Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2022-06-20 CVE-2022-2128 Unrestricted Upload of File with Dangerous Type vulnerability in Trudesk Project Trudesk
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4.
network
low complexity
trudesk-project CWE-434
7.5
2022-06-20 CVE-2022-1905 SQL Injection vulnerability in E-Dynamics Events Made Easy
The Events Made Easy WordPress plugin before 2.2.81 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection
network
low complexity
e-dynamics CWE-89
7.5
2022-06-20 CVE-2021-45918 Out-of-bounds Write vulnerability in NHI Health Insurance web Service Component
NHI’s health insurance web service component has insufficient validation for input string length, which can result in heap-based buffer overflow attack.
network
low complexity
nhi CWE-787
7.8
2022-06-20 CVE-2022-2023 Improper Privilege Management vulnerability in Trudesk Project Trudesk
Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4.
network
low complexity
trudesk-project CWE-269
7.5
2022-06-19 CVE-2022-34005 Use of Hard-coded Credentials vulnerability in Southrivertech Titan FTP Server Nextgen
An issue was discovered in TitanFTP (aka Titan FTP) NextGen before 1.2.1050.
network
low complexity
southrivertech CWE-798
7.5
2022-06-19 CVE-2022-34006 Incorrect Permission Assignment for Critical Resource vulnerability in Southrivertech Titan FTP Server Nextgen
An issue was discovered in TitanFTP (aka Titan FTP) NextGen before 1.2.1050.
local
low complexity
southrivertech CWE-732
7.2
2022-06-17 CVE-2022-31874 Command Injection vulnerability in Asus Rt-N53 Firmware 3.0.0.4.376.3754
ASUS RT-N53 3.0.0.4.376.3754 has a command injection vulnerability in the SystemCmd parameter of the apply.cgi interface.
network
low complexity
asus CWE-77
7.5
2022-06-17 CVE-2022-31941 SQL Injection vulnerability in Rescue Dispatch Management System Project Rescue Dispatch Management System 1.0
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via \rdms\admin?page=user\manage_user&id=.
7.5
2022-06-17 CVE-2022-21806 Use After Free vulnerability in Anker Eufy Homebase 2 Firmware 2.1.8.5H
A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h.
network
low complexity
anker CWE-416
7.5
2022-06-17 CVE-2022-29496 Out-of-bounds Write vulnerability in Blynk Blynk-Library 1.0.1
A stack-based buffer overflow vulnerability exists in the BlynkConsole.h runCommand functionality of Blynk -Library v1.0.1.
network
low complexity
blynk CWE-787
7.5