Weekly Vulnerabilities Reports > April 25 to May 1, 2022

Overview

313 new vulnerabilities reported during this period, including 34 critical vulnerabilities and 76 high severity vulnerabilities. This weekly summary report vulnerabilities in 342 products from 201 vendors including IBM, Fedoraproject, Jetbrains, Debian, and Redhat. Vulnerabilities are notably categorized as "Cross-site Scripting", "Path Traversal", "SQL Injection", "Out-of-bounds Write", and "Cross-Site Request Forgery (CSRF)".

  • 262 reported vulnerabilities are remotely exploitables.
  • 130 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 198 reported vulnerabilities are exploitable by an anonymous user.
  • IBM has the most reported vulnerabilities, with 19 reported vulnerabilities.
  • Terra Master has the most reported critical vulnerabilities, with 3 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

34 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-04-26 CVE-2022-29499 Mitel Improper Input Validation vulnerability in Mitel Mivoice Connect 19.1/21.84.5535.0/21.90.9743.0

The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation.

10.0
2022-04-25 CVE-2021-45840 Terra Master Unspecified vulnerability in Terra-Master TOS 4.2.152107141517

It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by sending specifically crafted input to /tos/index.php?app/app_start_stop.

10.0
2022-04-30 CVE-2021-42001 Pingidentity Unspecified vulnerability in Pingidentity Pingid Desktop

PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure.

9.9
2022-05-01 CVE-2022-21167 Ldqk Unspecified vulnerability in Ldqk Masuit.Tools

All versions of package masuit.tools.core are vulnerable to Arbitrary Code Execution via the ReceiveVarData<T> function in the SocketClient.cs component.

9.8
2022-05-01 CVE-2022-24437 GIT Pull OR Clone Project Argument Injection or Modification vulnerability in Git-Pull-Or-Clone Project Git-Pull-Or-Clone

The package git-pull-or-clone before 2.0.2 are vulnerable to Command Injection due to the use of the --upload-pack feature of git which is also supported for git clone.

9.8
2022-04-29 CVE-2022-28452 Redplanetcomputers SQL Injection vulnerability in Redplanetcomputers Laundry Management System 1.0

Red Planet Laundry Management System 1.0 is vulnerable to SQL Injection.

9.8
2022-04-29 CVE-2021-44596 Wondershare Unspecified vulnerability in Wondershare Dr.Fone 20211206

Wondershare LTD Dr.

9.8
2022-04-29 CVE-2022-1531 RTX Project SQL Injection vulnerability in RTX Project RTX

SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint_2022-04-20 .

9.8
2022-04-29 CVE-2022-29906 Mediawiki Missing Authorization vulnerability in Mediawiki

The admin API module in the QuizGame extension for MediaWiki through 1.37.2 (before 665e33a68f6fa1167df99c0aa18ed0157cdf9f66) omits a check for the quizadmin user.

9.8
2022-04-28 CVE-2022-24449 RT Solar Server-Side Request Forgery (SSRF) vulnerability in Rt-Solar Solar Appscreener 3.10.4

Solar appScreener through 3.10.4, when a valid license is not present, allows XXE and SSRF attacks via a crafted XML document.

9.8
2022-04-28 CVE-2022-29081 Zohocorp Path Traversal vulnerability in Zohocorp products

Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360 before 5401 are vulnerable to access-control bypass on a few Rest API URLs (for SSOutAction.

9.8
2022-04-28 CVE-2022-29411 Hermit Project SQL Injection vulnerability in Hermit Project Hermit 3.1.6

SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers to execute SQLi attack via (&id).

9.8
2022-04-28 CVE-2021-41921 Xxyopen Unrestricted Upload of File with Dangerous Type vulnerability in Xxyopen Novel-Plus 3.6.1

novel-plus V3.6.1 allows unrestricted file uploads.

9.8
2022-04-27 CVE-2022-29859 Amb1 SDK Project Unspecified vulnerability in Amb1 SDK Project Amb1 SDK

component/common/network/dhcp/dhcps.c in ambiot amb1_sdk (aka SDK for Ameba1) before 2022-03-11 mishandles data structures for DHCP packet data.

9.8
2022-04-27 CVE-2022-27336 Seacms Unspecified vulnerability in Seacms 11.6

Seacms v11.6 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/weixin.php.

9.8
2022-04-27 CVE-2021-46422 Telesquare OS Command Injection vulnerability in Telesquare Sdt-Cs3B1 Firmware 1.1.0

Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication.

9.8
2022-04-26 CVE-2022-24883 Freerdp
Fedoraproject
Improper Authentication vulnerability in multiple products

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP).

9.8
2022-04-26 CVE-2022-24706 Apache Insecure Default Initialization of Resource vulnerability in Apache Couchdb

In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges.

9.8
2022-04-25 CVE-2022-23457 Owasp
Oracle
Netapp
Path Traversal vulnerability in multiple products

ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library.

9.8
2022-04-25 CVE-2022-25866 GIT PHP Project Argument Injection or Modification vulnerability in Git-PHP Project Git-PHP

The package czproject/git-php before 4.0.3 are vulnerable to Command Injection via git argument injection.

9.8
2022-04-25 CVE-2022-0541 Flothemes Unspecified vulnerability in Flothemes Flo-Launch

The flo-launch WordPress plugin before 2.4.1 injects code into wp-config.php when creating a cloned site, allowing any attacker to initiate a new site install by setting the flo_custom_table_prefix cookie to an arbitrary value.

9.8
2022-04-25 CVE-2022-1391 Kanev Path Traversal vulnerability in Kanev CAB Fare Calculator 1.0.3

The Cab fare calculator WordPress plugin before 1.0.4 does not validate the controller parameter before using it in require statements, which could lead to Local File Inclusion issues.

9.8
2022-04-25 CVE-2022-29078 EJS Code Injection vulnerability in EJS 3.1.6

The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js allows server-side template injection in settings[view options][outputFunctionName].

9.8
2022-04-25 CVE-2021-45837 Terra Master Unspecified vulnerability in Terra-Master TOS 4.2.152107141517

It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by sending a specifically crafted input to /tos/index.php?app/del.

9.8
2022-04-25 CVE-2022-29264 Coreboot Unspecified vulnerability in Coreboot

An issue was discovered in coreboot 4.13 through 4.16.

9.8
2022-04-27 CVE-2021-46424 Telesquare Unspecified vulnerability in Telesquare Tlr-2005Ksh Firmware 1.0.0

Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system internal files, via a DELETE request.

9.4
2022-04-28 CVE-2022-28719 Hammock Missing Authentication for Critical Function vulnerability in Hammock Assetview 9.2

Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote unauthenticated attacker with some knowledge on the system configuration to upload a crafted configuration file to the managing server, which may result in the managed clients to execute arbitrary code with the administrative privilege.

9.3
2022-04-28 CVE-2021-41945 Encode Improper Input Validation vulnerability in Encode Httpx

Encode OSS httpx < 0.23.0 is affected by improper input validation in `httpx.URL`, `httpx.Client` and some functions using `httpx.URL.copy_with`.

9.1
2022-04-27 CVE-2022-27332 Zammad Missing Authentication for Critical Function vulnerability in Zammad

An access control issue in Zammad v5.0.3 allows attackers to write entries to the CTI caller log without authentication.

9.1
2022-04-29 CVE-2022-29937 USU OS Command Injection vulnerability in USU Oracle Optimization 20210817

USU Oracle Optimization before 5.17.5 allows authenticated DataCollection users to achieve agent root access because some common OS commands are blocked but (for example) an OS command for base64 decoding is not blocked.

9.0
2022-04-28 CVE-2021-43939 Smartptt Unspecified vulnerability in Smartptt Scada 1.1

Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level administration authorization by issuing requests directly to the desired endpoints.

9.0
2022-04-27 CVE-2022-27905 Controlup Unquoted Search Path or Element vulnerability in Controlup

In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation.

9.0
2022-04-27 CVE-2021-46441 Dlink OS Command Injection vulnerability in Dlink Dir-825 Firmware

In the "webupg" binary of D-Link DIR-825 G1, because of the lack of parameter verification, attackers can use "cmd" parameters to execute arbitrary system commands after obtaining authorization.

9.0
2022-04-25 CVE-2021-45836 Terra Master Unspecified vulnerability in Terra-Master TOS 4.2.152107141517

An authenticated attacker can execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by injecting a maliciously crafted input in the request through /tos/index.php?app/hand_app.

9.0

76 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-04-29 CVE-2022-1227 Podman Project
Psgo Project
Redhat
Fedoraproject
Improper Privilege Management vulnerability in multiple products

A privilege escalation flaw was found in Podman.

8.8
2022-04-29 CVE-2021-44595 Wondershare Missing Authorization vulnerability in Wondershare Dr.Fone 20211206

Wondershare Dr.

8.8
2022-04-28 CVE-2022-29410 Hermit Project SQL Injection vulnerability in Hermit Project Hermit 3.1.6

Authenticated SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers with Subscriber or higher user roles to execute SQLi attack via (&ids).

8.8
2022-04-28 CVE-2022-28892 Mahara Cross-Site Request Forgery (CSRF) vulnerability in Mahara

Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to Cross Site Request Forgery (CSRF) because randomly generated tokens are too easily guessable.

8.8
2022-04-28 CVE-2022-1509 Hestiacp Command Injection vulnerability in Hestiacp Control Panel

Command Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12.

8.8
2022-04-27 CVE-2022-22315 IBM Unspecified vulnerability in IBM Urbancode Deploy

IBM UrbanCode Deploy (UCD) 7.2.2.1 could allow an authenticated user with special permissions to obtain elevated privileges due to improper handling of permissions.

8.8
2022-04-25 CVE-2021-24957 Advanced Page Visit Counter Project SQL Injection vulnerability in Advanced Page Visit Counter Project Advanced Page Visit Counter

The Advanced Page Visit Counter WordPress plugin before 6.1.6 does not escape the artID parameter before using it in a SQL statement in the apvc_reset_count_art AJAX action, available to any authenticated user, leading to a SQL injection

8.8
2022-04-25 CVE-2022-26111 Canon Expression Language Injection vulnerability in Canon Irisnext 9.8.28

The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search (or editing an existing/predefined search) of the documents.

8.8
2022-04-29 CVE-2022-24900 Piano LED Visualizer Project Exposure of Resource to Wrong Sphere vulnerability in Piano LED Visualizer Project Piano LED Visualizer

Piano LED Visualizer is software that allows LED lights to light up as a person plays a piano connected to a computer.

8.6
2022-04-29 CVE-2021-36207 Johnsoncontrols Improper Privilege Management vulnerability in Johnsoncontrols products

Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator.

8.5
2022-04-29 CVE-2021-4206 Qemu
Redhat
Debian
Incorrect Calculation of Buffer Size vulnerability in multiple products

A flaw was found in the QXL display device emulation in QEMU.

8.2
2022-04-29 CVE-2021-4207 Qemu
Redhat
Debian
Classic Buffer Overflow vulnerability in multiple products

A flaw was found in the QXL display device emulation in QEMU.

8.2
2022-05-01 CVE-2022-25645 Dset Project Unspecified vulnerability in Dset Project Dset

All versions of package dset are vulnerable to Prototype Pollution via 'dset/merge' mode, as the dset function checks for prototype pollution by validating if the top-level path contains __proto__, constructor or protorype.

8.1
2022-04-25 CVE-2021-25094 Brandexponents Missing Authentication for Critical Function vulnerability in Brandexponents Tatsu

The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior authentication to upload a rogue zip file which is uncompressed under the WordPress's upload directory.

8.1
2022-04-25 CVE-2021-45841 Terra Master Use of Hard-coded Credentials vulnerability in Terra-Master TOS 4.2.152107141517

In Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517), an attacker can self-sign session cookies by knowing the target's MAC address and the user's password hash.

8.1
2022-04-29 CVE-2022-29934 USU Missing Authentication for Critical Function vulnerability in USU Oracle Optimization 5.16.2

USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec.

7.8
2022-04-27 CVE-2022-24735 Redis
Fedoraproject
Netapp
Oracle
Code Injection vulnerability in multiple products

Redis is an in-memory database that persists on disk.

7.8
2022-04-27 CVE-2022-27239 Samba
Debian
Suse
HP
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

7.8
2022-04-25 CVE-2022-1441 Gpac
Debian
Out-of-bounds Read vulnerability in multiple products

MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion.

7.8
2022-04-25 CVE-2021-36460 Veryfitpro Project Improper Authentication vulnerability in Veryfitpro Project Veryfitpro

VeryFitPro (com.veryfit2hr.second) 3.2.8 hashes the account's password locally on the device and uses the hash to authenticate in all communication with the backend API, including login, registration and changing of passwords.

7.8
2022-04-25 CVE-2019-25059 Artifex
Debian
Artifex Ghostscript through 9.26 mishandles .completefont.
7.8
2022-05-01 CVE-2022-25301 Jsgui Lang Essentials Project Unspecified vulnerability in Jsgui-Lang-Essentials Project Jsgui-Lang-Essentials

All versions of package jsgui-lang-essentials are vulnerable to Prototype Pollution due to allowing all Object attributes to be altered, including their magical attributes such as proto, constructor and prototype.

7.5
2022-05-01 CVE-2022-21144 Libxmljs Project Improper Input Validation vulnerability in Libxmljs Project Libxmljs

This affects all versions of package libxmljs.

7.5
2022-05-01 CVE-2022-21189 Dexie Unspecified vulnerability in Dexie

The package dexie before 3.2.2, from 4.0.0-alpha.1 and before 4.0.0-alpha.3 are vulnerable to Prototype Pollution in the Dexie.setByKeyPath(obj, keyPath, value) function which does not properly check the keys being set (like __proto__ or constructor).

7.5
2022-05-01 CVE-2022-22143 Mozilla Unspecified vulnerability in Mozilla Convict

The package convict before 6.2.2 are vulnerable to Prototype Pollution via the convict function due to missing validation of parentKey.

7.5
2022-05-01 CVE-2022-23923 Jailed Project Unspecified vulnerability in Jailed Project Jailed

All versions of package jailed are vulnerable to Sandbox Bypass via an exported alert() method which can access the main application.

7.5
2022-05-01 CVE-2022-25647 Google
Debian
Netapp
Oracle
Deserialization of Untrusted Data vulnerability in multiple products

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.

7.5
2022-05-01 CVE-2022-25767 Ureport2 Project Deserialization of Untrusted Data vulnerability in Ureport2 Project Ureport2

All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets.

7.5
2022-05-01 CVE-2022-25842 Alibabagroup Path Traversal vulnerability in Alibabagroup One-Java-Agent

All versions of package com.alibaba.oneagent:one-java-agent-plugin are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) using a specially crafted archive that holds directory traversal filenames (e.g.

7.5
2022-05-01 CVE-2022-25844 Angularjs
Fedoraproject
Netapp
The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat() of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value.
7.5
2022-05-01 CVE-2022-28481 CSV Safe Project Improper Neutralization of Formula Elements in a CSV File vulnerability in Csv-Safe Project Csv-Safe

CSV-Safe gem < 3.0.0 doesn't filter out special characters which could trigger CSV Injection.

7.5
2022-04-29 CVE-2022-29945 DJI Cleartext Transmission of Sensitive Information vulnerability in DJI products

DJI drone devices sold in 2017 through 2022 broadcast unencrypted information about the drone operator's physical location via the AeroScope protocol.

7.5
2022-04-29 CVE-2022-28480 Allmediaserver Classic Buffer Overflow vulnerability in Allmediaserver 1.6

ALLMediaServer 1.6 is vulnerable to Buffer Overflow via MediaServer.exe.

7.5
2022-04-29 CVE-2022-28994 Smallsrv Classic Buffer Overflow vulnerability in Smallsrv Small Http Server 3.06

Small HTTP Server version 3.06 suffers from a remote buffer overflow vulnerability via long GET request.

7.5
2022-04-29 CVE-2022-29935 USU Unspecified vulnerability in USU Oracle Optimization 20210817

USU Oracle Optimization before 5.17.5 allows attackers to discover the quantum credentials via an agent-installer download.

7.5
2022-04-29 CVE-2021-43938 Smartptt Missing Authorization vulnerability in Smartptt Scada Server 1.4

Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various files from the server without any authentication or authorization.

7.5
2022-04-29 CVE-2022-29904 Mediawiki SQL Injection vulnerability in Mediawiki

The SemanticDrilldown extension for MediaWiki through 1.37.2 (before e688bdba6434591b5dff689a45e4d53459954773) allows SQL injection with certain '-' and '_' constraints.

7.5
2022-04-28 CVE-2022-29556 Northern Tech Server-Side Request Forgery (SSRF) vulnerability in Northern.Tech Mender 3.2.0/3.2.1

The iot-manager microservice 1.0.0 in Northern.tech Mender Enterprise before 3.2.2 allows SSRF because the Azure IoT Hub integration provides several SSRF primitives that can execute cross-tenant actions via internal API endpoints.

7.5
2022-04-28 CVE-2021-43934 Smartptt Unrestricted Upload of File with Dangerous Type vulnerability in Smartptt Scada 1.1

Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate upload requests, enabling a malicious user to potentially upload arbitrary files.

7.5
2022-04-28 CVE-2022-22783 Zoom Unspecified vulnerability in Zoom products

A vulnerability in Zoom On-Premise Meeting Connector Controller version 4.8.102.20220310 and On-Premise Meeting Connector MMR version 4.8.102.20220310 exposes process memory fragments to connected clients, which could be observed by a passive attacker.

7.5
2022-04-28 CVE-2022-24935 Lexmark Missing Authentication for Critical Function vulnerability in Lexmark Firmware

Lexmark products through 2022-02-10 have Incorrect Access Control.

7.5
2022-04-27 CVE-2021-34589 Bender Information Exposure vulnerability in Bender products

In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak.

7.5
2022-04-27 CVE-2021-34601 Bender Use of Hard-coded Credentials vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware

In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials.

7.5
2022-04-27 CVE-2021-38869 IBM Session Fixation vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.3, 7.4, and 7.5 in some situations may not automatically log users out after they exceede their idle timeout.

7.5
2022-04-27 CVE-2021-38878 IBM Unspecified vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar 7.3, 7.4, and 7.5 could allow a malicious actor to impersonate an actor due to key exchange without entity authentication.

7.5
2022-04-27 CVE-2021-46442 Dlink Unspecified vulnerability in Dlink Dir-825 Firmware

In the "webupg" binary of D-Link DIR-825 G1, attackers can bypass authentication through parameters "autoupgrade.asp", and perform functions such as downloading configuration files and updating firmware without authorization.

7.5
2022-04-26 CVE-2022-28521 Zcms Project Unspecified vulnerability in Zcms Project Zcms 20170206

ZCMS v20170206 was discovered to contain a file inclusion vulnerability via index.php?m=home&c=home&a=sp_set_config.

7.5
2022-04-26 CVE-2022-28524 Ed01 CMS Project SQL Injection vulnerability in Ed01-Cms Project Ed01-Cms 20180505

ED01-CMS v20180505 was discovered to contain a SQL injection vulnerability via the component post.php.

7.5
2022-04-26 CVE-2022-24881 Ballcat Improper Input Validation vulnerability in Ballcat Codegen

Ballcat Codegen provides the function of online editing code to generate templates.

7.5
2022-04-26 CVE-2022-24882 Freerdp
Fedoraproject
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP).
7.5
2022-04-26 CVE-2022-27299 Hospital Management System Project SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the component room.php.

7.5
2022-04-26 CVE-2022-27468 Monstaftp Unrestricted Upload of File with Dangerous Type vulnerability in Monstaftp Monsta FTP 2.10.3

Monstaftp v2.10.3 was discovered to contain an arbitrary file upload which allows attackers to execute arbitrary code via a crafted file uploaded to the web server.

7.5
2022-04-26 CVE-2022-27469 Monstaftp Server-Side Request Forgery (SSRF) vulnerability in Monstaftp Monsta FTP 2.10.3

Monstaftp v2.10.3 was discovered to allow attackers to execute Server-Side Request Forgery (SSRF).

7.5
2022-04-26 CVE-2022-27984 Cuppacms SQL Injection vulnerability in Cuppacms 1.0

CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via the menu_filter parameter at /administrator/templates/default/html/windows/right.php.

7.5
2022-04-26 CVE-2022-27985 Cuppacms SQL Injection vulnerability in Cuppacms 1.0

CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via /administrator/alerts/alertLightbox.php.

7.5
2022-04-26 CVE-2022-29806 Zoneminder Path Traversal vulnerability in Zoneminder

ZoneMinder before 1.36.13 allows remote code execution via an invalid language.

7.5
2022-04-25 CVE-2021-35250 Solarwinds Path Traversal vulnerability in Solarwinds Serv-U 15.3

A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3.

7.5
2022-04-25 CVE-2022-0657 5 Stars Rating Funnel Project SQL Injection vulnerability in 5 Stars Rating Funnel Project 5 Stars Rating Funnel

The 5 Stars Rating Funnel WordPress Plugin | RRatingg WordPress plugin before 1.2.54 does not properly sanitise, validate and escape lead ids before using them in a SQL statement via the rrtngg_delete_leads AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection issue.

7.5
2022-04-25 CVE-2022-0693 Devbunch SQL Injection vulnerability in Devbunch Master Elements

The Master Elements WordPress plugin through 8.0 does not validate and escape the meta_ids parameter of its remove_post_meta_condition AJAX action (available to both unauthenticated and authenticated users) before using it in a SQL statement, leading to an unauthenticated SQL Injection

7.5
2022-04-25 CVE-2022-0769 Usersultra SQL Injection vulnerability in Usersultra Users Ultra

The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the data_target parameter before it is being interpolated in an SQL statement and then executed via the rating_vote AJAX action (available to both unauthenticated and authenticated users), leading to an SQL Injection.

7.5
2022-04-25 CVE-2022-0782 Donations Project SQL Injection vulnerability in Donations Project Donations

The Donations WordPress plugin through 1.8 does not sanitise and escape the nd_donations_id parameter before using it in a SQL statement via the nd_donations_single_cause_form_validate_fields_php_function AJAX action (available to unauthenticated users), leading to an unauthenticated SQL Injection

7.5
2022-04-25 CVE-2022-1390 Admin Word Count Column Project Path Traversal vulnerability in Admin Word Count Column Project Admin Word Count Column

The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile(), which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique.

7.5
2022-04-25 CVE-2022-24792 Teluu
Debian
Infinite Loop vulnerability in multiple products

PJSIP is a free and open source multimedia communication library written in C.

7.5
2022-04-25 CVE-2022-28093 Online Sports Complex Booking System Project Unspecified vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0

SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a local file inclusion vulnerability which allow attackers to execute arbitrary code via a crafted PHP file.

7.5
2022-04-25 CVE-2022-27311 Gibbon Project Server-Side Request Forgery (SSRF) vulnerability in Gibbon Project Gibbon

Gibbon v3.4.4 and below allows attackers to execute a Server-Side Request Forgery (SSRF) via a crafted URL.

7.5
2022-04-25 CVE-2022-27429 Jizhicms Server-Side Request Forgery (SSRF) vulnerability in Jizhicms 1.9.5

Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via /admin.php/Plugins/update.html.

7.5
2022-04-25 CVE-2022-28871 F Secure Allocation of Resources Without Limits or Throttling vulnerability in F-Secure Atlant

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd component used in certain F-Secure products while scanning larger packages/fuzzed files consume too much memory eventually can crash the scanning engine.

7.5
2022-04-25 CVE-2022-29077 Ripple Out-of-bounds Write vulnerability in Ripple Rippled

A heap-based buffer overflow exists in rippled before 1.8.5.

7.5
2022-04-25 CVE-2022-29546 Htmlunit Unspecified vulnerability in Htmlunit

HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability.

7.5
2022-04-27 CVE-2022-22521 Miele Incorrect Permission Assignment for Critical Resource vulnerability in Miele Benchmark Programming Tool 1.0.49/1.1.49/1.2.71

In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated by attackers are unknowingly executed with users privileges.

7.3
2022-04-27 CVE-2021-34591 Bender Execution with Unnecessary Privileges vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware

In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation.

7.2
2022-04-29 CVE-2022-1353 Linux
Debian
Redhat
Netapp
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel.
7.1
2022-04-28 CVE-2022-22782 Zoom Unspecified vulnerability in Zoom products

The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was susceptible to a local privilege escalation issue during the installer repair operation.

7.1
2022-04-25 CVE-2022-27374 Tenda Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn

Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_42E328 at /goform/SysToolReboot.

7.1
2022-04-25 CVE-2022-27375 Tenda Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn

Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_422168 at /goform/WifiExtraSet.

7.1
2022-04-29 CVE-2022-1048 Linux
Redhat
Debian
Netapp
Use After Free vulnerability in multiple products

A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params.

7.0

161 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-05-01 CVE-2022-1544 Luya Improper Neutralization of Formula Elements in a CSV File vulnerability in Luya Yii-Helpers

Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1.

6.8
2022-04-29 CVE-2022-1403 Deltaww Out-of-bounds Write vulnerability in Deltaww Asda Soft

ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds write condition.

6.8
2022-04-29 CVE-2022-29451 Rarathemes Unrestricted Upload of File with Dangerous Type vulnerability in Rarathemes Rara ONE Click Demo Import

Cross-Site Request Forgery (CSRF) leading to Arbitrary File Upload vulnerability in Rara One Click Demo Import plugin <= 1.2.9 on WordPress allows attackers to trick logged-in admin users into uploading dangerous files into /wp-content/uploads/ directory.

6.8
2022-04-29 CVE-2021-43937 Smartptt Cross-Site Request Forgery (CSRF) vulnerability in Smartptt Scada Server 1.4

Elcomplus SmartPTT SCADA Server web application does not, or cannot, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

6.8
2022-04-28 CVE-2022-29555 Northern Tech Cross-Site Request Forgery (CSRF) vulnerability in Northern.Tech Mender

The Deviceconnect microservice through 1.3.0 in Northern.tech Mender Enterprise before 3.2.2.

6.8
2022-04-28 CVE-2022-24892 Shopware Weak Password Recovery Mechanism for Forgotten Password vulnerability in Shopware

Shopware is an open source e-commerce software platform.

6.8
2022-04-27 CVE-2022-28085 Htmldoc Project Out-of-bounds Write vulnerability in Htmldoc Project Htmldoc

A flaw was found in htmldoc commit 31f7804.

6.8
2022-04-26 CVE-2021-26629 Tobesoft Path Traversal vulnerability in Tobesoft Xplatform

A path traversal vulnerability in XPLATFORM's runtime archive function could lead to arbitrary file creation.

6.8
2022-04-25 CVE-2022-22392 IBM Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics Workspace 2.0

IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution.

6.8
2022-04-29 CVE-2022-1015 Linux
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem.

6.6
2022-04-29 CVE-2022-1543 Erudika Unspecified vulnerability in Erudika Scoold

Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4.

6.5
2022-04-29 CVE-2022-29936 USU Deserialization of Untrusted Data vulnerability in USU Oracle Optimization 5.16.2

USU Oracle Optimization before 5.17 allows authenticated quantum users to achieve remote code execution because of /v2/quantum/save-data-upload-big-file Java deserialization.

6.5
2022-04-28 CVE-2022-22441 IBM Unspecified vulnerability in IBM Infosphere Information Server 11.7

IBM InfoSphere Information Server 11.7 could allow an authenticated user to view information of higher privileged users and groups due to a privilege escalation vulnerability.

6.5
2022-04-28 CVE-2022-1511 Snipeitapp Missing Authorization vulnerability in Snipeitapp Snipe-It

Missing Authorization in GitHub repository snipe/snipe-it prior to 5.4.4.

6.5
2022-04-27 CVE-2021-34592 Bender Command Injection vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware

In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface.

6.5
2022-04-27 CVE-2021-34602 Bender OS Command Injection vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware

In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface.

6.5
2022-04-26 CVE-2022-28525 Ed01 CMS Project Unrestricted Upload of File with Dangerous Type vulnerability in Ed01-Cms Project Ed01-Cms 20180505

ED01-CMS v20180505 was discovered to contain an arbitrary file upload vulnerability via /admin/users.php?source=edit_user&id=1.

6.5
2022-04-26 CVE-2022-28528 Bloofox Unrestricted Upload of File with Dangerous Type vulnerability in Bloofox Bloofoxcms 0.5.2.1

bloofoxCMS v0.5.2.1 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?mode=content&page=media&action=edit.

6.5
2022-04-25 CVE-2022-29419 3Xsocializer Project SQL Injection vulnerability in 3Xsocializer Project 3Xsocializer 0.98.22

SQL Injection (SQLi) vulnerability in Don Crowther's 3xSocializer plugin <= 0.98.22 at WordPress possible for users with a low role like a subscriber or higher.

6.5
2022-04-25 CVE-2021-4225 Smartypantsplugins Unrestricted Upload of File with Dangerous Type vulnerability in Smartypantsplugins SP Project & Document Manager

The SP Project & Document Manager WordPress plugin before 4.24 allows any authenticated users, such as subscribers, to upload files.

6.5
2022-04-25 CVE-2022-28053 Typemill Unrestricted Upload of File with Dangerous Type vulnerability in Typemill 1.5.3

Typemill v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the upload function.

6.5
2022-04-25 CVE-2021-45839 Terra Master Unspecified vulnerability in Terra-Master TOS 4.2.152107141517

It is possible to obtain the first administrator's hash set up on the system in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) as well as other information such as MAC address, internal IP address etc.

6.5
2022-04-28 CVE-2022-28114 Dscms Project Unspecified vulnerability in Dscms Project Dscms 3.0

DSCMS v3.0 was discovered to contain an arbitrary file deletion vulnerability via /controller/Adv.php.

6.4
2022-04-28 CVE-2021-33436 Nomachine Unspecified vulnerability in Nomachine

NoMachine for Windows prior to version 6.15.1 and 7.5.2 suffer from local privilege escalation due to the lack of safe DLL loading.

6.2
2022-04-28 CVE-2022-29413 Hermit Project Cross-site Scripting vulnerability in Hermit Project Hermit 3.1.6

Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress via &title parameter.

6.1
2022-04-27 CVE-2022-24891 Owasp
Oracle
Netapp
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library.
6.1
2022-04-28 CVE-2022-28101 Lyonbros Cross-site Scripting vulnerability in Lyonbros Turtl 0.7.2.6

Turtlapp Turtle Note v0.7.2.6 does not filter the <meta> tag during markdown parsing, allowing attackers to execute HTML injection.

6.0
2022-04-27 CVE-2022-28464 Apifox Cross-site Scripting vulnerability in Apifox

Apifox through 2.1.6 is vulnerable to Cross Site Scripting (XSS) which can lead to remote code execution.

6.0
2022-04-25 CVE-2021-39040 IBM Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics Workspace 2.0

IBM Planning Analytics Workspace 2.0 could be vulnerable to malicious file upload by not validating the file types or sizes.

6.0
2022-04-29 CVE-2022-1402 Deltaww Out-of-bounds Read vulnerability in Deltaww Asda Soft

ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition.

5.8
2022-04-29 CVE-2022-29414 Wpkube Cross-Site Request Forgery (CSRF) vulnerability in Wpkube Subscribe to Comments Reloaded

Multiple (13x) Cross-Site Request Forgery (CSRF) vulnerabilities in WPKube's Subscribe To Comments Reloaded plugin <= 211130 on WordPress allows attackers to clean up Log archive, download system info file, plugin system settings, plugin options settings, generate a new key, reset all options, change notifications settings, management page settings, comment form settings, manage subscriptions > mass update settings, manage subscriptions > add a new subscription, update subscription, delete Subscription.

5.8
2022-04-29 CVE-2022-1114 Imagemagick Use After Free vulnerability in Imagemagick

A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file.

5.8
2022-04-27 CVE-2022-24887 Nextcloud Open Redirect vulnerability in Nextcloud Talk

Nextcloud Talk is a video and audio conferencing app for Nextcloud, a self-hosted productivity platform.

5.8
2022-04-25 CVE-2021-25111 English Wordpress Admin Project Open Redirect vulnerability in English Wordpress Admin Project English Wordpress Admin

The English WordPress Admin WordPress plugin before 1.5.2 does not validate the admin_custom_language_return_url before redirecting users o it, leading to an open redirect issue

5.8
2022-04-27 CVE-2022-28195 Nvidia Integer Overflow or Wraparound vulnerability in Nvidia Jetson Linux

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_read_file function, where insufficient validation of untrusted data may allow a highly privileged local attacker to cause a integer overflow, which may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity.

5.7
2022-04-27 CVE-2022-28193 Nvidia Out-of-bounds Write vulnerability in Nvidia Jetson Linux

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, loss of integrity, limited denial of service, and some impact to confidentiality.

5.6
2022-04-27 CVE-2022-28194 Nvidia Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia Jetson Linux

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where, if TFTP is enabled, a local attacker with elevated privileges can cause a memory buffer overflow, which may lead to code execution, loss of Integrity, limited denial of service, and some impact to confidentiality.

5.6
2022-05-01 CVE-2022-23061 Shopizer Authorization Bypass Through User-Controlled Key vulnerability in Shopizer

In Shopizer versions 2.0 to 2.17.0 a regular admin can permanently delete a superadmin (although this cannot happen according to the documentation) via Insecure Direct Object Reference (IDOR) vulnerability.

5.5
2022-04-29 CVE-2021-3982 Gnome Improper Check for Dropped Privileges vulnerability in Gnome Gnome-Shell

Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue.

5.5
2022-04-29 CVE-2022-1195 Linux
Debian
Use After Free vulnerability in multiple products

A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio.

5.5
2022-04-27 CVE-2022-24736 Redis
Fedoraproject
Netapp
Oracle
NULL Pointer Dereference vulnerability in multiple products

Redis is an in-memory database that persists on disk.

5.5
2022-04-27 CVE-2022-1507 Chafa Project
Fedoraproject
NULL Pointer Dereference vulnerability in multiple products

chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file.

5.5
2022-04-27 CVE-2022-29810 Hashicorp Information Exposure Through Log Files vulnerability in Hashicorp Go-Getter

The Hashicorp go-getter library before 1.5.11 does not redact an SSH key from a URL query parameter.

5.5
2022-04-26 CVE-2022-28058 Verydows Path Traversal vulnerability in Verydows 2.0

Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\file_controller.php.

5.5
2022-04-26 CVE-2022-28059 Verydows Path Traversal vulnerability in Verydows 2.0

Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\database_controller.php.

5.5
2022-04-26 CVE-2022-28523 Hongcms Project Path Traversal vulnerability in Hongcms Project Hongcms 3.0.0

HongCMS 3.0.0 allows arbitrary file deletion via the component /admin/index.php/template/ajax?action=delete.

5.5
2022-04-26 CVE-2022-28527 Dhcms Project Path Traversal vulnerability in Dhcms Project Dhcms 20170919

dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del.

5.5
2022-04-26 CVE-2022-28918 Njtech Unspecified vulnerability in Njtech Greencms 2.3.0603

GreenCMS v2.3.0603 was discovered to contain an arbitrary file deletion vulnerability via /index.php?m=admin&c=custom&a=plugindelhandle&plugin_name=.

5.5
2022-04-26 CVE-2022-28218 Ciphermail Incorrect Default Permissions vulnerability in Ciphermail Webmail Messenger

An issue was discovered in CipherMail Webmail Messenger 1.1.1 through 4.1.4.

5.5
2022-04-25 CVE-2022-28506 Giflib Project
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45.

5.5
2022-04-25 CVE-2022-1459 Open EMR Authorization Bypass Through User-Controlled Key vulnerability in Open-Emr Openemr

Non-Privilege User Can View Patient’s Disclosures in GitHub repository openemr/openemr prior to 6.1.0.1.

5.5
2022-04-25 CVE-2021-40680 Articatech Path Traversal vulnerability in Articatech web Proxy 4.30.000000

There is a Directory Traversal vulnerability in Artica Proxy (4.30.000000 SP206 through SP255, and VMware appliance 4.30.000000 through SP273) via the filename parameter to /cgi-bin/main.cgi.

5.5
2022-04-25 CVE-2022-29603 Universis SQL Injection vulnerability in Universis Universis-Api

A SQL Injection vulnerability exists in UniverSIS UniverSIS-API through 1.2.1 via the $select parameter to multiple API endpoints.

5.5
2022-04-29 CVE-2022-1536 Automad Cross-site Scripting vulnerability in Automad

A vulnerability has been found in automad up to 1.10.9 and classified as problematic.

5.4
2022-04-29 CVE-2022-1526 Emlog Cross-site Scripting vulnerability in Emlog

A vulnerability, which was classified as problematic, was found in Emlog Pro up to 1.2.2.

5.4
2022-04-28 CVE-2022-29412 Hermit Project Cross-Site Request Forgery (CSRF) vulnerability in Hermit Project Hermit 3.1.6

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Hermit ????? plugin <= 3.1.6 on WordPress allow attackers to delete cache, delete a source, create source.

5.4
2022-04-28 CVE-2022-28102 PHP Mysql Admin Panel Generator Project Cross-site Scripting vulnerability in PHP Mysql Admin Panel Generator Project PHP Mysql Admin Panel Generator

A cross-site scripting (XSS) vulnerability in PHP MySQL Admin Panel Generator v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected at /edit-db.php.

5.4
2022-04-26 CVE-2022-27854 Psychological Tests Quizzes Project Cross-site Scripting vulnerability in Psychological Tests & Quizzes Project Psychological Tests & Quizzes 0.21.19

Stored Cross-Site Scripting (XSS) vulnerability in Alexander Ustimenko's Psychological tests & quizzes plugin <= 0.21.19 on WordPress possible for users with contributor or higher role via &wpt_test_page_submit_button_caption parameter.

5.4
2022-04-25 CVE-2022-0398 Caseproof Missing Authorization vulnerability in Caseproof Thirstyaffiliates Affiliate Link Manager

The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 does not have authorisation and CSRF checks when creating affiliate links, which could allow any authenticated user, such as subscriber to create arbitrary affiliate links, which could then be used to redirect users to an arbitrary website

5.4
2022-04-28 CVE-2022-29869 Samba
Fedoraproject
Debian
Information Exposure Through Log Files vulnerability in multiple products

cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file.

5.3
2022-05-01 CVE-2022-21227 Ghost Unspecified vulnerability in Ghost Sqlite3

The package sqlite3 before 5.0.3 are vulnerable to Denial of Service (DoS) which will invoke the toString function of the passed parameter.

5.0
2022-05-01 CVE-2022-25850 Proxyscotch Project Server-Side Request Forgery (SSRF) vulnerability in Proxyscotch Project Proxyscotch

The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery (SSRF) when interceptor mode is set to proxy.

5.0
2022-05-01 CVE-2022-26068 Pistache Project Path Traversal vulnerability in Pistache Project Pistache

This affects the package pistacheio/pistache before 0.0.3.20220425.

5.0
2022-04-30 CVE-2022-28323 Mediawiki Unspecified vulnerability in Mediawiki

An issue was discovered in MediaWiki through 1.37.2.

5.0
2022-04-30 CVE-2022-29265 Apache XXE vulnerability in Apache Nifi

Multiple components in Apache NiFi 0.0.1 to 1.16.0 do not restrict XML External Entity references in the default configuration.

5.0
2022-04-29 CVE-2022-29967 Glewlwyd Project Path Traversal vulnerability in Glewlwyd Project Glewlwyd

static_compressed_inmemory_website_callback.c in Glewlwyd through 2.6.2 allows directory traversal.

5.0
2022-04-29 CVE-2021-39082 IBM Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Urbancode Deploy

IBM UrbanCode Deploy (UCD) 7.1.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2022-04-29 CVE-2022-29856 Automationanywhere Use of Hard-coded Credentials vulnerability in Automationanywhere Automation 360 22

A hardcoded cryptographic key in Automation360 22 allows an attacker to decrypt exported RPA packages.

5.0
2022-04-29 CVE-2021-41942 Msvod SQL Injection vulnerability in Msvod CMS 10

The Magic CMS MSVOD v10 video system has a SQL injection vulnerability.

5.0
2022-04-28 CVE-2022-28060 Victor CMS Project SQL Injection vulnerability in Victor CMS Project Victor CMS 1.0

SQL Injection vulnerability in Victor CMS v1.0, via the user_name parameter to /includes/login.php.

5.0
2022-04-28 CVE-2022-29585 Mahara Incorrect Default Permissions vulnerability in Mahara

In Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0, a site using Isolated Institutions is vulnerable if more than ten groups are used.

5.0
2022-04-28 CVE-2022-22781 Zoom Improper Validation of Integrity Check Value vulnerability in Zoom Meetings

The Zoom Client for Meetings for MacOS (Standard and for IT Admin) prior to version 5.9.6 failed to properly check the package version during the update process.

5.0
2022-04-28 CVE-2022-24879 Shopware Cross-Site Request Forgery (CSRF) vulnerability in Shopware

Shopware is an open source e-commerce software platform.

5.0
2022-04-27 CVE-2022-28197 Nvidia Integer Overflow or Wraparound vulnerability in Nvidia Jetson Linux

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_mount function, where Insufficient validation of untrusted data may allow a highly privileged local attacker to cause an integer overflow.

5.0
2022-04-27 CVE-2022-22275 Sonicwall Unspecified vulnerability in Sonicwall Sonicos 7.0.0.0/7.0.1.0

Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.

5.0
2022-04-27 CVE-2022-22276 Sonicwall Information Exposure vulnerability in Sonicwall products

A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user.

5.0
2022-04-27 CVE-2022-22277 Sonicwall Information Exposure vulnerability in Sonicwall products

A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext.

5.0
2022-04-27 CVE-2022-22278 Sonicwall Allocation of Resources Without Limits or Throttling vulnerability in Sonicwall products

A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack

5.0
2022-04-27 CVE-2021-34587 IBM
Bender
Out-of-bounds Write vulnerability in multiple products

In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash.

5.0
2022-04-27 CVE-2021-34588 Bender Forced Browsing vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware

In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export.

5.0
2022-04-27 CVE-2021-38919 IBM Unspecified vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios may reveal authorized service tokens to other QRadar users.

5.0
2022-04-27 CVE-2021-38939 IBM Information Exposure Through Log Files vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive information in log files that could be read by an user with access to creating domains.

5.0
2022-04-27 CVE-2021-46423 Telesquare Unspecified vulnerability in Telesquare Tlr-2005Ksh Firmware 1.0.0

Telesquare TLR-2005KSH 1.0.0 is affected by an unauthenticated file download vulnerability that allows a remote attacker to download a full configuration file.

5.0
2022-04-27 CVE-2021-46420 Franklinfueling Path Traversal vulnerability in Franklinfueling Ts-550 EVO Firmware 2.23.4.8936

Franklin Fueling Systems FFS TS-550 evo 2.23.4.8936 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information.

5.0
2022-04-27 CVE-2021-46421 Franklinfueling Path Traversal vulnerability in Franklinfueling Ts-550 EVO Firmware 1.8.7.7299

Franklin Fueling Systems FFS T5 Series 1.8.7.7299 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information.

5.0
2022-04-27 CVE-2022-29700 Zammad Weak Password Requirements vulnerability in Zammad 5.1.0

A lack of password length restriction in Zammad v5.1.0 allows for the creation of extremely long passwords which can cause a Denial of Service (DoS) during password verification.

5.0
2022-04-27 CVE-2022-29701 Zammad Allocation of Resources Without Limits or Throttling vulnerability in Zammad 5.1.0

A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages.

5.0
2022-04-27 CVE-2021-41041 Eclipse
Oracle
Unchecked Return Value vulnerability in multiple products

In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during bytecode verification when verification is triggered by a MethodHandle invocation, allowing unverified methods to be invoked using MethodHandles.

5.0
2022-04-26 CVE-2022-23942 Apache Use of Hard-coded Credentials vulnerability in Apache Doris

Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure.

5.0
2022-04-25 CVE-2022-24880 Flask Session Captcha Project Improper Check for Unusual or Exceptional Conditions vulnerability in Flask-Session-Captcha Project Flask-Session-Captcha

flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session.

5.0
2022-04-25 CVE-2022-0656 Webtoprint Files or Directories Accessible to External Parties vulnerability in Webtoprint web to Print Shop:Udraw

The Web To Print Shop : uDraw WordPress plugin before 3.3.3 does not validate the url parameter in its udraw_convert_url_to_base64 AJAX action (available to both unauthenticated and authenticated users) before using it in the file_get_contents function and returning its content base64 encoded in the response.

5.0
2022-04-25 CVE-2022-1392 Commoninja Path Traversal vulnerability in Commoninja Videos Sync PDF

The Videos sync PDF WordPress plugin through 1.7.4 does not validate the p parameter before using it in an include statement, which could lead to Local File Inclusion issues

5.0
2022-04-25 CVE-2021-45842 Terra Master Unspecified vulnerability in Terra-Master TOS 4.2.152107141517

It is possible to obtain the first administrator's hash set up in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) on the system as well as other information such as MAC address, internal IP address etc.

5.0
2022-04-27 CVE-2022-24372 Linksys Link Following vulnerability in Linksys Mr9600 Firmware

Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share.

4.9
2022-04-25 CVE-2022-1094 Anmari Cross-site Scripting vulnerability in Anmari AMR Users

The amr users WordPress plugin before 4.59.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

4.8
2022-04-25 CVE-2022-1153 Layslider Cross-site Scripting vulnerability in Layslider

The LayerSlider WordPress plugin before 7.1.2 does not sanitise and escape Project's slug before outputting it back in various place, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed

4.8
2022-04-29 CVE-2022-28198 Nvidia Unspecified vulnerability in Nvidia Omniverse Cache and Omniverse Nucleus

NVIDIA Omniverse Nucleus and Cache contain a vulnerability in its configuration of OpenSSL, where an attacker with physical access to the system can cause arbitrary code execution which can impact confidentiality, integrity, and availability.

4.6
2022-04-29 CVE-2022-1533 Libmobi Project Out-of-bounds Read vulnerability in Libmobi Project Libmobi

Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11.

4.6
2022-04-28 CVE-2022-29813 Jetbrains Code Injection vulnerability in Jetbrains Intellij Idea

In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible

4.6
2022-04-28 CVE-2022-29815 Jetbrains Code Injection vulnerability in Jetbrains Intellij Idea

In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible

4.6
2022-04-27 CVE-2022-28196 Nvidia Out-of-bounds Write vulnerability in Nvidia Jetson Linux

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service.

4.6
2022-04-28 CVE-2022-29814 Jetbrains Code Injection vulnerability in Jetbrains Intellij Idea

In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible

4.4
2022-04-28 CVE-2022-29819 Jetbrains Code Injection vulnerability in Jetbrains Intellij Idea

In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible

4.4
2022-04-28 CVE-2022-29821 Jetbrains Code Injection vulnerability in Jetbrains Pycharm

In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was possible

4.4
2022-04-27 CVE-2022-23822 Xilinx Incorrect Authorization vulnerability in Xilinx Zynq-7000 Firmware and Zynq-7000S Firmware

In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader (FSBL) by bypassing authentication and loading a malicious image onto the device.

4.4
2022-04-27 CVE-2022-29505 Linecorp Unspecified vulnerability in Linecorp Line

Due to build misconfiguration in openssl dependency, LINE for Windows before 7.8 is vulnerable to DLL injection that could lead to privilege escalation.

4.4
2022-05-01 CVE-2022-25349 Materializecss Cross-site Scripting vulnerability in Materializecss Materialize

All versions of package materialize-css are vulnerable to Cross-site Scripting (XSS) due to improper escape of user input (such as &lt;not-a-tag /&gt;) that is being parsed as HTML/JavaScript, and inserted into the Document Object Model (DOM).

4.3
2022-04-29 CVE-2022-29947 Woodpecker CI Cross-site Scripting vulnerability in Woodpecker-Ci Woodpecker

Woodpecker before 0.15.1 allows XSS via build logs because web/src/components/repo/build/BuildLog.vue lacks escaping.

4.3
2022-04-29 CVE-2022-0985 Moodle Incorrect Authorization vulnerability in Moodle

Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability.

4.3
2022-04-29 CVE-2022-1530 Livehelperchat Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat

Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v.

4.3
2022-04-29 CVE-2022-29903 Mediawiki Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki

The Private Domains extension for MediaWiki through 1.37.2 (before 1ad65d4c1c199b375ea80988d99ab51ae068f766) allows CSRF for editing pages that store the extension's configuration.

4.3
2022-04-29 CVE-2022-29905 Mediawiki Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki

The FanBoxes extension for MediaWiki through 1.37.2 (before 027ffb0b9d6fe0d823810cf03f5b562a212162d4) allows Special:UserBoxes CSRF.

4.3
2022-04-29 CVE-2022-29907 Mediawiki Cross-site Scripting vulnerability in Mediawiki

The Nimbus skin for MediaWiki through 1.37.2 (before 6f9c8fb868345701d9544a54d9752515aace39df) allows XSS in Advertise link messages.

4.3
2022-04-28 CVE-2022-28454 Limbas Cross-site Scripting vulnerability in Limbas 4.3.36.1319

Limbas 4.3.36.1319 is vulnerable to Cross Site Scripting (XSS).

4.3
2022-04-28 CVE-2022-28477 Wbce Cross-site Scripting vulnerability in Wbce CMS 1.5.2

WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS).

4.3
2022-04-28 CVE-2022-22427 IBM Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.

4.3
2022-04-28 CVE-2022-27860 Footer Text Project Cross-site Scripting vulnerability in Footer-Text Project Footer-Text

Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) in Shea Bunge's Footer Text plugin <= 2.0.3 on WordPress.

4.3
2022-04-28 CVE-2022-29415 Ravpage Project Cross-site Scripting vulnerability in Ravpage Project Ravpage

Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in Mati Skiba @ Rav Messer's Ravpage plugin <= 2.16 at WordPress.

4.3
2022-04-28 CVE-2021-43932 Smartptt Cross-site Scripting vulnerability in Smartptt Scada 1.1

Elcomplus SmartPTT is vulnerable when an attacker injects JavaScript code into a specific parameter that can executed upon accessing the dashboard or the main page.

4.3
2022-04-28 CVE-2022-24873 Shopware Cross-site Scripting vulnerability in Shopware

Shopware is an open source e-commerce software platform.

4.3
2022-04-28 CVE-2022-29152 Ericom Cross-site Scripting vulnerability in Ericom Powerterm Webconnect 6.0

The Ericom PowerTerm WebConnect 6.0 login portal can unsafely write an XSS payload from the AppPortal cookie into the page.

4.3
2022-04-28 CVE-2022-29817 Jetbrains Cross-site Scripting vulnerability in Jetbrains Intellij Idea

In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible

4.3
2022-04-27 CVE-2021-3523 Redhat Improper Preservation of Permissions vulnerability in Redhat Apicast 2.0.0

A flaw was found in 3Scale APICast in versions prior to 2.11.0, where it incorrectly identified connections for reuse.

4.3
2022-04-27 CVE-2022-24888 Nextcloud Unspecified vulnerability in Nextcloud Server

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform.

4.3
2022-04-27 CVE-2022-24889 Nextcloud Insufficient Verification of Data Authenticity vulnerability in Nextcloud Server

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform.

4.3
2022-04-27 CVE-2022-1504 Microweber Cross-site Scripting vulnerability in Microweber

XSS in /demo/module/?module=HERE in GitHub repository microweber/microweber prior to 1.2.15.

4.3
2022-04-26 CVE-2022-26564 Digitaldruid Cross-site Scripting vulnerability in Digitaldruid Hoteldruid 3.0.3

HotelDruid Hotel Management Software v3.0.3 contains a cross-site scripting (XSS) vulnerability via the prezzoperiodo4 parameter in creaprezzi.php.

4.3
2022-04-26 CVE-2022-28449 Nopcommerce Cross-site Scripting vulnerability in Nopcommerce 4.50.1

nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS).

4.3
2022-04-26 CVE-2021-26628 Maxb Cross-site Scripting vulnerability in Maxb Maxboard

Insufficient script validation of the admin page enables XSS, which causes unauthorized users to steal admin privileges.

4.3
2022-04-26 CVE-2021-36895 Tripetto Cross-site Scripting vulnerability in Tripetto

Unauthenticated Cross-Site Scripting (XSS) vulnerability in Tripetto's Tripetto plugin <= 5.1.4 on WordPress via SVG image upload.

4.3
2022-04-25 CVE-2022-28290 Welaunch Cross-site Scripting vulnerability in Welaunch Wordpress Country Selector 1.6.5

Reflective Cross-Site Scripting vulnerability in WordPress Country Selector Plugin Version 1.6.5.

4.3
2022-04-25 CVE-2022-29417 Shortpixel Unspecified vulnerability in Shortpixel Adaptive Images

Plugin Settings Update vulnerability in ShortPixel's ShortPixel Adaptive Images plugin <= 3.3.1 at WordPress allows an attacker with a low user role like a subscriber or higher to change the plugin settings.

4.3
2022-04-25 CVE-2021-24805 Designwall Cross-Site Request Forgery (CSRF) vulnerability in Designwall DW Question & Answer

The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in some of its functions, allowing attackers to make logged in users perform unwanted actions, such as update a comment or a question status.

4.3
2022-04-25 CVE-2021-46780 Supsystic Cross-site Scripting vulnerability in Supsystic Easy Google Maps

The Easy Google Maps WordPress plugin before 1.9.32 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting

4.3
2022-04-25 CVE-2021-46781 Subsystic Cross-site Scripting vulnerability in Subsystic Coming Soon

The Coming Soon by Supsystic WordPress plugin before 1.7.6 does not sanitise and escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting

4.3
2022-04-25 CVE-2021-46782 Supsystic Cross-site Scripting vulnerability in Supsystic Price Table

The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting

4.3
2022-04-25 CVE-2022-0287 Mycred Missing Authorization vulnerability in Mycred

The myCred WordPress plugin before 2.4.4.1 does not have any authorisation in place in its mycred-tools-select-user AJAX action, allowing any authenticated user, such as subscriber to call and retrieve all email addresses from the blog

4.3
2022-04-25 CVE-2022-0363 Mycred Missing Authorization vulnerability in Mycred

The myCred WordPress plugin before 2.4.3.1 does not have any authorisation and CSRF checks in the mycred-tools-import-export AJAX action, allowing any authenticated users, such as subscribers, to call it and import mycred setup, thus creating badges, managing points or creating arbitrary posts.

4.3
2022-04-25 CVE-2022-0634 Caseproof Missing Authorization vulnerability in Caseproof Thirstyaffiliates Affiliate Link Manager

The ThirstyAffiliates WordPress plugin before 3.10.5 lacks authorization checks in the ta_insert_external_image action, allowing a low-privilege user (with a role as low as Subscriber) to add an image from an external URL to an affiliate link.

4.3
2022-04-25 CVE-2022-0953 Download Anti Malware Security AND Brute Force Firewall Project Cross-site Scripting vulnerability in Download Anti-Malware Security and Brute-Force Firewall Project Download Anti-Malware Security and Brute-Force Firewall

The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.96 does not sanitise and escape the QUERY_STRING before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters

4.3
2022-04-25 CVE-2022-1092 Mycred Missing Authorization vulnerability in Mycred

The myCred WordPress plugin before 2.4.3.1 does not have authorisation and CSRF checks in its mycred-tools-import-export AJAX action, allowing any authenticated user to call and and retrieve the list of email address present in the blog

4.3
2022-04-25 CVE-2022-26596 Liferay Cross-site Scripting vulnerability in Liferay Digital Experience Platform 7.0/7.1/7.2

Cross-site scripting (XSS) vulnerability in Journal module's web content display configuration page in Liferay Portal 7.1.0 through 7.3.3, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19, and 7.2 before fix pack 8, allows remote attackers to inject arbitrary web script or HTML via web content template names.

4.3
2022-04-25 CVE-2022-26597 Liferay Cross-site Scripting vulnerability in Liferay Digital Experience Platform 7.0/7.3

Cross-site scripting (XSS) vulnerability in the Layout module's Open Graph integration in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the site name.

4.3
2022-04-25 CVE-2022-28094 Online Sports Complex Booking System Project Cross-site Scripting vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0

SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the fid parameter at booking.php.

4.3
2022-04-25 CVE-2022-27103 Element Plus Cross-site Scripting vulnerability in Element-Plus 2.0.5

element-plus 2.0.5 is vulnerable to Cross Site Scripting (XSS) via el-table-column.

4.3
2022-04-25 CVE-2022-27135 Xpdfreader Out-of-bounds Write vulnerability in Xpdfreader Xpdf 4.03

xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc.

4.3
2022-04-25 CVE-2022-28586 Hoosk Cross-site Scripting vulnerability in Hoosk 1.8.0

XSS in edit page of Hoosk 1.8.0 allows attacker to execute javascript code in user browser via edit page with XSS payload bypass filter some special chars.

4.3
2022-04-29 CVE-2022-0984 Moodle
Fedoraproject
Redhat
Incorrect Authorization vulnerability in multiple products

Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges.

4.0
2022-04-28 CVE-2022-24898 Xwiki XXE vulnerability in Xwiki Commons

org.xwiki.commons:xwiki-commons-xml is a common module used by other XWiki top level projects.

4.0
2022-04-28 CVE-2021-43930 Smartptt Path Traversal vulnerability in Smartptt Scada 1.1

Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate download requests, enabling malicious users to perform path traversal attacks and potentially download arbitrary files from the system.

4.0
2022-04-28 CVE-2022-28117 Naviwebs Server-Side Request Forgery (SSRF) vulnerability in Naviwebs Navigate CMS 2.9.4

A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter.

4.0
2022-04-27 CVE-2021-29776 IBM Unspecified vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information from another user's dashboard providing the dashboard ID of that user.

4.0
2022-04-27 CVE-2021-38874 IBM Unspecified vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations.

4.0
2022-04-27 CVE-2022-22312 IBM Out-of-bounds Write vulnerability in IBM Security Verify Password Synchronization

IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in.

4.0
2022-04-27 CVE-2022-22323 IBM Out-of-bounds Write vulnerability in IBM Security Verify Password Synchronization

IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in.

4.0
2022-04-27 CVE-2022-27331 Zammad Exposure of Resource to Wrong Sphere vulnerability in Zammad

An access control issue in Zammad v5.0.3 broadcasts administrative configuration changes to all users who have an active application instance, including settings that should only be visible to authenticated users.

4.0
2022-04-26 CVE-2022-1466 Redhat Incorrect Authorization vulnerability in Redhat Keycloak

Due to improper authorization, Red Hat Single Sign-On is vulnerable to users performing actions that they should not be allowed to perform.

4.0
2022-04-26 CVE-2022-24866 Discourse Information Exposure vulnerability in Discourse Assign

Discourse Assign is a plugin for assigning users to a topic in Discourse, an open-source messaging platform.

4.0
2022-04-25 CVE-2022-0477 Gitlab Unspecified vulnerability in Gitlab

An issue has been discovered in GitLab affecting all versions starting from 11.9 before 14.5.4, all versions starting from 14.6.0 before 14.6.4, all versions starting from 14.7.0 before 14.7.1.

4.0
2022-04-25 CVE-2021-24800 Designwall Authorization Bypass Through User-Controlled Key vulnerability in Designwall DW Question & Answer

The DW Question & Answer Pro WordPress plugin through 1.3.4 does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments.

4.0
2022-04-25 CVE-2022-1461 Open EMR Authorization Bypass Through User-Controlled Key vulnerability in Open-Emr Openemr

Non Privilege User can Enable or Disable Registered in GitHub repository openemr/openemr prior to 6.1.0.1.

4.0

42 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-04-27 CVE-2022-24886 Nextcloud Incorrect Permission Assignment for Critical Resource vulnerability in Nextcloud

Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform.

3.8
2022-04-29 CVE-2022-1534 Libmobi Project Out-of-bounds Read vulnerability in Libmobi Project Libmobi

Buffer Over-read at parse_rawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11.

3.6
2022-04-28 CVE-2022-29818 Jetbrains Origin Validation Error vulnerability in Jetbrains Intellij Idea

In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed

3.6
2022-05-01 CVE-2022-21149 S Cart Cross-site Scripting vulnerability in S-Cart

The package s-cart/s-cart before 6.9; the package s-cart/core before 6.9 are vulnerable to Cross-site Scripting (XSS) which can lead to cookie stealing of any victim that visits the affected URL so the attacker can gain unauthorized access to that user's account through the stolen cookie.

3.5
2022-05-01 CVE-2022-23060 Shopizer Cross-site Scripting vulnerability in Shopizer

A Stored Cross Site Scripting (XSS) vulnerability exists in Shopizer versions 2.0 through 2.17.0, where a privileged user (attacker) can inject malicious JavaScript in the filename under the “Manage files” tab

3.5
2022-04-29 CVE-2022-25854 Tagify Project Cross-site Scripting vulnerability in Tagify Project Tagify

This affects the package @yaireo/tagify before 4.9.8.

3.5
2022-04-29 CVE-2021-41948 Intelliants Cross-site Scripting vulnerability in Intelliants Subrion

A cross-site scripting (XSS) vulnerability exists in the "contact us" plugin for Subrion CMS <= 4.2.1 version via "List of subjects".

3.5
2022-04-28 CVE-2021-38952 IBM Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.

3.5
2022-04-28 CVE-2022-1514 Facturascripts Cross-site Scripting vulnerability in Facturascripts

Stored XSS via upload plugin functionality in zip format in GitHub repository neorazorx/facturascripts prior to 2022.06.

3.5
2022-04-28 CVE-2022-22322 IBM Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.

3.5
2022-04-28 CVE-2022-22443 IBM Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.

3.5
2022-04-28 CVE-2022-29584 Mahara Cross-site Scripting vulnerability in Mahara

Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 allows stored XSS when a particular Cascading Style Sheets (CSS) class for embedly is used, and JavaScript code is constructed to perform an action.

3.5
2022-04-28 CVE-2022-29811 Jetbrains Cross-site Scripting vulnerability in Jetbrains HUB

In JetBrains Hub before 2022.1.14638 stored XSS via project icon was possible.

3.5
2022-04-27 CVE-2021-34590 Bender Cross-site Scripting vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware

In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting.

3.5
2022-04-27 CVE-2022-22345 IBM Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting.

3.5
2022-04-27 CVE-2022-1503 GET Simple Cross-site Scripting vulnerability in Get-Simple Getsimple CMS

A vulnerability, which was classified as problematic, has been found in GetSimple CMS.

3.5
2022-04-26 CVE-2022-28450 Nopcommerce Cross-site Scripting vulnerability in Nopcommerce 4.50.1

nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS) via the "Text" parameter (forums) when creating a new post, which allows a remote attacker to execute arbitrary JavaScript code at client browser.

3.5
2022-04-26 CVE-2022-28522 Zcms Project Cross-site Scripting vulnerability in Zcms Project Zcms 20170206

ZCMS v20170206 was discovered to contain a stored cross-site scripting (XSS) vulnerability via index.php?m=home&c=message&a=add.

3.5
2022-04-26 CVE-2022-28448 Nopcommerce Cross-site Scripting vulnerability in Nopcommerce 4.50.1

nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS).

3.5
2022-04-26 CVE-2021-36867 Psychological Tests Quizzes Project Cross-site Scripting vulnerability in Psychological Tests & Quizzes Project Psychological Tests & Quizzes 0.21.19

Stored Cross-Site Scripting (XSS) vulnerability in Alexander Ustimenko's Psychological tests & quizzes plugin <= 0.21.19 on WordPress possible for users with contributor or higher user rights.

3.5
2022-04-26 CVE-2022-1173 Getgrav Cross-site Scripting vulnerability in Getgrav Grav

stored xss in GitHub repository getgrav/grav prior to 1.7.33.

3.5
2022-04-25 CVE-2022-29418 Night Mode Project Cross-site Scripting vulnerability in Night Mode Project Night Mode

Authenticated (admin user role) Persistent Cross-Site Scripting (XSS) in Mark Daniels Night Mode plugin <= 1.0.0 on WordPress via vulnerable parameters: &ntmode_page_setting[enable-me], &ntmode_page_setting[bg-color], &ntmode_page_setting[txt-color], &ntmode_page_setting[anc_color].

3.5
2022-04-25 CVE-2022-0876 Wpdevart Cross-site Scripting vulnerability in Wpdevart Social Comments

The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfiltered_html is disallowed

3.5
2022-04-25 CVE-2022-1027 Minioragne Cross-site Scripting vulnerability in Minioragne Page Restriction

The Page Restriction WordPress (WP) WordPress plugin before 1.2.7 allows bad actors with administrator privileges to the settings page to inject Javascript code to its settings leading to stored Cross-Site Scripting that will only affect administrator users.

3.5
2022-04-25 CVE-2022-1152 Menubar Cross-site Scripting vulnerability in Menubar

The Menubar WordPress plugin before 5.8 does not sanitise and escape the command parameter before outputting it back in the response via the menubar AJAX action (available to any authenticated users), leading to a Reflected Cross-Site Scripting

3.5
2022-04-25 CVE-2022-1156 Books Papers Project Cross-site Scripting vulnerability in Books & Papers Project Books & Papers

The Books & Papers WordPress plugin through 0.20210223 does not escape its Custom DB prefix settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

3.5
2022-04-25 CVE-2022-1228 Opensea Project Cross-site Scripting vulnerability in Opensea Project Opeansea

The Opensea WordPress plugin before 1.0.3 does not sanitize and escape some of its settings, like its "Referer address" field, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

3.5
2022-04-25 CVE-2022-1396 Donorbox Cross-site Scripting vulnerability in Donorbox

The Donorbox WordPress plugin before 7.1.7 does not sanitise and escape its Campaign URL settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed

3.5
2022-04-25 CVE-2022-27428 Gallerycms Project Cross-site Scripting vulnerability in Gallerycms Project Gallerycms 2.0

A stored cross-site scripting (XSS) vulnerability in /index.php/album/add of GalleryCMS v2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the album_name parameter.

3.5
2022-04-25 CVE-2022-1457 Facturascripts Cross-site Scripting vulnerability in Facturascripts

Store XSS in title parameter executing at EditUser Page & EditProducto page in GitHub repository neorazorx/facturascripts prior to 2022.04.

3.5
2022-04-25 CVE-2022-1458 Open EMR Cross-site Scripting vulnerability in Open-Emr Openemr

Stored XSS Leads To Session Hijacking in GitHub repository openemr/openemr prior to 6.1.0.1.

3.5
2022-04-28 CVE-2022-29820 Jetbrains Exposure of Resource to Wrong Sphere vulnerability in Jetbrains Pycharm

In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible

3.3
2022-04-28 CVE-2022-29816 Jetbrains Cross-site Scripting vulnerability in Jetbrains Intellij Idea

In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible

3.2
2022-05-01 CVE-2022-21230 Nanohttpd Unspecified vulnerability in Nanohttpd

This affects all versions of package org.nanohttpd:nanohttpd.

2.1
2022-04-29 CVE-2022-1249 Pesign Project NULL Pointer Dereference vulnerability in Pesign Project Pesign

A NULL pointer dereference flaw was found in pesign's cms_set_pw_data() function of the cms_common.c file.

2.1
2022-04-28 CVE-2022-29812 Jetbrains Unspecified vulnerability in Jetbrains Intellij Idea

In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient

2.1
2022-04-27 CVE-2021-25266 Sophos Insecure Storage of Sensitive Information vulnerability in Sophos Authenticator and Intercept X

An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495.

2.1
2022-04-27 CVE-2022-24885 Nextcloud Improper Authentication vulnerability in Nextcloud

Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform.

2.1
2022-04-26 CVE-2022-27888 Palantir Information Exposure Through Log Files vulnerability in Palantir Foundry Issues

Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information (session tokens).

2.1
2022-04-30 CVE-2021-41992 Pingidentity Improper Authentication vulnerability in Pingidentity Pingid Integration for Windows Login

A misconfiguration of RSA in PingID Windows Login prior to 2.7 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass.

1.9
2022-04-30 CVE-2021-41993 Pingidentity Use of Insufficiently Random Values vulnerability in Pingidentity Pingid and Pingid Windows Login

A misconfiguration of RSA in PingID Android app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login.

1.9
2022-04-30 CVE-2021-41994 Pingidentity Use of Insufficiently Random Values vulnerability in Pingidentity Pingid and Pingid Windows Login

A misconfiguration of RSA in PingID iOS app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login.

1.9