Weekly Vulnerabilities Reports > April 25 to May 1, 2022
Overview
313 new vulnerabilities reported during this period, including 34 critical vulnerabilities and 76 high severity vulnerabilities. This weekly summary report vulnerabilities in 342 products from 201 vendors including IBM, Fedoraproject, Jetbrains, Debian, and Redhat. Vulnerabilities are notably categorized as "Cross-site Scripting", "Path Traversal", "SQL Injection", "Out-of-bounds Write", and "Cross-Site Request Forgery (CSRF)".
- 262 reported vulnerabilities are remotely exploitables.
- 130 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 198 reported vulnerabilities are exploitable by an anonymous user.
- IBM has the most reported vulnerabilities, with 19 reported vulnerabilities.
- Terra Master has the most reported critical vulnerabilities, with 3 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
34 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2022-04-26 | CVE-2022-29499 | Mitel | Improper Input Validation vulnerability in Mitel Mivoice Connect 19.1/21.84.5535.0/21.90.9743.0 The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation. | 10.0 |
2022-04-25 | CVE-2021-45840 | Terra Master | Unspecified vulnerability in Terra-Master TOS 4.2.152107141517 It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by sending specifically crafted input to /tos/index.php?app/app_start_stop. | 10.0 |
2022-04-30 | CVE-2021-42001 | Pingidentity | Unspecified vulnerability in Pingidentity Pingid Desktop PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. | 9.9 |
2022-05-01 | CVE-2022-21167 | Ldqk | Unspecified vulnerability in Ldqk Masuit.Tools All versions of package masuit.tools.core are vulnerable to Arbitrary Code Execution via the ReceiveVarData<T> function in the SocketClient.cs component. | 9.8 |
2022-05-01 | CVE-2022-24437 | GIT Pull OR Clone Project | Argument Injection or Modification vulnerability in Git-Pull-Or-Clone Project Git-Pull-Or-Clone The package git-pull-or-clone before 2.0.2 are vulnerable to Command Injection due to the use of the --upload-pack feature of git which is also supported for git clone. | 9.8 |
2022-04-29 | CVE-2022-28452 | Redplanetcomputers | SQL Injection vulnerability in Redplanetcomputers Laundry Management System 1.0 Red Planet Laundry Management System 1.0 is vulnerable to SQL Injection. | 9.8 |
2022-04-29 | CVE-2021-44596 | Wondershare | Unspecified vulnerability in Wondershare Dr.Fone 20211206 Wondershare LTD Dr. | 9.8 |
2022-04-29 | CVE-2022-1531 | RTX Project | SQL Injection vulnerability in RTX Project RTX SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint_2022-04-20 . | 9.8 |
2022-04-29 | CVE-2022-29906 | Mediawiki | Missing Authorization vulnerability in Mediawiki The admin API module in the QuizGame extension for MediaWiki through 1.37.2 (before 665e33a68f6fa1167df99c0aa18ed0157cdf9f66) omits a check for the quizadmin user. | 9.8 |
2022-04-28 | CVE-2022-24449 | RT Solar | Server-Side Request Forgery (SSRF) vulnerability in Rt-Solar Solar Appscreener 3.10.4 Solar appScreener through 3.10.4, when a valid license is not present, allows XXE and SSRF attacks via a crafted XML document. | 9.8 |
2022-04-28 | CVE-2022-29081 | Zohocorp | Path Traversal vulnerability in Zohocorp products Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360 before 5401 are vulnerable to access-control bypass on a few Rest API URLs (for SSOutAction. | 9.8 |
2022-04-28 | CVE-2022-29411 | Hermit Project | SQL Injection vulnerability in Hermit Project Hermit 3.1.6 SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers to execute SQLi attack via (&id). | 9.8 |
2022-04-28 | CVE-2021-41921 | Xxyopen | Unrestricted Upload of File with Dangerous Type vulnerability in Xxyopen Novel-Plus 3.6.1 novel-plus V3.6.1 allows unrestricted file uploads. | 9.8 |
2022-04-27 | CVE-2022-29859 | Amb1 SDK Project | Unspecified vulnerability in Amb1 SDK Project Amb1 SDK component/common/network/dhcp/dhcps.c in ambiot amb1_sdk (aka SDK for Ameba1) before 2022-03-11 mishandles data structures for DHCP packet data. | 9.8 |
2022-04-27 | CVE-2022-27336 | Seacms | Unspecified vulnerability in Seacms 11.6 Seacms v11.6 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/weixin.php. | 9.8 |
2022-04-27 | CVE-2021-46422 | Telesquare | OS Command Injection vulnerability in Telesquare Sdt-Cs3B1 Firmware 1.1.0 Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication. | 9.8 |
2022-04-26 | CVE-2022-24883 | Freerdp Fedoraproject | Improper Authentication vulnerability in multiple products FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). | 9.8 |
2022-04-26 | CVE-2022-24706 | Apache | Insecure Default Initialization of Resource vulnerability in Apache Couchdb In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. | 9.8 |
2022-04-25 | CVE-2022-23457 | Owasp Oracle Netapp | Path Traversal vulnerability in multiple products ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. | 9.8 |
2022-04-25 | CVE-2022-25866 | GIT PHP Project | Argument Injection or Modification vulnerability in Git-PHP Project Git-PHP The package czproject/git-php before 4.0.3 are vulnerable to Command Injection via git argument injection. | 9.8 |
2022-04-25 | CVE-2022-0541 | Flothemes | Unspecified vulnerability in Flothemes Flo-Launch The flo-launch WordPress plugin before 2.4.1 injects code into wp-config.php when creating a cloned site, allowing any attacker to initiate a new site install by setting the flo_custom_table_prefix cookie to an arbitrary value. | 9.8 |
2022-04-25 | CVE-2022-1391 | Kanev | Path Traversal vulnerability in Kanev CAB Fare Calculator 1.0.3 The Cab fare calculator WordPress plugin before 1.0.4 does not validate the controller parameter before using it in require statements, which could lead to Local File Inclusion issues. | 9.8 |
2022-04-25 | CVE-2022-29078 | EJS | Code Injection vulnerability in EJS 3.1.6 The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js allows server-side template injection in settings[view options][outputFunctionName]. | 9.8 |
2022-04-25 | CVE-2021-45837 | Terra Master | Unspecified vulnerability in Terra-Master TOS 4.2.152107141517 It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by sending a specifically crafted input to /tos/index.php?app/del. | 9.8 |
2022-04-25 | CVE-2022-29264 | Coreboot | Unspecified vulnerability in Coreboot An issue was discovered in coreboot 4.13 through 4.16. | 9.8 |
2022-04-27 | CVE-2021-46424 | Telesquare | Unspecified vulnerability in Telesquare Tlr-2005Ksh Firmware 1.0.0 Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system internal files, via a DELETE request. | 9.4 |
2022-04-28 | CVE-2022-28719 | Hammock | Missing Authentication for Critical Function vulnerability in Hammock Assetview 9.2 Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote unauthenticated attacker with some knowledge on the system configuration to upload a crafted configuration file to the managing server, which may result in the managed clients to execute arbitrary code with the administrative privilege. | 9.3 |
2022-04-28 | CVE-2021-41945 | Encode | Improper Input Validation vulnerability in Encode Httpx Encode OSS httpx < 0.23.0 is affected by improper input validation in `httpx.URL`, `httpx.Client` and some functions using `httpx.URL.copy_with`. | 9.1 |
2022-04-27 | CVE-2022-27332 | Zammad | Missing Authentication for Critical Function vulnerability in Zammad An access control issue in Zammad v5.0.3 allows attackers to write entries to the CTI caller log without authentication. | 9.1 |
2022-04-29 | CVE-2022-29937 | USU | OS Command Injection vulnerability in USU Oracle Optimization 20210817 USU Oracle Optimization before 5.17.5 allows authenticated DataCollection users to achieve agent root access because some common OS commands are blocked but (for example) an OS command for base64 decoding is not blocked. | 9.0 |
2022-04-28 | CVE-2021-43939 | Smartptt | Unspecified vulnerability in Smartptt Scada 1.1 Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level administration authorization by issuing requests directly to the desired endpoints. | 9.0 |
2022-04-27 | CVE-2022-27905 | Controlup | Unquoted Search Path or Element vulnerability in Controlup In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. | 9.0 |
2022-04-27 | CVE-2021-46441 | Dlink | OS Command Injection vulnerability in Dlink Dir-825 Firmware In the "webupg" binary of D-Link DIR-825 G1, because of the lack of parameter verification, attackers can use "cmd" parameters to execute arbitrary system commands after obtaining authorization. | 9.0 |
2022-04-25 | CVE-2021-45836 | Terra Master | Unspecified vulnerability in Terra-Master TOS 4.2.152107141517 An authenticated attacker can execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by injecting a maliciously crafted input in the request through /tos/index.php?app/hand_app. | 9.0 |
76 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2022-04-29 | CVE-2022-1227 | Podman Project Psgo Project Redhat Fedoraproject | Improper Privilege Management vulnerability in multiple products A privilege escalation flaw was found in Podman. | 8.8 |
2022-04-29 | CVE-2021-44595 | Wondershare | Missing Authorization vulnerability in Wondershare Dr.Fone 20211206 Wondershare Dr. | 8.8 |
2022-04-28 | CVE-2022-29410 | Hermit Project | SQL Injection vulnerability in Hermit Project Hermit 3.1.6 Authenticated SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers with Subscriber or higher user roles to execute SQLi attack via (&ids). | 8.8 |
2022-04-28 | CVE-2022-28892 | Mahara | Cross-Site Request Forgery (CSRF) vulnerability in Mahara Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to Cross Site Request Forgery (CSRF) because randomly generated tokens are too easily guessable. | 8.8 |
2022-04-28 | CVE-2022-1509 | Hestiacp | Command Injection vulnerability in Hestiacp Control Panel Command Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. | 8.8 |
2022-04-27 | CVE-2022-22315 | IBM | Unspecified vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.2.2.1 could allow an authenticated user with special permissions to obtain elevated privileges due to improper handling of permissions. | 8.8 |
2022-04-25 | CVE-2021-24957 | Advanced Page Visit Counter Project | SQL Injection vulnerability in Advanced Page Visit Counter Project Advanced Page Visit Counter The Advanced Page Visit Counter WordPress plugin before 6.1.6 does not escape the artID parameter before using it in a SQL statement in the apvc_reset_count_art AJAX action, available to any authenticated user, leading to a SQL injection | 8.8 |
2022-04-25 | CVE-2022-26111 | Canon | Expression Language Injection vulnerability in Canon Irisnext 9.8.28 The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search (or editing an existing/predefined search) of the documents. | 8.8 |
2022-04-29 | CVE-2022-24900 | Piano LED Visualizer Project | Exposure of Resource to Wrong Sphere vulnerability in Piano LED Visualizer Project Piano LED Visualizer Piano LED Visualizer is software that allows LED lights to light up as a person plays a piano connected to a computer. | 8.6 |
2022-04-29 | CVE-2021-36207 | Johnsoncontrols | Improper Privilege Management vulnerability in Johnsoncontrols products Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator. | 8.5 |
2022-04-29 | CVE-2021-4206 | Qemu Redhat Debian | Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in the QXL display device emulation in QEMU. | 8.2 |
2022-04-29 | CVE-2021-4207 | Qemu Redhat Debian | Classic Buffer Overflow vulnerability in multiple products A flaw was found in the QXL display device emulation in QEMU. | 8.2 |
2022-05-01 | CVE-2022-25645 | Dset Project | Unspecified vulnerability in Dset Project Dset All versions of package dset are vulnerable to Prototype Pollution via 'dset/merge' mode, as the dset function checks for prototype pollution by validating if the top-level path contains __proto__, constructor or protorype. | 8.1 |
2022-04-25 | CVE-2021-25094 | Brandexponents | Missing Authentication for Critical Function vulnerability in Brandexponents Tatsu The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior authentication to upload a rogue zip file which is uncompressed under the WordPress's upload directory. | 8.1 |
2022-04-25 | CVE-2021-45841 | Terra Master | Use of Hard-coded Credentials vulnerability in Terra-Master TOS 4.2.152107141517 In Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517), an attacker can self-sign session cookies by knowing the target's MAC address and the user's password hash. | 8.1 |
2022-04-29 | CVE-2022-29934 | USU | Missing Authentication for Critical Function vulnerability in USU Oracle Optimization 5.16.2 USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. | 7.8 |
2022-04-27 | CVE-2022-24735 | Redis Fedoraproject Netapp Oracle | Code Injection vulnerability in multiple products Redis is an in-memory database that persists on disk. | 7.8 |
2022-04-27 | CVE-2022-27239 | Samba Debian Suse HP Fedoraproject | Out-of-bounds Write vulnerability in multiple products In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. | 7.8 |
2022-04-25 | CVE-2022-1441 | Gpac Debian | Out-of-bounds Read vulnerability in multiple products MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. | 7.8 |
2022-04-25 | CVE-2021-36460 | Veryfitpro Project | Improper Authentication vulnerability in Veryfitpro Project Veryfitpro VeryFitPro (com.veryfit2hr.second) 3.2.8 hashes the account's password locally on the device and uses the hash to authenticate in all communication with the backend API, including login, registration and changing of passwords. | 7.8 |
2022-04-25 | CVE-2019-25059 | Artifex Debian | Artifex Ghostscript through 9.26 mishandles .completefont. | 7.8 |
2022-05-01 | CVE-2022-25301 | Jsgui Lang Essentials Project | Unspecified vulnerability in Jsgui-Lang-Essentials Project Jsgui-Lang-Essentials All versions of package jsgui-lang-essentials are vulnerable to Prototype Pollution due to allowing all Object attributes to be altered, including their magical attributes such as proto, constructor and prototype. | 7.5 |
2022-05-01 | CVE-2022-21144 | Libxmljs Project | Improper Input Validation vulnerability in Libxmljs Project Libxmljs This affects all versions of package libxmljs. | 7.5 |
2022-05-01 | CVE-2022-21189 | Dexie | Unspecified vulnerability in Dexie The package dexie before 3.2.2, from 4.0.0-alpha.1 and before 4.0.0-alpha.3 are vulnerable to Prototype Pollution in the Dexie.setByKeyPath(obj, keyPath, value) function which does not properly check the keys being set (like __proto__ or constructor). | 7.5 |
2022-05-01 | CVE-2022-22143 | Mozilla | Unspecified vulnerability in Mozilla Convict The package convict before 6.2.2 are vulnerable to Prototype Pollution via the convict function due to missing validation of parentKey. | 7.5 |
2022-05-01 | CVE-2022-23923 | Jailed Project | Unspecified vulnerability in Jailed Project Jailed All versions of package jailed are vulnerable to Sandbox Bypass via an exported alert() method which can access the main application. | 7.5 |
2022-05-01 | CVE-2022-25647 | Google Debian Netapp Oracle | Deserialization of Untrusted Data vulnerability in multiple products The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks. | 7.5 |
2022-05-01 | CVE-2022-25767 | Ureport2 Project | Deserialization of Untrusted Data vulnerability in Ureport2 Project Ureport2 All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets. | 7.5 |
2022-05-01 | CVE-2022-25842 | Alibabagroup | Path Traversal vulnerability in Alibabagroup One-Java-Agent All versions of package com.alibaba.oneagent:one-java-agent-plugin are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) using a specially crafted archive that holds directory traversal filenames (e.g. | 7.5 |
2022-05-01 | CVE-2022-25844 | Angularjs Fedoraproject Netapp | The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat() of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value. | 7.5 |
2022-05-01 | CVE-2022-28481 | CSV Safe Project | Improper Neutralization of Formula Elements in a CSV File vulnerability in Csv-Safe Project Csv-Safe CSV-Safe gem < 3.0.0 doesn't filter out special characters which could trigger CSV Injection. | 7.5 |
2022-04-29 | CVE-2022-29945 | DJI | Cleartext Transmission of Sensitive Information vulnerability in DJI products DJI drone devices sold in 2017 through 2022 broadcast unencrypted information about the drone operator's physical location via the AeroScope protocol. | 7.5 |
2022-04-29 | CVE-2022-28480 | Allmediaserver | Classic Buffer Overflow vulnerability in Allmediaserver 1.6 ALLMediaServer 1.6 is vulnerable to Buffer Overflow via MediaServer.exe. | 7.5 |
2022-04-29 | CVE-2022-28994 | Smallsrv | Classic Buffer Overflow vulnerability in Smallsrv Small Http Server 3.06 Small HTTP Server version 3.06 suffers from a remote buffer overflow vulnerability via long GET request. | 7.5 |
2022-04-29 | CVE-2022-29935 | USU | Unspecified vulnerability in USU Oracle Optimization 20210817 USU Oracle Optimization before 5.17.5 allows attackers to discover the quantum credentials via an agent-installer download. | 7.5 |
2022-04-29 | CVE-2021-43938 | Smartptt | Missing Authorization vulnerability in Smartptt Scada Server 1.4 Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various files from the server without any authentication or authorization. | 7.5 |
2022-04-29 | CVE-2022-29904 | Mediawiki | SQL Injection vulnerability in Mediawiki The SemanticDrilldown extension for MediaWiki through 1.37.2 (before e688bdba6434591b5dff689a45e4d53459954773) allows SQL injection with certain '-' and '_' constraints. | 7.5 |
2022-04-28 | CVE-2022-29556 | Northern Tech | Server-Side Request Forgery (SSRF) vulnerability in Northern.Tech Mender 3.2.0/3.2.1 The iot-manager microservice 1.0.0 in Northern.tech Mender Enterprise before 3.2.2 allows SSRF because the Azure IoT Hub integration provides several SSRF primitives that can execute cross-tenant actions via internal API endpoints. | 7.5 |
2022-04-28 | CVE-2021-43934 | Smartptt | Unrestricted Upload of File with Dangerous Type vulnerability in Smartptt Scada 1.1 Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate upload requests, enabling a malicious user to potentially upload arbitrary files. | 7.5 |
2022-04-28 | CVE-2022-22783 | Zoom | Unspecified vulnerability in Zoom products A vulnerability in Zoom On-Premise Meeting Connector Controller version 4.8.102.20220310 and On-Premise Meeting Connector MMR version 4.8.102.20220310 exposes process memory fragments to connected clients, which could be observed by a passive attacker. | 7.5 |
2022-04-28 | CVE-2022-24935 | Lexmark | Missing Authentication for Critical Function vulnerability in Lexmark Firmware Lexmark products through 2022-02-10 have Incorrect Access Control. | 7.5 |
2022-04-27 | CVE-2021-34589 | Bender | Information Exposure vulnerability in Bender products In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak. | 7.5 |
2022-04-27 | CVE-2021-34601 | Bender | Use of Hard-coded Credentials vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. | 7.5 |
2022-04-27 | CVE-2021-38869 | IBM | Session Fixation vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3, 7.4, and 7.5 in some situations may not automatically log users out after they exceede their idle timeout. | 7.5 |
2022-04-27 | CVE-2021-38878 | IBM | Unspecified vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.3, 7.4, and 7.5 could allow a malicious actor to impersonate an actor due to key exchange without entity authentication. | 7.5 |
2022-04-27 | CVE-2021-46442 | Dlink | Unspecified vulnerability in Dlink Dir-825 Firmware In the "webupg" binary of D-Link DIR-825 G1, attackers can bypass authentication through parameters "autoupgrade.asp", and perform functions such as downloading configuration files and updating firmware without authorization. | 7.5 |
2022-04-26 | CVE-2022-28521 | Zcms Project | Unspecified vulnerability in Zcms Project Zcms 20170206 ZCMS v20170206 was discovered to contain a file inclusion vulnerability via index.php?m=home&c=home&a=sp_set_config. | 7.5 |
2022-04-26 | CVE-2022-28524 | Ed01 CMS Project | SQL Injection vulnerability in Ed01-Cms Project Ed01-Cms 20180505 ED01-CMS v20180505 was discovered to contain a SQL injection vulnerability via the component post.php. | 7.5 |
2022-04-26 | CVE-2022-24881 | Ballcat | Improper Input Validation vulnerability in Ballcat Codegen Ballcat Codegen provides the function of online editing code to generate templates. | 7.5 |
2022-04-26 | CVE-2022-24882 | Freerdp Fedoraproject | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). | 7.5 |
2022-04-26 | CVE-2022-27299 | Hospital Management System Project | SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0 Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the component room.php. | 7.5 |
2022-04-26 | CVE-2022-27468 | Monstaftp | Unrestricted Upload of File with Dangerous Type vulnerability in Monstaftp Monsta FTP 2.10.3 Monstaftp v2.10.3 was discovered to contain an arbitrary file upload which allows attackers to execute arbitrary code via a crafted file uploaded to the web server. | 7.5 |
2022-04-26 | CVE-2022-27469 | Monstaftp | Server-Side Request Forgery (SSRF) vulnerability in Monstaftp Monsta FTP 2.10.3 Monstaftp v2.10.3 was discovered to allow attackers to execute Server-Side Request Forgery (SSRF). | 7.5 |
2022-04-26 | CVE-2022-27984 | Cuppacms | SQL Injection vulnerability in Cuppacms 1.0 CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via the menu_filter parameter at /administrator/templates/default/html/windows/right.php. | 7.5 |
2022-04-26 | CVE-2022-27985 | Cuppacms | SQL Injection vulnerability in Cuppacms 1.0 CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via /administrator/alerts/alertLightbox.php. | 7.5 |
2022-04-26 | CVE-2022-29806 | Zoneminder | Path Traversal vulnerability in Zoneminder ZoneMinder before 1.36.13 allows remote code execution via an invalid language. | 7.5 |
2022-04-25 | CVE-2021-35250 | Solarwinds | Path Traversal vulnerability in Solarwinds Serv-U 15.3 A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. | 7.5 |
2022-04-25 | CVE-2022-0657 | 5 Stars Rating Funnel Project | SQL Injection vulnerability in 5 Stars Rating Funnel Project 5 Stars Rating Funnel The 5 Stars Rating Funnel WordPress Plugin | RRatingg WordPress plugin before 1.2.54 does not properly sanitise, validate and escape lead ids before using them in a SQL statement via the rrtngg_delete_leads AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection issue. | 7.5 |
2022-04-25 | CVE-2022-0693 | Devbunch | SQL Injection vulnerability in Devbunch Master Elements The Master Elements WordPress plugin through 8.0 does not validate and escape the meta_ids parameter of its remove_post_meta_condition AJAX action (available to both unauthenticated and authenticated users) before using it in a SQL statement, leading to an unauthenticated SQL Injection | 7.5 |
2022-04-25 | CVE-2022-0769 | Usersultra | SQL Injection vulnerability in Usersultra Users Ultra The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the data_target parameter before it is being interpolated in an SQL statement and then executed via the rating_vote AJAX action (available to both unauthenticated and authenticated users), leading to an SQL Injection. | 7.5 |
2022-04-25 | CVE-2022-0782 | Donations Project | SQL Injection vulnerability in Donations Project Donations The Donations WordPress plugin through 1.8 does not sanitise and escape the nd_donations_id parameter before using it in a SQL statement via the nd_donations_single_cause_form_validate_fields_php_function AJAX action (available to unauthenticated users), leading to an unauthenticated SQL Injection | 7.5 |
2022-04-25 | CVE-2022-1390 | Admin Word Count Column Project | Path Traversal vulnerability in Admin Word Count Column Project Admin Word Count Column The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile(), which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. | 7.5 |
2022-04-25 | CVE-2022-24792 | Teluu Debian | Infinite Loop vulnerability in multiple products PJSIP is a free and open source multimedia communication library written in C. | 7.5 |
2022-04-25 | CVE-2022-28093 | Online Sports Complex Booking System Project | Unspecified vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0 SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a local file inclusion vulnerability which allow attackers to execute arbitrary code via a crafted PHP file. | 7.5 |
2022-04-25 | CVE-2022-27311 | Gibbon Project | Server-Side Request Forgery (SSRF) vulnerability in Gibbon Project Gibbon Gibbon v3.4.4 and below allows attackers to execute a Server-Side Request Forgery (SSRF) via a crafted URL. | 7.5 |
2022-04-25 | CVE-2022-27429 | Jizhicms | Server-Side Request Forgery (SSRF) vulnerability in Jizhicms 1.9.5 Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via /admin.php/Plugins/update.html. | 7.5 |
2022-04-25 | CVE-2022-28871 | F Secure | Allocation of Resources Without Limits or Throttling vulnerability in F-Secure Atlant A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd component used in certain F-Secure products while scanning larger packages/fuzzed files consume too much memory eventually can crash the scanning engine. | 7.5 |
2022-04-25 | CVE-2022-29077 | Ripple | Out-of-bounds Write vulnerability in Ripple Rippled A heap-based buffer overflow exists in rippled before 1.8.5. | 7.5 |
2022-04-25 | CVE-2022-29546 | Htmlunit | Unspecified vulnerability in Htmlunit HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. | 7.5 |
2022-04-27 | CVE-2022-22521 | Miele | Incorrect Permission Assignment for Critical Resource vulnerability in Miele Benchmark Programming Tool 1.0.49/1.1.49/1.2.71 In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated by attackers are unknowingly executed with users privileges. | 7.3 |
2022-04-27 | CVE-2021-34591 | Bender | Execution with Unnecessary Privileges vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation. | 7.2 |
2022-04-29 | CVE-2022-1353 | Linux Debian Redhat Netapp | A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. | 7.1 |
2022-04-28 | CVE-2022-22782 | Zoom | Unspecified vulnerability in Zoom products The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was susceptible to a local privilege escalation issue during the installer repair operation. | 7.1 |
2022-04-25 | CVE-2022-27374 | Tenda | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_42E328 at /goform/SysToolReboot. | 7.1 |
2022-04-25 | CVE-2022-27375 | Tenda | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_422168 at /goform/WifiExtraSet. | 7.1 |
2022-04-29 | CVE-2022-1048 | Linux Redhat Debian Netapp | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. | 7.0 |
161 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2022-05-01 | CVE-2022-1544 | Luya | Improper Neutralization of Formula Elements in a CSV File vulnerability in Luya Yii-Helpers Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. | 6.8 |
2022-04-29 | CVE-2022-1403 | Deltaww | Out-of-bounds Write vulnerability in Deltaww Asda Soft ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds write condition. | 6.8 |
2022-04-29 | CVE-2022-29451 | Rarathemes | Unrestricted Upload of File with Dangerous Type vulnerability in Rarathemes Rara ONE Click Demo Import Cross-Site Request Forgery (CSRF) leading to Arbitrary File Upload vulnerability in Rara One Click Demo Import plugin <= 1.2.9 on WordPress allows attackers to trick logged-in admin users into uploading dangerous files into /wp-content/uploads/ directory. | 6.8 |
2022-04-29 | CVE-2021-43937 | Smartptt | Cross-Site Request Forgery (CSRF) vulnerability in Smartptt Scada Server 1.4 Elcomplus SmartPTT SCADA Server web application does not, or cannot, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. | 6.8 |
2022-04-28 | CVE-2022-29555 | Northern Tech | Cross-Site Request Forgery (CSRF) vulnerability in Northern.Tech Mender The Deviceconnect microservice through 1.3.0 in Northern.tech Mender Enterprise before 3.2.2. | 6.8 |
2022-04-28 | CVE-2022-24892 | Shopware | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Shopware Shopware is an open source e-commerce software platform. | 6.8 |
2022-04-27 | CVE-2022-28085 | Htmldoc Project | Out-of-bounds Write vulnerability in Htmldoc Project Htmldoc A flaw was found in htmldoc commit 31f7804. | 6.8 |
2022-04-26 | CVE-2021-26629 | Tobesoft | Path Traversal vulnerability in Tobesoft Xplatform A path traversal vulnerability in XPLATFORM's runtime archive function could lead to arbitrary file creation. | 6.8 |
2022-04-25 | CVE-2022-22392 | IBM | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics Workspace 2.0 IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. | 6.8 |
2022-04-29 | CVE-2022-1015 | Linux Fedoraproject | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. | 6.6 |
2022-04-29 | CVE-2022-1543 | Erudika | Unspecified vulnerability in Erudika Scoold Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4. | 6.5 |
2022-04-29 | CVE-2022-29936 | USU | Deserialization of Untrusted Data vulnerability in USU Oracle Optimization 5.16.2 USU Oracle Optimization before 5.17 allows authenticated quantum users to achieve remote code execution because of /v2/quantum/save-data-upload-big-file Java deserialization. | 6.5 |
2022-04-28 | CVE-2022-22441 | IBM | Unspecified vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow an authenticated user to view information of higher privileged users and groups due to a privilege escalation vulnerability. | 6.5 |
2022-04-28 | CVE-2022-1511 | Snipeitapp | Missing Authorization vulnerability in Snipeitapp Snipe-It Missing Authorization in GitHub repository snipe/snipe-it prior to 5.4.4. | 6.5 |
2022-04-27 | CVE-2021-34592 | Bender | Command Injection vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. | 6.5 |
2022-04-27 | CVE-2021-34602 | Bender | OS Command Injection vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. | 6.5 |
2022-04-26 | CVE-2022-28525 | Ed01 CMS Project | Unrestricted Upload of File with Dangerous Type vulnerability in Ed01-Cms Project Ed01-Cms 20180505 ED01-CMS v20180505 was discovered to contain an arbitrary file upload vulnerability via /admin/users.php?source=edit_user&id=1. | 6.5 |
2022-04-26 | CVE-2022-28528 | Bloofox | Unrestricted Upload of File with Dangerous Type vulnerability in Bloofox Bloofoxcms 0.5.2.1 bloofoxCMS v0.5.2.1 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?mode=content&page=media&action=edit. | 6.5 |
2022-04-25 | CVE-2022-29419 | 3Xsocializer Project | SQL Injection vulnerability in 3Xsocializer Project 3Xsocializer 0.98.22 SQL Injection (SQLi) vulnerability in Don Crowther's 3xSocializer plugin <= 0.98.22 at WordPress possible for users with a low role like a subscriber or higher. | 6.5 |
2022-04-25 | CVE-2021-4225 | Smartypantsplugins | Unrestricted Upload of File with Dangerous Type vulnerability in Smartypantsplugins SP Project & Document Manager The SP Project & Document Manager WordPress plugin before 4.24 allows any authenticated users, such as subscribers, to upload files. | 6.5 |
2022-04-25 | CVE-2022-28053 | Typemill | Unrestricted Upload of File with Dangerous Type vulnerability in Typemill 1.5.3 Typemill v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the upload function. | 6.5 |
2022-04-25 | CVE-2021-45839 | Terra Master | Unspecified vulnerability in Terra-Master TOS 4.2.152107141517 It is possible to obtain the first administrator's hash set up on the system in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) as well as other information such as MAC address, internal IP address etc. | 6.5 |
2022-04-28 | CVE-2022-28114 | Dscms Project | Unspecified vulnerability in Dscms Project Dscms 3.0 DSCMS v3.0 was discovered to contain an arbitrary file deletion vulnerability via /controller/Adv.php. | 6.4 |
2022-04-28 | CVE-2021-33436 | Nomachine | Unspecified vulnerability in Nomachine NoMachine for Windows prior to version 6.15.1 and 7.5.2 suffer from local privilege escalation due to the lack of safe DLL loading. | 6.2 |
2022-04-28 | CVE-2022-29413 | Hermit Project | Cross-site Scripting vulnerability in Hermit Project Hermit 3.1.6 Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress via &title parameter. | 6.1 |
2022-04-27 | CVE-2022-24891 | Owasp Oracle Netapp | ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. | 6.1 |
2022-04-28 | CVE-2022-28101 | Lyonbros | Cross-site Scripting vulnerability in Lyonbros Turtl 0.7.2.6 Turtlapp Turtle Note v0.7.2.6 does not filter the <meta> tag during markdown parsing, allowing attackers to execute HTML injection. | 6.0 |
2022-04-27 | CVE-2022-28464 | Apifox | Cross-site Scripting vulnerability in Apifox Apifox through 2.1.6 is vulnerable to Cross Site Scripting (XSS) which can lead to remote code execution. | 6.0 |
2022-04-25 | CVE-2021-39040 | IBM | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics Workspace 2.0 IBM Planning Analytics Workspace 2.0 could be vulnerable to malicious file upload by not validating the file types or sizes. | 6.0 |
2022-04-29 | CVE-2022-1402 | Deltaww | Out-of-bounds Read vulnerability in Deltaww Asda Soft ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition. | 5.8 |
2022-04-29 | CVE-2022-29414 | Wpkube | Cross-Site Request Forgery (CSRF) vulnerability in Wpkube Subscribe to Comments Reloaded Multiple (13x) Cross-Site Request Forgery (CSRF) vulnerabilities in WPKube's Subscribe To Comments Reloaded plugin <= 211130 on WordPress allows attackers to clean up Log archive, download system info file, plugin system settings, plugin options settings, generate a new key, reset all options, change notifications settings, management page settings, comment form settings, manage subscriptions > mass update settings, manage subscriptions > add a new subscription, update subscription, delete Subscription. | 5.8 |
2022-04-29 | CVE-2022-1114 | Imagemagick | Use After Free vulnerability in Imagemagick A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file. | 5.8 |
2022-04-27 | CVE-2022-24887 | Nextcloud | Open Redirect vulnerability in Nextcloud Talk Nextcloud Talk is a video and audio conferencing app for Nextcloud, a self-hosted productivity platform. | 5.8 |
2022-04-25 | CVE-2021-25111 | English Wordpress Admin Project | Open Redirect vulnerability in English Wordpress Admin Project English Wordpress Admin The English WordPress Admin WordPress plugin before 1.5.2 does not validate the admin_custom_language_return_url before redirecting users o it, leading to an open redirect issue | 5.8 |
2022-04-27 | CVE-2022-28195 | Nvidia | Integer Overflow or Wraparound vulnerability in Nvidia Jetson Linux NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_read_file function, where insufficient validation of untrusted data may allow a highly privileged local attacker to cause a integer overflow, which may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity. | 5.7 |
2022-04-27 | CVE-2022-28193 | Nvidia | Out-of-bounds Write vulnerability in Nvidia Jetson Linux NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, loss of integrity, limited denial of service, and some impact to confidentiality. | 5.6 |
2022-04-27 | CVE-2022-28194 | Nvidia | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia Jetson Linux NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where, if TFTP is enabled, a local attacker with elevated privileges can cause a memory buffer overflow, which may lead to code execution, loss of Integrity, limited denial of service, and some impact to confidentiality. | 5.6 |
2022-05-01 | CVE-2022-23061 | Shopizer | Authorization Bypass Through User-Controlled Key vulnerability in Shopizer In Shopizer versions 2.0 to 2.17.0 a regular admin can permanently delete a superadmin (although this cannot happen according to the documentation) via Insecure Direct Object Reference (IDOR) vulnerability. | 5.5 |
2022-04-29 | CVE-2021-3982 | Gnome | Improper Check for Dropped Privileges vulnerability in Gnome Gnome-Shell Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. | 5.5 |
2022-04-29 | CVE-2022-1195 | Linux Debian | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. | 5.5 |
2022-04-27 | CVE-2022-24736 | Redis Fedoraproject Netapp Oracle | NULL Pointer Dereference vulnerability in multiple products Redis is an in-memory database that persists on disk. | 5.5 |
2022-04-27 | CVE-2022-1507 | Chafa Project Fedoraproject | NULL Pointer Dereference vulnerability in multiple products chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. | 5.5 |
2022-04-27 | CVE-2022-29810 | Hashicorp | Information Exposure Through Log Files vulnerability in Hashicorp Go-Getter The Hashicorp go-getter library before 1.5.11 does not redact an SSH key from a URL query parameter. | 5.5 |
2022-04-26 | CVE-2022-28058 | Verydows | Path Traversal vulnerability in Verydows 2.0 Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\file_controller.php. | 5.5 |
2022-04-26 | CVE-2022-28059 | Verydows | Path Traversal vulnerability in Verydows 2.0 Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\database_controller.php. | 5.5 |
2022-04-26 | CVE-2022-28523 | Hongcms Project | Path Traversal vulnerability in Hongcms Project Hongcms 3.0.0 HongCMS 3.0.0 allows arbitrary file deletion via the component /admin/index.php/template/ajax?action=delete. | 5.5 |
2022-04-26 | CVE-2022-28527 | Dhcms Project | Path Traversal vulnerability in Dhcms Project Dhcms 20170919 dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del. | 5.5 |
2022-04-26 | CVE-2022-28918 | Njtech | Unspecified vulnerability in Njtech Greencms 2.3.0603 GreenCMS v2.3.0603 was discovered to contain an arbitrary file deletion vulnerability via /index.php?m=admin&c=custom&a=plugindelhandle&plugin_name=. | 5.5 |
2022-04-26 | CVE-2022-28218 | Ciphermail | Incorrect Default Permissions vulnerability in Ciphermail Webmail Messenger An issue was discovered in CipherMail Webmail Messenger 1.1.1 through 4.1.4. | 5.5 |
2022-04-25 | CVE-2022-28506 | Giflib Project Fedoraproject | Out-of-bounds Write vulnerability in multiple products There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45. | 5.5 |
2022-04-25 | CVE-2022-1459 | Open EMR | Authorization Bypass Through User-Controlled Key vulnerability in Open-Emr Openemr Non-Privilege User Can View Patient’s Disclosures in GitHub repository openemr/openemr prior to 6.1.0.1. | 5.5 |
2022-04-25 | CVE-2021-40680 | Articatech | Path Traversal vulnerability in Articatech web Proxy 4.30.000000 There is a Directory Traversal vulnerability in Artica Proxy (4.30.000000 SP206 through SP255, and VMware appliance 4.30.000000 through SP273) via the filename parameter to /cgi-bin/main.cgi. | 5.5 |
2022-04-25 | CVE-2022-29603 | Universis | SQL Injection vulnerability in Universis Universis-Api A SQL Injection vulnerability exists in UniverSIS UniverSIS-API through 1.2.1 via the $select parameter to multiple API endpoints. | 5.5 |
2022-04-29 | CVE-2022-1536 | Automad | Cross-site Scripting vulnerability in Automad A vulnerability has been found in automad up to 1.10.9 and classified as problematic. | 5.4 |
2022-04-29 | CVE-2022-1526 | Emlog | Cross-site Scripting vulnerability in Emlog A vulnerability, which was classified as problematic, was found in Emlog Pro up to 1.2.2. | 5.4 |
2022-04-28 | CVE-2022-29412 | Hermit Project | Cross-Site Request Forgery (CSRF) vulnerability in Hermit Project Hermit 3.1.6 Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Hermit ????? plugin <= 3.1.6 on WordPress allow attackers to delete cache, delete a source, create source. | 5.4 |
2022-04-28 | CVE-2022-28102 | PHP Mysql Admin Panel Generator Project | Cross-site Scripting vulnerability in PHP Mysql Admin Panel Generator Project PHP Mysql Admin Panel Generator A cross-site scripting (XSS) vulnerability in PHP MySQL Admin Panel Generator v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected at /edit-db.php. | 5.4 |
2022-04-26 | CVE-2022-27854 | Psychological Tests Quizzes Project | Cross-site Scripting vulnerability in Psychological Tests & Quizzes Project Psychological Tests & Quizzes 0.21.19 Stored Cross-Site Scripting (XSS) vulnerability in Alexander Ustimenko's Psychological tests & quizzes plugin <= 0.21.19 on WordPress possible for users with contributor or higher role via &wpt_test_page_submit_button_caption parameter. | 5.4 |
2022-04-25 | CVE-2022-0398 | Caseproof | Missing Authorization vulnerability in Caseproof Thirstyaffiliates Affiliate Link Manager The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 does not have authorisation and CSRF checks when creating affiliate links, which could allow any authenticated user, such as subscriber to create arbitrary affiliate links, which could then be used to redirect users to an arbitrary website | 5.4 |
2022-04-28 | CVE-2022-29869 | Samba Fedoraproject Debian | Information Exposure Through Log Files vulnerability in multiple products cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file. | 5.3 |
2022-05-01 | CVE-2022-21227 | Ghost | Unspecified vulnerability in Ghost Sqlite3 The package sqlite3 before 5.0.3 are vulnerable to Denial of Service (DoS) which will invoke the toString function of the passed parameter. | 5.0 |
2022-05-01 | CVE-2022-25850 | Proxyscotch Project | Server-Side Request Forgery (SSRF) vulnerability in Proxyscotch Project Proxyscotch The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery (SSRF) when interceptor mode is set to proxy. | 5.0 |
2022-05-01 | CVE-2022-26068 | Pistache Project | Path Traversal vulnerability in Pistache Project Pistache This affects the package pistacheio/pistache before 0.0.3.20220425. | 5.0 |
2022-04-30 | CVE-2022-28323 | Mediawiki | Unspecified vulnerability in Mediawiki An issue was discovered in MediaWiki through 1.37.2. | 5.0 |
2022-04-30 | CVE-2022-29265 | Apache | XXE vulnerability in Apache Nifi Multiple components in Apache NiFi 0.0.1 to 1.16.0 do not restrict XML External Entity references in the default configuration. | 5.0 |
2022-04-29 | CVE-2022-29967 | Glewlwyd Project | Path Traversal vulnerability in Glewlwyd Project Glewlwyd static_compressed_inmemory_website_callback.c in Glewlwyd through 2.6.2 allows directory traversal. | 5.0 |
2022-04-29 | CVE-2021-39082 | IBM | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.1.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
2022-04-29 | CVE-2022-29856 | Automationanywhere | Use of Hard-coded Credentials vulnerability in Automationanywhere Automation 360 22 A hardcoded cryptographic key in Automation360 22 allows an attacker to decrypt exported RPA packages. | 5.0 |
2022-04-29 | CVE-2021-41942 | Msvod | SQL Injection vulnerability in Msvod CMS 10 The Magic CMS MSVOD v10 video system has a SQL injection vulnerability. | 5.0 |
2022-04-28 | CVE-2022-28060 | Victor CMS Project | SQL Injection vulnerability in Victor CMS Project Victor CMS 1.0 SQL Injection vulnerability in Victor CMS v1.0, via the user_name parameter to /includes/login.php. | 5.0 |
2022-04-28 | CVE-2022-29585 | Mahara | Incorrect Default Permissions vulnerability in Mahara In Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0, a site using Isolated Institutions is vulnerable if more than ten groups are used. | 5.0 |
2022-04-28 | CVE-2022-22781 | Zoom | Improper Validation of Integrity Check Value vulnerability in Zoom Meetings The Zoom Client for Meetings for MacOS (Standard and for IT Admin) prior to version 5.9.6 failed to properly check the package version during the update process. | 5.0 |
2022-04-28 | CVE-2022-24879 | Shopware | Cross-Site Request Forgery (CSRF) vulnerability in Shopware Shopware is an open source e-commerce software platform. | 5.0 |
2022-04-27 | CVE-2022-28197 | Nvidia | Integer Overflow or Wraparound vulnerability in Nvidia Jetson Linux NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_mount function, where Insufficient validation of untrusted data may allow a highly privileged local attacker to cause an integer overflow. | 5.0 |
2022-04-27 | CVE-2022-22275 | Sonicwall | Unspecified vulnerability in Sonicwall Sonicos 7.0.0.0/7.0.1.0 Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable. | 5.0 |
2022-04-27 | CVE-2022-22276 | Sonicwall | Information Exposure vulnerability in Sonicwall products A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user. | 5.0 |
2022-04-27 | CVE-2022-22277 | Sonicwall | Information Exposure vulnerability in Sonicwall products A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext. | 5.0 |
2022-04-27 | CVE-2022-22278 | Sonicwall | Allocation of Resources Without Limits or Throttling vulnerability in Sonicwall products A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack | 5.0 |
2022-04-27 | CVE-2021-34587 | IBM Bender | Out-of-bounds Write vulnerability in multiple products In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. | 5.0 |
2022-04-27 | CVE-2021-34588 | Bender | Forced Browsing vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export. | 5.0 |
2022-04-27 | CVE-2021-38919 | IBM | Unspecified vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios may reveal authorized service tokens to other QRadar users. | 5.0 |
2022-04-27 | CVE-2021-38939 | IBM | Information Exposure Through Log Files vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive information in log files that could be read by an user with access to creating domains. | 5.0 |
2022-04-27 | CVE-2021-46423 | Telesquare | Unspecified vulnerability in Telesquare Tlr-2005Ksh Firmware 1.0.0 Telesquare TLR-2005KSH 1.0.0 is affected by an unauthenticated file download vulnerability that allows a remote attacker to download a full configuration file. | 5.0 |
2022-04-27 | CVE-2021-46420 | Franklinfueling | Path Traversal vulnerability in Franklinfueling Ts-550 EVO Firmware 2.23.4.8936 Franklin Fueling Systems FFS TS-550 evo 2.23.4.8936 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information. | 5.0 |
2022-04-27 | CVE-2021-46421 | Franklinfueling | Path Traversal vulnerability in Franklinfueling Ts-550 EVO Firmware 1.8.7.7299 Franklin Fueling Systems FFS T5 Series 1.8.7.7299 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information. | 5.0 |
2022-04-27 | CVE-2022-29700 | Zammad | Weak Password Requirements vulnerability in Zammad 5.1.0 A lack of password length restriction in Zammad v5.1.0 allows for the creation of extremely long passwords which can cause a Denial of Service (DoS) during password verification. | 5.0 |
2022-04-27 | CVE-2022-29701 | Zammad | Allocation of Resources Without Limits or Throttling vulnerability in Zammad 5.1.0 A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages. | 5.0 |
2022-04-27 | CVE-2021-41041 | Eclipse Oracle | Unchecked Return Value vulnerability in multiple products In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during bytecode verification when verification is triggered by a MethodHandle invocation, allowing unverified methods to be invoked using MethodHandles. | 5.0 |
2022-04-26 | CVE-2022-23942 | Apache | Use of Hard-coded Credentials vulnerability in Apache Doris Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure. | 5.0 |
2022-04-25 | CVE-2022-24880 | Flask Session Captcha Project | Improper Check for Unusual or Exceptional Conditions vulnerability in Flask-Session-Captcha Project Flask-Session-Captcha flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. | 5.0 |
2022-04-25 | CVE-2022-0656 | Webtoprint | Files or Directories Accessible to External Parties vulnerability in Webtoprint web to Print Shop:Udraw The Web To Print Shop : uDraw WordPress plugin before 3.3.3 does not validate the url parameter in its udraw_convert_url_to_base64 AJAX action (available to both unauthenticated and authenticated users) before using it in the file_get_contents function and returning its content base64 encoded in the response. | 5.0 |
2022-04-25 | CVE-2022-1392 | Commoninja | Path Traversal vulnerability in Commoninja Videos Sync PDF The Videos sync PDF WordPress plugin through 1.7.4 does not validate the p parameter before using it in an include statement, which could lead to Local File Inclusion issues | 5.0 |
2022-04-25 | CVE-2021-45842 | Terra Master | Unspecified vulnerability in Terra-Master TOS 4.2.152107141517 It is possible to obtain the first administrator's hash set up in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) on the system as well as other information such as MAC address, internal IP address etc. | 5.0 |
2022-04-27 | CVE-2022-24372 | Linksys | Link Following vulnerability in Linksys Mr9600 Firmware Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share. | 4.9 |
2022-04-25 | CVE-2022-1094 | Anmari | Cross-site Scripting vulnerability in Anmari AMR Users The amr users WordPress plugin before 4.59.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | 4.8 |
2022-04-25 | CVE-2022-1153 | Layslider | Cross-site Scripting vulnerability in Layslider The LayerSlider WordPress plugin before 7.1.2 does not sanitise and escape Project's slug before outputting it back in various place, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed | 4.8 |
2022-04-29 | CVE-2022-28198 | Nvidia | Unspecified vulnerability in Nvidia Omniverse Cache and Omniverse Nucleus NVIDIA Omniverse Nucleus and Cache contain a vulnerability in its configuration of OpenSSL, where an attacker with physical access to the system can cause arbitrary code execution which can impact confidentiality, integrity, and availability. | 4.6 |
2022-04-29 | CVE-2022-1533 | Libmobi Project | Out-of-bounds Read vulnerability in Libmobi Project Libmobi Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. | 4.6 |
2022-04-28 | CVE-2022-29813 | Jetbrains | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible | 4.6 |
2022-04-28 | CVE-2022-29815 | Jetbrains | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible | 4.6 |
2022-04-27 | CVE-2022-28196 | Nvidia | Out-of-bounds Write vulnerability in Nvidia Jetson Linux NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service. | 4.6 |
2022-04-28 | CVE-2022-29814 | Jetbrains | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible | 4.4 |
2022-04-28 | CVE-2022-29819 | Jetbrains | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible | 4.4 |
2022-04-28 | CVE-2022-29821 | Jetbrains | Code Injection vulnerability in Jetbrains Pycharm In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was possible | 4.4 |
2022-04-27 | CVE-2022-23822 | Xilinx | Incorrect Authorization vulnerability in Xilinx Zynq-7000 Firmware and Zynq-7000S Firmware In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader (FSBL) by bypassing authentication and loading a malicious image onto the device. | 4.4 |
2022-04-27 | CVE-2022-29505 | Linecorp | Unspecified vulnerability in Linecorp Line Due to build misconfiguration in openssl dependency, LINE for Windows before 7.8 is vulnerable to DLL injection that could lead to privilege escalation. | 4.4 |
2022-05-01 | CVE-2022-25349 | Materializecss | Cross-site Scripting vulnerability in Materializecss Materialize All versions of package materialize-css are vulnerable to Cross-site Scripting (XSS) due to improper escape of user input (such as <not-a-tag />) that is being parsed as HTML/JavaScript, and inserted into the Document Object Model (DOM). | 4.3 |
2022-04-29 | CVE-2022-29947 | Woodpecker CI | Cross-site Scripting vulnerability in Woodpecker-Ci Woodpecker Woodpecker before 0.15.1 allows XSS via build logs because web/src/components/repo/build/BuildLog.vue lacks escaping. | 4.3 |
2022-04-29 | CVE-2022-0985 | Moodle | Incorrect Authorization vulnerability in Moodle Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability. | 4.3 |
2022-04-29 | CVE-2022-1530 | Livehelperchat | Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. | 4.3 |
2022-04-29 | CVE-2022-29903 | Mediawiki | Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki The Private Domains extension for MediaWiki through 1.37.2 (before 1ad65d4c1c199b375ea80988d99ab51ae068f766) allows CSRF for editing pages that store the extension's configuration. | 4.3 |
2022-04-29 | CVE-2022-29905 | Mediawiki | Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki The FanBoxes extension for MediaWiki through 1.37.2 (before 027ffb0b9d6fe0d823810cf03f5b562a212162d4) allows Special:UserBoxes CSRF. | 4.3 |
2022-04-29 | CVE-2022-29907 | Mediawiki | Cross-site Scripting vulnerability in Mediawiki The Nimbus skin for MediaWiki through 1.37.2 (before 6f9c8fb868345701d9544a54d9752515aace39df) allows XSS in Advertise link messages. | 4.3 |
2022-04-28 | CVE-2022-28454 | Limbas | Cross-site Scripting vulnerability in Limbas 4.3.36.1319 Limbas 4.3.36.1319 is vulnerable to Cross Site Scripting (XSS). | 4.3 |
2022-04-28 | CVE-2022-28477 | Wbce | Cross-site Scripting vulnerability in Wbce CMS 1.5.2 WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS). | 4.3 |
2022-04-28 | CVE-2022-22427 | IBM | Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. | 4.3 |
2022-04-28 | CVE-2022-27860 | Footer Text Project | Cross-site Scripting vulnerability in Footer-Text Project Footer-Text Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) in Shea Bunge's Footer Text plugin <= 2.0.3 on WordPress. | 4.3 |
2022-04-28 | CVE-2022-29415 | Ravpage Project | Cross-site Scripting vulnerability in Ravpage Project Ravpage Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in Mati Skiba @ Rav Messer's Ravpage plugin <= 2.16 at WordPress. | 4.3 |
2022-04-28 | CVE-2021-43932 | Smartptt | Cross-site Scripting vulnerability in Smartptt Scada 1.1 Elcomplus SmartPTT is vulnerable when an attacker injects JavaScript code into a specific parameter that can executed upon accessing the dashboard or the main page. | 4.3 |
2022-04-28 | CVE-2022-24873 | Shopware | Cross-site Scripting vulnerability in Shopware Shopware is an open source e-commerce software platform. | 4.3 |
2022-04-28 | CVE-2022-29152 | Ericom | Cross-site Scripting vulnerability in Ericom Powerterm Webconnect 6.0 The Ericom PowerTerm WebConnect 6.0 login portal can unsafely write an XSS payload from the AppPortal cookie into the page. | 4.3 |
2022-04-28 | CVE-2022-29817 | Jetbrains | Cross-site Scripting vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible | 4.3 |
2022-04-27 | CVE-2021-3523 | Redhat | Improper Preservation of Permissions vulnerability in Redhat Apicast 2.0.0 A flaw was found in 3Scale APICast in versions prior to 2.11.0, where it incorrectly identified connections for reuse. | 4.3 |
2022-04-27 | CVE-2022-24888 | Nextcloud | Unspecified vulnerability in Nextcloud Server Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. | 4.3 |
2022-04-27 | CVE-2022-24889 | Nextcloud | Insufficient Verification of Data Authenticity vulnerability in Nextcloud Server Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. | 4.3 |
2022-04-27 | CVE-2022-1504 | Microweber | Cross-site Scripting vulnerability in Microweber XSS in /demo/module/?module=HERE in GitHub repository microweber/microweber prior to 1.2.15. | 4.3 |
2022-04-26 | CVE-2022-26564 | Digitaldruid | Cross-site Scripting vulnerability in Digitaldruid Hoteldruid 3.0.3 HotelDruid Hotel Management Software v3.0.3 contains a cross-site scripting (XSS) vulnerability via the prezzoperiodo4 parameter in creaprezzi.php. | 4.3 |
2022-04-26 | CVE-2022-28449 | Nopcommerce | Cross-site Scripting vulnerability in Nopcommerce 4.50.1 nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS). | 4.3 |
2022-04-26 | CVE-2021-26628 | Maxb | Cross-site Scripting vulnerability in Maxb Maxboard Insufficient script validation of the admin page enables XSS, which causes unauthorized users to steal admin privileges. | 4.3 |
2022-04-26 | CVE-2021-36895 | Tripetto | Cross-site Scripting vulnerability in Tripetto Unauthenticated Cross-Site Scripting (XSS) vulnerability in Tripetto's Tripetto plugin <= 5.1.4 on WordPress via SVG image upload. | 4.3 |
2022-04-25 | CVE-2022-28290 | Welaunch | Cross-site Scripting vulnerability in Welaunch Wordpress Country Selector 1.6.5 Reflective Cross-Site Scripting vulnerability in WordPress Country Selector Plugin Version 1.6.5. | 4.3 |
2022-04-25 | CVE-2022-29417 | Shortpixel | Unspecified vulnerability in Shortpixel Adaptive Images Plugin Settings Update vulnerability in ShortPixel's ShortPixel Adaptive Images plugin <= 3.3.1 at WordPress allows an attacker with a low user role like a subscriber or higher to change the plugin settings. | 4.3 |
2022-04-25 | CVE-2021-24805 | Designwall | Cross-Site Request Forgery (CSRF) vulnerability in Designwall DW Question & Answer The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in some of its functions, allowing attackers to make logged in users perform unwanted actions, such as update a comment or a question status. | 4.3 |
2022-04-25 | CVE-2021-46780 | Supsystic | Cross-site Scripting vulnerability in Supsystic Easy Google Maps The Easy Google Maps WordPress plugin before 1.9.32 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting | 4.3 |
2022-04-25 | CVE-2021-46781 | Subsystic | Cross-site Scripting vulnerability in Subsystic Coming Soon The Coming Soon by Supsystic WordPress plugin before 1.7.6 does not sanitise and escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting | 4.3 |
2022-04-25 | CVE-2021-46782 | Supsystic | Cross-site Scripting vulnerability in Supsystic Price Table The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting | 4.3 |
2022-04-25 | CVE-2022-0287 | Mycred | Missing Authorization vulnerability in Mycred The myCred WordPress plugin before 2.4.4.1 does not have any authorisation in place in its mycred-tools-select-user AJAX action, allowing any authenticated user, such as subscriber to call and retrieve all email addresses from the blog | 4.3 |
2022-04-25 | CVE-2022-0363 | Mycred | Missing Authorization vulnerability in Mycred The myCred WordPress plugin before 2.4.3.1 does not have any authorisation and CSRF checks in the mycred-tools-import-export AJAX action, allowing any authenticated users, such as subscribers, to call it and import mycred setup, thus creating badges, managing points or creating arbitrary posts. | 4.3 |
2022-04-25 | CVE-2022-0634 | Caseproof | Missing Authorization vulnerability in Caseproof Thirstyaffiliates Affiliate Link Manager The ThirstyAffiliates WordPress plugin before 3.10.5 lacks authorization checks in the ta_insert_external_image action, allowing a low-privilege user (with a role as low as Subscriber) to add an image from an external URL to an affiliate link. | 4.3 |
2022-04-25 | CVE-2022-0953 | Download Anti Malware Security AND Brute Force Firewall Project | Cross-site Scripting vulnerability in Download Anti-Malware Security and Brute-Force Firewall Project Download Anti-Malware Security and Brute-Force Firewall The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.96 does not sanitise and escape the QUERY_STRING before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters | 4.3 |
2022-04-25 | CVE-2022-1092 | Mycred | Missing Authorization vulnerability in Mycred The myCred WordPress plugin before 2.4.3.1 does not have authorisation and CSRF checks in its mycred-tools-import-export AJAX action, allowing any authenticated user to call and and retrieve the list of email address present in the blog | 4.3 |
2022-04-25 | CVE-2022-26596 | Liferay | Cross-site Scripting vulnerability in Liferay Digital Experience Platform 7.0/7.1/7.2 Cross-site scripting (XSS) vulnerability in Journal module's web content display configuration page in Liferay Portal 7.1.0 through 7.3.3, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19, and 7.2 before fix pack 8, allows remote attackers to inject arbitrary web script or HTML via web content template names. | 4.3 |
2022-04-25 | CVE-2022-26597 | Liferay | Cross-site Scripting vulnerability in Liferay Digital Experience Platform 7.0/7.3 Cross-site scripting (XSS) vulnerability in the Layout module's Open Graph integration in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the site name. | 4.3 |
2022-04-25 | CVE-2022-28094 | Online Sports Complex Booking System Project | Cross-site Scripting vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0 SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the fid parameter at booking.php. | 4.3 |
2022-04-25 | CVE-2022-27103 | Element Plus | Cross-site Scripting vulnerability in Element-Plus 2.0.5 element-plus 2.0.5 is vulnerable to Cross Site Scripting (XSS) via el-table-column. | 4.3 |
2022-04-25 | CVE-2022-27135 | Xpdfreader | Out-of-bounds Write vulnerability in Xpdfreader Xpdf 4.03 xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. | 4.3 |
2022-04-25 | CVE-2022-28586 | Hoosk | Cross-site Scripting vulnerability in Hoosk 1.8.0 XSS in edit page of Hoosk 1.8.0 allows attacker to execute javascript code in user browser via edit page with XSS payload bypass filter some special chars. | 4.3 |
2022-04-29 | CVE-2022-0984 | Moodle Fedoraproject Redhat | Incorrect Authorization vulnerability in multiple products Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges. | 4.0 |
2022-04-28 | CVE-2022-24898 | Xwiki | XXE vulnerability in Xwiki Commons org.xwiki.commons:xwiki-commons-xml is a common module used by other XWiki top level projects. | 4.0 |
2022-04-28 | CVE-2021-43930 | Smartptt | Path Traversal vulnerability in Smartptt Scada 1.1 Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate download requests, enabling malicious users to perform path traversal attacks and potentially download arbitrary files from the system. | 4.0 |
2022-04-28 | CVE-2022-28117 | Naviwebs | Server-Side Request Forgery (SSRF) vulnerability in Naviwebs Navigate CMS 2.9.4 A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter. | 4.0 |
2022-04-27 | CVE-2021-29776 | IBM | Unspecified vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information from another user's dashboard providing the dashboard ID of that user. | 4.0 |
2022-04-27 | CVE-2021-38874 | IBM | Unspecified vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations. | 4.0 |
2022-04-27 | CVE-2022-22312 | IBM | Out-of-bounds Write vulnerability in IBM Security Verify Password Synchronization IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. | 4.0 |
2022-04-27 | CVE-2022-22323 | IBM | Out-of-bounds Write vulnerability in IBM Security Verify Password Synchronization IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. | 4.0 |
2022-04-27 | CVE-2022-27331 | Zammad | Exposure of Resource to Wrong Sphere vulnerability in Zammad An access control issue in Zammad v5.0.3 broadcasts administrative configuration changes to all users who have an active application instance, including settings that should only be visible to authenticated users. | 4.0 |
2022-04-26 | CVE-2022-1466 | Redhat | Incorrect Authorization vulnerability in Redhat Keycloak Due to improper authorization, Red Hat Single Sign-On is vulnerable to users performing actions that they should not be allowed to perform. | 4.0 |
2022-04-26 | CVE-2022-24866 | Discourse | Information Exposure vulnerability in Discourse Assign Discourse Assign is a plugin for assigning users to a topic in Discourse, an open-source messaging platform. | 4.0 |
2022-04-25 | CVE-2022-0477 | Gitlab | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 11.9 before 14.5.4, all versions starting from 14.6.0 before 14.6.4, all versions starting from 14.7.0 before 14.7.1. | 4.0 |
2022-04-25 | CVE-2021-24800 | Designwall | Authorization Bypass Through User-Controlled Key vulnerability in Designwall DW Question & Answer The DW Question & Answer Pro WordPress plugin through 1.3.4 does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments. | 4.0 |
2022-04-25 | CVE-2022-1461 | Open EMR | Authorization Bypass Through User-Controlled Key vulnerability in Open-Emr Openemr Non Privilege User can Enable or Disable Registered in GitHub repository openemr/openemr prior to 6.1.0.1. | 4.0 |
42 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2022-04-27 | CVE-2022-24886 | Nextcloud | Incorrect Permission Assignment for Critical Resource vulnerability in Nextcloud Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. | 3.8 |
2022-04-29 | CVE-2022-1534 | Libmobi Project | Out-of-bounds Read vulnerability in Libmobi Project Libmobi Buffer Over-read at parse_rawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11. | 3.6 |
2022-04-28 | CVE-2022-29818 | Jetbrains | Origin Validation Error vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed | 3.6 |
2022-05-01 | CVE-2022-21149 | S Cart | Cross-site Scripting vulnerability in S-Cart The package s-cart/s-cart before 6.9; the package s-cart/core before 6.9 are vulnerable to Cross-site Scripting (XSS) which can lead to cookie stealing of any victim that visits the affected URL so the attacker can gain unauthorized access to that user's account through the stolen cookie. | 3.5 |
2022-05-01 | CVE-2022-23060 | Shopizer | Cross-site Scripting vulnerability in Shopizer A Stored Cross Site Scripting (XSS) vulnerability exists in Shopizer versions 2.0 through 2.17.0, where a privileged user (attacker) can inject malicious JavaScript in the filename under the “Manage files” tab | 3.5 |
2022-04-29 | CVE-2022-25854 | Tagify Project | Cross-site Scripting vulnerability in Tagify Project Tagify This affects the package @yaireo/tagify before 4.9.8. | 3.5 |
2022-04-29 | CVE-2021-41948 | Intelliants | Cross-site Scripting vulnerability in Intelliants Subrion A cross-site scripting (XSS) vulnerability exists in the "contact us" plugin for Subrion CMS <= 4.2.1 version via "List of subjects". | 3.5 |
2022-04-28 | CVE-2021-38952 | IBM | Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. | 3.5 |
2022-04-28 | CVE-2022-1514 | Facturascripts | Cross-site Scripting vulnerability in Facturascripts Stored XSS via upload plugin functionality in zip format in GitHub repository neorazorx/facturascripts prior to 2022.06. | 3.5 |
2022-04-28 | CVE-2022-22322 | IBM | Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. | 3.5 |
2022-04-28 | CVE-2022-22443 | IBM | Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. | 3.5 |
2022-04-28 | CVE-2022-29584 | Mahara | Cross-site Scripting vulnerability in Mahara Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 allows stored XSS when a particular Cascading Style Sheets (CSS) class for embedly is used, and JavaScript code is constructed to perform an action. | 3.5 |
2022-04-28 | CVE-2022-29811 | Jetbrains | Cross-site Scripting vulnerability in Jetbrains HUB In JetBrains Hub before 2022.1.14638 stored XSS via project icon was possible. | 3.5 |
2022-04-27 | CVE-2021-34590 | Bender | Cross-site Scripting vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting. | 3.5 |
2022-04-27 | CVE-2022-22345 | IBM | Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. | 3.5 |
2022-04-27 | CVE-2022-1503 | GET Simple | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS A vulnerability, which was classified as problematic, has been found in GetSimple CMS. | 3.5 |
2022-04-26 | CVE-2022-28450 | Nopcommerce | Cross-site Scripting vulnerability in Nopcommerce 4.50.1 nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS) via the "Text" parameter (forums) when creating a new post, which allows a remote attacker to execute arbitrary JavaScript code at client browser. | 3.5 |
2022-04-26 | CVE-2022-28522 | Zcms Project | Cross-site Scripting vulnerability in Zcms Project Zcms 20170206 ZCMS v20170206 was discovered to contain a stored cross-site scripting (XSS) vulnerability via index.php?m=home&c=message&a=add. | 3.5 |
2022-04-26 | CVE-2022-28448 | Nopcommerce | Cross-site Scripting vulnerability in Nopcommerce 4.50.1 nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS). | 3.5 |
2022-04-26 | CVE-2021-36867 | Psychological Tests Quizzes Project | Cross-site Scripting vulnerability in Psychological Tests & Quizzes Project Psychological Tests & Quizzes 0.21.19 Stored Cross-Site Scripting (XSS) vulnerability in Alexander Ustimenko's Psychological tests & quizzes plugin <= 0.21.19 on WordPress possible for users with contributor or higher user rights. | 3.5 |
2022-04-26 | CVE-2022-1173 | Getgrav | Cross-site Scripting vulnerability in Getgrav Grav stored xss in GitHub repository getgrav/grav prior to 1.7.33. | 3.5 |
2022-04-25 | CVE-2022-29418 | Night Mode Project | Cross-site Scripting vulnerability in Night Mode Project Night Mode Authenticated (admin user role) Persistent Cross-Site Scripting (XSS) in Mark Daniels Night Mode plugin <= 1.0.0 on WordPress via vulnerable parameters: &ntmode_page_setting[enable-me], &ntmode_page_setting[bg-color], &ntmode_page_setting[txt-color], &ntmode_page_setting[anc_color]. | 3.5 |
2022-04-25 | CVE-2022-0876 | Wpdevart | Cross-site Scripting vulnerability in Wpdevart Social Comments The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfiltered_html is disallowed | 3.5 |
2022-04-25 | CVE-2022-1027 | Minioragne | Cross-site Scripting vulnerability in Minioragne Page Restriction The Page Restriction WordPress (WP) WordPress plugin before 1.2.7 allows bad actors with administrator privileges to the settings page to inject Javascript code to its settings leading to stored Cross-Site Scripting that will only affect administrator users. | 3.5 |
2022-04-25 | CVE-2022-1152 | Menubar | Cross-site Scripting vulnerability in Menubar The Menubar WordPress plugin before 5.8 does not sanitise and escape the command parameter before outputting it back in the response via the menubar AJAX action (available to any authenticated users), leading to a Reflected Cross-Site Scripting | 3.5 |
2022-04-25 | CVE-2022-1156 | Books Papers Project | Cross-site Scripting vulnerability in Books & Papers Project Books & Papers The Books & Papers WordPress plugin through 0.20210223 does not escape its Custom DB prefix settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | 3.5 |
2022-04-25 | CVE-2022-1228 | Opensea Project | Cross-site Scripting vulnerability in Opensea Project Opeansea The Opensea WordPress plugin before 1.0.3 does not sanitize and escape some of its settings, like its "Referer address" field, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 3.5 |
2022-04-25 | CVE-2022-1396 | Donorbox | Cross-site Scripting vulnerability in Donorbox The Donorbox WordPress plugin before 7.1.7 does not sanitise and escape its Campaign URL settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed | 3.5 |
2022-04-25 | CVE-2022-27428 | Gallerycms Project | Cross-site Scripting vulnerability in Gallerycms Project Gallerycms 2.0 A stored cross-site scripting (XSS) vulnerability in /index.php/album/add of GalleryCMS v2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the album_name parameter. | 3.5 |
2022-04-25 | CVE-2022-1457 | Facturascripts | Cross-site Scripting vulnerability in Facturascripts Store XSS in title parameter executing at EditUser Page & EditProducto page in GitHub repository neorazorx/facturascripts prior to 2022.04. | 3.5 |
2022-04-25 | CVE-2022-1458 | Open EMR | Cross-site Scripting vulnerability in Open-Emr Openemr Stored XSS Leads To Session Hijacking in GitHub repository openemr/openemr prior to 6.1.0.1. | 3.5 |
2022-04-28 | CVE-2022-29820 | Jetbrains | Exposure of Resource to Wrong Sphere vulnerability in Jetbrains Pycharm In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible | 3.3 |
2022-04-28 | CVE-2022-29816 | Jetbrains | Cross-site Scripting vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible | 3.2 |
2022-05-01 | CVE-2022-21230 | Nanohttpd | Unspecified vulnerability in Nanohttpd This affects all versions of package org.nanohttpd:nanohttpd. | 2.1 |
2022-04-29 | CVE-2022-1249 | Pesign Project | NULL Pointer Dereference vulnerability in Pesign Project Pesign A NULL pointer dereference flaw was found in pesign's cms_set_pw_data() function of the cms_common.c file. | 2.1 |
2022-04-28 | CVE-2022-29812 | Jetbrains | Unspecified vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient | 2.1 |
2022-04-27 | CVE-2021-25266 | Sophos | Insecure Storage of Sensitive Information vulnerability in Sophos Authenticator and Intercept X An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495. | 2.1 |
2022-04-27 | CVE-2022-24885 | Nextcloud | Improper Authentication vulnerability in Nextcloud Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. | 2.1 |
2022-04-26 | CVE-2022-27888 | Palantir | Information Exposure Through Log Files vulnerability in Palantir Foundry Issues Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information (session tokens). | 2.1 |
2022-04-30 | CVE-2021-41992 | Pingidentity | Improper Authentication vulnerability in Pingidentity Pingid Integration for Windows Login A misconfiguration of RSA in PingID Windows Login prior to 2.7 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass. | 1.9 |
2022-04-30 | CVE-2021-41993 | Pingidentity | Use of Insufficiently Random Values vulnerability in Pingidentity Pingid and Pingid Windows Login A misconfiguration of RSA in PingID Android app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login. | 1.9 |
2022-04-30 | CVE-2021-41994 | Pingidentity | Use of Insufficiently Random Values vulnerability in Pingidentity Pingid and Pingid Windows Login A misconfiguration of RSA in PingID iOS app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login. | 1.9 |