndUserPortal.JSP, then he needs to change the path in the URL to /ConcurrentLogin%2ejsp after that he will receive an error message with a login button, by clicking on it, he will connect to the system dashboard. The attacker can receive sensitive data like server details, usernames, workstations, etc. He can also perform actions such as uploading files, deleting calls from the system. 2022-05-12 not yet calculated CVE-2022-22798

MISC spring_by_vmware — spring_framework

  In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object. 2022-05-12 not yet calculated CVE-2022-22970

MISC spring_by_vmware — spring_framework

  In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user. 2022-05-12 not yet calculated CVE-2022-22971

MISC spring_by_vmware — pinniped_supervisor 

  An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. An attack would involve the malicious user changing the common name (CN) of their user entry on the LDAP or AD server to include special characters, which could be used to perform LDAP query injection on the Supervisor’s LDAP query which determines their Kubernetes group membership. 2022-05-11 not yet calculated CVE-2022-22975

MISC solana — rbpf

  In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to transfer tokens or not. The vulnerability affects both integrity and may cause serious availability problems. 2022-05-09 not yet calculated CVE-2022-23066

MISC

MISC zte — zxcdn

  ZTE’s ZXCDN product has a reflective XSS vulnerability. The attacker could modify the parameters in the content clearing request url, and when a user clicks the url, an XSS attack will be triggered. 2022-05-11 not yet calculated CVE-2022-23137

MISC zte — zxmp_m721

  ZTE’s ZXMP M721 product has a permission and access control vulnerability. Since the folder permission viewed by sftp is 666, which is inconsistent with the actual permission. It’s easy for?users to?ignore the modification?of?the file permission configuration, so that low-authority accounts could actually obtain higher operating permissions on key files. 2022-05-12 not yet calculated CVE-2022-23139

MISC sysaid — sysaid

  Sysaid – Sysaid 14.2.0 Reflected Cross-Site Scripting (XSS) – The parameter “helpPageName” used by the page “https://us-cert.cisa.gov/help/treecontent.jsp” suffers from a Reflected Cross-Site Scripting vulnerability. For an attacker to exploit this Cross-Site Scripting vulnerability, it’s necessary for the affected product to expose the Offline Help Pages. An attacker may gain access to sensitive information or execute client-side code in the browser session of the victim user. Furthermore, an attacker would require the victim to open a malicious link. An attacker may exploit this vulnerability in order to perform phishing attacks. The attacker can receive sensitive data like server details, usernames, workstations, etc. He can also perform actions such as uploading files, deleting calls from the system 2022-05-12 not yet calculated CVE-2022-23165

MISC sysaid — sysaid_local_file_inclusion

  Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to “https://us-cert.cisa.gov/lib/tinymce/examples/index.html” path. in the “Insert/Edit Embedded Media” window Choose Type : iFrame and File/URL : [here is the LFI] Solution: Update to 22.2.20 cloud version, or to 22.1.64 on premise version. 2022-05-12 not yet calculated CVE-2022-23166

MISC micrsoft — .net_and_visual_studio

  .NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-29117, CVE-2022-29145. 2022-05-10 not yet calculated CVE-2022-23267

MISC microsoft — point-to-point_tunneling_protocol Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21972. 2022-05-10 not yet calculated CVE-2022-23270

MISC microsoft — alpc

  Windows ALPC Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-23279

MISC shenzen_ejoin_information_technology_co — manual_ping_form

  Command injection vulnerability in Manual Ping Form (Web UI) in Shenzhen Ejoin Information Technology Co., Ltd. ACOM508/ACOM516/ACOM532 609-915-041-100-020 allows a remote attacker to inject arbitrary code via the field. 2022-05-09 not yet calculated CVE-2022-23332

MISC

MISC aruba_networks — arubaos_switch

  A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.03.xxxx: All versions; ArubaOS-Switch 16.04.xxxx: All versions; ArubaOS-Switch 16.05.xxxx: All versions; ArubaOS-Switch 16.06.xxxx: All versions; ArubaOS-Switch 16.07.xxxx: All versions; ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0024 and below; ArubaOS-Switch 16.09.xxxx: KB/WB/WC/YA/YB/YC.16.09.0019 and below; ArubaOS-Switch 16.10.xxxx: KB/WB/WC/YA/YB/YC.16.10.0019 and below; ArubaOS-Switch 16.11.xxxx: KB/WB/WC/YA/YB/YC.16.11.0003 and below. Aruba has released upgrades for ArubaOS-Switch Devices that address these security vulnerabilities. 2022-05-10 not yet calculated CVE-2022-23676

MISC aruba_networks — arubaos_switch

  A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.03.xxxx: All versions; ArubaOS-Switch 16.04.xxxx: All versions; ArubaOS-Switch 16.05.xxxx: All versions; ArubaOS-Switch 16.06.xxxx: All versions; ArubaOS-Switch 16.07.xxxx: All versions; ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0024 and below; ArubaOS-Switch 16.09.xxxx: KB/WB/WC/YA/YB/YC.16.09.0019 and below; ArubaOS-Switch 16.10.xxxx: KB/WB/WC/YA/YB/YC.16.10.0019 and below; ArubaOS-Switch 16.11.xxxx: KB/WB/WC/YA/YB/YC.16.11.0003 and below. Aruba has released upgrades for ArubaOS-Switch Devices that address these security vulnerabilities. 2022-05-10 not yet calculated CVE-2022-23677

MISC hpe — integrated_lights-out4

  A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later. 2022-05-09 not yet calculated CVE-2022-23704

MISC hpe — multiple_products

  A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays, and HPE Nimble Storage Secondary Flash Arrays which could potentially allow the upload, but not execution, of unauthorized update binaries to the array. HPE has made the following software updates to resolve the vulnerability in HPE Nimble Storage: 5.0.10.100 or later, 5.2.1.0 or later, 6.0.0.100 or later. 2022-05-09 not yet calculated CVE-2022-23705

MISC zonealarm — check_point_endpoint_security_client Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links. 2022-05-12 not yet calculated CVE-2022-23742

MISC

MISC zonealarm — check_point

  Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. 2022-05-11 not yet calculated CVE-2022-23743

MISC siemens — desigo

  A vulnerability has been identified in Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The “addCell” JavaScript function fails to properly sanitize user-controllable input before including it into the generated XML body of the XLS report document, such that it is possible to inject arbitrary content (e.g., XML tags) into the generated file. An attacker with restricted privileges, by poisoning any of the content used to generate XLS reports, could be able to leverage the application to deliver malicious files against higher-privileged users and obtain Remote Code Execution (RCE) against the administrator’s workstation. 2022-05-10 not yet calculated CVE-2022-24039

MISC siemens — desigo

  A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application fails to enforce an upper bound to the cost factor of the PBKDF2 derived key during the creation or update of an account. An attacker with the user profile access privilege could cause a denial of service (DoS) condition through CPU consumption by setting a PBKDF2 derived key with a remarkably high cost effort and then attempting a login to the so-modified account. 2022-05-10 not yet calculated CVE-2022-24040

MISC siemens — desigo

  A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application stores the PBKDF2 derived key of users passwords with a low iteration count. An attacker with user profile access privilege can retrieve the stored password hashes of other accounts and then successfully perform an offline cracking attack and recover the plaintext passwords of other users. 2022-05-10 not yet calculated CVE-2022-24041

MISC siemens — desigo

  A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application returns an AuthToken that does not expire at the defined auto logoff delay timeout. An attacker could be able to capture this token and re-use old session credentials or session IDs for authorization. 2022-05-10 not yet calculated CVE-2022-24042

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-24101

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-24102

MISC adobe — acrobat_reader_dc Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-24103

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-24104

MISC intel — nucs Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. 2022-05-12 not yet calculated CVE-2022-24297

MISC intel — nucs

  Improper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. 2022-05-12 not yet calculated CVE-2022-24382

MISC microsoft — hyper-v Windows Hyper-V Security Feature Bypass Vulnerability. 2022-05-10 not yet calculated CVE-2022-24466

MISC yubico — otp

  Incorrect access control in Yubico OTP functionality of the YubiKey hardware tokens along with the Yubico OTP validation server. The Yubico OTP supposedly creates hardware bound second factor credentials. When a user reprograms the OTP functionality by “writing” it on a token using the Yubico Personalization Tool, they can then upload the new configuration to Yubicos OTP validation servers. 2022-05-11 not yet calculated CVE-2022-24584

MISC

MISC

MISC openclinica — openclinica

  OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known workarounds. This issue has been patched and users are recommended to upgrade. 2022-05-14 not yet calculated CVE-2022-24830

CONFIRM

MISC openclinica — openclinica

  OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). Versions prior to 3.16.1 are vulnerable to SQL injection due to the use of string concatenation to create SQL queries instead of prepared statements. No known workarounds exist. This issue has been patched in 3.16.1, 3.15.9, 3.14.1, and 3.13.1 and users are advised to upgrade. 2022-05-14 not yet calculated CVE-2022-24831

CONFIRM

MISC ecdsautils — ecdsautils

  ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[prepare_]legacy()` does not check whether the signature values `r` and `s` are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge signatures. Requiring multiple signatures from different public keys does not mitigate the issue: `ecdsa_verify_list_legacy()` will accept an arbitrary number of such forged signatures. Both the `ecdsautil verify` CLI command and the libecdsautil library are affected. The issue has been fixed in ecdsautils 0.4.1. All older versions of ecdsautils (including versions before the split into a library and a CLI utility) are vulnerable. 2022-05-06 not yet calculated CVE-2022-24884

MISC

CONFIRM

MISC

MLIST

DEBIAN

FEDORA

FEDORA

FEDORA cisco — inhand_networks_inrouter302

  A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-24910

CONFIRM

MISC cisco — inhand_networks_inrouter302

  An information disclosure vulnerability exists in the web interface session cookie functionality of InHand Networks InRouter302 V3.5.4. The session cookie misses the HttpOnly flag, making it accessible via JavaScript and thus allowing an attacker, able to perform an XSS attack, to steal the session cookie. 2022-05-12 not yet calculated CVE-2022-25172

CONFIRM

MISC blogengine.net — blogengine.net

  BlogEngine.NET v3.3.8.0 was discovered to contain an arbitrary file deletion vulnerability which allows attackers to delete files within the web server root directory via a crafted HTTP request. 2022-05-13 not yet calculated CVE-2022-25591

MISC

MISC apache — tomcat

  If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that the application will continue to use the socket after it has been closed. The error handling triggered in this case could cause the a pooled object to be placed in the pool twice. This could result in subsequent connections using the same object concurrently which could result in data being returned to the wrong use and/or other errors. 2022-05-13 not yet calculated CVE-2022-25762

MISC sds — sds

  This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. **Note:** This vulnerability derives from an incomplete fix to [CVE-2020-7618](https://security.snyk.io/vuln/SNYK-JS-SDS-564123) 2022-05-13 not yet calculated CVE-2022-25862

CONFIRM

CONFIRM microsoft — workspace_tools

  The package workspace-tools before 0.18.4 are vulnerable to Command Injection via git argument injection. When calling the fetchRemoteBranch(remote: string, remoteBranch: string, cwd: string) function, both the remote and remoteBranch parameters are passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection. 2022-05-13 not yet calculated CVE-2022-25865

CONFIRM

CONFIRM

CONFIRM cisco — inhand_networks_inrouter302 A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-25995

MISC

CONFIRM cisco — inhand_networks_inrouter302 A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of malicious packets to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26002

MISC

CONFIRM cisco — inhand_networks_inrouter302

  An OS command injection vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26007

MISC

CONFIRM cisco — inhand_networks_inrouter302

  An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26020

MISC

CONFIRM cisco — inhand_networks_inrouter302

  An OS command injection vulnerability exists in the daretools binary functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26042

MISC

CONFIRM cisco — inhand_networks_inrouter302

  An OS command injection vulnerability exists in the console infactory_wlan functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26075

MISC

CONFIRM cisco — inhand_networks_inrouter302

  An OS command injection vulnerability exists in the httpd wlscan_ASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26085

MISC

CONFIRM fortinet — fortinac

  Multiple improper neutralization of special elements used in SQL commands (‘SQL Injection’) vulnerability [CWE-89] in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.2 and below may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted strings parameters. 2022-05-11 not yet calculated CVE-2022-26116

CONFIRM cisco — inhand_networks_inrouter302 An OS command injection vulnerability exists in the console infactory_port functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26420

MISC

CONFIRM cisco — inhand_networks_inrouter302 A firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted HTTP request can lead to firmware update. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26510

MISC

CONFIRM cisco — inhand_networks_inrouter302

  An OS command injection vulnerability exists in the console infactory_net functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-26518

MISC

CONFIRM cisco — inhand_networks_inrouter302 Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`’s `user_define_init` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution. 2022-05-12 not yet calculated CVE-2022-26780

CONFIRM

MISC cisco — inhand_networks_inrouter302 Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`’s `user_define_print` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution. 2022-05-12 not yet calculated CVE-2022-26781

CONFIRM

MISC cisco — inhand_networks_inrouter302

  Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`’s `user_define_set_item` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution. 2022-05-12 not yet calculated CVE-2022-26782

CONFIRM

MISC microsoft — authentication_security_feature Windows Authentication Security Feature Bypass Vulnerability. 2022-05-10 not yet calculated CVE-2022-26913

MISC microsoft — active_directory_domain_services Active Directory Domain Services Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-26923

MISC microsoft — lsa Windows LSA Spoofing Vulnerability. 2022-05-10 not yet calculated CVE-2022-26925

MISC microsoft — address_book Windows Address Book Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-26926

MISC microsoft — graphics_component Windows Graphics Component Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-26927

MISC microsoft — remote_access_connection_manager Windows Remote Access Connection Manager Information Disclosure Vulnerability. 2022-05-10 not yet calculated CVE-2022-26930

MISC microsoft — kerberos Windows Kerberos Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-26931

MISC microsoft — storage_spaces_direct Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26938, CVE-2022-26939. 2022-05-10 not yet calculated CVE-2022-26932

MISC microsoft — ntfs Windows NTFS Information Disclosure Vulnerability. 2022-05-10 not yet calculated CVE-2022-26933

MISC microsoft — grapics_component Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22011, CVE-2022-29112. 2022-05-10 not yet calculated CVE-2022-26934

MISC microsoft — wlan_autoconfig Windows WLAN AutoConfig Service Information Disclosure Vulnerability. 2022-05-10 not yet calculated CVE-2022-26935

MISC microsoft — server_service_ Windows Server Service Information Disclosure Vulnerability. 2022-05-10 not yet calculated CVE-2022-26936

MISC microsoft — network_file_system Windows Network File System Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-26937

MISC microsoft — storage_spaces_direct Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26932, CVE-2022-26939. 2022-05-10 not yet calculated CVE-2022-26938

MISC microsoft — storage_spaces_direct Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26932, CVE-2022-26938. 2022-05-10 not yet calculated CVE-2022-26939

MISC microsoft — remote_desktop_protocol_client Remote Desktop Protocol Client Information Disclosure Vulnerability. 2022-05-10 not yet calculated CVE-2022-26940

MISC tp-link — tp-link_tl-wdr7660

  TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MmtAtePrase` function. Local users could get remote code execution. 2022-05-10 not yet calculated CVE-2022-26987

MISC

MISC

MISC tp-link — tp-link_tl-wdr7660

  TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MntAte` function. Local users could get remote code execution. 2022-05-10 not yet calculated CVE-2022-26988

MISC

MISC

MISC htmldoc — htmldoc

  There is a vulnerability in htmldoc 1.9.16. In image_load_jpeg function image.cxx when it calls malloc,’img->width’ and ‘img->height’ they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer overflow/Address boundary error in the jpeg_read_scanlines function. 2022-05-09 not yet calculated CVE-2022-27114

MISC

MISC

MLIST eosio — eosio

  EOSIO batdappboomx v327c04cf has an Access-control vulnerability in the `transfer` function of the smart contract which allows remote attackers to win the cryptocurrency without paying ticket fee via the `std::string memo` parameter. 2022-05-13 not yet calculated CVE-2022-27134

MISC eset — multiple_products

  Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit “Repair” and “Uninstall” features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0. 2022-05-10 not yet calculated CVE-2022-27167

MISC cisco — inrouter302

  A hard-coded password vulnerability exists in the console infactory functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted network request can lead to privileged operation execution. An attacker can send a sequence of requests to trigger this vulnerability. 2022-05-12 not yet calculated CVE-2022-27172

MISC

CONFIRM galleon — nts-6002-gps

  An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated attacker can perform command injection as root via shell metacharacters within the Network Tools section of the web-management interface. All three networking tools are affected (Ping, Traceroute, and DNS Lookup) and their respective input fields (ping_address, trace_address, nslookup_address). 2022-05-09 not yet calculated CVE-2022-27224

MISC

MISC cdsoft — onlinetools

  onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an attacker to download sensitive information about any customer (e.g., data of birth, full address, mail information, and phone number) via GastKont Insecure Direct Object Reference. 2022-05-13 not yet calculated CVE-2022-27247

MISC

MISC phprojekt — phpsimplygest

  A stored cross-site scripting (XSS) vulnerability in PHProjekt PhpSimplyGest v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a project title. 2022-05-09 not yet calculated CVE-2022-27308

MISC

MISC

MISC explore_cms — explore_cms

  Explore CMS v1.0 was discovered to contain a SQL injection vulnerability via a /page.php?id= request. 2022-05-09 not yet calculated CVE-2022-27412

MISC

MISC sap — web_dispatcher_and_the_internet_communication_manager

  The Web administration UI of SAP Web Dispatcher and the Internet Communication Manager (ICM) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. 2022-05-11 not yet calculated CVE-2022-27656

MISC

MISC adobe — acrobat_reader_dc Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27785

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27786

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27787

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27788

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27789

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27790

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a stack-based buffer overflow vulnerability due to insecure processing of a font, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file 2022-05-11 not yet calculated CVE-2022-27791

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27792

MISC adobe — acrobat_reader_dc Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27793

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by the use of a variable that has not been initialized when processing of embedded fonts, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file 2022-05-11 not yet calculated CVE-2022-27794

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27795

MISC adobe — acrobat_reader_dc Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27796

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27797

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27798

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27799

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27800

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27801

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-27802

MISC joomla — joomla

  In Joomla component ‘jDownloads 3.9.8.2 Stable’ the remote user can change some parameters in the address bar and see the names of other users’ files 2022-05-06 not yet calculated CVE-2022-27909

MISC

MISC home_owners_collection_management — home_owners_collection_management Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET[‘s’] parameter. 2022-05-11 not yet calculated CVE-2022-28077

MISC

MISC home_owners_collection_management — home_owners_collection_management Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET[‘page’] parameter. 2022-05-11 not yet calculated CVE-2022-28078

MISC

MISC hotel_management_system — hotel_management_system Hotel Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at the login page. 2022-05-10 not yet calculated CVE-2022-28110

MISC

MISC broadcom — brocade_sannav

  An information exposure through log file vulnerability in Brocade SANNav versions before Brocade SANnav 2.2.0 could allow an authenticated, local attacker to view sensitive information such as ssh passwords in filetansfer.log in debug mode. To exploit this vulnerability, the attacker would need to have valid user credentials and turn on debug mode. 2022-05-09 not yet calculated CVE-2022-28161

MISC broadcom — brocade_sannav Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text. 2022-05-09 not yet calculated CVE-2022-28162

MISC sap — businessobjects_enterprise_and_central_management_server

  During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) – versions 420, 430, authentication credentials are being exposed in Sysmon event logs. This Information Disclosure could cause a high impact on systems’ Confidentiality, Integrity, and Availability. 2022-05-11 not yet calculated CVE-2022-28214

MISC

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28230

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by an out-of-bounds read vulnerability when processing a doc object, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28231

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the collab object that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28232

MISC adobe — acrobat_reader_dc Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28233

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a heap-based buffer overflow vulnerability due to insecure handling of a crafted .pdf file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file 2022-05-11 not yet calculated CVE-2022-28234

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28235

MISC adobe — acrobat_reader_dc Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28236

MISC adobe — acrobat_reader_dc Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28237

MISC adobe — acrobat_reader_dc Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28238

MISC adobe — acrobat_reader_dc Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28239

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28240

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28241

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28242

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28243

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a violation of secure design principles through bypassing the content security policy, which could result in an attacker sending arbitrarily configured requests to the cross-origin attack target domain. Exploitation requires user interaction in which the victim needs to access a crafted PDF file on an attacker’s server. 2022-05-11 not yet calculated CVE-2022-28244

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28245

MISC adobe — acrobat_reader_dc Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28246

MISC adobe — acrobat_reader_dc Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an uncontrolled search path vulnerability that could lead to local privilege escalation. Exploitation of this issue requires user interaction in that a victim must run the uninstaller with Admin privileges. 2022-05-11 not yet calculated CVE-2022-28247

MISC adobe — acrobat_reader_dc Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28248

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28249

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28250

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28251

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28252

MISC adobe — acrobat_reader_dc Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28253

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28254

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28255

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28256

MISC adobe — acrobat_reader_dc Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28257

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28258

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28259

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28260

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28261

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28262

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28263

MISC adobe — acrobat_reader_dc Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28264

MISC adobe — acrobat_reader_dc Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28265

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28266

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28267

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28268

MISC adobe — acrobat_reader_dc

  Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of Annotation objects that could result in a memory leak in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28269

MISC imagemagick — imagemagick

  ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. 2022-05-08 not yet calculated CVE-2022-28463

MISC

MISC

MISC

MLIST pypl — pypl

  marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor. 2022-05-08 not yet calculated CVE-2022-28470

MISC

MISC

MISC lms_doctor — simple_2fa_plugin_for_moodle

  A Two-Factor Authentication (2FA) bypass vulnerability in “Simple 2FA Plugin for Moodle” by LMS Doctor allows remote attackers to overwrite the phone number used for confirmation via the profile.php file. Therefore, allowing them to bypass the phone verification mechanism. 2022-05-10 not yet calculated CVE-2022-28601

MISC

MISC ruby — ruby

  A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations. 2022-05-09 not yet calculated CVE-2022-28738

MISC

CONFIRM

MISC ruby — ruby

  There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f. 2022-05-09 not yet calculated CVE-2022-28739

MISC

MISC

CONFIRM sap — host_agent

  Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be restricted. 2022-05-11 not yet calculated CVE-2022-28774

MISC

MISC adobe — coldfusion

  ColdFusion versions CF2021U3 (and earlier) and CF2018U13 are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser. 2022-05-12 not yet calculated CVE-2022-28818

MISC adobe — character_animator

  Adobe Character Animator versions 4.4.2 (and earlier) and 22.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious SVG file. 2022-05-12 not yet calculated CVE-2022-28819

MISC adobe — framemaker

  Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28821

MISC adobe — framemaker

  Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28822

MISC adobe — framemaker

  Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by a Use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28823

MISC adobe — framemaker

  Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by a Use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28824

MISC adobe — framemaker

  Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28825

MISC adobe — framemaker

  Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28826

MISC adobe — framemaker

  Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28827

MISC adobe — framemaker

  Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28828

MISC adobe — framemaker

  Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28829

MISC adobe — framemaker

  Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-13 not yet calculated CVE-2022-28830

MISC adobe — acrobat_pro_dc

  Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28837

MISC adobe — acrobat_pro_dc

  Acrobat Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-05-11 not yet calculated CVE-2022-28838

MISC f-secure — safe_browser

  A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails in a loop. 2022-05-12 not yet calculated CVE-2022-28872

MISC f-secure — safe_browser

  A vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functionality in SAFE Browser which could lead address bar spoofing attacks. 2022-05-12 not yet calculated CVE-2022-28873

MISC

MISC d-link — dir882 A command injection vulnerability in the component /setnetworksettings/IPAddress of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload. 2022-05-10 not yet calculated CVE-2022-28895

MISC

MISC d-link — dir882 A command injection vulnerability in the component /setnetworksettings/SubnetMask of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload. 2022-05-10 not yet calculated CVE-2022-28896

MISC

MISC d-link — dir882

  A command injection vulnerability in the component /SetTriggerLEDBlink/Blink of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload. 2022-05-10 not yet calculated CVE-2022-28901

MISC

MISC totolink — n600r

  TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicemac parameter in /setting/setDeviceName. 2022-05-10 not yet calculated CVE-2022-28905

MISC totolink — n600r

  TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg. 2022-05-10 not yet calculated CVE-2022-28906

MISC totolink — n600r TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost. 2022-05-10 not yet calculated CVE-2022-28907

MISC totolink — n600r TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg. 2022-05-10 not yet calculated CVE-2022-28908

MISC totolink — n600r TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx. 2022-05-10 not yet calculated CVE-2022-28909

MISC totolink — n600r TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName. 2022-05-10 not yet calculated CVE-2022-28910

MISC totolink — n600r TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/CloudACMunualUpdate. 2022-05-10 not yet calculated CVE-2022-28911

MISC totolink — n600r

  TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUpgradeFW. 2022-05-10 not yet calculated CVE-2022-28912

MISC totolink — n600r

  TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUploadSetting. 2022-05-10 not yet calculated CVE-2022-28913

MISC d-link — dir-816

  D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a command injection vulnerability via the admuser and admpass parameters in /goform/setSysAdm. 2022-05-10 not yet calculated CVE-2022-28915

MISC

MISC htmlcreator — htmlcreator

  HTMLCreator release_stable_2020-07-29 was discovered to contain a cross-site scripting (XSS) vulnerability via the function _generateFilename. 2022-05-12 not yet calculated CVE-2022-28919

MISC tieba-cloud-sign — tieba-cloud-sign

  Tieba-Cloud-Sign v4.9 was discovered to contain a cross-site scripting (XSS) vulnerability via the function strip_tags. 2022-05-12 not yet calculated CVE-2022-28920

MISC lms_doctor_simple_2_factor_authentication_plugin — lms_doctor_simple_2_factor_authentication_plugin LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: 2021072900 has an Insecure direct object references (IDOR) vulnerability, which allows remote attackers to update sensitive records such as email, password and phone number of other user accounts. 2022-05-10 not yet calculated CVE-2022-28986

MISC

MISC

MISC directory_management_system — directory_management_system Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication. 2022-05-11 not yet calculated CVE-2022-29006

MISC dairy_farm_shop_management_system — dairy_farm_shop_management_system Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication. 2022-05-11 not yet calculated CVE-2022-29007

MISC bus_pass_management_system — bus_pass_management_system An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information. 2022-05-11 not yet calculated CVE-2022-29008

MISC cyber_cafe_management_system_project — cyber_cafe_management_system_project 

  Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication. 2022-05-11 not yet calculated CVE-2022-29009

MISC microsoft — failover_cluster Windows Failover Cluster Information Disclosure Vulnerability. 2022-05-10 not yet calculated CVE-2022-29102

MISC microsoft — windows_remote_access_connection_manager Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-29103

MISC microsoft — print_spooler Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29132. 2022-05-10 not yet calculated CVE-2022-29104

MISC microsoft — windows_media_foundation Microsoft Windows Media Foundation Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-29105

MISC microsoft — hyper-v_shared_virtual_disk Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-29106

MISC microsoft — office

  Microsoft Office Security Feature Bypass Vulnerability. 2022-05-10 not yet calculated CVE-2022-29107

MISC microsoft — sharepoint Microsoft SharePoint Server Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-29108

MISC microsoft — excel Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29110. 2022-05-10 not yet calculated CVE-2022-29109

MISC microsoft — excel

  Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29109. 2022-05-10 not yet calculated CVE-2022-29110

MISC microsoft — graphics

  Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22011, CVE-2022-26934. 2022-05-10 not yet calculated CVE-2022-29112

MISC microsoft — digital_media_receiver

  Windows Digital Media Receiver Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-29113

MISC microsoft — windows_print_spooler

  Windows Print Spooler Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29140. 2022-05-10 not yet calculated CVE-2022-29114

MISC microsoft — windows_fax_service

  Windows Fax Service Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-29115

MISC microsoft — windows_kernel

  Windows Kernel Information Disclosure Vulnerability. 2022-05-10 not yet calculated CVE-2022-29116

MISC microsoft — .net_and_visual_studio .NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29145. 2022-05-10 not yet calculated CVE-2022-29117

MISC microsoft — windows_clustered Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29122, CVE-2022-29123, CVE-2022-29134. 2022-05-10 not yet calculated CVE-2022-29120

MISC microsoft — windows_wlan Windows WLAN AutoConfig Service Denial of Service Vulnerability. 2022-05-10 not yet calculated CVE-2022-29121

MISC microsoft — windows_clustered

  Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29120, CVE-2022-29123, CVE-2022-29134. 2022-05-10 not yet calculated CVE-2022-29122

MISC microsoft — windows_clustered

  Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29120, CVE-2022-29122, CVE-2022-29134. 2022-05-10 not yet calculated CVE-2022-29123

MISC microsoft — windows_push_notifications_app

  Windows Push Notifications Apps Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-29125

MISC microsoft — tablet_windows_user_interface_application

  Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-29126

MISC microsoft — bitlocker

  BitLocker Security Feature Bypass Vulnerability. 2022-05-10 not yet calculated CVE-2022-29127

MISC microsoft — ldap

  Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-29128

MISC microsoft — ldap

  Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-29129

MISC microsoft — ldap Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-29130

MISC microsoft — ldap

  Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-29131

MISC microsoft — print_spooler_elevation

  Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29104. 2022-05-10 not yet calculated CVE-2022-29132

MISC microsoft — windows_kernel

  Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29142. 2022-05-10 not yet calculated CVE-2022-29133

MISC microsoft — clustered_shared_volume Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29120, CVE-2022-29122, CVE-2022-29123. 2022-05-10 not yet calculated CVE-2022-29134

MISC microsoft — clustered_shared_volume Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29150, CVE-2022-29151. 2022-05-10 not yet calculated CVE-2022-29135

MISC microsoft — ldap

  Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29139, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-29137

MISC microsoft — clustered_shared_volume Windows Clustered Shared Volume Elevation of Privilege Vulnerability. 2022-05-10 not yet calculated CVE-2022-29138

MISC microsoft — ldap Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29141. 2022-05-10 not yet calculated CVE-2022-29139

MISC microsoft — print_spooler Windows Print Spooler Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29114. 2022-05-10 not yet calculated CVE-2022-29140

MISC microsoft — windows_ldap

  Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139. 2022-05-10 not yet calculated CVE-2022-29141

MISC microsoft — windows_kernel Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29133. 2022-05-10 not yet calculated CVE-2022-29142

MISC microsoft — .net_and_visual_studio .NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29117. 2022-05-10 not yet calculated CVE-2022-29145

MISC microsoft — visual_studio Visual Studio Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-29148

MISC microsoft — multiple_products Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29135, CVE-2022-29151. 2022-05-10 not yet calculated CVE-2022-29150

MISC microsoft — multiple_products Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29135, CVE-2022-29150. 2022-05-10 not yet calculated CVE-2022-29151

MISC charmbracelet — charm

  A vulnerability in which attackers could forge HTTP requests to manipulate the `charm` data directory to access or delete anything on the server. This has been patched and is available in release [v0.12.1](https://github.com/charmbracelet/charm/releases/tag/v0.12.1). We recommend that all users running self-hosted `charm` instances update immediately. This vulnerability was found in-house and we haven’t been notified of any potential exploiters. ### Additional notes * Encrypted user data uploaded to the Charm server is safe as Charm servers cannot decrypt user data. This includes filenames, paths, and all key-value data. * Users running the official Charm [Docker images](https://github.com/charmbracelet/charm/blob/main/docker.md) are at minimal risk because the exploit is limited to the containerized filesystem. 2022-05-07 not yet calculated CVE-2022-29180

MISC

CONFIRM rubygems — rubygems

  RubyGems is a package registry used to supply software for the Ruby language ecosystem. An ordering mistake in the code that accepts gem uploads allowed some gems (with platforms ending in numbers, like `arm64-darwin-21`) to be temporarily replaced in the CDN cache by a malicious package. The bug has been patched, and is believed to have never been exploited, based on an extensive review of logs and existing gems by rubygems. The easiest way to ensure that an application has not been exploited by this vulnerability is to verify all downloaded .gems checksums match the checksum recorded in the RubyGems.org database. RubyGems.org has been patched and is no longer vulnerable to this issue. 2022-05-13 not yet calculated CVE-2022-29218

CONFIRM solarview_compact — solarview_compact SolarView Compact ver.6.00 allows attackers to access sensitive files via directory traversal. 2022-05-12 not yet calculated CVE-2022-29298

MISC solarview_compact — solarview_compact SolarView Compact ver.6.00 was discovered to contain a local file disclosure via /html/Solar_Ftp.php. 2022-05-12 not yet calculated CVE-2022-29302

MISC solarview_compact — solarview_compact SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php. 2022-05-12 not yet calculated CVE-2022-29303

MISC ionize — ionizecms

  IonizeCMS v1.0.8.1 was discovered to contain a SQL injection vulnerability via the id_page parameter in application/models/article_model.php. 2022-05-12 not yet calculated CVE-2022-29306

MISC ionize — ionizecms

  IonizeCMS v1.0.8.1 was discovered to contain a command injection vulnerability via the function copy_lang_content in application/models/lang_model.php. 2022-05-12 not yet calculated CVE-2022-29307

MISC complete_online_job_search_system — complete_online_job_search_system Complete Online Job Search System v1.0 was discovered to contain a SQL injection vulnerability via /eris/index.php?q=result&searchfor=advancesearch. 2022-05-11 not yet calculated CVE-2022-29316

MISC simple_bus_ticket_booking_system  — simple_bus_ticket_booking_system Simple Bus Ticket Booking System v1.0 was discovered to contain multiple SQL injection vulnerbilities via the username and password parameters at /assets/partials/_handleLogin.php. 2022-05-11 not yet calculated CVE-2022-29317

MISC car_rental_management_system — new_entry_module

  An arbitrary file upload vulnerability in the New Entry module of Car Rental Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. 2022-05-11 not yet calculated CVE-2022-29318

MISC d-link — dir-816

  D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the lanip parameter in /goform/setNetworkLan. 2022-05-10 not yet calculated CVE-2022-29321

MISC

MISC d-link — dir-816

  D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the IPADDR and nvmacaddr parameters in /goform/form2Dhcpip. 2022-05-10 not yet calculated CVE-2022-29322

MISC

MISC d-link — dir-816

  D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the MAC parameter in /goform/editassignment. 2022-05-10 not yet calculated CVE-2022-29323

MISC

MISC d-link — dir-816

  D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the proto parameter in /goform/form2IPQoSTcAdd. 2022-05-10 not yet calculated CVE-2022-29324

MISC

MISC d-link — dir-816

  D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addurlfilter parameter in /goform/websURLFilter. 2022-05-10 not yet calculated CVE-2022-29325

MISC

MISC d-link — dir-816

  D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addhostfilter parameter in /goform/websHostFilter. 2022-05-10 not yet calculated CVE-2022-29326

MISC

MISC d-link — dir-816 D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the urladd parameter in /goform/websURLFilterAddDel. 2022-05-10 not yet calculated CVE-2022-29327

MISC

MISC d-link — dap-1330_oss-firmware D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a stack overflow via the function checkvalidupgrade. 2022-05-10 not yet calculated CVE-2022-29328

MISC

MISC d-link — dap-1330_oss-firmware D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a heap overflow via the devicename parameter in /goform/setDeviceSettings. 2022-05-10 not yet calculated CVE-2022-29329

MISC

MISC phpok — phpok

  Phpok v6.1 was discovered to contain a deserialization vulnerability via the update_f() function in login_control.php. This vulnerability allows attackers to getshell via writing arbitrary files. 2022-05-12 not yet calculated CVE-2022-29363

MISC moddable — moddable

  Moddable commit before 135aa9a4a6a9b49b60aa730ebc3bcc6247d75c45 was discovered to contain an out-of-bounds read via the function fxUint8Getter at /moddable/xs/sources/xsDataView.c. 2022-05-12 not yet calculated CVE-2022-29368

MISC

MISC nginx — nginx_njs

  Nginx NJS v0.7.2 was discovered to contain a segmentation violation via njs_lvlhsh_bucket_find at njs_lvlhsh.c. 2022-05-12 not yet calculated CVE-2022-29369

MISC

MISC netgear — prosafe_ssl_vpn

  NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi. 2022-05-13 not yet calculated CVE-2022-29383

MISC

MISC totolink — n600r TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8. 2022-05-10 not yet calculated CVE-2022-29391

MISC totolink — n600r TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24. 2022-05-10 not yet calculated CVE-2022-29392

MISC totolink — n600r TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc. 2022-05-10 not yet calculated CVE-2022-29393

MISC totolink — n600r TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448. 2022-05-10 not yet calculated CVE-2022-29394

MISC totolink — n600r TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4. 2022-05-10 not yet calculated CVE-2022-29395

MISC totolink — n600r TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418f10. 2022-05-10 not yet calculated CVE-2022-29396

MISC totolink — n600r TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8. 2022-05-10 not yet calculated CVE-2022-29397

MISC totolink — n600r

  TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the File parameter in the function FUN_0041309c. 2022-05-10 not yet calculated CVE-2022-29398

MISC totolink — n600r

  TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the url parameter in the function FUN_00415bf0. 2022-05-10 not yet calculated CVE-2022-29399

MISC wordpress — donations_plugin

  Authenticated (contributor or higher role) Cross-Site Scripting (XSS) vulnerability in Donations plugin <= 1.8 on WordPress. 2022-05-13 not yet calculated CVE-2022-29433

CONFIRM

CONFIRM gruppo_tim – resi_gemini-net_web

  RESI Gemini-Net Web 4.2 is affected by Improper Access Control in authorization logic. An unauthenticated user is able to access some critical resources. 2022-05-12 not yet calculated CVE-2022-29538

MISC

MISC gruppo_tim – resi_gemini-net

  resi-calltrace in RESI Gemini-Net 4.2 is affected by OS Command Injection. It does not properly check the parameters sent as input before they are processed on the server. Due to the lack of validation of user input, an unauthenticated attacker can bypass the syntax intended by the software (e.g., concatenate `&|;r commands) and inject arbitrary system commands with the privileges of the application user. 2022-05-12 not yet calculated CVE-2022-29539

MISC

MISC  tend — tx9_pro Tenda TX9 Pro 22.03.02.10 devices have a SetNetControlList buffer overflow. 2022-05-10 not yet calculated CVE-2022-29591

MISC microstrategy — enterprise_manager_2022

  MicroStrategy Enterprise Manager 2022 allows authentication bypass by triggering a login failure and then entering the Uid=/../../../../../../../../../../../windows/win.ini%00.jpg&Pwd=_any_password_&ConnMode=1&3054=Login substring for directory traversal. 2022-05-11 not yet calculated CVE-2022-29596

MISC sap — netweaver_application_server SAP NetWeaver Application Server ABAP allows an authenticated attacker to upload malicious files and delete (theme) data, which could result in Stored Cross-Site Scripting (XSS) attack. 2022-05-11 not yet calculated CVE-2022-29610

MISC

MISC sap — netweaver_application_server

  SAP NetWeaver Application Server for ABAP and ABAP Platform do not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. 2022-05-11 not yet calculated CVE-2022-29611

MISC

MISC sap — employee_self_service

  Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker with user privileges to alter employee number. On successful exploitation, the attacker can view personal details of other users causing a limited impact on confidentiality of the application. 2022-05-11 not yet calculated CVE-2022-29613

MISC

MISC sap — multiple_products

  SAP Host Agent, SAP NetWeaver and ABAP Platform allow an attacker to leverage logical errors in memory management to cause a memory corruption. 2022-05-11 not yet calculated CVE-2022-29616

MISC

MISC wedding_management_system — upload_photos_module

  An arbitrary file upload vulnerability in the Upload Photos module of Wedding Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. 2022-05-11 not yet calculated CVE-2022-29655

MISC wedding_management_system — wedding_management_system Wedding Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Wedding-Management/package_detail.php. 2022-05-11 not yet calculated CVE-2022-29656

MISC survey_sparrow — enterprise_survery_software Survey Sparrow Enterprise Survey Software 2022 has a Stored cross-site scripting (XSS) vulnerability in the Signup parameter. 2022-05-11 not yet calculated CVE-2022-29727

MISC

MISC survey_sparrow — enterprise_survery_software Survey Sparrow Enterprise Survey Software 2022 has a Reflected cross-site scripting (XSS) vulnerability in the test parameter. 2022-05-11 not yet calculated CVE-2022-29728

MISC

MISC money_transfer_management_system — money_transfer_management_system Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=transaction/send&id=, id. 2022-05-12 not yet calculated CVE-2022-29738

MISC money_transfer_management_system — money_transfer_management_system Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=user/manage_user&id=. 2022-05-12 not yet calculated CVE-2022-29739

MISC money_transfer_management_system — money_transfer_management_system Money Transfer Management System 1.0 is vulnerable to SQL Injection via mtmsclassesMaster.php?f=delete_fee. 2022-05-12 not yet calculated CVE-2022-29741

MISC money_transfer_management_system — money_transfer_management_system Money Transfer Management System 1.0 is vulnerable to SQL Injection via mtmsclassesMaster.php?f=delete_transaction. 2022-05-12 not yet calculated CVE-2022-29745

MISC money_transfer_management_system — money_transfer_management_system Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/classes/Users.php?f=delete. 2022-05-12 not yet calculated CVE-2022-29746

MISC simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/manage_invoice&id= // Leak place —> id. 2022-05-12 not yet calculated CVE-2022-29747

MISC simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via cmsadmin?page=client/manage_client&id=. 2022-05-12 not yet calculated CVE-2022-29748

MISC simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_invoice. 2022-05-12 not yet calculated CVE-2022-29749

MISC simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_service. 2022-05-12 not yet calculated CVE-2022-29750

MISC simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_client. 2022-05-12 not yet calculated CVE-2022-29751

MISC huawei — hialserver The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services. 2022-05-13 not yet calculated CVE-2022-29789

MISC

MISC huawei — harmonyos The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions. 2022-05-13 not yet calculated CVE-2022-29790

MISC

MISC huawei — hialserver The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. 2022-05-13 not yet calculated CVE-2022-29791

MISC

MISC huawei — chip_component The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality. 2022-05-13 not yet calculated CVE-2022-29792

MISC

MISC huawei — activation_lock There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability. 2022-05-13 not yet calculated CVE-2022-29793

MISC

MISC huawei — frame_scheduling_module The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality. 2022-05-13 not yet calculated CVE-2022-29794

MISC

MISC huawei — frame_scheduling_module The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability. 2022-05-13 not yet calculated CVE-2022-29795

MISC

MISC huawei — hialserver

  The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. 2022-05-13 not yet calculated CVE-2022-29796

MISC

MISC progress — ipswitch_watchsup_gold In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file. 2022-05-11 not yet calculated CVE-2022-29845

MISC

MISC progress — ipswitch_watchsup_gold In Progress Ipswitch WhatsUp Gold 16.1 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to obtain the WhatsUp Gold installation serial number. 2022-05-11 not yet calculated CVE-2022-29846

MISC

MISC progress — ipswitch_watchsup_gold

  In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host. 2022-05-11 not yet calculated CVE-2022-29847

MISC

MISC progress — ipswitch_watchsup_gold

  In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system. 2022-05-11 not yet calculated CVE-2022-29848

MISC

MISC mitel — 6900_series

  A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12) and earlier, could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution. 2022-05-13 not yet calculated CVE-2022-29854

MISC

CONFIRM mitel — multiple_products

  Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have “undocumented functionality.” A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution. 2022-05-11 not yet calculated CVE-2022-29855

MISC

CONFIRM apple — 1passord

  1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass. Malicious software running on the same computer can exfiltrate secrets from 1Password provided that 1Password is running and is unlocked. Affected secrets include vault items and derived values used for signing in to 1Password. 2022-05-09 not yet calculated CVE-2022-29868

MISC apache — tomcat

  The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks. 2022-05-12 not yet calculated CVE-2022-29885

MISC phoneix_contact — rad-ism

  On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the traceroute utility integrated in the WebUI to execute arbitrary code with root privileges on the OS due to an improper input validation in all versions of the firmware. 2022-05-11 not yet calculated CVE-2022-29897

CONFIRM phoneix_contact — rad-ism On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the configuration file uploader in the WebUI to execute arbitrary code with root privileges on the OS due to an improper validation of an integrity check value in all versions of the firmware. 2022-05-11 not yet calculated CVE-2022-29898

CONFIRM jetbrains — teamcity In JetBrains TeamCity before 2022.04 reflected XSS on the Build Chain Status page was possible 2022-05-12 not yet calculated CVE-2022-29927

MISC jetbrains — teamcity In JetBrains TeamCity before 2022.04 leak of secrets in TeamCity agent logs was possible 2022-05-12 not yet calculated CVE-2022-29928

MISC jetbrains — teamcity In JetBrains TeamCity before 2022.04 potential XSS via Referrer header was possible 2022-05-12 not yet calculated CVE-2022-29929

MISC jetbrains — ktor_native

  SHA1 implementation in JetBrains Ktor Native before 2.0.1 was returning the same value 2022-05-12 not yet calculated CVE-2022-29930

MISC

MISC primeur — spazio

  The HTTP Server in PRIMEUR SPAZIO 2.5.1.954 (File Transfer) allows an unauthenticated attacker to obtain sensitive data (related to the content of transferred files) via a crafted HTTP request. 2022-05-11 not yet calculated CVE-2022-29932

MISC

MISC craft_cms — cms

  Craft CMS through 3.7.36 allows a remote unauthenticated attacker, who knows at least one valid username, to reset the account’s password and take over the account by providing a crafted HTTP header to the application while using the password reset functionality. Specifically, the attacker must send X-Forwarded-Host to the /index.php?p=admin/actions/users/send-password-reset-email URI. NOTE: the vendor’s position is that a customer can already work around this by adjusting the configuration (i.e., by not using the default configuration). 2022-05-09 not yet calculated CVE-2022-29933

MISC

MISC

MISC

MISC magnitude — simba_amazon_redshift_odbc_driver

  An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Athena ODBC Driver 1.1.1 through 1.1.x before 1.1.17 may allow a local user to execute arbitrary code. 2022-05-09 not yet calculated CVE-2022-29971

CONFIRM

MISC magnitude — simba_amazon_redshift_odbc_driver An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift ODBC Driver (1.4.14 through 1.4.21.1001 and 1.4.22 through 1.4.x before 1.4.52) may allow a local user to execute arbitrary code. 2022-05-09 not yet calculated CVE-2022-29972

CONFIRM

MISC mdaemon — mdaemon An Authenticated Reflected Cross-site scripting at CC Parameter was discovered in MDaemon before 22.0.0 . 2022-05-11 not yet calculated CVE-2022-29975

MISC mdaemon — mdaemon An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0 . 2022-05-11 not yet calculated CVE-2022-29976

MISC libsixel — libsixel There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file. 2022-05-11 not yet calculated CVE-2022-29977

MISC libsixel — libsixel There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file. 2022-05-11 not yet calculated CVE-2022-29978

MISC simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_designation. 2022-05-12 not yet calculated CVE-2022-29979

MISC simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=user/manage_user&id=. 2022-05-12 not yet calculated CVE-2022-29980

MISC simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Users.php?f=delete. 2022-05-12 not yet calculated CVE-2022-29981

MISC simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/maintenance/manage_service.php?id=. 2022-05-12 not yet calculated CVE-2022-29982

MISC simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/view_invoice&id=. 2022-05-12 not yet calculated CVE-2022-29983

MISC simple_client_management_system — simple_client_management_system Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=client/view_client&id=. 2022-05-12 not yet calculated CVE-2022-29984

MISC online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via scbsclassesMaster.php?f=delete_category. 2022-05-12 not yet calculated CVE-2022-29985

MISC online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via scbsclassesMaster.php?f=delete_facility. 2022-05-12 not yet calculated CVE-2022-29986

MISC online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=user/manage_user&id=. 2022-05-12 not yet calculated CVE-2022-29987

MISC online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via scbsclassesMaster.php?f=delete. 2022-05-12 not yet calculated CVE-2022-29988

MISC online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via scbsclassesMaster.php?f=delete_booking. 2022-05-12 not yet calculated CVE-2022-29989

MISC online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/view_category.php?id=. 2022-05-12 not yet calculated CVE-2022-29990

MISC online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/manage_category.php?id=. 2022-05-12 not yet calculated CVE-2022-29992

MISC online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/bookings/view_booking.php?id=. 2022-05-12 not yet calculated CVE-2022-29993

MISC online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=facilities/manage_facility&id=. 2022-05-12 not yet calculated CVE-2022-29994

MISC online_sports_complex_booking_system — online_sports_complex_booking_system Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=clients/manage_client&id=. 2022-05-12 not yet calculated CVE-2022-29995

MISC insurance_management_system — insurance_management_system Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/clientStatus.php?client_id=. 2022-05-12 not yet calculated CVE-2022-29998

MISC insurance_management_system — insurance_management_system Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editClient.php?client_id=. 2022-05-12 not yet calculated CVE-2022-29999

MISC insurance_management_system — insurance_management_system Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editPayment.php?recipt_no=. 2022-05-12 not yet calculated CVE-2022-30000

MISC insurance_management_system — insurance_management_system Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editAgent.php?agent_id=. 2022-05-12 not yet calculated CVE-2022-30001

MISC insurance_management_system — insurance_management_system Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editNominee.php?nominee_id=. 2022-05-12 not yet calculated CVE-2022-30002

MISC tenda — ax1803

  Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / goform / setsystimecfg of / bin / tdhttpd in ubif file system, attackers can access http://ip/goform/SetSysTimeCfg, and by setting the ntpserve parameter, the stack buffer overflow can be caused to achieve the effect of router denial of service. 2022-05-11 not yet calculated CVE-2022-30040

MISC mingsoft — mcms Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/listExcludeApp URI via orderBy parameter. 2022-05-11 not yet calculated CVE-2022-30047

MISC mingsoft — mcms Mingsoft MCMS 5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/list URI via orderBy parameter. 2022-05-11 not yet calculated CVE-2022-30048

MISC shopwind — shopwind Shopwind <=v3.4.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability. 2022-05-11 not yet calculated CVE-2022-30057

MISC shopwind — shopwind Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Download vulnerability via the neirong parameter at backendcontrollersDbController.php. 2022-05-11 not yet calculated CVE-2022-30058

MISC shopwind — shopwind Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Delete vulnerability via the neirong parameter at backendcontrollersDbController.php. 2022-05-11 not yet calculated CVE-2022-30059

MISC ftcms — ftcms ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php 2022-05-11 not yet calculated CVE-2022-30060

MISC ftcms — ftcms ftcms <=2.1 was discovered to be vulnerable to directory traversal attacks via the parameter tp. 2022-05-11 not yet calculated CVE-2022-30061

MISC ftcms — ftcms ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Read via tp.php 2022-05-11 not yet calculated CVE-2022-30062

MISC ftcms — ftcms ftcms <=2.1 was discovered to be vulnerable to code execution attacks . 2022-05-11 not yet calculated CVE-2022-30063

MISC microsoft — visual_studio_code Visual Studio Code Remote Code Execution Vulnerability. 2022-05-10 not yet calculated CVE-2022-30129

MISC microsoft — .net_framework .NET Framework Denial of Service Vulnerability. 2022-05-10 not yet calculated CVE-2022-30130

MISC magnitude — simba_amazon_redshift_jdbc_driver An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Athena JDBC Driver 2.0.25 through 2.0.28 may allow a local user to execute code. NOTE: this is different from CVE-2022-29971. 2022-05-09 not yet calculated CVE-2022-30239

CONFIRM

MISC magnitude — simba_amazon_redshift_jdbc_driver An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift JDBC Driver 1.2.40 through 1.2.55 may allow a local user to execute code. NOTE: this is different from CVE-2022-29972. 2022-05-09 not yet calculated CVE-2022-30240

CONFIRM

MISC black_duck — black_duck_hub

  A vulnerability in Black Duck Hub’s embedded MadCap Flare documentation files could allow an unauthenticated remote attacker to conduct a cross-site scripting attack. The vulnerability is due to improper validation of user-supplied input to MadCap Flare’s framework embedded within Black Duck Hub’s Help Documentation to supply content. An attacker could exploit this vulnerability by convincing a user to click a link designed to pass malicious input to the interface. A successful exploit could allow the attacker to conduct cross-site scripting attacks and gain access to sensitive browser-based information. 2022-05-10 not yet calculated CVE-2022-30278

MISC stormshield — network_security

  An issue was discovered in Stormshield Network Security (SNS) 4.3.x before 4.3.8. The event logging of the ASQ sofbus lacbus plugin triggers the dereferencing of a NULL pointer, leading to a crash of SNS. An attacker could exploit this vulnerability via forged sofbus lacbus traffic to cause a firmware crash. 2022-05-12 not yet calculated CVE-2022-30279

MISC pyscript — pyscriptjs

  pyscriptjs (aka PyScript Demonstrator) in PyScript through 2022-05-04 allows a remote user to read Python source code. 2022-05-09 not yet calculated CVE-2022-30286

MISC

MISC

MISC

MISC

MISC uclibc-ng — uclibc-ng

  uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable DNS transaction IDs that may lead to DNS cache poisoning. This is related to a reset of a value to 0x2. 2022-05-06 not yet calculated CVE-2022-30295

MISC

CERT-VN keepkey — keepkey_firmware

  In the KeepKey firmware before 7.3.2, the bootloader can be exploited in unusual situations in which the attacker has physical access, convinces the victim to install malicious firmware, or has unspecified other capabilities. lib/board/supervise.c mishandles svhandler_flash_* address range checks. If exploited, any installed malware could persist even after wiping the device and resetting the firmware. 2022-05-07 not yet calculated CVE-2022-30330

MISC

MISC rarlab — rarlab_unrar

  RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected. 2022-05-09 not yet calculated CVE-2022-30333

CONFIRM

MISC brave — brave

  Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises “Note that Private Windows with Tor Connectivity in Brave are just regular private windows that use Tor as a proxy. Brave does NOT implement most of the privacy protections from Tor Browser.” 2022-05-07 not yet calculated CVE-2022-30334

MISC

MISC

MISC

MISC bonanza — wealth_management_system

  Bonanza Wealth Management System (BWM) 7.3.2 allows SQL injection via the login form. Users who supply the application with a SQL injection payload in the User Name textbox could collect all passwords in encrypted format from the Microsoft SQL Server component. 2022-05-09 not yet calculated CVE-2022-30335

MISC

MISC

MISC air_cargo_management_system — air_cargo_management_system Air Cargo Management System v1.0 is vulnerable to file deletion via /acms/classes/Master.php?f=delete_img. 2022-05-13 not yet calculated CVE-2022-30367

MISC air_cargo_management_system — air_cargo_management_system Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo_type. 2022-05-13 not yet calculated CVE-2022-30370

MISC air_cargo_management_system — air_cargo_management_system Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/view_cargo_type.php?id=. 2022-05-13 not yet calculated CVE-2022-30371

MISC air_cargo_management_system — air_cargo_management_system Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo. 2022-05-13 not yet calculated CVE-2022-30372

MISC air_cargo_management_system — air_cargo_management_system Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/manage_cargo_type.php?id=. 2022-05-13 not yet calculated CVE-2022-30373

MISC air_cargo_management_system — air_cargo_management_system Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/?page=transactions/manage_transaction&id=. 2022-05-13 not yet calculated CVE-2022-30374

MISC sourcecodester — simple_social_networking_site Sourcecodester Simple Social Networking Site v1.0 is vulnerable to file deletion via /sns/classes/Master.php?f=delete_img. 2022-05-13 not yet calculated CVE-2022-30375

MISC sourcecodester — simple_social_networking_site Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/members/view_member.php?id=. 2022-05-13 not yet calculated CVE-2022-30376

MISC sourcecodester — simple_social_networking_site Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=posts/view_post&id=. 2022-05-13 not yet calculated CVE-2022-30378

MISC sourcecodester — simple_social_networking_site Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=user/manage_user&id=. 2022-05-13 not yet calculated CVE-2022-30379

MISC merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to file deletion via /vloggers_merch/classes/Master.php?f=delete_img. 2022-05-13 not yet calculated CVE-2022-30381

MISC merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_inventory. 2022-05-13 not yet calculated CVE-2022-30384

MISC merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_order. 2022-05-13 not yet calculated CVE-2022-30385

MISC merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_featured. 2022-05-13 not yet calculated CVE-2022-30386

MISC merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=pay_order. 2022-05-13 not yet calculated CVE-2022-30387

MISC merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_category. 2022-05-13 not yet calculated CVE-2022-30391

MISC merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_sub_category. 2022-05-13 not yet calculated CVE-2022-30392

MISC merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=product/manage_product&id=. 2022-05-13 not yet calculated CVE-2022-30393

MISC merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_cart. 2022-05-13 not yet calculated CVE-2022-30395

MISC merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=inventory/manage_inventory&id=. 2022-05-13 not yet calculated CVE-2022-30396

MISC merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=orders/view_order&id=. 2022-05-13 not yet calculated CVE-2022-30398

MISC merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_category&id=. 2022-05-13 not yet calculated CVE-2022-30399

MISC merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/orders/view_order.php?view=user&id=. 2022-05-13 not yet calculated CVE-2022-30400

MISC merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=view_product&id=. 2022-05-13 not yet calculated CVE-2022-30401

MISC merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_sub_category&id=. 2022-05-13 not yet calculated CVE-2022-30402

MISC merchandise_online_store — merchandise_online_store  Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=products&c=. 2022-05-13 not yet calculated CVE-2022-30403

MISC college_management_system — college_management_system College Management System v1.0 is vulnerable to SQL Injection via /College_Management_System/admin/display-teacher.php?teacher_id=. 2022-05-13 not yet calculated CVE-2022-30404

MISC pharmacy_sales_and_inventory_system — pharmacy_sales_and_inventory_system Pharmacy Sales And Inventory System v1.0 is vulnerable to SQL Injection via /pharmacy-sales-and-inventory-system/manage_user.php?id=. 2022-05-13 not yet calculated CVE-2022-30407

MISC covid-19_travel_pass_management_system — covid-19_travel_pass_management_system Covid-19 Travel Pass Management System v1.0 is vulnerable to file deletion via /ctpms/classes/Master.php?f=delete_img. 2022-05-13 not yet calculated CVE-2022-30408

MISC covid-19_travel_pass_management_system — covid-19_travel_pass_management_system Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=individuals/view_individual&id=. 2022-05-13 not yet calculated CVE-2022-30411

MISC covid-19_travel_pass_management_system — covid-19_travel_pass_management_system Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/individuals/update_status.php?id=. 2022-05-13 not yet calculated CVE-2022-30412

MISC covid-19_travel_pass_management_system — covid-19_travel_pass_management_system Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master.php?f=delete_application. 2022-05-13 not yet calculated CVE-2022-30413

MISC covid-19_travel_pass_management_system — covid-19_travel_pass_management_system Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=applications/view_application&id=. 2022-05-13 not yet calculated CVE-2022-30414

MISC covid-19_travel_pass_management_system — covid-19_travel_pass_management_system Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/applications/update_status.php?id=. 2022-05-13 not yet calculated CVE-2022-30415

MISC covid-19_travel_pass_management_system — covid-19_travel_pass_management_system Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via ctpms/admin/?page=user/manage_user&id=. 2022-05-13 not yet calculated CVE-2022-30417

MISC php — hospital_management_system Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a File upload vulnerability in treatmentrecord.php. 2022-05-11 not yet calculated CVE-2022-30448

MISC php — hospital_management_system Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in room.php. 2022-05-11 not yet calculated CVE-2022-30449

MISC waimairencms — waimairencms A Remote Code Execution (RCE) vulnerability exists in waimairen 9.1 via wx.php 2022-05-11 not yet calculated CVE-2022-30450

MISC waimairencms — waimairencms An authenticated user could execute code via a SQLi vulnerability in waimairenCMS before version 9.1. 2022-05-11 not yet calculated CVE-2022-30451

MISC shopwind — shopwind

  ShopWind <= v3.4.2 has a Sql injection vulnerability in Database.php 2022-05-11 not yet calculated CVE-2022-30452

MISC shopwind — shopwind

  ShopWind <= 3.4.2 has a RCE vulnerability in Database.php 2022-05-11 not yet calculated CVE-2022-30453

MISC wavlink — wavlink_wn535_g3

  WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi. 2022-05-13 not yet calculated CVE-2022-30489

MISC xpdf — textline_class

  There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It can be triggered by (for example) sending a crafted pdf file to the pdftotext binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. 2022-05-09 not yet calculated CVE-2022-30524

MISC zyxel — usg_flex

  A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versions 4.60 through 5.21 Patch 1, which could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device. 2022-05-12 not yet calculated CVE-2022-30525

CONFIRM foxit — pdf_reader

  Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash because of Unsigned32 mishandling during JavaScript execution. 2022-05-11 not yet calculated CVE-2022-30557

MISC liblsquic — lsquic

  liblsquic/lsquic_qenc_hdl.c in LiteSpeed QUIC (aka LSQUIC) before 3.1.0 mishandles MAX_TABLE_CAPACITY. 2022-05-11 not yet calculated CVE-2022-30592

MISC

MISC linux — linux_kernel

  The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. 2022-05-12 not yet calculated CVE-2022-30594

MISC

MISC

MISC

MISC

Related News

Vulnerability Summary for the Week of November 21, 2022

airbnb — optica A remote code execution (RCE) vulnerability in Optica allows unauthenticated attackers to execute arbitrary code via specially…
TikTok Invisible Body Challenge Trend Abused to Drop Malware

TikTok Invisible Body Challenge Trend Abused to Drop Malware

The newest trend on TikTok, the Invisible Body Challenge, is being abused by cybercriminals to spread WASP info-stealing malware. This…
Acer Laptop Vulnerability Allows Malware Infection During Secure Boot

Acer Laptop Vulnerability Allows Malware Infection During Secure Boot

Cybersecurity firm ESET’s researchers have identified a vulnerability affecting Acer laptops. The bug isn’t new, as ESET already discovered it…