Weekly Vulnerabilities Reports > April 4 to 10, 2022

Overview

426 new vulnerabilities reported during this period, including 78 critical vulnerabilities and 197 high severity vulnerabilities. This weekly summary report vulnerabilities in 318 products from 193 vendors including Google, Fortinet, Gitlab, Fedoraproject, and Debian. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "Use After Free", "Unrestricted Upload of File with Dangerous Type", and "SQL Injection".

  • 357 reported vulnerabilities are remotely exploitables.
  • 28 reported vulnerabilities have public exploit available.
  • 120 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 273 reported vulnerabilities are exploitable by an anonymous user.
  • Google has the most reported vulnerabilities, with 47 reported vulnerabilities.
  • Inhandnetworks has the most reported critical vulnerabilities, with 10 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

78 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-04-04 CVE-2022-0939 Janeczku Unspecified vulnerability in Janeczku Calibre-Web

Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18.

9.9
2022-04-10 CVE-2022-27126 Zbzcms SQL Injection vulnerability in Zbzcms 1.0

zbzcms v1.0 was discovered to contain a SQL injection vulnerability via the art parameter at /include/make.php.

9.8
2022-04-10 CVE-2022-27128 Zbzcms Unspecified vulnerability in Zbzcms 1.0

An incorrect access control issue at /admin/run_ajax.php in zbzcms v1.0 allows attackers to arbitrarily add administrator accounts.

9.8
2022-04-10 CVE-2022-27129 Zbzcms Unrestricted Upload of File with Dangerous Type vulnerability in Zbzcms 1.0

An arbitrary file upload vulnerability at /admin/ajax.php in zbzcms v1.0 allows attackers to execute arbitrary code via a crafted PHP file.

9.8
2022-04-10 CVE-2022-27131 Zbzcms Unrestricted Upload of File with Dangerous Type vulnerability in Zbzcms 1.0

An arbitrary file upload vulnerability at /zbzedit/php/zbz.php in zbzcms v1.0 allows attackers to execute arbitrary code via a crafted PHP file.

9.8
2022-04-10 CVE-2022-27268 Inhandnetworks OS Command Injection vulnerability in Inhandnetworks Inrouter 900 Firmware

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component get_cgi_from_memory.

9.8
2022-04-10 CVE-2022-27269 Inhandnetworks OS Command Injection vulnerability in Inhandnetworks Inrouter 900 Firmware

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component config_ovpn.

9.8
2022-04-10 CVE-2022-27270 Inhandnetworks OS Command Injection vulnerability in Inhandnetworks Inrouter 900 Firmware

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component ipsec_secrets.

9.8
2022-04-10 CVE-2022-27271 Inhandnetworks OS Command Injection vulnerability in Inhandnetworks Inrouter 900 Firmware

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component python-lib.

9.8
2022-04-10 CVE-2022-27272 Inhandnetworks OS Command Injection vulnerability in Inhandnetworks Inrouter 900 Firmware

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_1791C.

9.8
2022-04-10 CVE-2022-27273 Inhandnetworks OS Command Injection vulnerability in Inhandnetworks Inrouter 900 Firmware

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_12168.

9.8
2022-04-10 CVE-2022-27274 Inhandnetworks OS Command Injection vulnerability in Inhandnetworks Inrouter 900 Firmware

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_12028.

9.8
2022-04-10 CVE-2022-27275 Inhandnetworks OS Command Injection vulnerability in Inhandnetworks Inrouter 900 Firmware

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_122D0.

9.8
2022-04-10 CVE-2022-27276 Inhandnetworks OS Command Injection vulnerability in Inhandnetworks Inrouter 900 Firmware

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_10F2C.

9.8
2022-04-10 CVE-2022-27477 Newbee Mall Project Unrestricted Upload of File with Dangerous Type vulnerability in Newbee-Mall Project Newbee-Mall 1.0

Newbee-Mall v1.0.0 was discovered to contain an arbitrary file upload via the Upload function at /admin/goods/edit.

9.8
2022-04-10 CVE-2022-1286 Mruby Out-of-bounds Write vulnerability in Mruby

heap-buffer-overflow in mrb_vm_exec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2.

9.8
2022-04-10 CVE-2022-1276 Mruby Unspecified vulnerability in Mruby

Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2.

9.8
2022-04-09 CVE-2022-1287 School Club Application System Project Injection vulnerability in School Club Application System Project School Club Application System 1.0

A vulnerability classified as critical was found in School Club Application System 1.0.

9.8
2022-04-08 CVE-2021-36287 Dell OS Command Injection vulnerability in Dell EMC Unity Operating Environment

Dell VNX2 for file version 8.1.21.266 and earlier, contain an unauthenticated remote code execution vulnerability which may lead unauthenticated users to execute commands on the system.

9.8
2022-04-08 CVE-2022-26852 Dell Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Dell EMC Powerscale Onefs

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator.

9.8
2022-04-08 CVE-2022-26854 Dell Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell EMC Powerscale Onefs

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms.

9.8
2022-04-08 CVE-2021-43517 Foscam Unspecified vulnerability in Foscam Fi9805E Firmware 4.02.R12.00018510.10012.143900.00000

FOSCAM Camera FI9805E with firmware V4.02.R12.00018510.10012.143900.00000 contains a backdoor that opens Telnet port when special command is sent on port 9530.

9.8
2022-04-08 CVE-2022-27047 Moguit Unrestricted Upload of File with Dangerous Type vulnerability in Moguit Mogu Blog CMS 5.2

mogu_blog_cms 5.2 suffers from upload arbitrary files without any limitation.

9.8
2022-04-08 CVE-2022-27351 Phpgurukul Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul ZOO Management System 1.0

Zoo Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /public_html/apply_vacancy.

9.8
2022-04-08 CVE-2022-27357 Ecommerce Website Project Unrestricted Upload of File with Dangerous Type vulnerability in Ecommerce-Website Project Ecommerce-Website 1.0

Ecommerce-Website v1 was discovered to contain an arbitrary file upload vulnerability via /customer_register.php.

9.8
2022-04-08 CVE-2022-28001 Movie Seat Reservation Project SQL Injection vulnerability in Movie Seat Reservation Project Movie Seat Reservation 1.0

Movie Seat Reservation v1 was discovered to contain a SQL injection vulnerability at /index.php?page=reserve via the id parameter.

9.8
2022-04-07 CVE-2021-43474 Dlink Command Injection vulnerability in Dlink Dir-823G Firmware 1.02B05

An Access Control vulnerability exists in D-Link DIR-823G REVA1 1.02B05 (Lastest) via any parameter in the HNAP1 function

9.8
2022-04-07 CVE-2021-43453 Jerryscript Out-of-bounds Read vulnerability in Jerryscript

A Heap-based Buffer Overflow vulnerability exists in JerryScript 2.4.0 and prior versions via an out-of-bounds read in parser_parse_for_statement_start in the js-parser-statm.c file.

9.8
2022-04-07 CVE-2022-26612 Apache Link Following vulnerability in Apache Hadoop

In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes.

9.8
2022-04-07 CVE-2022-26676 Aenrich Incorrect Authorization vulnerability in Aenrich A+Hrd 6.8

aEnrich a+HRD has inadequate privilege restrictions, an unauthenticated remote attacker can use the API function to upload and execute malicious scripts to control the system or disrupt service.

9.8
2022-04-07 CVE-2021-43421 Std42 Unrestricted Upload of File with Dangerous Type vulnerability in Std42 Elfinder

A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code.

9.8
2022-04-07 CVE-2022-27022 Tenda Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21Cn

There is a stack overflow vulnerability in the SetSysTimeCfg() function in the httpd service of Tenda AC9 V15.03.2.21_cn.

9.8
2022-04-07 CVE-2022-27016 Tenda Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21Cn

There is a stack overflow vulnerability in the SetStaticRouteCfg() function in the httpd service of Tenda AC9 15.03.2.21_cn.

9.8
2022-04-07 CVE-2022-23900 Wavlink OS Command Injection vulnerability in Wavlink Wl-Wn531P3 Firmware M31G3.V5030.201204

A command injection vulnerability in the API of the Wavlink WL-WN531P3 router, version M31G3.V5030.201204, allows an attacker to achieve unauthorized remote code execution via a malicious POST request through /cgi-bin/adm.cgi.

9.8
2022-04-06 CVE-2020-22253 Xiongmaitech Unspecified vulnerability in Xiongmaitech products

Xiongmai Technology Co devices AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, and HI3518E_50H10L_S39 were all discovered to have port 9530 open which allows unauthenticated attackers to make arbitrary Telnet connections with the victim device.

9.8
2022-04-06 CVE-2022-26613 PHP CMS Project SQL Injection vulnerability in PHP-Cms Project PHP-Cms 1.0

PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability via the category parameter in categorymenu.php.

9.8
2022-04-06 CVE-2022-24786 Pjsip
Debian
PJSIP is a free and open source multimedia communication library written in C.
9.8
2022-04-06 CVE-2022-1253 Struktur Unspecified vulnerability in Struktur Libde265

Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8.

9.8
2022-04-06 CVE-2021-26112 Fortinet Out-of-bounds Write vulnerability in Fortinet Fortiwan

Multiple stack-based buffer overflow vulnerabilities [CWE-121] both in network daemons and in the command line interpreter of FortiWAN before 4.5.9 may allow an unauthenticated attacker to potentially corrupt control data in memory and execute arbitrary code via specifically crafted requests.

9.8
2022-04-06 CVE-2021-26114 Fortinet SQL Injection vulnerability in Fortinet Fortiwan

Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiWAN before 4.5.9 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

9.8
2022-04-05 CVE-2022-26628 Matrimony Project SQL Injection vulnerability in Matrimony Project Matrimony 1.0

Matrimony v1.0 was discovered to contain a SQL injection vulnerability via the Password parameter.

9.8
2022-04-05 CVE-2022-27123 Employee Performance Evaluation Project SQL Injection vulnerability in Employee Performance Evaluation Project Employee Performance Evaluation 1.0

Employee Performance Evaluation v1.0 was discovered to contain a SQL injection vulnerability via the email parameter.

9.8
2022-04-05 CVE-2022-27124 Insurance Management System Project SQL Injection vulnerability in Insurance Management System Project Insurance Management System 1.0

Insurance Management System 1.0 was discovered to contain a SQL injection vulnerability via the username parameter.

9.8
2022-04-05 CVE-2022-27304 Student Grading System Project SQL Injection vulnerability in Student Grading System Project Student Grading System 1.0

Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via the user parameter.

9.8
2022-04-05 CVE-2022-28115 Online Sports Complex Booking Project SQL Injection vulnerability in Online Sports Complex Booking Project Online Sports Complex Booking 1.0

Online Sports Complex Booking v1.0 was discovered to contain a SQL injection vulnerability via the id parameter.

9.8
2022-04-05 CVE-2022-28116 Online Banking System Project SQL Injection vulnerability in Online Banking System Project Online Banking System 1.0

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter.

9.8
2022-04-05 CVE-2022-28467 Online Student Admission Project SQL Injection vulnerability in Online Student Admission Project Online Student Admission 1.0

Online Student Admission v1.0 was discovered to contain a SQL injection vulnerability via the txtapplicationID parameter.

9.8
2022-04-05 CVE-2022-28468 Payroll Management System Project SQL Injection vulnerability in Payroll Management System Project Payroll Management System 1.0

Payroll Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter.

9.8
2022-04-05 CVE-2022-28219 Zohocorp XXE vulnerability in Zohocorp Manageengine Adaudit Plus

Cewolf in Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution.

9.8
2022-04-05 CVE-2022-26635 PHP Unspecified vulnerability in PHP Memcached

PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection.

9.8
2022-04-05 CVE-2020-19229 Jeesite Deserialization of Untrusted Data vulnerability in Jeesite 1.2.7

Jeesite 1.2.7 uses the apache shiro version 1.2.3 affected by CVE-2016-4437.

9.8
2022-04-05 CVE-2021-28428 Horizontcms Project Unrestricted Upload of File with Dangerous Type vulnerability in Horizontcms Project Horizontcms 1.0.0

File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and *.hello files using the Media Files upload functionality.

9.8
2022-04-05 CVE-2021-30080 Beego Unspecified vulnerability in Beego

An issue was discovered in the route lookup process in beego before 1.12.11 that allows attackers to bypass access control.

9.8
2022-04-05 CVE-2021-41751 Jerryscript Classic Buffer Overflow vulnerability in Jerryscript

Buffer overflow vulnerability in file ecma-builtin-array-prototype.c:909 in function ecma_builtin_array_prototype_object_slice in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021.

9.8
2022-04-05 CVE-2021-41752 Jerryscript Uncontrolled Recursion vulnerability in Jerryscript

Stack overflow vulnerability in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021 due to an unbounded recursive call to the new opt() function.

9.8
2022-04-05 CVE-2022-1212 Mruby Unspecified vulnerability in Mruby

Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2.

9.8
2022-04-05 CVE-2021-33207 Softwareag Deserialization of Untrusted Data vulnerability in Softwareag Mashzone Nextgen 10.7

The HTTP client in MashZone NextGen through 10.7 GA deserializes untrusted data when it gets an HTTP response with a 570 status code.

9.8
2022-04-05 CVE-2022-24231 Simple Student Information System Project SQL Injection vulnerability in Simple Student Information System Project Simple Student Information System 1.0

Simple Student Information System v1.0 was discovered to contain a SQL injection vulnerability via add/Student.

9.8
2022-04-05 CVE-2022-26585 Mingsoft SQL Injection vulnerability in Mingsoft Mcms 5.2.7

Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability via /cms/content/list.

9.8
2022-04-04 CVE-2021-32980 Automationdirect Improper Authentication vulnerability in Automationdirect products

Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 does not protect against additional software programming connections.

9.8
2022-04-04 CVE-2021-32984 Automationdirect Improper Authentication vulnerability in Automationdirect products

All programming connections receive the same unlocked privileges, which can result in a privilege escalation.

9.8
2022-04-04 CVE-2021-32986 Automationdirect Incorrect Authorization vulnerability in Automationdirect products

After Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, the unlocked state does not timeout.

9.8
2022-04-04 CVE-2021-33008 Aveva Missing Authentication for Critical Function vulnerability in Aveva System Platform 2017/2020

AVEVA System Platform versions 2017 through 2020 R2 P01 does not perform any authentication for functionality that requires a provable user identity.

9.8
2022-04-04 CVE-2022-1162 Gitlab Use of Hard-coded Credentials vulnerability in Gitlab

A hardcoded password was set for accounts registered using an OmniAuth provider (e.g.

9.8
2022-04-04 CVE-2022-25569 Bettinivideo Use of Hard-coded Credentials vulnerability in Bettinivideo Sgsetup 4.3.0

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across installations, allowing unauthenticated attackers to login as root users via extracting a key from the software.

9.8
2022-04-05 CVE-2022-0452 Google Use After Free vulnerability in Google Chrome

Use after free in Safe Browsing in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

9.6
2022-04-05 CVE-2022-0466 Google Unspecified vulnerability in Google Chrome

Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.

9.6
2022-04-05 CVE-2022-0790 Google Use After Free vulnerability in Google Chrome

Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page.

9.6
2022-04-10 CVE-2022-27133 Zbzcms Unspecified vulnerability in Zbzcms 1.0

zbzcms v1.0 was discovered to contain an arbitrary file deletion vulnerability via /include/up.php.

9.1
2022-04-10 CVE-2022-27277 Inhandnetworks Path Traversal vulnerability in Inhandnetworks Inrouter 900 Firmware

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain an arbitrary file deletion vulnerability via the function sub_17C08.

9.1
2022-04-08 CVE-2021-36288 Dell Path Traversal vulnerability in Dell EMC Unity Operating Environment

Dell VNX2 for File version 8.1.21.266 and earlier, contain a path traversal vulnerability which may lead unauthenticated users to read/write restricted files

9.1
2022-04-08 CVE-2022-26851 Dell Use of Insufficiently Random Values vulnerability in Dell EMC Powerscale Onefs

Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability.

9.1
2022-04-08 CVE-2022-28805 LUA
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.

9.1
2022-04-07 CVE-2021-46419 Telesquare Unspecified vulnerability in Telesquare Tlr-2855Ks6 Firmware

An unauthorized file deletion vulnerability in Telesquare TLR-2855KS6 via DELETE method can allow deletion of system files and scripts.

9.1
2022-04-07 CVE-2022-27818 Waycrate Exposure of Resource to Wrong Sphere vulnerability in Waycrate Swhkd 1.1.5

SWHKD 1.1.5 unsafely uses the /tmp/swhkd.sock pathname.

9.1
2022-04-06 CVE-2022-23441 Fortinet Use of Hard-coded Credentials vulnerability in Fortinet Fortiedr

A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow an unauthenticated attacker on the network to disguise as and forge messages from other collectors.

9.1
2022-04-04 CVE-2022-0990 Janeczku Unspecified vulnerability in Janeczku Calibre-Web

Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18.

9.1
2022-04-04 CVE-2022-1165 Plugin Planet Unspecified vulnerability in Plugin-Planet Blackhole for BAD Bots

The Blackhole for Bad Bots WordPress plugin before 3.3.2 uses headers such as CF-CONNECTING-IP, CLIENT-IP etc to determine the IP address of requests hitting the blackhole URL, which allows them to be spoofed.

9.1

197 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-04-08 CVE-2022-26180 Qdpm Cross-Site Request Forgery (CSRF) vulnerability in Qdpm 9.2

qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/myAccount/update URI.

8.8
2022-04-08 CVE-2022-24428 Dell Improper Preservation of Permissions vulnerability in Dell EMC Powerscale Onefs

Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain an improper preservation of privileges.

8.8
2022-04-08 CVE-2020-4668 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3, and 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

8.8
2022-04-08 CVE-2021-40656 Libsixel Project Out-of-bounds Write vulnerability in Libsixel Project Libsixel

libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/quant.c:867.

8.8
2022-04-08 CVE-2021-41715 Libsixel Project Use After Free vulnerability in Libsixel Project Libsixel 1.10.0

libsixel 1.10.0 is vulnerable to Use after free in libsixel/src/dither.c:379.

8.8
2022-04-08 CVE-2022-27044 Libsixel Project Out-of-bounds Write vulnerability in Libsixel Project Libsixel 1.8.6

libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876.

8.8
2022-04-08 CVE-2022-27046 Libsixel Project Use After Free vulnerability in Libsixel Project Libsixel 1.8.6

libsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in libsixel/src/dither.c:388.

8.8
2022-04-08 CVE-2022-27064 Musical World Project Unrestricted Upload of File with Dangerous Type vulnerability in Musical World Project Musical World 1.0

Musical World v1 was discovered to contain an arbitrary file upload vulnerability via uploaded_songs.php.

8.8
2022-04-08 CVE-2022-27346 Ecommerce Website Project Unrestricted Upload of File with Dangerous Type vulnerability in Ecommerce-Website Project Ecommerce-Website 1.1.0

Ecommece-Website v1.1.0 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?slides.

8.8
2022-04-08 CVE-2022-27352 Simple House Rental System Project Unrestricted Upload of File with Dangerous Type vulnerability in Simple House Rental System Project Simple House Rental System 1.0

Simple House Rental System v1 was discovered to contain an arbitrary file upload vulnerability via /app/register.php.

8.8
2022-04-08 CVE-2022-27992 Phpgurukul SQL Injection vulnerability in PHPgurukul ZOO Management System 1.0

Zoo Management System v1.0 was discovered to contain a SQL injection vulnerability at /public_html/animals via the class_id parameter.

8.8
2022-04-08 CVE-2022-28000 CAR Rental System Project SQL Injection vulnerability in CAR Rental System Project CAR Rental System 1.0

Car Rental System v1.0 was discovered to contain a SQL injection vulnerability at /Car_Rental/booking.php via the id parameter.

8.8
2022-04-07 CVE-2021-36202 Johnsoncontrols Server-Side Request Forgery (SSRF) vulnerability in Johnsoncontrols products

Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature.

8.8
2022-04-07 CVE-2022-0935 Livehelperchat Improper Encoding or Escaping of Output vulnerability in Livehelperchat Live Helper Chat

Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97.

8.8
2022-04-07 CVE-2022-23972 Asus SQL Injection vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.45898

ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user input validation.

8.8
2022-04-07 CVE-2022-23973 Asus Out-of-bounds Write vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.45898

ASUS RT-AX56U’s user profile configuration function is vulnerable to stack-based buffer overflow due to insufficient validation for parameter length.

8.8
2022-04-07 CVE-2022-25596 Asus Out-of-bounds Write vulnerability in Asus Rt-Ac86U Firmware 3.0.0.4.386.45956

ASUS RT-AC56U’s configuration function has a heap-based buffer overflow vulnerability due to insufficient validation for the decryption parameter length, which allows an unauthenticated LAN attacker to execute arbitrary code, perform arbitrary operations and disrupt service.

8.8
2022-04-07 CVE-2022-25597 Asus Unspecified vulnerability in Asus Rt-Ac86U Firmware 3.0.0.4.386.45956

ASUS RT-AC86U’s LPD service has insufficient filtering for special characters in the user request, which allows an unauthenticated LAN attacker to perform command injection attack, execute arbitrary commands and disrupt or terminate service.

8.8
2022-04-07 CVE-2022-26670 Dlink OS Command Injection vulnerability in Dlink Dir-878 Firmware

D-Link DIR-878 has inadequate filtering for special characters in the webpage input field.

8.8
2022-04-07 CVE-2021-43430 Bigantsoft Unrestricted Upload of File with Dangerous Type vulnerability in Bigantsoft Bigant Office Messenger 5 5.6

An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via im_webserver, which could let a malicious user upload PHP Trojan files.

8.8
2022-04-07 CVE-2022-26627 Online Project Time Management System Project Unrestricted Upload of File with Dangerous Type vulnerability in Online Project Time Management System Project Online Project Time Management System 1.0

Online Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file.

8.8
2022-04-07 CVE-2020-27373 Drtrustusa OS Command Injection vulnerability in Drtrustusa Icheck Connect BP Monitor BP Testing 118 Firmware 1.2.1

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to Plain text command over BLE.

8.8
2022-04-07 CVE-2020-27376 Drtrustusa Missing Authentication for Critical Function vulnerability in Drtrustusa Icheck Connect BP Monitor BP Testing 118 Firmware 1.2.1

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing Authentication.

8.8
2022-04-06 CVE-2022-26605 Dascomsoft Unrestricted Upload of File with Dangerous Type vulnerability in Dascomsoft Eziosuite 2.0.7

eZiosuite v2.0.7 contains an authenticated arbitrary file upload via the Avatar upload functionality.

8.8
2022-04-06 CVE-2022-20763 Cisco Deserialization of Untrusted Data vulnerability in Cisco Webex Meetings Online Wbs42.2.11

A vulnerability in the login authorization components of Cisco Webex Meetings could allow an authenticated, remote attacker to inject arbitrary Java code.

8.8
2022-04-06 CVE-2021-26116 Fortinet OS Command Injection vulnerability in Fortinet Fortiauthenticator

An improper neutralization of special elements used in an OS command vulnerability in the command line interpreter of FortiAuthenticator before 6.3.1 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.

8.8
2022-04-06 CVE-2021-24009 Fortinet OS Command Injection vulnerability in Fortinet Fortiwan

Multiple improper neutralization of special elements used in an OS command vulnerabilities (CWE-78) in the Web GUI of FortiWAN before 4.5.9 may allow an authenticated attacker to execute arbitrary commands on the underlying system's shell via specifically crafted HTTP requests.

8.8
2022-04-06 CVE-2021-44169 Fortinet Improper Initialization vulnerability in Fortinet Forticlient

A improper initialization in Fortinet FortiClient (Windows) version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory.

8.8
2022-04-06 CVE-2022-26110 Wisc
Debian
An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x before 9.0.10, and 9.1.x before 9.6.0.
8.8
2022-04-05 CVE-2022-24780 Combodo Unspecified vulnerability in Combodo Itop

Combodo iTop is a web based IT Service Management tool.

8.8
2022-04-05 CVE-2022-24978 Zohocorp Insufficiently Protected Credentials vulnerability in Zohocorp Manageengine Adaudit Plus

Zoho ManageEngine ADAudit Plus before 7055 allows authenticated Privilege Escalation on Integrated products.

8.8
2022-04-05 CVE-2022-26630 Jellycms Unrestricted Upload of File with Dangerous Type vulnerability in Jellycms

Jellycms v3.8.1 and below was discovered to contain an arbitrary file upload vulnerability via \app.\admin\Controllers\db.php.

8.8
2022-04-05 CVE-2021-38834 Easy Mock Project Unspecified vulnerability in Easy-Mock Project Easy Mock

easy-mock v1.5.0-v1.6.0 allows remote attackers to bypass the vm2 sandbox and execute arbitrary system commands through special js code.

8.8
2022-04-05 CVE-2021-39114 Atlassian Code Injection vulnerability in Atlassian Confluence Data Center and Confluence Server

Affected versions of Atlassian Confluence Server and Data Center allow users with a valid account on a Confluence Data Center instance to execute arbitrary Java code or run arbitrary system commands by injecting an OGNL payload.

8.8
2022-04-05 CVE-2021-45891 Zauner Incorrect Resource Transfer Between Spheres vulnerability in Zauner ARC 4.2.0.4

An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4., that allows attackers to escalate privileges within the application, since all permission checks are done client-side, not server-side.

8.8
2022-04-05 CVE-2022-0453 Google Use After Free vulnerability in Google Chrome

Use after free in Reader Mode in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0454 Google Out-of-bounds Write vulnerability in Google Chrome

Heap buffer overflow in ANGLE in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0456 Google Use After Free vulnerability in Google Chrome

Use after free in Web Search in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via profile destruction.

8.8
2022-04-05 CVE-2022-0457 Google Type Confusion vulnerability in Google Chrome

Type confusion in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0458 Google Use After Free vulnerability in Google Chrome

Use after free in Thumbnail Tab Strip in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0459 Google Use After Free vulnerability in Google Chrome

Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0460 Google Use After Free vulnerability in Google Chrome

Use after free in Window Dialogue in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0463 Google Use After Free vulnerability in Google Chrome

Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.

8.8
2022-04-05 CVE-2022-0464 Google Use After Free vulnerability in Google Chrome

Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.

8.8
2022-04-05 CVE-2022-0465 Google Use After Free vulnerability in Google Chrome

Use after free in Extensions in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via user interaction.

8.8
2022-04-05 CVE-2022-0467 Google Unspecified vulnerability in Google Chrome

Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0468 Google Use After Free vulnerability in Google Chrome

Use after free in Payments in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0469 Google Use After Free vulnerability in Google Chrome

Use after free in Cast in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific interactions to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0470 Google Out-of-bounds Write vulnerability in Google Chrome

Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0789 Google Out-of-bounds Write vulnerability in Google Chrome

Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0791 Google Use After Free vulnerability in Google Chrome

Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.

8.8
2022-04-05 CVE-2022-0793 Google Use After Free vulnerability in Google Chrome

Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted Chrome Extension.

8.8
2022-04-05 CVE-2022-0794 Google Use After Free vulnerability in Google Chrome

Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0795 Google Type Confusion vulnerability in Google Chrome

Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0796 Google Use After Free vulnerability in Google Chrome

Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0797 Google Out-of-bounds Write vulnerability in Google Chrome

Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0798 Google Use After Free vulnerability in Google Chrome

Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

8.8
2022-04-05 CVE-2022-0799 Google Link Following vulnerability in Google Chrome

Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file.

8.8
2022-04-05 CVE-2022-0800 Google Out-of-bounds Write vulnerability in Google Chrome

Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0805 Google Use After Free vulnerability in Google Chrome

Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.

8.8
2022-04-05 CVE-2022-0808 Google Use After Free vulnerability in Google Chrome

Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions.

8.8
2022-04-05 CVE-2022-0809 Google Out-of-bounds Write vulnerability in Google Chrome

Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0603 Google Use After Free vulnerability in Google Chrome

Use after free in File Manager in Google Chrome on Chrome OS prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0604 Google Out-of-bounds Write vulnerability in Google Chrome

Heap buffer overflow in Tab Groups in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0605 Google Use After Free vulnerability in Google Chrome

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0606 Google Use After Free vulnerability in Google Chrome

Use after free in ANGLE in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0607 Google Use After Free vulnerability in Google Chrome

Use after free in GPU in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0608 Google Integer Overflow or Wraparound vulnerability in Google Chrome

Integer overflow in Mojo in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0609 Google Use After Free vulnerability in Google Chrome

Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-0610 Google Out-of-bounds Write vulnerability in Google Chrome

Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-04-05 CVE-2022-23732 Github Path Traversal vulnerability in Github Enterprise Server

A path traversal vulnerability was identified in GitHub Enterprise Server management console that allowed the bypass of CSRF protections.

8.8
2022-04-04 CVE-2021-43464 Intelliants Unspecified vulnerability in Intelliants Subrion CMS 4.2.1

A Remiote Code Execution (RCE) vulnerability exiss in Subrion CMS 4.2.1 via modified code in a background field; when the information is modified, the data in it will be executed through eval().

8.8
2022-04-04 CVE-2022-27435 Ecommerce Website Project Unrestricted Upload of File with Dangerous Type vulnerability in Ecommerce-Website Project Ecommerce-Website 1.1.0

An unrestricted file upload at /public/admin/index.php?add_product of Ecommerce-Website v1.1.0 allows attackers to upload a webshell via the Product Image component.

8.8
2022-04-04 CVE-2022-28062 Online CAR Rental System Project Unrestricted Upload of File with Dangerous Type vulnerability in Online CAR Rental System Project Online CAR Rental System 1.0

Car Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component which allows attackers to upload a webshell and execute arbitrary code.

8.8
2022-04-04 CVE-2021-36775 Rancher Unspecified vulnerability in Rancher

a Improper Access Control vulnerability in SUSE Rancher allows users to keep privileges that should have been revoked.

8.8
2022-04-04 CVE-2021-36776 Rancher Unspecified vulnerability in Rancher

A Improper Access Control vulnerability in SUSE Rancher allows remote attackers impersonate arbitrary users.

8.8
2022-04-04 CVE-2022-1026 Kyocera Insufficiently Protected Credentials vulnerability in Kyocera NET Viewer 2S01000.005.0012S52000.002.505

Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function.

8.6
2022-04-05 CVE-2022-1235 Livehelperchat Unspecified vulnerability in Livehelperchat Live Helper Chat

Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96.

8.2
2022-04-08 CVE-2022-24821 Xwiki Unspecified vulnerability in Xwiki

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.

8.1
2022-04-07 CVE-2022-23970 Asus Path Traversal vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.45898

ASUS RT-AX56U’s update_json function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter.

8.1
2022-04-07 CVE-2022-23971 Asus Path Traversal vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.45898

ASUS RT-AX56U’s update_PLC/PORT file has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter.

8.1
2022-04-07 CVE-2021-46416 SMA Authorization Bypass Through User-Controlled Key vulnerability in SMA Sunny Tripower Firmware 3.10.16.R

Insecure direct object reference in SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R leads to unauthorized user groups accessing due to insecure cookie handling.

8.1
2022-04-06 CVE-2022-20774 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco products

A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based interface of an affected system.

8.1
2022-04-06 CVE-2021-45103 Wisc Information Exposure Through Log Files vulnerability in Wisc Htcondor

An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1.

8.1
2022-04-05 CVE-2021-41245 Combodo Unspecified vulnerability in Combodo Itop

Combodo iTop is a web based IT Service Management tool.

8.1
2022-04-05 CVE-2022-1213 Livehelperchat Unspecified vulnerability in Livehelperchat Live Helper Chat

SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v.

8.1
2022-04-04 CVE-2022-24801 Twisted
Debian
Fedoraproject
Oracle
Twisted is an event-based framework for internet applications, supporting Python 3.6+.
8.1
2022-04-04 CVE-2022-0403 Wpjos Unspecified vulnerability in Wpjos Library File Manager

The Library File Manager WordPress plugin before 5.2.3 is using an outdated version of the elFinder library, which is know to be affected by security issues (CVE-2021-32682), and does not have any authorisation as well as CSRF checks in its connector AJAX action, allowing any authenticated users, such as subscriber to call it.

8.1
2022-04-08 CVE-2021-43483 Claro Missing Authentication for Critical Function vulnerability in Claro Kaon Cg3000 Firmware 1.00.67

An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration, which could allow a malicious user to read or update the configuraiton without authentication.

8.0
2022-04-06 CVE-2021-22127 Fortinet OS Command Injection vulnerability in Fortinet Forticlient

An improper input validation vulnerability in FortiClient for Linux 6.4.x before 6.4.3, FortiClient for Linux 6.2.x before 6.2.9 may allow an unauthenticated attacker to execute arbitrary code on the host operating system as root via tricking the user into connecting to a network with a malicious name.

8.0
2022-04-08 CVE-2021-43515 Kimai Improper Neutralization of Formula Elements in a CSV File vulnerability in Kimai

CSV Injection (aka Excel Macro Injection or Formula Injection) exists in creating new timesheet in Kimai.

7.8
2022-04-07 CVE-2022-22516 Codesys Unspecified vulnerability in Codesys products

The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system user to read and write within restricted memory space.

7.8
2022-04-06 CVE-2022-20762 Cisco Unspecified vulnerability in Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure 2020.02.2.0/2020.02.7.0

A vulnerability in the Common Execution Environment (CEE) ConfD CLI of Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure (SMI) software could allow an authenticated, local attacker to escalate privileges on an affected device.

7.8
2022-04-06 CVE-2021-43138 Async Project
Fedoraproject
In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.
7.8
2022-04-06 CVE-2021-26104 Fortinet OS Command Injection vulnerability in Fortinet Fortianalyzer, Fortimanager and Fortiportal

Multiple OS command injection (CWE-78) vulnerabilities in the command line interface of FortiManager 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x and 5.6.x, FortiAnalyzer 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x and 5.6.x, and FortiPortal 5.2.5 and below, 5.3.5 and below and 6.0.4 and below may allow a local authenticated and unprivileged user to execute arbitrary shell commands as root via specifically crafted CLI command parameters.

7.8
2022-04-06 CVE-2022-1240 Radare Out-of-bounds Write vulnerability in Radare Radare2

Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6.

7.8
2022-04-06 CVE-2022-1237 Radare Unspecified vulnerability in Radare Radare2

Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8.

7.8
2022-04-06 CVE-2022-1238 Radare Unspecified vulnerability in Radare Radare2

Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8.

7.8
2022-04-06 CVE-2022-23440 Fortinet Use of Hard-coded Credentials vulnerability in Fortinet Fortiedr

A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow a local attacker to disable and uninstall the collectors from the end-points within the same deployment.

7.8
2022-04-06 CVE-2022-26250 Synametrics Incorrect Permission Assignment for Critical Resource vulnerability in Synametrics Synaman

Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate privileges.

7.8
2022-04-05 CVE-2021-27116 Beego Link Following vulnerability in Beego

An issue was discovered in file profile.go in function MemProf in beego through 2.0.2, allows attackers to launch symlink attacks locally.

7.8
2022-04-05 CVE-2021-27117 Beego Link Following vulnerability in Beego

An issue was discovered in file profile.go in function GetCPUProfile in beego through 2.0.2, allows attackers to launch symlink attacks locally.

7.8
2022-04-05 CVE-2022-26358 XEN
Debian
Fedoraproject
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi.
7.8
2022-04-05 CVE-2022-26359 XEN
Debian
Fedoraproject
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi.
7.8
2022-04-05 CVE-2022-26360 XEN
Debian
Fedoraproject
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi.
7.8
2022-04-05 CVE-2022-26361 XEN
Debian
Fedoraproject
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi.
7.8
2022-04-05 CVE-2022-23909 Gimmal Unquoted Search Path or Element vulnerability in Gimmal Sherpa Connector Service 2020.2.20328.2050

There is an unquoted service path in Sherpa Connector Service (SherpaConnectorService.exe) 2020.2.20328.2050.

7.8
2022-04-04 CVE-2022-23699 HP Unspecified vulnerability in HP Oneview

A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6.

7.8
2022-04-04 CVE-2021-43460 Systemexplorer Unquoted Search Path or Element vulnerability in Systemexplorer System Explorer 7.0.0

An Unquoted Service Path vulnerability exists in System Explorer 7.0.0 via via a specially crafted file in the SystemExplorerHelpService service executable path.

7.8
2022-04-04 CVE-2021-43463 Ext2 File System Driver Project Unquoted Search Path or Element vulnerability in Ext2 File System Driver Project Ext2 File System Driver 0.68

An Unquoted Service Path vulnerability exists in Ext2Fsd v0.68 via a specially crafted file in the Ext2Srv Service executable service path.

7.8
2022-04-04 CVE-2021-43454 Anytxt Unquoted Search Path or Element vulnerability in Anytxt Searcher 1.2.394

An Unquoted Service Path vulnerability exists in AnyTXT Searcher 1.2.394 via a specially crafted file in the ATService path.

7.8
2022-04-04 CVE-2021-43455 Freelan Unquoted Search Path or Element vulnerability in Freelan 2.2

An Unquoted Service Path vulnerability exists in FreeLAN 2.2 via a specially crafted file in the FreeLAN Service path.

7.8
2022-04-04 CVE-2021-43456 Rumble Mail Server Project Unquoted Search Path or Element vulnerability in Rumble Mail Server Project Rumble Mail Server 0.51.3135

An Unquoted Service Path vulnerablility exists in Rumble Mail Server 0.51.3135 via via a specially crafted file in the RumbleService executable service path.

7.8
2022-04-04 CVE-2021-43457 Bvpn Unquoted Search Path or Element vulnerability in Bvpn 2.5.1

An Unquoted Service Path vulnerability exists in bVPN 2.5.1 via a specially crafted file in the waselvpnserv service path.

7.8
2022-04-04 CVE-2021-43458 Vembu Unquoted Search Path or Element vulnerability in Vembu BDR Suite 4.2.0.1

An Unquoted Service Path vulnerability exits in Vembu BDR 4.2.0.1 via a specially crafted file in the (1) hsflowd, (2) VembuBDR360Agent, or (3) VembuOffice365Agent service paths.

7.8
2022-04-10 CVE-2022-27279 Inhandnetworks Path Traversal vulnerability in Inhandnetworks Inrouter 900 Firmware

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain an arbitrary file read via the function sub_177E0.

7.5
2022-04-10 CVE-2022-27286 Dlink Out-of-bounds Write vulnerability in Dlink Dir-619 AX Firmware 1.00

D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanNonLogin.

7.5
2022-04-10 CVE-2022-27287 Dlink Out-of-bounds Write vulnerability in Dlink Dir-619 AX Firmware 1.00

D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanPPPoE.

7.5
2022-04-10 CVE-2022-27288 Dlink Out-of-bounds Write vulnerability in Dlink Dir-619 Firmware 1.00

D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanPPTP.

7.5
2022-04-10 CVE-2022-27289 Dlink Out-of-bounds Write vulnerability in Dlink Dir-619 Firmware 1.00

D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanL2TP.

7.5
2022-04-10 CVE-2022-27290 Dlink Out-of-bounds Write vulnerability in Dlink Dir-619 Firmware 1.00

D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanDhcpplus.

7.5
2022-04-10 CVE-2022-27291 Dlink Out-of-bounds Write vulnerability in Dlink Dir-619 Firmware 1.00

D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formdumpeasysetup.

7.5
2022-04-10 CVE-2022-27292 Dlink Out-of-bounds Write vulnerability in Dlink Dir-619 Firmware 1.00

D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formLanguageChange.

7.5
2022-04-10 CVE-2022-27293 Dlink Out-of-bounds Write vulnerability in Dlink Dir-619 Firmware 1.00

D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formWlanSetup.

7.5
2022-04-10 CVE-2022-27294 Dlink Out-of-bounds Write vulnerability in Dlink Dir-619 Firmware 1.00

D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formWlanWizardSetup.

7.5
2022-04-10 CVE-2022-27295 Dlink Out-of-bounds Write vulnerability in Dlink Dir-619 Firmware 1.00

D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formAdvanceSetup.

7.5
2022-04-08 CVE-2021-43498 Atutor Weak Password Recovery Mechanism for Forgotten Password vulnerability in Atutor 2.2.4

An Access Control vulnerability exists in ATutor 2.2.4 in password_reminder.php when the g, id, h, form_password_hidden, and form_change HTTP POST parameters are set.

7.5
2022-04-08 CVE-2021-43521 Zlog Project Out-of-bounds Write vulnerability in Zlog Project Zlog 1.2.15

A Buffer Overflow vulnerability exists in zlog 1.2.15 via zlog_conf_build_with_file in src/zlog/src/conf.c.

7.5
2022-04-08 CVE-2022-1219 Pimcore Unspecified vulnerability in Pimcore

SQL injection in RecyclebinController.php in GitHub repository pimcore/pimcore prior to 10.3.5.

7.5
2022-04-08 CVE-2022-28002 Movie Seat Reservation Project Files or Directories Accessible to External Parties vulnerability in Movie Seat Reservation Project Movie Seat Reservation 1.0

Movie Seat Reservation v1 was discovered to contain an unauthenticated file disclosure vulnerability via /index.php?page=home.

7.5
2022-04-07 CVE-2022-0677 Bitdefender Unspecified vulnerability in Bitdefender Endpoint Security Tools, Gravityzone and Update Server

Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an attacker to cause a Denial-of-Service.

7.5
2022-04-07 CVE-2022-22517 Codesys Use of Insufficiently Random Values vulnerability in Codesys products

An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets.

7.5
2022-04-07 CVE-2022-22519 Codesys Unspecified vulnerability in Codesys products

A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system.

7.5
2022-04-07 CVE-2022-26675 Aenrich Path Traversal vulnerability in Aenrich A+Hrd 6.8

aEnrich a+HRD has inadequate filtering for special characters in URLs.

7.5
2022-04-07 CVE-2021-43429 Seagate Improper Locking vulnerability in Seagate Cortx-S3 Server 20211107

A Denial of Service vulnerability exists in CORTX-S3 Server as of 11/7/2021 via the mempool_destroy method due to a failture to release locks pool->lock.

7.5
2022-04-07 CVE-2021-46418 Telesquare Unspecified vulnerability in Telesquare Tlr-2855Ks6 Firmware

An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow creation of CGI scripts.

7.5
2022-04-07 CVE-2021-46417 Franklinfueling Path Traversal vulnerability in Franklinfueling Colibri Firmware 1.8.19.8580

Insecure handling of a download function leads to disclosure of internal files due to path traversal with root privileges in Franklin Fueling Systems Colibri Controller Module 1.8.19.8580.

7.5
2022-04-07 CVE-2020-27374 Drtrustusa Authentication Bypass by Capture-replay vulnerability in Drtrustusa Icheck Connect BP Monitor BP Testing 118 Firmware 1.2.1

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to a Replay Attack to BP Monitoring.

7.5
2022-04-06 CVE-2022-26591 Fantec Session Fixation vulnerability in Fantec Mwid25-Ds Firmware 2.000.030

FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows unauthenticated attackers to access and download arbitrary files via a crafted GET request.

7.5
2022-04-06 CVE-2022-20756 Cisco Unspecified vulnerability in Cisco Identity Services Engine

A vulnerability in the RADIUS feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS packets.

7.5
2022-04-06 CVE-2022-24822 Finn Unspecified vulnerability in Finn Podium Proxy

Podium is a library for building micro frontends.

7.5
2022-04-06 CVE-2021-26113 Fortinet Use of Password Hash With Insufficient Computational Effort vulnerability in Fortinet Fortiwan

A use of a one-way hash with a predictable salt vulnerability [CWE-760] in FortiWAN before 4.5.9 may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored.

7.5
2022-04-06 CVE-2022-24793 Pjsip
Debian
PJSIP is a free and open source multimedia communication library written in C.
7.5
2022-04-06 CVE-2021-30497 Ivanti Path Traversal vulnerability in Ivanti Avalanche 6.3.2

Ivanti Avalanche (Premise) 6.3.2 allows remote unauthenticated users to read arbitrary files via Absolute Path Traversal.

7.5
2022-04-06 CVE-2022-26952 Digi Out-of-bounds Write vulnerability in Digi Passport Firmware 1.5.1.1

Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow in the function for building the Location header string when an unauthenticated user is redirected to the authentication page.

7.5
2022-04-06 CVE-2022-26953 Digi Out-of-bounds Write vulnerability in Digi Passport Firmware 1.5.1.1

Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow.

7.5
2022-04-05 CVE-2022-23974 Apache Uncontrolled Recursion vulnerability in Apache Pinot

In 0.9.3 or older versions of Apache Pinot segment upload path allowed segment directories to be imported into pinot tables.

7.5
2022-04-05 CVE-2020-23349 Weibo Unspecified vulnerability in Weibo Android Software Development KIT 4.2.7

An intent redirection issue was doscovered in Sina Weibo Android SDK 4.2.7 (com.sina.weibo.sdk.share.WbShareTransActivity), any unexported Activities could be started by the com.sina.weibo.sdk.share.WbShareTransActivity.

7.5
2022-04-05 CVE-2022-24795 Yajl Ruby Project Unspecified vulnerability in Yajl-Ruby Project Yajl-Ruby

yajl-ruby is a C binding to the YAJL JSON parsing and generation library.

7.5
2022-04-05 CVE-2021-43008 Adminer
Debian
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database.
7.5
2022-04-05 CVE-2021-44108 Open5Gs NULL Pointer Dereference vulnerability in Open5Gs

A null pointer dereference in src/amf/namf-handler.c in Open5GS 2.3.6 and earlier allows remote attackers to Denial of Service via a crafted sbi request to amf.

7.5
2022-04-05 CVE-2021-44109 Open5Gs Out-of-bounds Write vulnerability in Open5Gs

A buffer overflow in lib/sbi/message.c in Open5GS 2.3.6 and earlier allows remote attackers to Denial of Service via a crafted sbi request.

7.5
2022-04-05 CVE-2021-45893 Zauner Improper Handling of Case Sensitivity vulnerability in Zauner ARC 4.2.0.4

An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4.

7.5
2022-04-05 CVE-2022-26281 Bigantsoft Incorrect Permission Assignment for Critical Resource vulnerability in Bigantsoft Bigant Server 5.6.06

BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue.

7.5
2022-04-05 CVE-2022-25584 Flexwatch Unspecified vulnerability in Flexwatch Fw3170-Ps-E Firmware 4.233000Gy

Seyeon Tech Co., Ltd FlexWATCH FW3170-PS-E Network Video System 4.23-3000_GY allows attackers to access sensitive information.

7.5
2022-04-05 CVE-2022-26619 Halo Unrestricted Upload of File with Dangerous Type vulnerability in Halo 1.4.17

Halo Blog CMS v1.4.17 was discovered to allow attackers to upload arbitrary files via the Attachment Upload function.

7.5
2022-04-04 CVE-2022-27442 Tpcms Project Information Exposure Through Log Files vulnerability in Tpcms Project Tpcms 3.2

TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information such as the administrator's user name and password.

7.5
2022-04-04 CVE-2021-32978 Automationdirect Insufficiently Protected Credentials vulnerability in Automationdirect products

The programming protocol allows for a previously entered password and lock state to be read by an attacker.

7.5
2022-04-04 CVE-2021-32982 Automationdirect Cleartext Transmission of Sensitive Information vulnerability in Automationdirect products

Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 passwords are sent as plaintext during unlocking and project transfers.

7.5
2022-04-04 CVE-2021-32994 Softing Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Softing OPC UA C++ Software Development KIT

Softing OPC UA C++ SDK (Software Development Kit) versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locations.

7.5
2022-04-04 CVE-2021-33010 Aveva Unspecified vulnerability in Aveva System Platform 2017/2020

An exception is thrown from a function in AVEVA System Platform versions 2017 through 2020 R2 P01, but it is not caught, which may cause a denial-of-service condition.

7.5
2022-04-04 CVE-2022-1174 Gitlab Improper Validation of Specified Quantity in Input vulnerability in Gitlab

A potential DoS vulnerability was discovered in Gitlab CE/EE versions 13.7 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 allowed an attacker to trigger high CPU usage via a special crafted input added in Issues, Merge requests, Milestones, Snippets, Wiki pages, etc.

7.5
2022-04-04 CVE-2022-23698 HP Unspecified vulnerability in HP Oneview

A remote unauthenticated disclosure of information vulnerability was discovered in HPE OneView version(s): Prior to 6.6.

7.5
2022-04-04 CVE-2022-27649 Podman Project
Redhat
Fedoraproject
Incorrect Default Permissions vulnerability in multiple products

A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions.

7.5
2022-04-04 CVE-2022-27650 Crun Project
Fedoraproject
Redhat
Incorrect Default Permissions vulnerability in multiple products

A flaw was found in crun where containers were incorrectly started with non-empty default permissions.

7.5
2022-04-04 CVE-2022-26572 Xerox Unspecified vulnerability in Xerox Colorqube 8580 Firmware

Xerox ColorQube 8580 was discovered to contain an access control issue which allows attackers to print, view the status, and obtain sensitive information.

7.5
2022-04-04 CVE-2022-24787 Vyperlang Incorrect Comparison vulnerability in Vyperlang Vyper

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine.

7.5
2022-04-04 CVE-2022-24785 Momentjs
Tenable
Netapp
Fedoraproject
Debian
Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates.
7.5
2022-04-04 CVE-2022-0709 Saasproject Unspecified vulnerability in Saasproject Booking Package

The Booking Package WordPress plugin before 1.5.29 requires a token for exporting the ical representation of it's booking calendar, but this token is returned in the json response to unauthenticated users performing a booking, leading to a sensitive data disclosure vulnerability.

7.5
2022-04-04 CVE-2021-44138 Caucho Path Traversal vulnerability in Caucho Resin

There is a Directory traversal vulnerability in Caucho Resin, as distributed in Resin 4.0.52 - 4.0.56, which allows remote attackers to read files in arbitrary directories via a ; in a pathname within an HTTP request.

7.5
2022-04-06 CVE-2021-45104 Wisc Cleartext Transmission of Sensitive Information vulnerability in Wisc Htcondor

An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1.

7.4
2022-04-05 CVE-2021-42324 Dcnglobal OS Command Injection vulnerability in Dcnglobal S4600-10P-Si Firmware

An issue was discovered on DCN (Digital China Networks) S4600-10P-SI devices before R0241.0470.

7.4
2022-04-09 CVE-2022-27883 Trendmicro Link Following vulnerability in Trendmicro Antivirus for mac

A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to privilege escalation.

7.3
2022-04-08 CVE-2022-22339 IBM Server-Side Request Forgery (SSRF) vulnerability in IBM Planning Analytics 2.0

IBM Planning Analytics 2.0 is vulnerable to server-side request forgery (SSRF).

7.3
2022-04-07 CVE-2022-26671 Secom Use of Hard-coded Credentials vulnerability in Secom Dr.Id Access Control and Dr.Id Attendance System

Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code.

7.3
2022-04-06 CVE-2022-1248 SAP Information System Project Missing Authentication for Critical Function vulnerability in SAP Information System Project SAP Information System 1.0

A vulnerability was found in SAP Information System 1.0 which has been rated as critical.

7.3
2022-04-05 CVE-2022-25154 Samsung Uncontrolled Search Path Element vulnerability in Samsung T5 Firmware

A DLL hijacking vulnerability in Samsung portable SSD T5 PC software before 1.6.9 could allow a local attacker to escalate privileges.

7.3
2022-04-08 CVE-2021-46367 Ritecms Unrestricted Upload of File with Dangerous Type vulnerability in Ritecms

RiteCMS version 3.1.0 and below suffers from a remote code execution vulnerability in the admin panel.

7.2
2022-04-08 CVE-2021-46436 Zzcms SQL Injection vulnerability in Zzcms 2021

An issue was discovered in ZZCMS 2021.

7.2
2022-04-08 CVE-2022-27061 Aerocms Project Unrestricted Upload of File with Dangerous Type vulnerability in Aerocms Project Aerocms 0.0.1

AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the Post Image function under the Admin panel.

7.2
2022-04-08 CVE-2022-27349 Socialcodia Unrestricted Upload of File with Dangerous Type vulnerability in Socialcodia Social Codia SMS 1.0

Social Codia SMS v1 was discovered to contain an arbitrary file upload vulnerability via addteacher.php.

7.2
2022-04-06 CVE-2022-26607 Baigo Unrestricted Upload of File with Dangerous Type vulnerability in Baigo CMS 3.0

A remote code execution (RCE) vulnerability in baigo CMS v3.0-alpha-2 was discovered to allow attackers to execute arbitrary code via uploading a crafted PHP file.

7.2
2022-04-06 CVE-2022-20754 Cisco Unspecified vulnerability in Cisco Telepresence Video Communication Server

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute arbitrary code on the underlying operating system of an affected device as the root user.

7.2
2022-04-06 CVE-2022-20755 Cisco Unspecified vulnerability in Cisco Telepresence Video Communication Server

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute arbitrary code on the underlying operating system of an affected device as the root user.

7.2
2022-04-06 CVE-2022-22410 IBM Unspecified vulnerability in IBM Watson Query

IBM Watson Query with Cloud Pak for Data as a Service could allow an authenticated user to obtain sensitive information that would allow them to examine or alter system configurations or data sources connected to the service.

7.2
2022-04-06 CVE-2022-26251 Synametrics Improper Privilege Management vulnerability in Synametrics Synaman

The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges.

7.2
2022-04-05 CVE-2022-26982 Simplemachines Code Injection vulnerability in Simplemachines Simple Machines Forum

SimpleMachinesForum 2.1.1 and earlier allows remote authenticated administrators to execute arbitrary code by inserting a vulnerable php code because the themes can be modified by an administrator.

7.2
2022-04-05 CVE-2022-26986 Impresscms SQL Injection vulnerability in Impresscms

SQL Injection in ImpressCMS 1.4.3 and earlier allows remote attackers to inject into the code in unintended way, this allows an attacker to read and modify the sensitive information from the database used by the application.

7.2
2022-04-04 CVE-2021-32977 Aveva Improper Verification of Cryptographic Signature vulnerability in Aveva System Platform 2017/2020

AVEVA System Platform versions 2017 through 2020 R2 P01 does not verify, or incorrectly verifies, the cryptographic signature for data.

7.2
2022-04-04 CVE-2021-32981 Aveva Path Traversal vulnerability in Aveva System Platform 2017/2020

AVEVA System Platform versions 2017 through 2020 R2 P01 uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

7.2
2022-04-04 CVE-2021-32985 Aveva Origin Validation Error vulnerability in Aveva System Platform 2017/2020

AVEVA System Platform versions 2017 through 2020 R2 P01 does not properly verify that the source of data or communication is valid.

7.2
2022-04-04 CVE-2020-28062 Hisiphp Unrestricted Upload of File with Dangerous Type vulnerability in Hisiphp 2.0.11

An Access Control vulnerability exists in HisiPHP 2.0.11 via special packets that are constructed in $files = Dir::getList($decompath.

7.2
2022-04-04 CVE-2022-0537 Mappresspro Unspecified vulnerability in Mappresspro Mappress

The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the DISALLOW_FILE_EDIT and DISALLOW_FILE_MODS settings and upload arbitrary files to the site through the "ajax_save" function.

7.2
2022-04-04 CVE-2022-0887 Cybernetikz Unspecified vulnerability in Cybernetikz Easy Social Icons

The Easy Social Icons WordPress plugin before 3.1.4 does not sanitize the selected_icons attribute to the cnss_widget before using it in an SQL statement, leading to a SQL injection vulnerability.

7.2
2022-04-07 CVE-2022-22514 Codesys Unspecified vulnerability in Codesys products

An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request.

7.1
2022-04-08 CVE-2022-28796 Linux
Redhat
Fedoraproject
Netapp
Race Condition vulnerability in multiple products

jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition.

7.0
2022-04-05 CVE-2022-26357 XEN
Debian
Fedoraproject
Race Condition vulnerability in multiple products

race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide.

7.0

150 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-04-07 CVE-2022-25338 Owncloud Unspecified vulnerability in Owncloud

ownCloud owncloud/android before 2.20 has Incorrect Access Control for physically proximate attackers.

6.8
2022-04-04 CVE-2022-27651 Buildah Project
Fedoraproject
Redhat
Incorrect Default Permissions vulnerability in multiple products

A flaw was found in buildah where containers were incorrectly started with non-empty default permissions.

6.8
2022-04-08 CVE-2021-36290 Dell Improper Privilege Management vulnerability in Dell EMC Unity Operating Environment

Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability.

6.7
2022-04-08 CVE-2021-36293 Dell Improper Privilege Management vulnerability in Dell EMC Unity Operating Environment

Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability.

6.7
2022-04-06 CVE-2022-20665 Cisco Command Injection vulnerability in Cisco Staros

A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device.

6.7
2022-04-10 CVE-2022-27127 Zbzcms SQL Injection vulnerability in Zbzcms 1.0

zbzcms v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php/ajax.php.

6.5
2022-04-10 CVE-2022-1289 Tildearrow Unspecified vulnerability in Tildearrow Furnace

A denial of service vulnerability was found in tildearrow Furnace.

6.5
2022-04-09 CVE-2022-26877 Asana Files or Directories Accessible to External Parties vulnerability in Asana Desktop

Asana Desktop before 1.6.0 allows remote attackers to exfiltrate local files if they can trick the Asana desktop app into loading a malicious web page.

6.5
2022-04-08 CVE-2022-26588 Icehrm Cross-Site Request Forgery (CSRF) vulnerability in Icehrm 31.0.0.Os

A Cross-Site Request Forgery (CSRF) in IceHrm 31.0.0.OS allows attackers to delete arbitrary users or achieve account takeover via the app/service.php URI.

6.5
2022-04-08 CVE-2022-27991 Online Banking System Project SQL Injection vulnerability in Online Banking System Project Online Banking System 1.0

Online Banking System in PHP v1 was discovered to contain multiple SQL injection vulnerabilities at /staff_login.php via the Staff ID and Staff Password parameters.

6.5
2022-04-07 CVE-2022-22513 Codesys Unspecified vulnerability in Codesys products

An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash.

6.5
2022-04-07 CVE-2022-25595 Asus Improper Input Validation vulnerability in Asus Rt-Ac86U Firmware 3.0.0.4.386.45956

ASUS RT-AC86U has improper user request handling, which allows an unauthenticated LAN attacker to cause a denial of service by sending particular request a server-to-client reply attempt.

6.5
2022-04-07 CVE-2020-27375 Drtrustusa Server-Side Request Forgery (SSRF) vulnerability in Drtrustusa Icheck Connect BP Monitor BP Testing 118 Firmware 1.2.1

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Transmitting Write Requests and Chars.

6.5
2022-04-06 CVE-2022-20782 Cisco Improper Privilege Management vulnerability in Cisco Identity Services Engine

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device.

6.5
2022-04-06 CVE-2021-41026 Fortinet Path Traversal vulnerability in Fortinet Fortiweb

A relative path traversal in FortiWeb versions 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow an authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.

6.5
2022-04-06 CVE-2021-32593 Fortinet Use of a Broken or Risky Cryptographic Algorithm vulnerability in Fortinet Fortiwan

A use of a broken or risky cryptographic algorithm vulnerability [CWE-327] in the Dynamic Tunnel Protocol of FortiWAN before 4.5.9 may allow an unauthenticated remote attacker to decrypt and forge protocol communication messages.

6.5
2022-04-06 CVE-2021-40375 Apperta Information Exposure vulnerability in Apperta Openeyes 3.5.1

Apperta Foundation OpenEyes 3.5.1 allows remote attackers to view the sensitive information of patients without having the intended level of privilege.

6.5
2022-04-05 CVE-2022-22356 IBM Information Exposure Through Discrepancy vulnerability in IBM MQ Appliance 9.2.0.0

IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an attacker to enumerate account credentials due to an observable discrepancy in valid and invalid login attempts.

6.5
2022-04-05 CVE-2022-1236 Weseek Unspecified vulnerability in Weseek Growi

Weak Password Requirements in GitHub repository weseek/growi prior to v5.0.0.

6.5
2022-04-05 CVE-2022-0455 Google Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Chrome

Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 98.0.4758.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

6.5
2022-04-05 CVE-2022-0461 Google Unspecified vulnerability in Google Chrome

Policy bypass in COOP in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to bypass iframe sandbox via a crafted HTML page.

6.5
2022-04-05 CVE-2022-0462 Google Unspecified vulnerability in Google Chrome

Inappropriate implementation in Scroll in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5
2022-04-05 CVE-2022-0792 Google Out-of-bounds Read vulnerability in Google Chrome

Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5
2022-04-05 CVE-2022-0802 Google Unspecified vulnerability in Google Chrome

Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page.

6.5
2022-04-05 CVE-2022-0803 Google Unspecified vulnerability in Google Chrome

Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page.

6.5
2022-04-05 CVE-2022-0804 Google Unspecified vulnerability in Google Chrome

Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page.

6.5
2022-04-05 CVE-2022-0806 Google Out-of-bounds Read vulnerability in Google Chrome

Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page.

6.5
2022-04-05 CVE-2022-0807 Google Unspecified vulnerability in Google Chrome

Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

6.5
2022-04-04 CVE-2022-1120 Gitlab Information Exposure Through an Error Message vulnerability in Gitlab

Missing filtering in an error message in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 exposed sensitive information when an include directive fails in the CI/CD configuration.

6.5
2022-04-04 CVE-2022-1148 Gitlab Reliance on Cookies without Validation and Integrity Checking vulnerability in Gitlab

Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11.5 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowed an attacker to steal a user's access token on an attacker-controlled private GitLab Pages website and reuse that token on the victim's other private websites

6.5
2022-04-04 CVE-2022-1185 Gitlab Out-of-bounds Write vulnerability in Gitlab

A denial of service vulnerability when rendering RDoc files in GitLab CE/EE versions 10 to 14.7.7, 14.8.0 to 14.8.5, and 14.9.0 to 14.9.2 allows an attacker to crash the GitLab web application with a maliciously crafted RDoc file

6.5
2022-04-04 CVE-2022-0404 Material Design FOR Contact Form 7 Project Missing Authorization vulnerability in Material Design for Contact Form 7 Project Material Design for Contact Form 7 2.6.4

The Material Design for Contact Form 7 WordPress plugin through 2.6.4 does not check authorization or that the option mentioned in the notice param belongs to the plugin when processing requests to the cf7md_dismiss_notice action, allowing any logged in user (with roles as low as Subscriber) to set arbitrary options to true, potentially leading to Denial of Service by breaking the site.

6.5
2022-04-04 CVE-2022-0830 Formbuilder Project Unspecified vulnerability in Formbuilder Project Formbuilder

The FormBuilder WordPress plugin through 1.08 does not have CSRF checks in place when creating/updating and deleting forms, and does not sanitise as well as escape its form field values.

6.5
2022-04-04 CVE-2022-1223 Phpipam Unspecified vulnerability in PHPipam

Incorrect Authorization in GitHub repository phpipam/phpipam prior to 1.4.6.

6.5
2022-04-04 CVE-2022-1224 Phpipam Incorrect Authorization vulnerability in PHPipam

Improper Authorization in GitHub repository phpipam/phpipam prior to 1.4.6.

6.5
2022-04-04 CVE-2022-1225 Phpipam Unspecified vulnerability in PHPipam

Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6.

6.5
2022-04-10 CVE-2022-27125 Zbzcms Cross-site Scripting vulnerability in Zbzcms 1.0

zbzcms v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the neirong parameter at /php/ajax.php.

6.1
2022-04-10 CVE-2022-27476 Newbee Mall Project Cross-site Scripting vulnerability in Newbee-Mall Project Newbee-Mall 1.0.0

A cross-site scripting (XSS) vulnerability at /admin/goods/update in Newbee-Mall v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the goodsName parameter.

6.1
2022-04-09 CVE-2022-1288 School Club Application System Project Cross-site Scripting vulnerability in School Club Application System Project School Club Application System 1.0

A vulnerability, which was classified as problematic, has been found in School Club Application System 1.0.

6.1
2022-04-09 CVE-2022-28363 Reprisesoftware Cross-site Scripting vulnerability in Reprisesoftware Reprise License Manager 14.2

Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/login_process username parameter via GET.

6.1
2022-04-08 CVE-2021-43009 Opservices Cross-site Scripting vulnerability in Opservices Opmon

A Cross Site Scripting (XSS) vulnerability exists in OpServices OpMon through 9.11 via the search parameter in the request URL.

6.1
2022-04-08 CVE-2022-24229 Onlyoffice Cross-site Scripting vulnerability in Onlyoffice Document Server

A cross-site scripting (XSS) vulnerability in ONLYOFFICE Document Server Example before v7.0.0 allows remote attackers inject arbitrary HTML or JavaScript through /example/editor.

6.1
2022-04-08 CVE-2022-26624 Ecommerce Codeigniter Bootstrap Project Cross-site Scripting vulnerability in Ecommerce Codeigniter Bootstrap Project Ecommerce Codeigniter Bootstrap

Bootstrap v3.1.11 and v3.3.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the Title parameter in /vendor/views/add_product.php.

6.1
2022-04-08 CVE-2022-27063 Aerocms Project Cross-site Scripting vulnerability in Aerocms Project Aerocms 0.0.1

AeroCMS v0.0.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability via view_all_comments.php.

6.1
2022-04-07 CVE-2022-24681 Zohocorp Cross-site Scripting vulnerability in Zohocorp Manageengine Adselfservice Plus

Zoho ManageEngine ADSelfService Plus before 6121 allows XSS via the welcome name attribute to the Reset Password, Unlock Account, or User Must Change Password screen.

6.1
2022-04-07 CVE-2021-43432 Exrick Cross-site Scripting vulnerability in Exrick Xmall 1.1

A Cross Site Scripting (XSS) vulnerability exists in Exrick XMall Admin Panel as of 11/7/2021 via the GET parameter in product-add.jsp.

6.1
2022-04-06 CVE-2021-32585 Fortinet Cross-site Scripting vulnerability in Fortinet Fortiwan

An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiWAN before 4.5.9 may allow an attacker to perform a stored cross-site scripting attack via specifically crafted HTTP requests.

6.1
2022-04-06 CVE-2022-1234 Livehelperchat Unspecified vulnerability in Livehelperchat Live Helper Chat

XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97.

6.1
2022-04-05 CVE-2022-27462 Wwbn Cross-site Scripting vulnerability in Wwbn Avideo

Cross Site Scripting (XSS) vulnerability in objects/function.php in function getDeviceID in WWBN AVideo through 11.6, via the yptDevice parameter to view/include/head.php.

6.1
2022-04-05 CVE-2022-27463 Wwbn Open Redirect vulnerability in Wwbn Avideo

Open redirect vulnerability in objects/login.json.php in WWBN AVideo through 11.6, allows attackers to arbitrarily redirect users from a crafted url to the login page.

6.1
2022-04-05 CVE-2022-1243 URI JS Project Unspecified vulnerability in Uri.Js Project Uri.Js

CRHTLF can lead to invalid protocol extraction potentially leading to XSS in GitHub repository medialize/uri.js prior to 1.19.11.

6.1
2022-04-04 CVE-2022-1175 Gitlab Cross-site Scripting vulnerability in Gitlab

Improper neutralization of user input in GitLab CE/EE versions 14.4 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 allowed an attacker to exploit XSS by injecting HTML in notes.

6.1
2022-04-04 CVE-2022-1233 URI JS Project Open Redirect vulnerability in Uri.Js Project Uri.Js

URL Confusion When Scheme Not Supplied in GitHub repository medialize/uri.js prior to 1.19.11.

6.1
2022-04-04 CVE-2022-23697 HP Cross-site Scripting vulnerability in HP Oneview

A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6.

6.1
2022-04-04 CVE-2022-24814 Rangerstudio Unspecified vulnerability in Rangerstudio Directus

Directus is a real-time API and App dashboard for managing SQL database content.

6.1
2022-04-04 CVE-2022-0431 Insights From Google Pagespeed Project Cross-site Scripting vulnerability in Insights From Google Pagespeed Project Insights From Google Pagespeed

The Insights from Google PageSpeed WordPress plugin before 4.0.4 does not sanitise and escape various parameters before outputting them back in attributes in the plugin's settings dashboard, leading to Reflected Cross-Site Scripting

6.1
2022-04-04 CVE-2022-0864 Updraftplus Unspecified vulnerability in Updraftplus

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.22.9 does not sanitise and escape the updraft_interval parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting (XSS) vulnerability.

6.1
2022-04-04 CVE-2022-0901 AD Inserter Project Unspecified vulnerability in AD Inserter Project AD Inserter

The Ad Inserter Free and Pro WordPress plugins before 2.7.12 do not sanitise and escape the REQUEST_URI before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters

6.1
2022-04-04 CVE-2022-1164 Wztechno Unspecified vulnerability in Wztechno Wyzi

The Wyzi Theme was affected by reflected XSS vulnerabilities in the business search feature

6.1
2022-04-04 CVE-2022-1167 Apusthemes Cross-site Scripting vulnerability in Apusthemes Careerup

There are unauthenticated reflected Cross-Site Scripting (XSS) vulnerabilities in CareerUp Careerup WordPress theme before 2.3.1, via the filter parameters.

6.1
2022-04-04 CVE-2022-1168 Eyecix Unspecified vulnerability in Eyecix Jobsearch WP JOB Board

There is a Cross-Site Scripting vulnerability in the JobSearch WP JobSearch WordPress plugin before 1.5.1.

6.1
2022-04-04 CVE-2022-1169 Eyecix Unspecified vulnerability in Eyecix Careerfy

There is a XSS vulnerability in Careerfy.

6.1
2022-04-04 CVE-2022-1170 Nootheme Unspecified vulnerability in Nootheme Jobmonster

In the Noo JobMonster WordPress theme before 4.5.2.9 JobMonster there is a XSS vulnerability as the input for the search form is provided through unsanitized GET requests.

6.1
2022-04-04 CVE-2022-26616 Public Knowledge Project Cross-site Scripting vulnerability in Public Knowledge Project Open Journal Systems

PKP Vendor Open Journal System v2.4.8 to v3.3.8 allows attackers to perform reflected cross-site scripting (XSS) attacks via crafted HTTP headers.

6.1
2022-04-04 CVE-2022-27608 Forcepoint Incorrect Authorization vulnerability in Forcepoint ONE Endpoint

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to registry key tampering by users with Administrator privileges.

6.0
2022-04-04 CVE-2022-27609 Forcepoint Incorrect Authorization vulnerability in Forcepoint ONE Endpoint

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide sufficient anti-tampering protection of services by users with Administrator privileges.

6.0
2022-04-05 CVE-2021-45892 Zauner Insufficiently Protected Credentials vulnerability in Zauner ARC 4.2.0.4

An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4.

5.9
2022-04-05 CVE-2021-45894 Zauner Cleartext Transmission of Sensitive Information vulnerability in Zauner ARC 4.2.0.4

An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4.

5.9
2022-04-08 CVE-2022-27152 Roku Unspecified vulnerability in Roku OS 9.4.0

Roku devices running RokuOS v9.4.0 build 4200 or earlier that uses a Realtek WiFi chip is vulnerable to Arbitrary file modification.

5.7
2022-04-05 CVE-2022-26356 XEN
Debian
Fedoraproject
Improper Locking vulnerability in multiple products

Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls.

5.6
2022-04-08 CVE-2022-26855 Dell Incorrect Default Permissions vulnerability in Dell EMC Powerscale Onefs

Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions vulnerability.

5.5
2022-04-08 CVE-2022-1284 Radare Use After Free vulnerability in Radare Radare2

heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8.

5.5
2022-04-08 CVE-2022-1283 Radare Unspecified vulnerability in Radare Radare2

NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8.

5.5
2022-04-08 CVE-2022-27145 Gpac Out-of-bounds Write vulnerability in Gpac

GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gf_isom_get_sample_for_movie_time of mp4box.

5.5
2022-04-08 CVE-2022-27146 Gpac Out-of-bounds Write vulnerability in Gpac

GPAC mp4box 1.1.0-DEV-rev1759-geb2d1e6dd-has a heap-buffer-overflow vulnerability in function gf_isom_apple_enum_tag.

5.5
2022-04-08 CVE-2022-27147 Gpac Use After Free vulnerability in Gpac

GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a use-after-free vulnerability in function gf_node_get_attribute_by_tag.

5.5
2022-04-08 CVE-2022-27148 Gpac Integer Overflow or Wraparound vulnerability in Gpac

GPAC mp4box 1.1.0-DEV-rev1663-g881c6a94a-master is vulnerable to Integer Overflow.

5.5
2022-04-07 CVE-2022-25339 Owncloud Unspecified vulnerability in Owncloud

ownCloud owncloud/android 2.20 has Incorrect Access Control for local attackers.

5.5
2022-04-05 CVE-2022-1244 Radare Unspecified vulnerability in Radare Radare2

heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5.6.8.

5.5
2022-04-05 CVE-2022-28651 Jetbrains Insufficiently Protected Credentials vulnerability in Jetbrains Intellij Idea

In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields

5.5
2022-04-04 CVE-2022-23700 HP Unspecified vulnerability in HP Oneview

A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s): Prior to 6.6.

5.5
2022-04-04 CVE-2022-24191 Htmldoc Project
Fedoraproject
Infinite Loop vulnerability in multiple products

In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow.

5.5
2022-04-04 CVE-2022-1222 Gpac Unspecified vulnerability in Gpac

Inf loop in GitHub repository gpac/gpac prior to 2.1.0-DEV.

5.5
2022-04-10 CVE-2022-27280 Inhandnetworks Cross-site Scripting vulnerability in Inhandnetworks Inrouter 900 Firmware

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the web_exec parameter at /apply.cgi.

5.4
2022-04-10 CVE-2022-27958 Febs Security Project Incorrect Default Permissions vulnerability in Febs-Security Project Febs-Security 1.0

Insecure permissions configured in the userid parameter at /user/getuserprofile of FEBS-Security v1.0 allows attackers to access and arbitrarily modify users' personal information.

5.4
2022-04-10 CVE-2022-27960 Ofcms Project Incorrect Default Permissions vulnerability in Ofcms Project Ofcms 1.1.4

Insecure permissions configured in the user_id parameter at SysUserController.java of OFCMS v1.1.4 allows attackers to access and arbitrarily modify users' personal information.

5.4
2022-04-10 CVE-2022-27961 Ofcms Project Cross-site Scripting vulnerability in Ofcms Project Ofcms 1.1.4

A cross-site scripting (XSS) vulnerability at /ofcms/company-c-47 in OFCMS v1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment text box.

5.4
2022-04-10 CVE-2022-1291 Tableexport Jquery Plugin Project Cross-site Scripting vulnerability in Tableexport.Jquery.Plugin Project Tableexport.Jquery.Plugin

XSS vulnerability with default `onCellHtmlData` function in GitHub repository hhurz/tableexport.jquery.plugin prior to 1.25.0.

5.4
2022-04-10 CVE-2022-1290 Trudesk Project Unspecified vulnerability in Trudesk Project Trudesk

Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0.

5.4
2022-04-09 CVE-2022-28364 Reprisesoftware Cross-site Scripting vulnerability in Reprisesoftware Reprise License Manager 14.2

Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/rlmswitchr_process file parameter via GET.

5.4
2022-04-06 CVE-2022-20741 Cisco Cross-site Scripting vulnerability in Cisco Secure Network Analytics

A vulnerability in the web-based management interface of the Network Diagrams application for Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.

5.4
2022-04-06 CVE-2022-20781 Cisco Cross-site Scripting vulnerability in Cisco Asyncos

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device.

5.4
2022-04-06 CVE-2022-27107 Orangehrm Cross-site Scripting vulnerability in Orangehrm 4.10

OrangeHRM 4.10 is vulnerable to Stored XSS in the "Share Video" section under "OrangeBuzz" via the GET/POST "createVideo[linkAddress]" parameter

5.4
2022-04-06 CVE-2022-27109 Orangehrm Open Redirect vulnerability in Orangehrm 4.10

OrangeHRM 4.10 suffers from a Referer header injection redirect vulnerability.

5.4
2022-04-06 CVE-2022-27110 Orangehrm Open Redirect vulnerability in Orangehrm 4.10

OrangeHRM 4.10 is vulnerable to a Host header injection redirect via viewPersonalDetails endpoint.

5.4
2022-04-06 CVE-2020-29013 Fortinet Improper Input Validation vulnerability in Fortinet Fortisandbox

An improper input validation vulnerability in the sniffer interface of FortiSandbox before 3.2.2 may allow an authenticated attacker to silently halt the sniffer via specifically crafted requests.

5.4
2022-04-06 CVE-2021-40374 Apperta Cross-site Scripting vulnerability in Apperta Openeye 3.5.1

A stored cross-site scripting (XSS) vulnerability was identified in Apperta Foundation OpenEyes 3.5.1.

5.4
2022-04-05 CVE-2022-24811 Combodo Unspecified vulnerability in Combodo Itop

Combodi iTop is a web based IT Service Management tool.

5.4
2022-04-05 CVE-2022-25373 Zohocorp Cross-site Scripting vulnerability in Zohocorp Manageengine Supportcenter Plus

Zoho ManageEngine SupportCenter Plus before 11020 allows Stored XSS in the request history.

5.4
2022-04-05 CVE-2022-28648 Jetbrains Cross-site Scripting vulnerability in Jetbrains Youtrack

In JetBrains YouTrack before 2022.1.43563 HTML code from the issue description was being rendered

5.4
2022-04-05 CVE-2022-28649 Jetbrains Improper Restriction of Rendered UI Layers or Frames vulnerability in Jetbrains Youtrack

In JetBrains YouTrack before 2022.1.43563 it was possible to include an iframe from a third-party domain in the issue description

5.4
2022-04-05 CVE-2022-28650 Jetbrains Cross-site Scripting vulnerability in Jetbrains Youtrack

In JetBrains YouTrack before 2022.1.43700 it was possible to inject JavaScript into Markdown in the YouTrack Classic UI

5.4
2022-04-05 CVE-2020-28847 Valine JS Cross-site Scripting vulnerability in Valine.Js Valine 1.4.14

Cross Site Scripting (XSS) vulnerability in xCss Valine v1.4.14 via the nick parameter to /classes/Comment.

5.4
2022-04-05 CVE-2022-0602 Tastyigniter Unspecified vulnerability in Tastyigniter

Cross-site Scripting (XSS) - DOM in GitHub repository tastyigniter/tastyigniter prior to 3.3.0.

5.4
2022-04-05 CVE-2022-26615 College Website Content Management System Project Cross-site Scripting vulnerability in College Website Content Management System Project College Website Content Management System 1.0

A cross-site scripting (XSS) vulnerability in College Website Content Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the User Profile Name text fields.

5.4
2022-04-04 CVE-2021-36826 Wedevs Unspecified vulnerability in Wedevs WP Project Manager

Authenticated (subscriber or higher user role if allowed to access projects) Stored Cross-Site Scripting (XSS) vulnerability in weDevs WP Project Manager plugin <= 2.4.13 versions.

5.4
2022-04-04 CVE-2021-36851 WEB Settler Cross-site Scripting vulnerability in Web-Settler Testimonial Slider

Authenticated (editor or higher user role) Cross-Site Scripting (XSS) vulnerability in Web-Settler Testimonial Slider – Free Testimonials Slider Plugin (WordPress plugin) via parameters mpsp_posts_bg_color, mpsp_posts_description_color, mpsp_slide_nav_button_color.

5.4
2022-04-04 CVE-2022-1190 Gitlab Cross-site Scripting vulnerability in Gitlab

Improper handling of user input in GitLab CE/EE versions 8.3 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowed an attacker to exploit a stored XSS by abusing multi-word milestone references in issue descriptions, comments, etc.

5.4
2022-04-04 CVE-2022-25613 Foliovision Cross-site Scripting vulnerability in Foliovision FV Flowplayer Video Player

Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in FV Flowplayer Video Player (WordPress plugin) versions <= 7.5.18.727 via &fv_wp_flowplayer_field_splash parameter.

5.4
2022-04-04 CVE-2021-25048 King Theme Unspecified vulnerability in King-Theme Kingcomposer 2.7.6/2.9.4

The KingComposer WordPress plugin through 2.9.6 does not have authorisation, CSRF and sanitisation/escaping when creating profile, allowing any authenticated users to create arbitrary ones, with Cross-Site Scripting payloads in them

5.4
2022-04-04 CVE-2021-25113 Dropdown Menu Widget Project Unspecified vulnerability in Dropdown Menu Widget Project Dropdown Menu Widget 1.9.7

The Dropdown Menu Widget WordPress plugin through 1.9.7 does not have authorisation and CSRF checks when saving its settings, allowing low privilege users such as subscriber to update them.

5.4
2022-04-04 CVE-2021-43459 Rumble Mail Server Project Cross-site Scripting vulnerability in Rumble Mail Server Project Rumble Mail Server 0.51.3135

A Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the (1) domain and (2) path parameters.

5.4
2022-04-04 CVE-2021-43461 Rumble Mail Server Project Cross-site Scripting vulnerability in Rumble Mail Server Project Rumble Mail Server 0.51.3135

Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the servername parameter.

5.4
2022-04-04 CVE-2021-43462 Rumble Mail Server Project Cross-site Scripting vulnerability in Rumble Mail Server Project Rumble Mail Server 0.51.3135

A Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the username parameter.

5.4
2022-04-04 CVE-2022-0825 TMS Outsource Unspecified vulnerability in Tms-Outsource Amelia

The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing appointments, allowing any customer to update other's booking status, as well as retrieve sensitive information about the bookings, such as the full name and phone number of the person who booked it.

5.4
2022-04-04 CVE-2022-0837 TMS Outsource Missing Authorization vulnerability in Tms-Outsource Amelia

The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia SMS service, allowing any customer to send paid test SMS notification as well as retrieve sensitive information about the admin, such as the email, account balance and payment history.

5.4
2022-04-04 CVE-2021-33616 RSA Cross-site Scripting vulnerability in RSA Archer

RSA Archer 6.x through 6.9 SP1 P4 (6.9.1.4) allows stored XSS.

5.4
2022-04-09 CVE-2022-28365 Reprisesoftware Forced Browsing vulnerability in Reprisesoftware Reprise License Manager 14.2

Reprise License Manager 14.2 is affected by an Information Disclosure vulnerability via a GET request to /goforms/rlminfo.

5.3
2022-04-08 CVE-2022-24819 Xwiki Unspecified vulnerability in Xwiki

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.

5.3
2022-04-08 CVE-2022-24820 Xwiki Missing Authentication for Critical Function vulnerability in Xwiki

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.

5.3
2022-04-07 CVE-2022-25594 Program Unspecified vulnerability in Program Parking LOT Management System 2.2.9.0518.11

Microprogram’s parking lot management system is vulnerable to sensitive information exposure.

5.3
2022-04-07 CVE-2022-27819 Waycrate Allocation of Resources Without Limits or Throttling vulnerability in Waycrate Swhkd 1.1.5

SWHKD 1.1.5 allows unsafe parsing via the -c option.

5.3
2022-04-06 CVE-2022-20675 Cisco Unspecified vulnerability in Cisco Asyncos

A vulnerability in the TCP/IP stack of Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Secure Email and Web Manager, formerly Security Management Appliance, could allow an unauthenticated, remote attacker to crash the Simple Network Management Protocol (SNMP) service, resulting in a denial of service (DoS) condition.

5.3
2022-04-06 CVE-2022-20784 Cisco Improper Input Validation vulnerability in Cisco web Security Appliance

A vulnerability in the Web-Based Reputation Score (WBRS) engine of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass established web request policies and access blocked content on an affected device.

5.3
2022-04-06 CVE-2021-43205 Fortinet Information Exposure vulnerability in Fortinet Forticlient

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Linux version 7.0.2 and below, 6.4.7 and below and 6.2.9 and below may allow an unauthenticated attacker to access the confighandler webserver via external binaries.

5.3
2022-04-05 CVE-2022-25245 Zohocorp Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Servicedesk Plus

Zoho ManageEngine ServiceDesk Plus before 13001 allows anyone to know the organisation's default currency name.

5.3
2022-04-05 CVE-2022-22355 IBM Unspecified vulnerability in IBM MQ Appliance 9.2.0.0

IBM MQ Appliance 9.2 CD and 9.2 LTS are vulnerable to a denial of service in the Login component of the application which could allow an attacker to cause a drop in performance.

5.3
2022-04-05 CVE-2022-25356 Altn XML Injection (aka Blind XPath Injection) vulnerability in Altn Securitygateway

Alt-N MDaemon Security Gateway through 8.5.0 allows SecurityGateway.dll?view=login XML Injection.

5.3
2022-04-04 CVE-2022-1121 Gitlab Allocation of Resources Without Limits or Throttling vulnerability in Gitlab

A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to cause unlimited resource consumption.

5.3
2022-04-04 CVE-2022-1188 Gitlab Server-Side Request Forgery (SSRF) vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 where a blind SSRF attack through the repository mirroring feature was possible.

5.3
2022-04-04 CVE-2022-24813 Miraheze Improper Authentication vulnerability in Miraheze Createwiki

CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis.

5.3
2022-04-04 CVE-2022-1166 Nootheme Unspecified vulnerability in Nootheme Jobmonster

The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/ folder, as it did not include a default PHP file, or .htaccess file.

5.3
2022-04-04 CVE-2022-28063 Simple Bakery Shop Management System Project Unspecified vulnerability in Simple Bakery Shop Management System Project Simple Bakery Shop Management System 1.0

Simple Bakery Shop Management System v1.0 contains a file disclosure via /bsms/?page=products.

4.9
2022-04-08 CVE-2021-46437 Zzcms Cross-site Scripting vulnerability in Zzcms 2021

An issue was discovered in ZZCMS 2021.

4.8
2022-04-08 CVE-2022-27062 Aerocms Project Cross-site Scripting vulnerability in Aerocms Project Aerocms 0.0.1

AeroCMS v0.0.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability via add_post.php.

4.8
2022-04-08 CVE-2022-27348 Socialcodia Cross-site Scripting vulnerability in Socialcodia Social Codia SMS 1.0

Social Codia SMS v1 was discovered to contain a stored cross-site scripting (XSS) vulnerability via add_post.php.

4.8
2022-04-04 CVE-2022-27441 Tpcms Project Cross-site Scripting vulnerability in Tpcms Project Tpcms 3.2

A stored cross-site scripting (XSS) vulnerability in TPCMS v3.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Phone text box.

4.8
2022-04-04 CVE-2022-25618 TMS Outsource Cross-site Scripting vulnerability in Tms-Outsource Wpdatatables Lite

Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpDataTables (WordPress plugin) versions <= 2.1.27

4.8
2022-04-04 CVE-2022-0884 Cozmoslabs Unspecified vulnerability in Cozmoslabs Profile Builder

The Profile Builder WordPress plugin before 3.6.8 does not sanitise and escape Form Fields titles and description, which could allow high privilege user such as admin to perform Criss-Site Scripting attacks even when unfiltered_html is disallowed

4.8
2022-04-04 CVE-2022-0958 Mark Posts Project Unspecified vulnerability in Mark Posts Project Mark Posts

The Mark Posts WordPress plugin before 2.0.1 does not escape new markers, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

4.8
2022-04-04 CVE-2022-27436 Ecommerce Website Project Cross-site Scripting vulnerability in Ecommerce-Website Project Ecommerce-Website 1.1.0

A cross-site scripting (XSS) vulnerability in /public/admin/index.php?add_user at Ecommerce-Website v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username text field.

4.8
2022-04-08 CVE-2022-22563 Dell Unspecified vulnerability in Dell EMC Powerscale Onefs

Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd.

4.4
2022-04-06 CVE-2022-23446 Fortinet Unspecified vulnerability in Fortinet Fortiedr

A improper control of a resource through its lifetime in Fortinet FortiEDR version 5.0.3 and earlier allows attacker to make the whole application unresponsive via changing its root directory access permission.

4.4
2022-04-06 CVE-2022-26850 Apache Exposure of Resource to Wrong Sphere vulnerability in Apache Nifi 1.14.0/1.15.0/1.15.3

When creating or updating credentials for single-user access, Apache NiFi wrote a copy of the Login Identity Providers configuration to the operating system temporary directory.

4.3
2022-04-06 CVE-2022-27108 Orangehrm Authorization Bypass Through User-Controlled Key vulnerability in Orangehrm 4.10

OrangeHRM 4.10 is vulnerable to Insecure Direct Object Reference (IDOR) via the end point symfony/web/index.php/time/createTimesheet`.

4.3
2022-04-04 CVE-2022-0740 Gitlab Incorrect Authorization vulnerability in Gitlab

Incorrect authorization in the Asana integration's branch restriction feature in all versions of GitLab CE/EE starting from version 7.8.0 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 makes it possible to close Asana tasks from unrestricted branches.

4.3
2022-04-04 CVE-2022-1099 Gitlab Resource Exhaustion vulnerability in Gitlab

Adding a very large number of tags to a runner in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to impact the performance of GitLab

4.3
2022-04-04 CVE-2022-1100 Gitlab Missing Release of Resource after Effective Lifetime vulnerability in Gitlab

A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions from 13.1 prior to 14.7.7, 14.8.0 prior to 14.8.5, and 14.9.0 prior to 14.9.2.

4.3
2022-04-04 CVE-2022-1105 Gitlab Unspecified vulnerability in Gitlab

An improper access control vulnerability in GitLab CE/EE affecting all versions from 13.11 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an unauthorized user to access pipeline analytics even when public pipelines are disabled

4.3
2022-04-04 CVE-2022-1189 Gitlab Unspecified vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.2 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 that allowed for an unauthorised user to read the the approval rules of a private project.

4.3

1 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-04-04 CVE-2022-1111 Gitlab Unspecified vulnerability in Gitlab

A business logic error in Project Import in GitLab CE/EE versions 14.9 prior to 14.9.2, 14.8 prior to 14.8.5, and 14.0 prior to 14.7.7 under certain conditions caused imported projects to show an incorrect user in the 'Access Granted' column in the project membership pages

2.7